v1.fullhdmatch.live Open in urlscan Pro
2a00:1450:400e:80f::2013 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://v1.fullhdmatch.live/
Submission: On September 18 via api (September 18th 2022, 8:10:02 pm UTC) from US — Scanned from DE

Summary HTTP 141 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 34 IPs in 7 countries across 28 domains to perform 141 HTTP transactions. The main IP is 2a00:1450:400e:80f::2013, located in Ireland and belongs to GOOGLE, US. The main domain is v1.fullhdmatch.live.

This is the only time v1.fullhdmatch.live was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	2a00:1450:400... 2a00:1450:400e:80f::2013	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:1734	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2620:1ec:27::... 2620:1ec:27::cafe:1846	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:1495	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
21	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f00... 2a03:2880:f007:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1 2	2606:50c0:800... 2606:50c0:8003::153	54113 (FASTLY) (FASTLY)
1	151.101.12.193 151.101.12.193	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:800::2009	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:34::178	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:11a... 2a02:26f0:11a::6867:4851	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
16	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2604:4f00:10:... 2604:4f00:10:8b9b:0:35:739:1	47002 (TIGERTECH) (TIGERTECH)
1	104.21.40.195 104.21.40.195	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	193.33.186.13 193.33.186.13	52148 (RACKSRV) (RACKSRV)
1	192.0.66.25 192.0.66.25	2635 (AUTOMATTIC) (AUTOMATTIC)
3	52.184.204.244 52.184.204.244	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
7	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:400a:808::200a	15169 (GOOGLE) (GOOGLE)
1 26	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2006	15169 (GOOGLE) (GOOGLE)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
141	34

4 2a00:1450:400e:80f::2013 (Ireland)

ASN15169 (GOOGLE, US)

v1.fullhdmatch.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)

pro.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:27::cafe:1846 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:50c0:8003::153 (United States) 1 redirects

ASN54113 (FASTLY, US)

ljii.github.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:11a::6867:4851 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2604:4f00:10:8b9b:0:35:739:1 (United States)

ASN47002 (TIGERTECH, US)

worldsoccertalk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.40.195 (None, )

ASN13335 (CLOUDFLARENET, US)

assets.khelnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.33.186.13 (United Kingdom)

ASN52148 (RACKSRV, GB)
PTR: web1.gambla.co.uk

mrfixitstips.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.66.25 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

www.insidesport.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.184.204.244 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

n.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400a:808::200a (Zurich, Switzerland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 105 tpc.googlesyndication.com — Cisco Umbrella Rank: 142	681 KB
18	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 static.doubleclick.net — Cisco Umbrella Rank: 340	399 KB
17	gstatic.com fonts.gstatic.com www.gstatic.com	157 KB
7	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 359	120 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 557 n.clarity.ms — Cisco Umbrella Rank: 5365 c.clarity.ms — Cisco Umbrella Rank: 998	26 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 40	5 KB
5	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 75 www.google.com — Cisco Umbrella Rank: 2	1 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2989	20 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 190	175 KB
4	googleusercontent.com blogger.googleusercontent.com — Cisco Umbrella Rank: 14465 lh3.googleusercontent.com — Cisco Umbrella Rank: 67	52 KB
4	fullhdmatch.live v1.fullhdmatch.live	60 KB
3	blogspot.com 1.bp.blogspot.com — Cisco Umbrella Rank: 9506	44 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	189 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 9081	914 B
2	github.io 1 redirects ljii.github.io — Cisco Umbrella Rank: 330261	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 152	89 KB
2	typekit.net p.typekit.net — Cisco Umbrella Rank: 577 use.typekit.net — Cisco Umbrella Rank: 430	18 KB
2	fontawesome.com pro.fontawesome.com — Cisco Umbrella Rank: 4968	198 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 220	555 B
1	insidesport.in www.insidesport.in — Cisco Umbrella Rank: 496496	64 KB
1	mrfixitstips.co.uk mrfixitstips.co.uk — Cisco Umbrella Rank: 582935	71 KB
1	khelnow.com assets.khelnow.com	166 KB
1	worldsoccertalk.com worldsoccertalk.com — Cisco Umbrella Rank: 318442	33 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 857	647 B
1	blogger.com www.blogger.com — Cisco Umbrella Rank: 8716	56 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 209	28 KB
1	imgur.com i.imgur.com — Cisco Umbrella Rank: 5839	682 B
0	geoplugin.net Failed www.geoplugin.net Failed
141	28

	Domain	Requested by
26	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
19	pagead2.googlesyndication.com	v1.fullhdmatch.live pagead2.googlesyndication.com googleads.g.doubleclick.net www.gstatic.com tpc.googlesyndication.com www.googletagservices.com
15	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
11	www.gstatic.com	googleads.g.doubleclick.net
7	cdn.ampproject.org	googleads.g.doubleclick.net pagead2.googlesyndication.com
6	fonts.gstatic.com	v1.fullhdmatch.live fonts.googleapis.com
5	fonts.googleapis.com	googleads.g.doubleclick.net
4	www.googletagservices.com	googleads.g.doubleclick.net
4	v1.fullhdmatch.live	v1.fullhdmatch.live cdnjs.cloudflare.com
3	static.doubleclick.net	googleads.g.doubleclick.net
3	www.google.com	2 redirects tpc.googlesyndication.com
3	n.clarity.ms	www.clarity.ms
3	lh3.googleusercontent.com	v1.fullhdmatch.live
3	1.bp.blogspot.com	v1.fullhdmatch.live
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	www.googletagmanager.com	v1.fullhdmatch.live www.googletagmanager.com
2	c.clarity.ms	1 redirects
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	region1.google-analytics.com	www.googletagmanager.com
2	ljii.github.io	1 redirects v1.fullhdmatch.live
2	connect.facebook.net	v1.fullhdmatch.live connect.facebook.net
2	www.clarity.ms	v1.fullhdmatch.live www.clarity.ms
2	pro.fontawesome.com	v1.fullhdmatch.live pro.fontawesome.com
1	c.bing.com	1 redirects
1	www.insidesport.in	v1.fullhdmatch.live
1	mrfixitstips.co.uk	v1.fullhdmatch.live
1	assets.khelnow.com	v1.fullhdmatch.live
1	worldsoccertalk.com	v1.fullhdmatch.live
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	use.typekit.net	v1.fullhdmatch.live
1	www.blogger.com	v1.fullhdmatch.live
1	cdnjs.cloudflare.com	v1.fullhdmatch.live
1	i.imgur.com	v1.fullhdmatch.live
1	blogger.googleusercontent.com	v1.fullhdmatch.live
1	p.typekit.net	client
0	www.geoplugin.net Failed	ljii.github.io
141	37

This site contains links to these domains. Also see Links.

Domain
telegram.me
www.am2z.com
www.mrjaz.com
sohanisharma.com
chat.whatsapp.com
www.blogger.com
v3.fullhdmatch.com

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2021-12-01` - `2023-01-01`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-06-28` - `2022-09-26`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.imgur.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-03-16`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.blogger.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
customers.tigertech.net R3	`2022-08-15` - `2022-11-13`	3 months	crt.sh
mrfixitstips.co.uk R3	`2022-07-27` - `2022-10-25`	3 months	crt.sh
insidesport.in R3	`2022-08-09` - `2022-11-07`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh

This page contains 18 frames:

Primary Page: http://v1.fullhdmatch.live/
Frame ID: 317B241861CDB992ED2A0310C8AAFDF5
Requests: 57 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220914/r20190131/zrt_lookup.html
Frame ID: 0D12C85EBE056B0821A71D5E764B637C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&adk=1812271804&adf=3025194257&lmt=1663531070&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fv1.fullhdmatch.live%2F&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&dt=1663531796256&bpp=3&bdt=544&idt=268&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3242737643578&frm=20&pv=2&ga_vid=1040025389.1663531796&ga_sid=1663531797&ga_hid=742913259&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C31067825&oid=2&pvsid=2796152882658049&tmod=369465927&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=287
Frame ID: E60E2F49A46766FC9E456CC1FB475C47
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=280&slotname=6901856940&adk=2242244602&adf=2029293275&pi=t.ma~as.6901856940&w=1058&fwrn=4&fwrnh=100&lmt=1663531070&rafmt=1&psa=0&format=1058x280&url=http%3A%2F%2Fv1.fullhdmatch.live%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1663531796259&bpp=2&bdt=548&idt=287&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3242737643578&frm=20&pv=1&ga_vid=1040025389.1663531796&ga_sid=1663531797&ga_hid=742913259&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=271&ady=89&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C31067825&oid=2&pvsid=2796152882658049&tmod=369465927&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=dP2y5nLw3x&p=http%3A//v1.fullhdmatch.live&dtd=293
Frame ID: 3ADDCBFED707345A28F7E6F93F090A51
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=90&slotname=8770876385&adk=2790283832&adf=617641812&pi=t.ma~as.8770876385&w=300&lmt=1663531070&psa=0&format=300x90&url=http%3A%2F%2Fv1.fullhdmatch.live%2F&host=ca-host-pub-1556223355139109&wgl=1&dt=1663531796264&bpp=1&bdt=553&idt=329&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1058x280&nras=1&correlator=3242737643578&frm=20&pv=1&ga_vid=1040025389.1663531796&ga_sid=1663531797&ga_hid=742913259&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C31067825&oid=2&pvsid=2796152882658049&tmod=369465927&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoenEr%7C&abl=CS&pfx=0&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&xpc=XRQd1EL0u8&p=http%3A//v1.fullhdmatch.live&dtd=333
Frame ID: 099B430DE903D1BE7DBBE666B9E8C816
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=600&slotname=4932437216&adk=145586122&adf=507318885&pi=t.ma~as.4932437216&w=300&lmt=1663531070&psa=0&format=300x600&url=http%3A%2F%2Fv1.fullhdmatch.live%2F&host=ca-host-pub-1556223355139109&wgl=1&dt=1663531796264&bpp=1&bdt=552&idt=340&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1058x280%2C300x90&nras=1&correlator=3242737643578&frm=20&pv=1&ga_vid=1040025389.1663531796&ga_sid=1663531797&ga_hid=742913259&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1029&ady=829&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C31067825&oid=2&pvsid=2796152882658049&tmod=369465927&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=wTjcdzOoGD&p=http%3A//v1.fullhdmatch.live&dtd=345
Frame ID: DFA66E4F4D125CAC5AE7E1E1534680EB
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=90&slotname=8770876385&adk=695648300&adf=901396254&pi=t.ma~as.8770876385&w=728&lmt=1663531070&psa=0&format=728x90&url=http%3A%2F%2Fv1.fullhdmatch.live%2F&host=ca-host-pub-1556223355139109&fwrattr=true&wgl=1&dt=1663531796265&bpp=1&bdt=553&idt=350&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1058x280%2C300x90%2C300x600&nras=1&correlator=3242737643578&frm=20&pv=1&ga_vid=1040025389.1663531796&ga_sid=1663531797&ga_hid=742913259&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=1105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C31067825&oid=2&pvsid=2796152882658049&tmod=369465927&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7CM%7CfeE%7C&abl=NF&pfx=0&fu=0&bc=23&ifi=5&uci=a!5&fsb=1&xpc=fNSXr9arQp&p=http%3A//v1.fullhdmatch.live&dtd=352
Frame ID: DA07B8E57CFE4070B73F701784148176
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 05AD3DE71E7D96A742BB1F14A2413152
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220914/r20110914/zrt_lookup.html?fsb=1
Frame ID: 74B942970CD61EF4885E724AC21AC3E5
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220914/r20110914/zrt_lookup.html?fsb=1
Frame ID: 531788A0A3FDB3B7BEF56A01F77496D3
Requests: 12 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/0cf29303bb18303a156bc2ce1c098e89.js?tag=client_fast_engine_2019
Frame ID: 746CAAE744B889A0254AAC6D524A569E
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IIqf1vOd-6pW952NlRsbn4M3wW5PqZJVav1GItm6W8s.js
Frame ID: 9E352238149418D1148A686B481437AD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IIqf1vOd-6pW952NlRsbn4M3wW5PqZJVav1GItm6W8s.js
Frame ID: B12D89C52F4FFD2269F4C77B444BA58D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IIqf1vOd-6pW952NlRsbn4M3wW5PqZJVav1GItm6W8s.js
Frame ID: E2BCF0C8FC71102291EA5FCECE71CF60
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1E34757563D12A675653CA5FB7DF69E0
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IIqf1vOd-6pW952NlRsbn4M3wW5PqZJVav1GItm6W8s.js
Frame ID: 7555B19A5DB5B6E8DEC4DB7010DE800C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8DD6A51B684FA81F2772A06E8A28F4F9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B196C8ADDE7FFBE3230BDEC7CAC91C80
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

FullHDMatch.Live | Watch Live Football Match ; Highlights | Watch Full Football Matches

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

141
Requests

94 %
HTTPS

79 %
IPv6

28
Domains

37
Subdomains

34
IPs

7
Countries

2658 kB
Transfer

5885 kB
Size

15
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://telegram.me/newtv07
Title: JOIN TELEGRAM

Search URL Search Domain Scan URL

URL: https://www.am2z.com/
Title: Am2z News

Search URL Search Domain Scan URL

URL: https://www.mrjaz.com/
Title: MrJaz

Search URL Search Domain Scan URL

URL: https://sohanisharma.com/
Title: SohaniSharma

Search URL Search Domain Scan URL

URL: https://telegram.me/newtv08
Title: Join us on Telegram

Search URL Search Domain Scan URL

URL: https://chat.whatsapp.com/CmRzSNpceFm4n5mlG2vpDo
Title: Join Whatsapp Group

Search URL Search Domain Scan URL

URL: https://chat.whatsapp.com/jdo4sg2mmrghkex6ohoksx
Title: Join Whatsapp Group

Search URL Search Domain Scan URL

URL: https://telegram.me/lightstv
Title: JOIN TELEGRAM

Search URL Search Domain Scan URL

URL: https://www.blogger.com/
Title: Con la tecnología de Blogger

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/report-abuse
Title: Notificar uso inadecuado

Search URL Search Domain Scan URL

URL: http://v3.fullhdmatch.com/
Title: FullHDMatch.Com

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/blogspot-cookies
Title: Weitere Informationen

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

http://ljii.github.io/m/m.js HTTP 301
https://ljii.github.io/m/m.js

Request Chain 74

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 91

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDnj86ZywEQ9AMY9AMyCGN8MsJOAEwL HTTP 301
https://tpc.googlesyndication.com/simgad/4091503581208051288

Request Chain 127

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=AD98EDCE8FD64E108C1519D2FB90B767&RedC=c.clarity.ms&MXFR=0B65650D9E886C76104A772E9A88620D HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=AD98EDCE8FD64E108C1519D2FB90B767&MUID=1E56E573657F6EAB1581F75064D36F25

Request Chain 130

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

141 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
v1.fullhdmatch.live/ 184 KB
39 KB 532ms
380ms Document
text/html 2a00:1450:400e:80f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://v1.fullhdmatch.live/

Protocol

HTTP/1.1

Server

2a00:1450:400e:80f::2013 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

99e1e2ff18a9992b927863c125fa1e46f2ff2e1959f0a8fdb7571ed4de5ca771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, max-age=0
Content-Encoding: gzip
Content-Length: 39669
Content-Type: text/html; charset=UTF-8
Date: Sun, 18 Sep 2022 20:09:55 GMT
ETag: W/"74ecdceffd724e9f688fcf09f261b30b1683c82aa83e3dd4bd28cfeb5ab2874e"
Expires: Sun, 18 Sep 2022 20:09:55 GMT
Last-Modified: Sun, 18 Sep 2022 19:57:50 GMT
Server: GSE
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
42 KB 148ms
49ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-128386009-12

Requested by

Host: v1.fullhdmatch.live
URL: http://v1.fullhdmatch.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4ad6ee324c05459cfc159b68c3425d3f7f510ad05b3c89c904ab8357b25ead2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 20:09:55 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42338
x-xss-protection: 0
last-modified: Sun, 18 Sep 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 18 Sep 2022 20:09:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 210 KB
74 KB 195ms
97ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TE2HPRNHSJ

Requested by

Host: v1.fullhdmatch.live
URL: http://v1.fullhdmatch.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cb8517a5952b702c327dccd457f16ae4ecdd3b738937d04c19c51f7fd10d5c1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 20:09:55 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75258
x-xss-protection: 0
expires: Sun, 18 Sep 2022 20:09:55 GMT

GET
H2 200 all.css
pro.fontawesome.com/releases/v5.15.3/css/ 170 KB
32 KB 172ms
75ms Stylesheet
text/css 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.15.3/css/all.css
Requested by: Host: v1.fullhdmatch.live
URL: http://v1.fullhdmatch.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 839ce8e32e994f4fb4af526183b8f41ba67e47c7025746cc94e7e6a53d3d3453

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 20:09:55 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 28 Jun 2021 17:21:37 GMT
server: cloudflare
age: 16872106
etag: W/"a28e912c1a41becec7f68848d739d5c0"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31556926
cf-ray: 74ccb8dbf98790b2-FRA
x-amz-request-id: 690K1YJKZW3E92X1
x-amz-id-2: JDWnCILr6aToREGjQmSiOog6xdlmNOhd1ReMP/6txS+7Ba0cOLuCFkeFnGcIGhl1Sz6Q7tNPzfc=

GET
H2 200 d83chgwc9t Show response
www.clarity.ms/tag/ 2 KB
2 KB 280ms
140ms Script
application/x-javascript 2620:1ec:27::cafe:1846
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/d83chgwc9t
Requested by: Host: v1.fullhdmatch.live
URL: http://v1.fullhdmatch.live/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1846 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 23fa80d9f0dc837a0d75bfda66c67f3995b30f2839591902784cf6492eff8e7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 20:09:55 GMT
x-powered-by: ASP.NET
x-azure-ref: 0FHsnYwAAAADFrge7FdNvS7sBNvXEZVZ/TVVDMzBFREdFMDMxMwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
content-length: 1733
expires: -1

GET
H2 200 p.css
p.typekit.net/ 5 B
195 B 228ms
37ms Stylesheet
text/css 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=byr0bra&ht=tk&f=6846.15528.15529.15530&a=4009364&app=typekit&e=css
Requested by: Host: client
URL: about:client
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62: 8096267
date: Sun, 18 Sep 2022 20:09:55 GMT
last-modified: Sat, 16 Oct 2021 08:18:43 GMT
server: nginx
etag: "616a8ae3-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
51 KB 125ms
87ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: v1.fullhdmatch.live
URL: http://v1.fullhdmatch.live/

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23172aeac73f560d438bdbd420482e8ec9abd1f2aed44795f86ee7e9149e95a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Sun, 18 Sep 2022 20:09:56 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 6552747597032827568
Vary: Accept-Encoding, Origin
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 52120
X-XSS-Protection: 0
Expires: Sun, 18 Sep 2022 20:09:56 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 168 KB
57 KB 202ms
115ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: v1.fullhdmatch.live
URL: http://v1.fullhdmatch.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9385a7faf372c2e46cb1aa4bb40cfc481533c846d3611b5649b2b1935e469f55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 20:09:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57995
x-xss-protection: 0
server: cafe
etag: 16764492391566668637
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 20:09:56 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 141ms
46ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: v1.fullhdmatch.live
URL: http://v1.fullhdmatch.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d1bf4221afb666d073944447af9e228817065cefcfb273028f5d018cbf7932c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://v1.fullhdmatch.live/
Origin: http://v1.fullhdmatch.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: C1QQBsgS+rW8HeqexNIaBQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: MQvJBlcXZJ9BeqSv7j4l1d/z7zHROJFAtncPkW6uVF3PxoIgZYl+Q1N7mUeLMO21h+rbyuISzBOoZZPJHEhong==
x-fb-trip-id: 720026100
x-fb-content-md5: c154687b002689165748d53528276935
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 18 Sep 2022 20:09:56 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "a49d369bc6205ec655fc9ebfb88857df"
timing-allow-origin: *
expires: Sun, 18 Sep 2022 20:15:49 GMT

GET
H2 200 AVvXsEhTbmPn3y_gcOLrV74mmAKLL-FVtw4fLibkON773KoSrRDlRQXtHFGU7yE4HPeJPXL0RVDCHrwU9vVFBr5OrkGNUhZ_fqhPX6cRR8sMyE32QI9vjt7UULmBf2gbiUB2o9KtG5X550cFv1FoaVfs-NayJ114LIP7lJl_LJPzRxRkFL_eSCZ6R1_BHhuiFA=s150
blogger.googleusercontent.com/img/a/ 3 KB
3 KB 288ms
201ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEhTbmPn3y_gcOLrV74mmAKLL-FVtw4fLibkON773KoSrRDlRQXtHFGU7yE4HPeJPXL0RVDCHrwU9vVFBr5OrkGNUhZ_fqhPX6cRR8sMyE32QI9vjt7UULmBf2gbiUB2o9KtG5X550cFv1FoaVfs-NayJ114LIP7lJl_LJPzRxRkFL_eSCZ6R1_BHhuiFA=s150

Requested by

Host: v1.fullhdmatch.live
URL: http://v1.fullhdmatch.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3db460c0f0d9a415a5d2bbd7f2894e985a7bcc2afd8b00eb6496cc1b713cb962

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 20:09:56 GMT
x-content-type-options: nosniff
server: fife
etag: "v14d7"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Untitled.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3183
x-xss-protection: 0
expires: Mon, 19 Sep 2022 20:09:56 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 168 KB
57 KB 173ms
87ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8695615805843515

Requested by

Host: v1.fullhdmatch.live
URL: http://v1.fullhdmatch.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30bb35526f5650c9ab695a08b448c46f7092086934e3d0e2326940859f31deca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://v1.fullhdmatch.live/
Origin: http://v1.fullhdmatch.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 20:09:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58014
x-xss-protection: 0
server: cafe
etag: 5333352413482503801
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 20:09:56 GMT

GET
H2

200

m.js Show response
ljii.github.io/m/
Redirect Chain

http://ljii.github.io/m/m.js
https://ljii.github.io/m/m.js

2 KB
1 KB

127ms
42ms

Script
application/javascript

2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://ljii.github.io/m/m.js

Requested by

Host: v1.fullhdmatch.live
URL: http://v1.fullhdmatch.live/

Protocol

Server

2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

2f12ad3d2b285721274006277aa26fb321c2ee548959e37a06c333c149c240f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-fastly-request-id: 9d30c061fe939dba678153c2eb345e77b34b30b6
strict-transport-security: max-age=31556952
content-encoding: gzip
etag: W/"63248ad3-6d4"
age: 580
x-cache: HIT
content-length: 786
x-served-by: cache-ams21048-AMS
access-control-allow-origin: *
last-modified: Fri, 16 Sep 2022 14:40:19 GMT
server: GitHub.com
x-github-request-id: 69A4:B3D4:CB99B9:D2C9C5:63248AE8
x-timer: S1663531796.161668,VS0,VE1
date: Sun, 18 Sep 2022 20:09:56 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
expires: Fri, 16 Sep 2022 14:50:38 GMT
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: HIT
x-cache-hits: 3

Redirect headers

X-Fastly-Request-ID: 743d2f0ee461ff945a1dccb2d36d5acef71aaa8f
Date: Sun, 18 Sep 2022 20:09:56 GMT
Via: 1.1 varnish
Age: 1382
X-Cache: HIT
Connection: keep-alive
Content-Length: 162
X-Served-By: cache-ams21068-AMS
Server: GitHub.com
X-GitHub-Request-Id: 792C:CE98:7B44D2:7FE6CE:632775AD
X-Timer: S1663531796.033786,VS0,VE1
Vary: Accept-Encoding
Content-Type: text/html
Location: https://ljii.github.io/m/m.js
permissions-policy: interest-cohort=()
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H2 200 iGz9KiU.gif
i.imgur.com/ 354 B
682 B 122ms
37ms Image
image/gif 151.101.12.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/iGz9KiU.gif

Requested by

Host: v1.fullhdmatch.live
URL: http://v1.fullhdmatch.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

61a00380733557bdf076f52f44f08f036131d7529ea14c53580388324e8756e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 20:09:56 GMT
x-content-type-options: nosniff
age: 25869825
x-cache: HIT, HIT
content-length: 354
x-served-by: cache-bwi5150-BWI, cache-fra19165-FRA
last-modified: Wed, 09 Jun 2021 05:10:31 GMT
server: cat factory 1.0
x-timer: S1663531796.155145,VS0,VE0
etag: "7b1347f6e4e0578727946958819cea8a"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 14877

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/ 87 KB
28 KB 133ms
53ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: v1.fullhdmatch.live
URL: http://v1.fullhdmatch.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 20:09:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 871453
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27958
timing-allow-origin: *
last-modified: Mon, 04 May 2020 23:01:39 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb09ed3-15d84"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NYFx14%2BGleHB3u%2B%2Fk5FifoOEhvg%2B5mCL%2Fktduef0EPdA1wrEmkwWXRlhFMuRHVv2WMUNJ7OP4SFYKlJbNFnQKvN657ewbGgcoZs%2BRF3gn%2BPUyb9HZ8sZt%2FwJFFlOKDzcOPg8Nt0%2F2bJlFidBTRgObeno"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74ccb8dd8e839b82-FRA
expires: Fri, 08 Sep 2023 20:09:56 GMT

GET
H/1.1 200
OK cookienotice.js Show response
v1.fullhdmatch.live/js/ 6 KB
7 KB 43ms
43ms Script
text/javascript 2a00:1450:400e:80f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://v1.fullhdmatch.live/js/cookienotice.js

Requested by

Host: v1.fullhdmatch.live
URL: http://v1.fullhdmatch.live/

Protocol

HTTP/1.1

Server

2a00:1450:400e:80f::2013 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sun, 18 Sep 2022 09:28:32 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 18 Sep 2022 07:50:15 GMT
Server: sffe
Age: 38484
Vary: Accept-Encoding
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Type: text/javascript
Cache-Control: public, max-age=604800
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Content-Length: 6513
X-XSS-Protection: 0
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Expires: Sun, 25 Sep 2022 09:28:32 GMT

GET
H2 200 3753684042-widgets.js Show response
www.blogger.com/static/v1/widgets/ 154 KB
56 KB 123ms
39ms Script
text/javascript 2a00:1450:4001:800::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/3753684042-widgets.js

Requested by

Host: v1.fullhdmatch.live
URL: http://v1.fullhdmatch.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

493ab3b4b04a8f0a5e78f3dc70ccde31314e5915d8d2a68c49a9af3edba1b461

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 09:23:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38787
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57039
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 20:54:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Mon, 18 Sep 2023 09:23:29 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 120ms
37ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-128386009-12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4076
date: Sun, 18 Sep 2022 19:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 18 Sep 2022 21:02:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 210 KB
74 KB 57ms
56ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TE2HPRNHSJ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-128386009-12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

571f3315ae256f0b822d2c0717b0c93d7cb201554c15e3215f2d64f3557551d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 20:09:56 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75414
x-xss-protection: 0
expires: Sun, 18 Sep 2022 20:09:56 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
340 B 127ms
45ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-TE2HPRNHSJ&gtm=2oe9e0&_p=742913259&cid=1040025389.1663531796&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1663531795&sct=1&seg=0&dl=http%3A%2F%2Fv1.fullhdmatch.live%2F&dt=FullHDMatch.Live%20%7C%20Watch%20Live%20Football%20Match%20%3B%20Highlights%20%7C%20Watch%20Full%20Football%20Matches&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TE2HPRNHSJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 20:09:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://v1.fullhdmatch.live
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fa-regular-400.woff2
pro.fontawesome.com/releases/v5.15.3/webfonts/ 165 KB
165 KB 136ms
56ms Font
font/woff2 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.15.3/webfonts/fa-regular-400.woff2
Requested by: Host: pro.fontawesome.com
URL: https://pro.fontawesome.com/releases/v5.15.3/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4de49631fe60b17010f7cda29a6236ca6ad6102ea204e5c31d2c1e79ee276938

Request headers

Referer: https://pro.fontawesome.com/releases/v5.15.3/css/all.css
Origin: http://v1.fullhdmatch.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 20:09:56 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 38484
cf-ray: 74ccb8dd9fba9b40-FRA
content-length: 168768
x-amz-id-2: q2IWnn3QFKArynHAv3t2NHjbnpKp7USbm6S2FacjKbXhFi/tHle99FyUWcBgRXoLIbqkJGhzhfo=
last-modified: Mon, 28 Jun 2021 17:23:20 GMT
server: cloudflare
etag: "d8689b99dce7c881d3130f3c91cfefdf"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: S7Y0QD6P0CAEJ3KM
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-type: font/woff2

GET
H2 200 6xKudSxYI9__J9CYLUv0BnYASA.woff2
fonts.gstatic.com/s/sen/v2/ 10 KB
10 KB 127ms
43ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sen/v2/6xKudSxYI9__J9CYLUv0BnYASA.woff2

Requested by

Host: v1.fullhdmatch.live
URL: http://v1.fullhdmatch.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23b2fd21777b1f79dcd57f38ec1254fde451e11aa5ebc24938b1079a7b4e8a6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://v1.fullhdmatch.live/
Origin: http://v1.fullhdmatch.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 09:02:14 GMT
x-content-type-options: nosniff
age: 385662
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10244
x-xss-protection: 0
last-modified: Thu, 23 Jul 2020 19:38:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Sep 2023 09:02:14 GMT

GET
H2 200 6xKjdSxYI9_3nPWNAGn5LA.woff2
fonts.gstatic.com/s/sen/v2/ 10 KB
10 KB 117ms
38ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sen/v2/6xKjdSxYI9_3nPWNAGn5LA.woff2

Requested by

Host: v1.fullhdmatch.live
URL: http://v1.fullhdmatch.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

165ec2e19d2faa9e3562a32cd4e82e03ab835c7ebd6e7a66b589d6687b5fb3d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://v1.fullhdmatch.live/
Origin: http://v1.fullhdmatch.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 07:38:21 GMT
x-content-type-options: nosniff
age: 217895
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10108
x-xss-protection: 0
last-modified: Thu, 23 Jul 2020 19:43:44 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 16 Sep 2023 07:38:21 GMT

GET
H/1.1 200
OK sprite_v1_6.css.svg
v1.fullhdmatch.live/responsive/ 7 KB
8 KB 43ms
43ms Other
image/svg+xml 2a00:1450:400e:80f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://v1.fullhdmatch.live/responsive/sprite_v1_6.css.svg

Requested by

Host: v1.fullhdmatch.live
URL: http://v1.fullhdmatch.live/

Protocol

HTTP/1.1

Server

2a00:1450:400e:80f::2013 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73d16aca9b019e42dd2de3a10e5049b5606268ce0d8e3a167b05b37acb9b0e9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sun, 18 Sep 2022 09:28:32 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 18 Sep 2022 07:50:15 GMT
Server: sffe
Age: 38484
Vary: Accept-Encoding
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Type: image/svg+xml
Cache-Control: public, max-age=604800
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Content-Length: 7658
X-XSS-Protection: 0
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Expires: Sun, 25 Sep 2022 09:28:32 GMT

GET
H2 200 l
use.typekit.net/af/f3ba4f/00000000000000003b9b12fa/27/ 18 KB
18 KB 274ms
46ms Font
application/font-woff2 2a02:26f0:11a::6867:4851
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/f3ba4f/00000000000000003b9b12fa/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: v1.fullhdmatch.live
URL: http://v1.fullhdmatch.live/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::6867:4851 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: d954556a9ec67e4ce63d993d026abf4b6cab1fdd80d3df2d55a76f8c8aaef415

Request headers

Referer: http://v1.fullhdmatch.live/
Origin: http://v1.fullhdmatch.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 20:09:56 GMT
server: nginx
etag: "e2418760f00448874f89ae40256bf9d1d180c197"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 18512

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 318 KB
87 KB 98ms
49ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=5b19904b541ff7e5b837fd295799a817

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

81b0c1cd77f6f45aafa137202a9c3eee4d4c3a92a1a0445e7e4da747b4f6332a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://v1.fullhdmatch.live/
Origin: http://v1.fullhdmatch.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: opkDy364MqFNlG98rtBTqw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 88691
x-fb-rlafr: 0
x-fb-debug: hjl4kXh3I6PVG3cvARqYRg/iiN0Y9QS/lxqnMzI8d7Qd9T+Gi0m85FvFM75ezIJxjhYkVx9CmTVd1/q44pvJBg==
x-fb-content-md5: b2fe9fc8ce966ba797edb08f28f2dc36
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 18 Sep 2022 20:09:56 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "826c911ed57e9d6bb351c5bd43c53f72"
timing-allow-origin: *
priority: u=3,i
expires: Mon, 18 Sep 2023 19:04:06 GMT

GET json.gp
www.geoplugin.net/ 0
0

GET
H/1.1 200
OK default Show response
v1.fullhdmatch.live/feeds/posts/ 52 KB
6 KB 435ms
434ms XHR
application/json 2a00:1450:400e:80f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://v1.fullhdmatch.live/feeds/posts/default?alt=json&max-results=9

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

HTTP/1.1

Server

2a00:1450:400e:80f::2013 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Blogger Render Server 1.0 /

Resource Hash

eb3d38c69cdf3a4756a8ac6af469292dd027a02c98449b4530e699d39a92d788

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: http://v1.fullhdmatch.live/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sun, 18 Sep 2022 20:09:56 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Sun, 18 Sep 2022 19:57:50 GMT
Server: Blogger Render Server 1.0
Age: 0
ETag: W/"e398acb80f988643455f21db7e33a4b30243431ee7c4a188db5d5abda9079352"
X-Frame-Options: SAMEORIGIN
Content-Type: application/json; charset=UTF-8
Cache-Control: public, must-revalidate, proxy-revalidate, max-age=1
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Content-Length: 5233
X-XSS-Protection: 0
Expires: Sun, 18 Sep 2022 20:06:35 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/ 346 KB
122 KB 168ms
93ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8695615805843515&plah=v1.fullhdmatch.live

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e54cf54044e468826bde311710e96cac79ce702ecca83a3eb30b2f630625c95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 20:09:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124738
x-xss-protection: 0
server: cafe
etag: 17679908310944469603
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 20:09:56 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220914/r20190131/ Frame 0D12 10 KB
5 KB 120ms
37ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220914/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://v1.fullhdmatch.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 5725
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Sep 2022 18:34:31 GMT
etag: 9671129459699598864
expires: Sun, 02 Oct 2022 18:34:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 movistar-laliga.jpg
1.bp.blogspot.com/-tf1538u1_4c/XXKC-nzzwhI/AAAAAAAAQy4/bnNiDZbx3FQs9t0OHGezjTxlhE-iUr3lACLcBGAs/w220-h146-p-k-no-nu/ 7 KB
8 KB 121ms
38ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-tf1538u1_4c/XXKC-nzzwhI/AAAAAAAAQy4/bnNiDZbx3FQs9t0OHGezjTxlhE-iUr3lACLcBGAs/w220-h146-p-k-no-nu/movistar-laliga.jpg

Requested by

Host: v1.fullhdmatch.live
URL: http://v1.fullhdmatch.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

271130753c77d2c7d102a6ccae65da76c0f17e1319eb06c6a9306a0d285fe4f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 18:32:31 GMT
x-content-type-options: nosniff
age: 5845
content-disposition: inline;filename="movistar-laliga.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7409
x-xss-protection: 0
server: fife
etag: "v432f"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 19 Sep 2022 14:09:02 GMT

GET
H3 200 ANbyha0o6rI_zz-AbxHSG24n6J5qWj-LHkE3jlJhS9oYz4YWaDe88Z6uWIJBDSW6xY8Vg-AA5-fQDK-3vcgheg32GBBkFWABmyugjpjI_krfFC1fnYpX6U6QskkP5Ab36P6o97iW6UmWvuwofsIS=w220-h146-p-k-no-nu
lh3.googleusercontent.com/blogger_img_proxy/ 10 KB
10 KB 116ms
37ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/blogger_img_proxy/ANbyha0o6rI_zz-AbxHSG24n6J5qWj-LHkE3jlJhS9oYz4YWaDe88Z6uWIJBDSW6xY8Vg-AA5-fQDK-3vcgheg32GBBkFWABmyugjpjI_krfFC1fnYpX6U6QskkP5Ab36P6o97iW6UmWvuwofsIS=w220-h146-p-k-no-nu

Requested by

Host: v1.fullhdmatch.live
URL: http://v1.fullhdmatch.live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

33dbef54fad3c441c3dd762fb63f0b4e31f2652642270bf3bfe8d487aaa31df3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:27:17 GMT
x-content-type-options: nosniff
server: fife
age: 2559
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9776
x-xss-protection: 0
expires: Mon, 19 Sep 2022 19:27:17 GMT

GET
H3 200 ANbyha1CkSehvBtqPkdO-YBsDUbqwJ2WkrxePB9QXDBqRWhIiexNTq3UGHvoX23hEgvoi6tjaZZxLa6sG5SpfHmf-ixT_akk7mGQCwhUezpDToAczIC-aaZkOATkRZ-wQj-ZBPnYQSDFTMM=w220-h146-p-k-no-nu
lh3.googleusercontent.com/blogger_img_proxy/ 22 KB
22 KB 124ms
46ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/blogger_img_proxy/ANbyha1CkSehvBtqPkdO-YBsDUbqwJ2WkrxePB9QXDBqRWhIiexNTq3UGHvoX23hEgvoi6tjaZZxLa6sG5SpfHmf-ixT_akk7mGQCwhUezpDToAczIC-aaZkOATkRZ-wQj-ZBPnYQSDFTMM=w220-h146-p-k-no-nu

Requested by

Host: v1.fullhdmatch.live
URL: http://v1.fullhdmatch.live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b5849f4b119d2aaf9332c5eb250a8a27b7ba02ab4e55c6cc6681a8afe1ffdf13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:25:28 GMT
x-content-type-options: nosniff
server: fife
age: 2668
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22730
x-xss-protection: 0
expires: Mon, 19 Sep 2022 19:25:28 GMT

GET
H3 200 ANbyha2lAupllE0Y8DwPb6pF0D8s1P954r0RmQFLDyBlE4-PtmJ-Jm9ipEnerl7DUYz4x3dMxAP40iuHtDiG6lwMgefKzVagD4ZtmcTH_PO25LrU1MK9pPJPua9dD7AxOnIWnZ2YnOlejdLLjg1dGmnm=w220-h146-p-k-no-nu
lh3.googleusercontent.com/blogger_img_proxy/ 17 KB
17 KB 138ms
60ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/blogger_img_proxy/ANbyha2lAupllE0Y8DwPb6pF0D8s1P954r0RmQFLDyBlE4-PtmJ-Jm9ipEnerl7DUYz4x3dMxAP40iuHtDiG6lwMgefKzVagD4ZtmcTH_PO25LrU1MK9pPJPua9dD7AxOnIWnZ2YnOlejdLLjg1dGmnm=w220-h146-p-k-no-nu

Requested by

Host: v1.fullhdmatch.live
URL: http://v1.fullhdmatch.live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

92e312b1e75233467070ff3c19d1a008566cc789e65cdc5656feb06b543758c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 20:09:56 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17598
x-xss-protection: 0
expires: Mon, 19 Sep 2022 20:09:56 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 121ms
45ms XHR
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=742913259&t=pageview&_s=1&dl=http%3A%2F%2Fv1.fullhdmatch.live%2F&ul=en-us&de=UTF-8&dt=FullHDMatch.Live%20%7C%20Watch%20Live%20Football%20Match%20%3B%20Highlights%20%7C%20Watch%20Full%20Football%20Matches&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=2083300339&gjid=278442728&cid=1040025389.1663531796&tid=UA-128386009-12&_gid=409540405.1663531796&_r=1&gtm=2ou9e0&z=1757865755

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://v1.fullhdmatch.live/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 20:09:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://v1.fullhdmatch.live
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 116ms
46ms XHR
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=742913259&t=pageview&_s=1&dl=http%3A%2F%2Fv1.fullhdmatch.live%2F&ul=en-us&de=UTF-8&dt=FullHDMatch.Live%20%7C%20Watch%20Live%20Football%20Match%20%3B%20Highlights%20%7C%20Watch%20Full%20Football%20Matches&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=1009985511&gjid=1022901710&cid=1040025389.1663531796&tid=UA-128386009-12&_gid=409540405.1663531796&_r=1&_slc=1&z=1974909811

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://v1.fullhdmatch.live/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 20:09:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://v1.fullhdmatch.live
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/eus2-f/s/0.6.40/ 54 KB
23 KB 146ms
146ms Script
application/javascript 2620:1ec:27::cafe:1846
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2-f/s/0.6.40/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/d83chgwc9t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1846 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: bbffae0d03e6d48b808856596e595ab718c08bbc4476e7323bfcff4a6f833260

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 20:09:55 GMT
content-encoding: br
etag: "1d8c7baa5622330"
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
x-azure-ref: 0FHsnYwAAAACBE9GZuDuaQKwj0Byl2OcyTVVDMzBFREdFMDMxMwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges: bytes
request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 220 B
647 B 143ms
45ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=v1.fullhdmatch.live&callback=_gfp_s_&client=ca-pub-8695615805843515

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8695615805843515&plah=v1.fullhdmatch.live

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

85b4d468bc6bac81af12ab7af4aa5dd7c85d31b220aefc46730386b12e56e1b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 20:09:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 203
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 132ms
47ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=v1.fullhdmatch.live

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 18 Sep 2022 20:09:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 131ms
46ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=v1.fullhdmatch.live

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 18 Sep 2022 20:09:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 72ms
71ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=http%3A%2F%2Fv1.fullhdmatch.live%2F&tn=DIV&id=fixedbanner&ign=false&pw=1600&ph=1200&x=0&y=1130.4

Requested by

Host: v1.fullhdmatch.live
URL: http://v1.fullhdmatch.live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 20:09:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E60E 300 KB
68 KB 583ms
507ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&adk=1812271804&adf=3025194257&lmt=1663531070&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fv1.fullhdmatch.live%2F&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&dt=1663531796256&bpp=3&bdt=544&idt=268&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3242737643578&frm=20&pv=2&ga_vid=1040025389.1663531796&ga_sid=1663531797&ga_hid=742913259&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C31067825&oid=2&pvsid=2796152882658049&tmod=369465927&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=287

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71cc47073942229daa4876211024eac98434713ce7169dc7896d098244518904

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://v1.fullhdmatch.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 69621
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Sep 2022 20:09:57 GMT
expires: Sun, 18 Sep 2022 20:09:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3ADD 106 KB
33 KB 732ms
664ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=280&slotname=6901856940&adk=2242244602&adf=2029293275&pi=t.ma~as.6901856940&w=1058&fwrn=4&fwrnh=100&lmt=1663531070&rafmt=1&psa=0&format=1058x280&url=http%3A%2F%2Fv1.fullhdmatch.live%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1663531796259&bpp=2&bdt=548&idt=287&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3242737643578&frm=20&pv=1&ga_vid=1040025389.1663531796&ga_sid=1663531797&ga_hid=742913259&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=271&ady=89&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C31067825&oid=2&pvsid=2796152882658049&tmod=369465927&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=dP2y5nLw3x&p=http%3A//v1.fullhdmatch.live&dtd=293

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6fbb34e0b0934377843d6fa4ca0b9d54d7fcde3f845f223ae2947a62ac4154ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://v1.fullhdmatch.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33424
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Sep 2022 20:09:57 GMT
expires: Sun, 18 Sep 2022 20:09:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 099B 436 B
238 B 359ms
337ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=90&slotname=8770876385&adk=2790283832&adf=617641812&pi=t.ma~as.8770876385&w=300&lmt=1663531070&psa=0&format=300x90&url=http%3A%2F%2Fv1.fullhdmatch.live%2F&host=ca-host-pub-1556223355139109&wgl=1&dt=1663531796264&bpp=1&bdt=553&idt=329&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1058x280&nras=1&correlator=3242737643578&frm=20&pv=1&ga_vid=1040025389.1663531796&ga_sid=1663531797&ga_hid=742913259&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C31067825&oid=2&pvsid=2796152882658049&tmod=369465927&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoenEr%7C&abl=CS&pfx=0&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&xpc=XRQd1EL0u8&p=http%3A//v1.fullhdmatch.live&dtd=333

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cee09a37367f9f7c7774b0a7cf94c5872a3ea2c1bc01f172cd9f2463d0c61ca0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://v1.fullhdmatch.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 215
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Sep 2022 20:09:56 GMT
expires: Sun, 18 Sep 2022 20:09:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DFA6 73 KB
29 KB 465ms
454ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=600&slotname=4932437216&adk=145586122&adf=507318885&pi=t.ma~as.4932437216&w=300&lmt=1663531070&psa=0&format=300x600&url=http%3A%2F%2Fv1.fullhdmatch.live%2F&host=ca-host-pub-1556223355139109&wgl=1&dt=1663531796264&bpp=1&bdt=552&idt=340&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1058x280%2C300x90&nras=1&correlator=3242737643578&frm=20&pv=1&ga_vid=1040025389.1663531796&ga_sid=1663531797&ga_hid=742913259&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1029&ady=829&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C31067825&oid=2&pvsid=2796152882658049&tmod=369465927&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=wTjcdzOoGD&p=http%3A//v1.fullhdmatch.live&dtd=345

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4debc1432030dddfbf4cec74807fc57c4815dc123de2de5023cf5a7cfb8d1afa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://v1.fullhdmatch.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 29478
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Sep 2022 20:09:57 GMT
expires: Sun, 18 Sep 2022 20:09:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DA07 52 KB
12 KB 439ms
437ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=90&slotname=8770876385&adk=695648300&adf=901396254&pi=t.ma~as.8770876385&w=728&lmt=1663531070&psa=0&format=728x90&url=http%3A%2F%2Fv1.fullhdmatch.live%2F&host=ca-host-pub-1556223355139109&fwrattr=true&wgl=1&dt=1663531796265&bpp=1&bdt=553&idt=350&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1058x280%2C300x90%2C300x600&nras=1&correlator=3242737643578&frm=20&pv=1&ga_vid=1040025389.1663531796&ga_sid=1663531797&ga_hid=742913259&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=1105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C31067825&oid=2&pvsid=2796152882658049&tmod=369465927&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7CM%7CfeE%7C&abl=NF&pfx=0&fu=0&bc=23&ifi=5&uci=a!5&fsb=1&xpc=fNSXr9arQp&p=http%3A//v1.fullhdmatch.live&dtd=352

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

350ba3a68b0c9570047c44e52b340a14dd6c66f8c17ff85ebf7d8a95e3766f7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://v1.fullhdmatch.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-expose-headers: x-google-amp-ad-validated-version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 11921
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Sep 2022 20:09:57 GMT
expires: Sun, 18 Sep 2022 20:09:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 movistar-laliga.jpg
1.bp.blogspot.com/-tf1538u1_4c/XXKC-nzzwhI/AAAAAAAAQy4/bnNiDZbx3FQs9t0OHGezjTxlhE-iUr3lACLcBGAs/s1600/ 33 KB
33 KB 114ms
38ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-tf1538u1_4c/XXKC-nzzwhI/AAAAAAAAQy4/bnNiDZbx3FQs9t0OHGezjTxlhE-iUr3lACLcBGAs/s1600/movistar-laliga.jpg

Requested by

Host: v1.fullhdmatch.live
URL: http://v1.fullhdmatch.live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

784cb3820f7a77fd4194683aa3842c4c16ed9dcb66f651eba33991339ec6ea65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 16:49:20 GMT
x-content-type-options: nosniff
age: 12036
content-disposition: inline;filename="movistar-laliga.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33300
x-xss-protection: 0
server: fife
etag: "v432f"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 19 Sep 2022 08:47:07 GMT

GET
H2 200 espn-la-liga.jpg
worldsoccertalk.com/wp-content/uploads/2021/07/ 33 KB
33 KB 1007ms
176ms Image
image/jpeg 2604:4f00:10:8b9b:0:35:739:1
TIGERTECH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://worldsoccertalk.com/wp-content/uploads/2021/07/espn-la-liga.jpg

Requested by

Host: v1.fullhdmatch.live
URL: http://v1.fullhdmatch.live/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2604:4f00:10:8b9b:0:35:739:1 , United States, ASN47002 (TIGERTECH, US),

Reverse DNS

Software

Apache /

Resource Hash

e9854e16e3b6269893c6df9e03f1ff05d294131e2e0f37174993e99d6d5880ec

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 29 Jul 2021 23:33:06 GMT
tt-server: t=1663531797578237 D=1577
etag: "83f7-5c84b8668799f"
strict-transport-security: max-age=300
content-type: image/jpeg
cache-control: max-age=31536000
date: Sun, 18 Sep 2022 20:09:57 GMT
accept-ranges: bytes
content-length: 33783
server: Apache
expires: Mon, 18 Sep 2023 20:09:57 GMT

GET
H2 200 real-atletico-1.jpg
assets.khelnow.com/news/uploads/2022/09/ 165 KB
166 KB 135ms
46ms Image
image/jpeg 104.21.40.195
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.khelnow.com/news/uploads/2022/09/real-atletico-1.jpg
Requested by: Host: v1.fullhdmatch.live
URL: http://v1.fullhdmatch.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.40.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f01d6d6a4059fe36ff06fa5765b378bd74f326fa441a48cde415e775a714bfd

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 20:09:56 GMT
cf-cache-status: HIT
last-modified: Sat, 17 Sep 2022 10:39:28 GMT
server: cloudflare
age: 3997
etag: "6325a3e0-29359"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TSjzwRZZaUXExNcDySYQmHLWQWLTnG8XpsMsE%2F9fzR7mPcnvwnaE%2FVnFv1gU4nEdS6iASV85jfbm8qExInadUbquQn1HmoViMulZeTcKvWu0dyo5u5pbLsC%2Bo2LtvCJnniOJ6nY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74ccb8e1c9379bc5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 168793

GET
H2 200 MRF2022_LyonvPSG.jpg
mrfixitstips.co.uk/wp-content/uploads/2022/09/ 71 KB
71 KB 230ms
49ms Image
image/jpeg 193.33.186.13
RACKSRV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mrfixitstips.co.uk/wp-content/uploads/2022/09/MRF2022_LyonvPSG.jpg
Requested by: Host: v1.fullhdmatch.live
URL: http://v1.fullhdmatch.live/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.33.186.13 , United Kingdom, ASN52148 (RACKSRV, GB),
Reverse DNS: web1.gambla.co.uk
Software: nginx /
Resource Hash: 39a863ee88d492b15aec9562edfe18615bacf28067a9de4d64a8bbd4654b9a68

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: public
date: Sun, 18 Sep 2022 20:09:56 GMT
referrer-policy
last-modified: Tue, 13 Sep 2022 09:21:24 GMT
server: nginx
etag: "11c9f-5e88b8944d3bd"
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 72863
expires: Thu, 17 Nov 2022 20:09:56 GMT

GET
H2 200 WhatsApp-Image-2022-09-16-at-5.13.39-AM.jpeg
www.insidesport.in/wp-content/uploads/2022/09/ 64 KB
64 KB 127ms
36ms Image
image/webp 192.0.66.25
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.insidesport.in/wp-content/uploads/2022/09/WhatsApp-Image-2022-09-16-at-5.13.39-AM.jpeg?w=690
Requested by: Host: v1.fullhdmatch.live
URL: http://v1.fullhdmatch.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.25 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ce9bff1452ff831c6c58ad4ab5664ed6d5586c585fa5a2b30afe80cb2d527d15

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 20:09:56 GMT
x-rq: hhn1 109 198 443
last-modified: Fri, 16 Sep 2022 09:02:06 GMT
server: nginx
etag: "ad829effdbdaee6e"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 65428
expires: Sat, 16 Sep 2023 09:02:06 GMT

GET
H3 200 movistar-laliga.jpg
1.bp.blogspot.com/-tf1538u1_4c/XXKC-nzzwhI/AAAAAAAAQy4/bnNiDZbx3FQs9t0OHGezjTxlhE-iUr3lACLcBGAs/w135-h90-p-k-no-nu/ 4 KB
4 KB 115ms
41ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-tf1538u1_4c/XXKC-nzzwhI/AAAAAAAAQy4/bnNiDZbx3FQs9t0OHGezjTxlhE-iUr3lACLcBGAs/w135-h90-p-k-no-nu/movistar-laliga.jpg

Requested by

Host: v1.fullhdmatch.live
URL: http://v1.fullhdmatch.live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2973860bd7eb587ee150ea3ef89c7ac5ee687a7bb8fbe6713be70eff8a196432

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 18:20:23 GMT
x-content-type-options: nosniff
age: 6573
content-disposition: inline;filename="movistar-laliga.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4326
x-xss-protection: 0
server: fife
etag: "v432f"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 19 Sep 2022 12:43:51 GMT

POST
H2 204 collect Show response
n.clarity.ms/ 0
177 B 597ms
277ms XHR
text/plain 52.184.204.244
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://n.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-f/s/0.6.40/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.184.204.244 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: http://v1.fullhdmatch.live/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: http://v1.fullhdmatch.live
date: Sun, 18 Sep 2022 20:09:57 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012208242209000/ Frame DA07 220 KB
61 KB 167ms
37ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012208242209000/amp4ads-v0.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=90&slotname=8770876385&adk=695648300&adf=901396254&pi=t.ma~as.8770876385&w=728&lmt=1663531070&psa=0&format=728x90&url=http%3A%2F%2Fv1.fullhdmatch.live%2F&host=ca-host-pub-1556223355139109&fwrattr=true&wgl=1&dt=1663531796265&bpp=1&bdt=553&idt=350&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1058x280%2C300x90%2C300x600&nras=1&correlator=3242737643578&frm=20&pv=1&ga_vid=1040025389.1663531796&ga_sid=1663531797&ga_hid=742913259&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=1105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C31067825&oid=2&pvsid=2796152882658049&tmod=369465927&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7CM%7CfeE%7C&abl=NF&pfx=0&fu=0&bc=23&ifi=5&uci=a!5&fsb=1&xpc=fNSXr9arQp&p=http%3A//v1.fullhdmatch.live&dtd=352

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98a2bc2afc0f4cab2b795ad4073bcb8fb4093f2ef1df15ea4f616864416bc7a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 296319
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61572
x-xss-protection: 0
server: sffe
date: Thu, 15 Sep 2022 09:51:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d3316a1477ddceef"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 15 Sep 2023 09:51:18 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012208242209000/v0/ Frame DA07 14 KB
5 KB 230ms
100ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012208242209000/v0/amp-ad-exit-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b40b457fa316cee42f8a4bc97d77182cc54120e33ffbb8a812c05836501134a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 296319
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5202
x-xss-protection: 0
server: sffe
date: Thu, 15 Sep 2022 09:51:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "29c50428a02dcb23"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 15 Sep 2023 09:51:18 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012208242209000/v0/ Frame DA07 94 KB
28 KB 232ms
107ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012208242209000/v0/amp-analytics-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf2d49f967e0112be0eb0cab4103cdec4cbf10f49810197750ecea6fbe2ba116

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 296319
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28820
x-xss-protection: 0
server: sffe
date: Thu, 15 Sep 2022 09:51:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d86c26a7f6daf516"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 15 Sep 2023 09:51:18 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012208242209000/v0/ Frame DA07 5 KB
2 KB 246ms
120ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012208242209000/v0/amp-fit-text-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

476756d5ca23f4bc0086789ce0af7a810be71053bbfa8ea98aed92cc14f123dc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 296319
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1907
x-xss-protection: 0
server: sffe
date: Thu, 15 Sep 2022 09:51:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f652edf411126f67"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 15 Sep 2023 09:51:18 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012208242209000/v0/ Frame DA07 40 KB
13 KB 247ms
121ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012208242209000/v0/amp-form-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

659e88497037086f548b785858e67802177b50f906e65ab77c6985841b370cf9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 296319
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12946
x-xss-protection: 0
server: sffe
date: Thu, 15 Sep 2022 09:51:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1a39bbdc45509c4d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 15 Sep 2023 09:51:18 GMT

GET
H2 200 amp-gwd-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012208242209000/v0/ Frame DA07 6 KB
2 KB 253ms
127ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012208242209000/v0/amp-gwd-animation-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce302760c9165399e108bb066aee20128ed32555c0201b8b240a9342a61b9847

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 296318
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2443
x-xss-protection: 0
server: sffe
date: Thu, 15 Sep 2022 09:51:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "22fb75b9aa585a43"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 15 Sep 2023 09:51:19 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame DA07 43 KB
2 KB 159ms
59ms Stylesheet
text/css 2a00:1450:400a:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400a:808::200a Zurich, Switzerland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7d2cdc33a01967787075c67728204819a1c4b23d621bdeb44727fa612a25d585

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 18 Sep 2022 18:28:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 18 Sep 2022 20:09:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 18 Sep 2022 20:09:57 GMT

GET
H2 200 es.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DA07 3 KB
3 KB 174ms
91ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/es.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f86391f8f5e12c3838b2bb51d1910da2a1a2aa975e44bfc3e189dc8bccdc0549

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 01:00:14 GMT
x-content-type-options: nosniff
server: cafe
age: 68983
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 15820072736840818134
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2687
x-xss-protection: 0
expires: Mon, 19 Sep 2022 01:00:14 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DA07 295 B
424 B 133ms
50ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 09:51:18 GMT
x-content-type-options: nosniff
server: cafe
age: 37119
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Mon, 19 Sep 2022 09:51:18 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame DA07 0
21 B 90ms
89ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CNU0NFHsnY6qwK_i9zLUP2521yAb50PnHaqujmfKvD-PyoNyWLxABIOeiwktglbqJgpgHoAGKwPz3AsgBCakCQyYB0hDOsD6oAwHIAwiqBOABT9CqKn92lHZfMip8ApkBopLXAUj1QIFUVWlG-1LRWpi-O4JrZtTFvSp2RvzVk2cxqv3BAeLLkONRtszdhVyn06DALOx12yPljs4Q8E5_55-VSsUZU5_UUpgfJPhM99eu7b-ONMV8E0wQEZ6b2xRBYRGFP3yONUQN83RWbpVZUTj_grwdH9ahoDtcTpYSlQg9rJxi_FUi5jikNcULT6q4xmeEanRVASNmgCcrnxtzJ5xxEKkO0EwmLjRUpEe52bQYODajy8puMYGHaMNwSV0kHSiChx8wrGkeee7Cwlqlg4HABMWEsKPvA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfev4OIAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcDEPlz0ggRCIDhgHAQARgfMgLrAjoCgECACgHICwHYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItODY5NTYxNTgwNTg0MzUxNRgA&sigh=vXOCcwr3zlU&uach_m=[UACH]&template_id=419

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=90&slotname=8770876385&adk=695648300&adf=901396254&pi=t.ma~as.8770876385&w=728&lmt=1663531070&psa=0&format=728x90&url=http%3A%2F%2Fv1.fullhdmatch.live%2F&host=ca-host-pub-1556223355139109&fwrattr=true&wgl=1&dt=1663531796265&bpp=1&bdt=553&idt=350&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1058x280%2C300x90%2C300x600&nras=1&correlator=3242737643578&frm=20&pv=1&ga_vid=1040025389.1663531796&ga_sid=1663531797&ga_hid=742913259&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=1105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C31067825&oid=2&pvsid=2796152882658049&tmod=369465927&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7CM%7CfeE%7C&abl=NF&pfx=0&fu=0&bc=23&ifi=5&uci=a!5&fsb=1&xpc=fNSXr9arQp&p=http%3A//v1.fullhdmatch.live&dtd=352
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 18 Sep 2022 20:09:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 18 Sep 2022 20:09:57 GMT

GET
H2 200 12524491037668340022
tpc.googlesyndication.com/simgad/ Frame DFA6 14 KB
14 KB 123ms
52ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12524491037668340022?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qm3Em3avfTZ-ikQq_F6swOYe2ZuvA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=600&slotname=4932437216&adk=145586122&adf=507318885&pi=t.ma~as.4932437216&w=300&lmt=1663531070&psa=0&format=300x600&url=http%3A%2F%2Fv1.fullhdmatch.live%2F&host=ca-host-pub-1556223355139109&wgl=1&dt=1663531796264&bpp=1&bdt=552&idt=340&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1058x280%2C300x90&nras=1&correlator=3242737643578&frm=20&pv=1&ga_vid=1040025389.1663531796&ga_sid=1663531797&ga_hid=742913259&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1029&ady=829&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C31067825&oid=2&pvsid=2796152882658049&tmod=369465927&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=wTjcdzOoGD&p=http%3A//v1.fullhdmatch.live&dtd=345

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ffb38b7fb160d89c551f2045ff9890f70268ef268dbb39c0603cf43713990c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 08:49:01 GMT
x-content-type-options: nosniff
age: 386456
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14176
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 17:05:20 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 14 Sep 2023 08:49:01 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame DFA6 0
0 83ms
83ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C8eEUFHsnY9nsK8rdhQbNrZPYDMnf1e9qsamYm48QwrORmJ8jEAEg56LCS2CVuomCmAegAfGaoNAByAECqAMByAPJBKoE3AFP0PYHFr9nV4Ma-YK2Si98Wz_M-MQS0P_czR0oSV0pm8ak_ooIDf2YLS3ePsdHNOM66_mnxM0zKpERAdCF0pG6m-Sey55Tj3eHQqxGxAfOwCd_6R_BAbRNshjkV8wPf9WhJJglbsVE043rj8PIgl66B56aj76AoE3Rw8Y3RcaI1TTevU_yWfwTSWidF_UE1OMAfGN0I0Y_E_P89R7m3-PMi2XrwycFpKratmg9nMG1tuc199fT3C25PLqHow8TGqRVfWgFMXhBvL-tSfoiPY_8ydzsc0X0C0I3SiwDwASTotrrkwSSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAH9-TfrwKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCijQPSCBEIgOGAcBABGB8yAusCOgKAQIAKAcgLAdgTDNAVAYAXAbIXHAoaCAASFHB1Yi04Njk1NjE1ODA1ODQzNTE1GAA&sigh=hOBD_CQ8y7w&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=600&slotname=4932437216&adk=145586122&adf=507318885&pi=t.ma~as.4932437216&w=300&lmt=1663531070&psa=0&format=300x600&url=http%3A%2F%2Fv1.fullhdmatch.live%2F&host=ca-host-pub-1556223355139109&wgl=1&dt=1663531796264&bpp=1&bdt=552&idt=340&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1058x280%2C300x90&nras=1&correlator=3242737643578&frm=20&pv=1&ga_vid=1040025389.1663531796&ga_sid=1663531797&ga_hid=742913259&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1029&ady=829&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C31067825&oid=2&pvsid=2796152882658049&tmod=369465927&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=wTjcdzOoGD&p=http%3A//v1.fullhdmatch.live&dtd=345
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 18 Sep 2022 20:09:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 18 Sep 2022 20:09:57 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/ Frame DFA6 23 KB
10 KB 102ms
39ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42fa7740568dc6425cd4a5562e89e67632280349e368fe348914d808064c9ffc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 20:06:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 213
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9550
x-xss-protection: 0
server: cafe
etag: 715955199520789971
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Oct 2022 20:06:24 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame DFA6 3 KB
1 KB 115ms
52ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 20:02:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 450
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Oct 2022 20:02:27 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame DFA6 17 KB
7 KB 107ms
45ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 917
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7552
x-xss-protection: 0
server: cafe
etag: 1588701280721430806
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Oct 2022 19:54:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DFA6 141 KB
44 KB 144ms
47ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 20:09:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44609
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663155654979086"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 18 Sep 2022 20:09:57 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame DFA6 32 KB
13 KB 142ms
80ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1960e96dffec2f85eb5815b99af79f54998d8cecb7272b033e4ca7c3f008a03a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:42:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1620
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13561
x-xss-protection: 0
server: cafe
etag: 2350513669966983282
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Oct 2022 19:42:57 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/ 149 KB
53 KB 85ms
85ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

60d2947d13d6218ad3e42dc1e5678e1aff3bd06ef67e0a38959a78f8f75339cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 20:09:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54569
x-xss-protection: 0
server: cafe
etag: 13393702225675044411
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 20:09:57 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 05AD 143 B
163 B 38ms
37ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=600&slotname=4932437216&adk=145586122&adf=507318885&pi=t.ma~as.4932437216&w=300&lmt=1663531070&psa=0&format=300x600&url=http%3A%2F%2Fv1.fullhdmatch.live%2F&host=ca-host-pub-1556223355139109&wgl=1&dt=1663531796264&bpp=1&bdt=552&idt=340&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1058x280%2C300x90&nras=1&correlator=3242737643578&frm=20&pv=1&ga_vid=1040025389.1663531796&ga_sid=1663531797&ga_hid=742913259&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1029&ady=829&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C31067825&oid=2&pvsid=2796152882658049&tmod=369465927&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=wTjcdzOoGD&p=http%3A//v1.fullhdmatch.live&dtd=345
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3508
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sun, 18 Sep 2022 19:11:29 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame DFA6 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c0f98d1c99cb46e2ed6bf2c3e09cfa4db1c69971c3569bbe6a296fcaeb533fc2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame DA07 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e7062d9de7e67dbfac33df706d9f37ff098e9881954cf83800ec35bb12e8b68

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v27/ Frame DA07 12 KB
12 KB 114ms
38ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v27/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1c30918a861cb6a985ab55d54ad7e861682354197f164cb3b7194f20eed67ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:22:46 GMT
x-content-type-options: nosniff
age: 532031
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12684
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:28:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Sep 2023 16:22:46 GMT

GET
H3 200 o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v27/ Frame DA07 13 KB
13 KB 124ms
49ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 17:47:57 GMT
x-content-type-options: nosniff
age: 526920
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12860
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:27:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Sep 2023 17:47:57 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 05AD
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
18 B

54ms
53ms

Document
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Sep 2022 20:09:57 GMT
expires: Sun, 18 Sep 2022 20:09:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 18 Sep 2022 20:09:57 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 124ms
47ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=v1.fullhdmatch.live

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 18 Sep 2022 20:09:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 124ms
47ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=v1.fullhdmatch.live

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 18 Sep 2022 20:09:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220914/r20110914/ Frame 74B9 10 KB
4 KB 37ms
37ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220914/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://v1.fullhdmatch.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 48506
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Sep 2022 06:41:31 GMT
etag: 9671129459699598864
expires: Sun, 02 Oct 2022 06:41:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220914/r20110914/ Frame 5317 10 KB
4 KB 37ms
37ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220914/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://v1.fullhdmatch.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 48506
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Sep 2022 06:41:31 GMT
etag: 9671129459699598864
expires: Sun, 02 Oct 2022 06:41:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 3ADD 3 KB
601 B 149ms
60ms Stylesheet
text/css 2a00:1450:400a:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=280&slotname=6901856940&adk=2242244602&adf=2029293275&pi=t.ma~as.6901856940&w=1058&fwrn=4&fwrnh=100&lmt=1663531070&rafmt=1&psa=0&format=1058x280&url=http%3A%2F%2Fv1.fullhdmatch.live%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1663531796259&bpp=2&bdt=548&idt=287&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3242737643578&frm=20&pv=1&ga_vid=1040025389.1663531796&ga_sid=1663531797&ga_hid=742913259&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=271&ady=89&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C31067825&oid=2&pvsid=2796152882658049&tmod=369465927&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=dP2y5nLw3x&p=http%3A//v1.fullhdmatch.live&dtd=293

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400a:808::200a Zurich, Switzerland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 18 Sep 2022 19:06:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 18 Sep 2022 20:09:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 18 Sep 2022 20:09:57 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame 3ADD 2 KB
902 B 119ms
39ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:50:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1143
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Oct 2022 19:50:54 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/ Frame 3ADD 23 KB
9 KB 119ms
39ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42fa7740568dc6425cd4a5562e89e67632280349e368fe348914d808064c9ffc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 20:02:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 433
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9550
x-xss-protection: 0
server: cafe
etag: 715955199520789971
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Oct 2022 20:02:44 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame 3ADD 3 KB
1 KB 93ms
39ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:40:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1786
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Oct 2022 19:40:11 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame 3ADD 17 KB
7 KB 125ms
45ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 917
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7552
x-xss-protection: 0
server: cafe
etag: 1588701280721430806
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Oct 2022 19:54:40 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3ADD 141 KB
44 KB 127ms
50ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 20:09:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44609
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663155654979086"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 18 Sep 2022 20:09:57 GMT

GET
H2 200 026517f4e3185bf0f4d8fd76517024ed.js Show response
www.gstatic.com/mysidia/ Frame 3ADD 33 KB
14 KB 121ms
38ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/026517f4e3185bf0f4d8fd76517024ed.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87699878773345d6e7207ceab7074468991c353d70ceb8586fde33a5d40d6929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 09:51:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 296319
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13694
x-xss-protection: 0
last-modified: Mon, 12 Sep 2022 21:57:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 14 Dec 2022 09:51:18 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3ADD 0
0 84ms
84ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CFu83FHsnY7a2K6j4zLUP1sK9kAKYsuH5aMHA7MGoDP_Ror3AARABIOeiwktglbqJgpgHoAGwuqHXA8gBCakCQyYB0hDOsD6oAwHIA8sEqgTWAU_QgZBY1T7WTX_36XE_Vrt4AKJt5EPm4b4TqXaAee5YQXNE1VB2mkgQDSXm5JyF4R7pDRpOIh0jzaABwTgXQV0-TvplaqHvPrQS7JIIGA7Kvmkt_v_TxvSh-EE3Ce1Aw8aU3CLwUSpyh-Gyzug_wrlrOfsivUrcf1JR52EiMbTJhNI0mQhJueNc85zR_IDW-YVz8Nsz-pLJA-3X_D_nSS3B4IgeD9OoGep3xYzIqo3Ll5W0egBxDL0-IgyC2i0eYKfrPKYiovCrHVvoifVJmOn3MWY4zQrABPnh4sqOA5IFBAgEGAGSBQQIBRgEoAYugAe_2b1gqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEO3zA9IIEQiA4YBwEAEYHzIC6wI6AoBAgAoByAsB2BMMiBQB0BUBgBcBshccChoIABIUcHViLTg2OTU2MTU4MDU4NDM1MTUYAA&sigh=JaiKen7HUEI&uach_m=[UACH]&template_id=494

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8695615805843515&output=html&h=280&slotname=6901856940&adk=2242244602&adf=2029293275&pi=t.ma~as.6901856940&w=1058&fwrn=4&fwrnh=100&lmt=1663531070&rafmt=1&psa=0&format=1058x280&url=http%3A%2F%2Fv1.fullhdmatch.live%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1663531796259&bpp=2&bdt=548&idt=287&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3242737643578&frm=20&pv=1&ga_vid=1040025389.1663531796&ga_sid=1663531797&ga_hid=742913259&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=271&ady=89&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C31067825&oid=2&pvsid=2796152882658049&tmod=369465927&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=dP2y5nLw3x&p=http%3A//v1.fullhdmatch.live&dtd=293
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 18 Sep 2022 20:09:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 15513596651832140874_11361403871243500124.jpeg
static.doubleclick.net/dynamic/5/179058610/ Frame 3ADD 83 KB
84 KB 127ms
41ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/179058610/15513596651832140874_11361403871243500124.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcd3ea17cbf6c1c1e8b723ac4013c9f23c5ec57085b27a38b3ac59f401890591

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 09:29:06 GMT
x-content-type-options: nosniff
age: 211251
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84958
x-xss-protection: 0
last-modified: Fri, 16 Sep 2022 07:33:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Sep 2023 09:29:06 GMT

GET
H2 200 12387699964291798256_9146618617033836075.jpeg
static.doubleclick.net/dynamic/5/179058610/ Frame 3ADD 71 KB
71 KB 193ms
107ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/179058610/12387699964291798256_9146618617033836075.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd4166a69eaa2d6cf37f33cb021cda0767429283b038db80e64e4fdd7adac908

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 09:24:28 GMT
x-content-type-options: nosniff
age: 211529
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72725
x-xss-protection: 0
last-modified: Fri, 16 Sep 2022 07:37:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Sep 2023 09:24:28 GMT

GET
H2 200 9676695055424535805_9186565913604646649.jpeg
static.doubleclick.net/dynamic/5/179058610/ Frame 3ADD 89 KB
89 KB 167ms
82ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/179058610/9676695055424535805_9186565913604646649.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68eaf8ac60d0942a6bcee0b4538d7d50ebe41bd26e332550d05d8b9d37fa16e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 09:24:57 GMT
x-content-type-options: nosniff
age: 211500
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91035
x-xss-protection: 0
last-modified: Fri, 16 Sep 2022 07:33:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Sep 2023 09:24:57 GMT

GET
H3 200 16954631344432514325
tpc.googlesyndication.com/daca_images/simgad/ Frame 3ADD 18 KB
18 KB 66ms
51ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/16954631344432514325

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7cd2df345488171f36ff248868b19d2759d24b295f25c0968d3f5ce7370f01bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 20:33:44 GMT
x-content-type-options: nosniff
age: 344173
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18045
x-xss-protection: 0
last-modified: Mon, 26 Jun 2017 02:19:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 14 Sep 2023 20:33:44 GMT

GET
H3

200

4091503581208051288
tpc.googlesyndication.com/simgad/ Frame 3ADD
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDnj86ZywEQ9AMY9AMyCGN8MsJOAEwL
https://tpc.googlesyndication.com/simgad/4091503581208051288

107 KB
107 KB

38ms
38ms

Image
image/png

2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4091503581208051288

Requested by

Protocol

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcab803c6d01082f69e5510655ca566241f3a4fd3ee7aa1506b1308e2d069ccb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 16:38:04 GMT
x-content-type-options: nosniff
age: 444713
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109931
x-xss-protection: 0
last-modified: Wed, 23 Oct 2019 12:45:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 13 Sep 2023 16:38:04 GMT

Redirect headers

date: Sun, 18 Sep 2022 19:03:04 GMT
x-content-type-options: nosniff
server: cafe
age: 4013
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://tpc.googlesyndication.com/simgad/4091503581208051288
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 18 Oct 2022 19:03:04 GMT

GET
H3 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012208242209000/ 23 KB
8 KB 113ms
37ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012208242209000/amp4ads-host-v0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4aa0aeaa1c8cdb17cba5fffd620642edad90c30336c7fd99edf0d30b0e8bb8ec

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 435098
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7859
x-xss-protection: 0
server: sffe
date: Tue, 13 Sep 2022 19:18:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9f978466ec83a2ff"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 13 Sep 2023 19:18:19 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 74B9 4 KB
636 B 58ms
58ms Stylesheet
text/css 2a00:1450:400a:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400a:808::200a Zurich, Switzerland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 18 Sep 2022 18:55:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 18 Sep 2022 20:09:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 18 Sep 2022 20:09:57 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 74B9 205 B
518 B 51ms
45ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:50:36 GMT
x-content-type-options: nosniff
age: 1161
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 18 Sep 2023 19:50:36 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 74B9 604 B
695 B 51ms
46ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 16:47:57 GMT
x-content-type-options: nosniff
age: 12120
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 18 Sep 2023 16:47:57 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/elements/html/ Frame 74B9 19 KB
8 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a29ee7f631d3e9d0982fb25160454b11de5bcebfb7197decf36bd4e735091644

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 20:03:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 408
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8202
x-xss-protection: 0
server: cafe
etag: 12420716543898108158
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Oct 2022 20:03:09 GMT

GET
H2 200 0cf29303bb18303a156bc2ce1c098e89.js Show response
www.gstatic.com/mysidia/ Frame 5317 10 KB
4 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0cf29303bb18303a156bc2ce1c098e89.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a89baeeddf42182b6b6847f1ad6f45d2c81457c4970ed9baec3be9e44d84fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 15:06:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 450196
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4398
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 23:53:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 12 Dec 2022 15:06:41 GMT

GET
H2 200 2e4af17640cb32bc996b7903b1b5a7cb.js Show response
www.gstatic.com/mysidia/ Frame 5317 19 KB
8 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2e4af17640cb32bc996b7903b1b5a7cb.js?tag=pingback

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

357abec0133efb2d00e08db6666c4e89b04f8fdc96b3eea43bde026e2fa78075

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 00:28:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 243664
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7793
x-xss-protection: 0
last-modified: Mon, 12 Sep 2022 21:57:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 15 Dec 2022 00:28:53 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 5317 3 KB
601 B 59ms
59ms Stylesheet
text/css 2a00:1450:400a:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400a:808::200a Zurich, Switzerland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 18 Sep 2022 19:03:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 18 Sep 2022 20:09:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 18 Sep 2022 20:09:57 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame 5317 2 KB
902 B 41ms
38ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:50:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1143
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Oct 2022 19:50:54 GMT

GET
H2 200 a44a0b8f447061e92ca19622c4392a02.js Show response
www.gstatic.com/mysidia/ Frame 5317 6 KB
2 KB 80ms
75ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a44a0b8f447061e92ca19622c4392a02.js?tag=analytics_pingback_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa3777d578531c63cb5b48a28d1f0135a9769ca2ee44ae916aadb341089140e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 16:51:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 98313
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2233
x-xss-protection: 0
last-modified: Mon, 12 Sep 2022 21:57:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 16 Dec 2022 16:51:24 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/ Frame 5317 23 KB
9 KB 41ms
38ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42fa7740568dc6425cd4a5562e89e67632280349e368fe348914d808064c9ffc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 20:02:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 433
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9550
x-xss-protection: 0
server: cafe
etag: 715955199520789971
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Oct 2022 20:02:44 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame 5317 3 KB
1 KB 53ms
50ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:40:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1786
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Oct 2022 19:40:11 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame 5317 17 KB
7 KB 47ms
43ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 917
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7552
x-xss-protection: 0
server: cafe
etag: 1588701280721430806
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Oct 2022 19:54:40 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5317 141 KB
44 KB 64ms
60ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 20:09:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44609
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663155654979086"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 18 Sep 2022 20:09:57 GMT

GET
H2 200 026517f4e3185bf0f4d8fd76517024ed.js Show response
www.gstatic.com/mysidia/ Frame 5317 33 KB
13 KB 68ms
64ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/026517f4e3185bf0f4d8fd76517024ed.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87699878773345d6e7207ceab7074468991c353d70ceb8586fde33a5d40d6929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 09:51:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 296319
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13694
x-xss-protection: 0
last-modified: Mon, 12 Sep 2022 21:57:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 14 Dec 2022 09:51:18 GMT

GET
DATA 200
OK truncated
/ Frame 3ADD 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca94478ca0723256684f18d88ad73ab863aa0387796b03fa3096a807181a8e32

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 0cf29303bb18303a156bc2ce1c098e89.js Show response
www.gstatic.com/mysidia/ Frame 746C 10 KB
4 KB 122ms
45ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0cf29303bb18303a156bc2ce1c098e89.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a89baeeddf42182b6b6847f1ad6f45d2c81457c4970ed9baec3be9e44d84fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 15:06:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 450196
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4398
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 23:53:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 12 Dec 2022 15:06:41 GMT

GET
H3 200 2e4af17640cb32bc996b7903b1b5a7cb.js Show response
www.gstatic.com/mysidia/ Frame 746C 19 KB
8 KB 114ms
38ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2e4af17640cb32bc996b7903b1b5a7cb.js?tag=pingback

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

357abec0133efb2d00e08db6666c4e89b04f8fdc96b3eea43bde026e2fa78075

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 00:28:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 243664
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7793
x-xss-protection: 0
last-modified: Mon, 12 Sep 2022 21:57:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 15 Dec 2022 00:28:53 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 746C 8 KB
893 B 60ms
59ms Stylesheet
text/css 2a00:1450:400a:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400a:808::200a Zurich, Switzerland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 18 Sep 2022 19:00:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 18 Sep 2022 20:09:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 18 Sep 2022 20:09:57 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame 746C 2 KB
902 B 38ms
37ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:50:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1143
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Oct 2022 19:50:54 GMT

GET
H3 200 a44a0b8f447061e92ca19622c4392a02.js Show response
www.gstatic.com/mysidia/ Frame 746C 6 KB
2 KB 117ms
44ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a44a0b8f447061e92ca19622c4392a02.js?tag=analytics_pingback_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa3777d578531c63cb5b48a28d1f0135a9769ca2ee44ae916aadb341089140e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 16:51:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 98313
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2233
x-xss-protection: 0
last-modified: Mon, 12 Sep 2022 21:57:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 16 Dec 2022 16:51:24 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/ Frame 746C 23 KB
9 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42fa7740568dc6425cd4a5562e89e67632280349e368fe348914d808064c9ffc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 20:02:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 433
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9550
x-xss-protection: 0
server: cafe
etag: 715955199520789971
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Oct 2022 20:02:44 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame 746C 3 KB
1 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:40:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1786
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Oct 2022 19:40:11 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame 746C 17 KB
7 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 917
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7552
x-xss-protection: 0
server: cafe
etag: 1588701280721430806
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Oct 2022 19:54:40 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 746C 141 KB
44 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 20:09:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44609
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663155654979086"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 18 Sep 2022 20:09:57 GMT

GET
H3 200 026517f4e3185bf0f4d8fd76517024ed.js Show response
www.gstatic.com/mysidia/ Frame 746C 33 KB
13 KB 111ms
38ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/026517f4e3185bf0f4d8fd76517024ed.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87699878773345d6e7207ceab7074468991c353d70ceb8586fde33a5d40d6929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 09:51:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 296319
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13694
x-xss-protection: 0
last-modified: Mon, 12 Sep 2022 21:57:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 14 Dec 2022 09:51:18 GMT

GET
H3 200 IIqf1vOd-6pW952NlRsbn4M3wW5PqZJVav1GItm6W8s.js Show response
pagead2.googlesyndication.com/bg/ Frame 9E35 36 KB
16 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IIqf1vOd-6pW952NlRsbn4M3wW5PqZJVav1GItm6W8s.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

208a9fd6f39dfbaa56f79d8d951b1b9f8337c16e4fa992556afd4622d9ba5bcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:36:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2019
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16029
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 18 Sep 2023 19:36:18 GMT

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 3ADD 20 KB
20 KB 38ms
37ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 09:51:39 GMT
x-content-type-options: nosniff
age: 382698
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Sep 2023 09:51:39 GMT

GET
H3 200 ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 3ADD 21 KB
21 KB 42ms
42ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 22:44:30 GMT
x-content-type-options: nosniff
age: 422727
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21428
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:32:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 22:44:30 GMT

GET
H3 200 IIqf1vOd-6pW952NlRsbn4M3wW5PqZJVav1GItm6W8s.js Show response
pagead2.googlesyndication.com/bg/ Frame B12D 36 KB
16 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IIqf1vOd-6pW952NlRsbn4M3wW5PqZJVav1GItm6W8s.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

208a9fd6f39dfbaa56f79d8d951b1b9f8337c16e4fa992556afd4622d9ba5bcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:36:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2019
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16029
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 18 Sep 2023 19:36:18 GMT

GET
H3 200 IIqf1vOd-6pW952NlRsbn4M3wW5PqZJVav1GItm6W8s.js Show response
pagead2.googlesyndication.com/bg/ Frame E2BC 36 KB
16 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IIqf1vOd-6pW952NlRsbn4M3wW5PqZJVav1GItm6W8s.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

208a9fd6f39dfbaa56f79d8d951b1b9f8337c16e4fa992556afd4622d9ba5bcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:36:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2019
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16029
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 18 Sep 2023 19:36:18 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5317 0
20 B 71ms
71ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoKCAEqBmJhbm5lcgoKCAIqBnNlcnZlcgoVCAQqEW15c2lkaWFfYW5hbHl0aWNzCg0QKyEAAAAAAAA5QDAECg0QAyEAAACamdF1QDAECg0QDSEAAAAAAAAAADAECgkQHioDMHgwMAQKCRAZKgMweDAwBAoNECshAAAAAAAAPEAwBAoNEBAhAAAAAABwskAwBAoNEBEhAAAAAAAO1EAwBAoNEBIhAAAAAAAAIEAwBAoNEBMhAAAAAAAAEEAwBAoNEBchAAAAmpmBd0AwBAoNEBQhAAAAAEDo1EAwBAoNEBUhAAAAAAAAJEAwBAoNEBYhAAAAAAAAFEAwBAoNEBghAAAAAADwd0AwBAoNEDIhAAAAADAz0z8wBAoNEDMhAAAAADAz0z8wBAoNEDQhAAAAADAz0z8wBAoNEDUhAAAAADAz0z8wBAoNEDYhAAAAADAz0z8wBAoNEDchAAAAADAz0z8wBAoNEDghAAAAAJmZBUAwBAoNEDkhAAAAkJmZQ0AwBAoNEDohAAAA0MxMREAwBAoNEDshAAAAMjNzd0AwBAoNEDwhAAAAMjNzd0AwBAoNED0hAAAAmpmBd0AwBAoNED4hAAAAmpmBd0AwBAoNED8hAAAAMjODd0AwBAoNEEAhAAAAmpkBeEAwBBIaQ0p1SHdPNlNuX29DRlU1VUZRZ2QxeUVGNEEiCWdwYS9tb250ZSgM

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/2e4af17640cb32bc996b7903b1b5a7cb.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 20:09:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1E34 143 B
163 B 38ms
37ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220914/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3508
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sun, 18 Sep 2022 19:11:29 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect Show response
n.clarity.ms/ 0
25 B 126ms
125ms XHR
text/plain 52.184.204.244
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://n.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-f/s/0.6.40/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.184.204.244 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: http://v1.fullhdmatch.live/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: http://v1.fullhdmatch.live
date: Sun, 18 Sep 2022 20:09:57 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 746C 0
20 B 71ms
71ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgocCAEqGGxhcmdlLWJhbm5lci1yZGEtdmFuaWxsYQoKCAIqBnNlcnZlcgoVCAQqEW15c2lkaWFfYW5hbHl0aWNzCg0QKyEAAAAAAAAQQDAECg0QAyEAAABkZiZmQDAECg0QDSEAAAAAAAAAADAECgkQHioDMHgwMAQKCRAZKgMweDAwBAoNECshAAAAAAAAGEAwBAoNEBAhAAAAAAAAAAAwBAoNEBEhAAAAAAAO1EAwBAoNEBIhAAAAAAAAHEAwBAoNEBMhAAAAAAAACEAwBAoNEBchAAAAZGZ2aEAwBBIaQ0pxSHdPNlNuX29DRlU1VUZRZ2QxeUVGNEEiGnRleHQvdmFuaWxsYV90ZXh0X2Nsb3NlX3YyKAM=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/2e4af17640cb32bc996b7903b1b5a7cb.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 20:09:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=AD98EDCE8FD64E108C1519D2FB90B767&RedC=c.clarity.ms&MXFR=0B65650D9E886C76104A772E9A88620D
https://c.clarity.ms/c.gif?CtsSyncId=AD98EDCE8FD64E108C1519D2FB90B767&MUID=1E56E573657F6EAB1581F75064D36F25

42 B
369 B

55ms
55ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=AD98EDCE8FD64E108C1519D2FB90B767&MUID=1E56E573657F6EAB1581F75064D36F25
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 20:09:57 GMT
last-modified: Tue, 13 Sep 2022 19:54:52 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "8d3298b0aac7d81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Sun, 18 Sep 2022 20:09:58 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4445B5774F064E068051B963AD05B799 Ref B: FRA31EDGE0710 Ref C: 2022-09-18T20:09:58Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=AD98EDCE8FD64E108C1519D2FB90B767&MUID=1E56E573657F6EAB1581F75064D36F25
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 164ms
85ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220914&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d33791eed9d501591182e0c07bf27c07ce80819cd50e45b7aa0b48c83c8c2d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 18 Sep 2022 20:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11147
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 746C 0
20 B 72ms
71ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgocCAEqGGxhcmdlLWJhbm5lci1yZGEtdmFuaWxsYQoKCAIqBnNlcnZlcgoVCAQqEW15c2lkaWFfYW5hbHl0aWNzCg0QFCEAAAAAgKDVQDAECg0QFSEAAAAAAAAmQDAECg0QFiEAAAAAAAAUQDAECg0QGCEAAADMzCRzQDAEEhpDSnFId082U25fb0NGVTVVRlFnZDF5RUY0QSIadGV4dC92YW5pbGxhX3RleHRfY2xvc2VfdjIoAw==

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/2e4af17640cb32bc996b7903b1b5a7cb.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 20:09:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1E34
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

49ms
48ms

Document
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Sep 2022 20:09:58 GMT
expires: Sun, 18 Sep 2022 20:09:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Sep 2022 20:09:58 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 IIqf1vOd-6pW952NlRsbn4M3wW5PqZJVav1GItm6W8s.js Show response
pagead2.googlesyndication.com/bg/ Frame 7555 36 KB
16 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IIqf1vOd-6pW952NlRsbn4M3wW5PqZJVav1GItm6W8s.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

208a9fd6f39dfbaa56f79d8d951b1b9f8337c16e4fa992556afd4622d9ba5bcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:36:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2019
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16029
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 18 Sep 2023 19:36:18 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 20:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 18 Sep 2022 20:09:58 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8DD6 13 KB
5 KB 39ms
38ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://v1.fullhdmatch.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2021
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 18 Sep 2022 19:36:17 GMT
expires: Mon, 18 Sep 2023 19:36:17 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B196 783 B
533 B 48ms
48ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

18b9cc12a133112794e4c684d27e6f5bd56672a7f798cf9df38ae42ec399d81a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DCaaRiFf2eJJTBhLt9Pxng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://v1.fullhdmatch.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-DCaaRiFf2eJJTBhLt9Pxng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 18 Sep 2022 20:09:58 GMT
expires: Sun, 18 Sep 2022 20:09:58 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 IIqf1vOd-6pW952NlRsbn4M3wW5PqZJVav1GItm6W8s.js Show response
pagead2.googlesyndication.com/bg/ Frame 8DD6 36 KB
16 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IIqf1vOd-6pW952NlRsbn4M3wW5PqZJVav1GItm6W8s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

208a9fd6f39dfbaa56f79d8d951b1b9f8337c16e4fa992556afd4622d9ba5bcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:36:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2020
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16029
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 18 Sep 2023 19:36:18 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B196 0
0 70ms
70ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220914&jk=2796152882658049&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8DD6 0
10 B 37ms
37ms Image
text/plain 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?7wJMbg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 20:09:58 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame DA07 42 B
64 B 74ms
73ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst0a_yFxyaNTV7FoBIeJy5-KNrIWwpwHseg5z4F52b9Hgh9zsy7_Spx3FhNggWirxtT-My-LfKZKlkBXTpwpZ6HYjNUmbMiqwseWonYnIftHNrswHeBsjPdVHudIu6Srq-129eWEg&sai=AMfl-YSwkrhLKulMJJ4ed9diQZ4ao-uoGtfQGSqJlO8DPRm1cVVQ67_kX6BaokVkHAFlDZKum-MbG3W_MKWM&sig=Cg0ArKJSzNW32MTrss-JEAE&id=ampim&o=436,1105&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=966&tls=1966&g=100&h=100&tt=1967&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=&uaw=&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 20:09:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3ADD 42 B
64 B 74ms
73ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuF0raHwh8hYKPlKVjF0pFhVzT3RFe216UD7_T9T2Tas2buLoM_h2-NAA0sDQPs3LPhsX-NxopFPCbgJPqm8uIHogT_34i6DhwHfLJBtPWdl6CtEfcOar1UIBZB8rYFbtekl7PbYw&sai=AMfl-YSqPAzMuQcSOAbPHw3to9gOXUSa-c82f_HDSkuVMnLJoET0OeQ-rlMo3QFZ0JywOCqxJPI3nxFfBJY-&sig=Cg0ArKJSzEUe8fa5fvIYEAE&id=lidar2&mcvt=1000&p=0,0,280,1058&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220914&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2242244602&rs=2&la=1&cr=0&vs=4&r=v&rst=1663531796553&rpt=1135&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 20:09:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 73ms
73ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220914&jk=2796152882658049&bg=!gYKlgsbNAAZqQh0mSkI7ACkAdvg8WtXONmeKh-cj2Jk5YT3FtY7E8NAn9la0Vq3viqNRz7U1-vbCRAIAAAB1UgAAAAJoAQcKAKJShoUugl93kqR-wg_KVaUwQtoiQQcTIVhpFVnXZiH15uKTeVZh2YQD66Lp4ExCQOiT_cRZtbReaXrBx4jcDdws7CdnDl4h0fVT5LoSr5n6brrGe8aBu9D3FfFvAGIzJNC4ukBZq-_O07LtP4npLbKfXpRnCXf8q10Y0r5Z3G2UTMEdxaHHHIBWgsfHxxUpRMHwu4wIjhPhhpfrpEnbWghnKUaZArDee_oJy9BGd-c_O2OAr5pWcGQW25BMd-HlSMQzFI1ItvTYdsh1oHe6aqzZMY7lZz_HNGr1m_oOc9Zje0z71PGRclSTnQYex-ugXs2JCpvbWd6-vW0pXTt-_dRG98zJKP3MeGszhN9D1gH7oNkVTBqcQMSUPtaDfxegZdvD3G6EDjLh5LPxHcij2GIBAzbDwU6bnIjCePXMeta2wFveF3yyD1KvD2sMHBwfgeO-NTUUpK5yPCiGxG_ivPe1wGBaRW2cmPaLdWkObrj5-_qRYoh1fWqDTrcV9lCiSv7gjxzVhl5sM9eZ3VLHVd9Qg7H8lAYKA3uMRxSRu8a8pnDkGTJalsjgCHmZaS7Cc1A1jmgjjUgqzODp93xPYbHhArnWXylUb7dZmjzXk5ivVFy4a1bl3vqjd-QPRzoAl_qieVjidKl3L6W2aqEoqw_AQSgPCu7IwFEKDw87CzstsrLv_xd-5vOt-vXquaJnOgMjxuAJ0egDnVfXTsMbf6lFWsl_hpT5OYpHVZTCXjV81w2ry9ueJAbKJUR4Ns4AT_X9FOzXs56wx8EMHJLVSqbDlBf2fnojriMOIMBan5PUUKesbg2r4O8CxMLrW21hGnBkDy8sxerJNfc4iLDfMbxhPoJRBzigpTTl5LuL5wnFjDwl-UwVamjtCbXZ4Dhkbm2m5_IWgz4S4lj-M5lNw7MlRavbqZifbE_oJj7EmQaO559L-w4UfQIvtmk-9KDdgMxPU6bZU8IH3gQWvbydtWEm1Qx24N8QleM6kKG6QpHEKGF5mzyOkvd3QnbBnmJRHwMjcUqc_hiii4EvQdXcuQ3Y9i2LCu5FwU0trmC2n-Menb6upWUUagwV9NcZAumWmadbievPobBkdoOgU3aVzsfF5gytIyTfsZ8X0dyrqu4bhaEeScNc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

POST
H2 204 collect Show response
n.clarity.ms/ 0
48 B 125ms
124ms XHR
text/plain 52.184.204.244
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://n.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-f/s/0.6.40/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.184.204.244 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: http://v1.fullhdmatch.live/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: http://v1.fullhdmatch.live
date: Sun, 18 Sep 2022 20:09:59 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 121ms
44ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-TE2HPRNHSJ&gtm=2oe9e0&_p=742913259&cid=1040025389.1663531796&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=2&sid=1663531795&sct=1&seg=0&dl=http%3A%2F%2Fv1.fullhdmatch.live%2F&dt=FullHDMatch.Live%20%7C%20Watch%20Live%20Football%20Match%20%3B%20Highlights%20%7C%20Watch%20Full%20Football%20Matches&en=scroll&epn.percent_scrolled=90&_et=7
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TE2HPRNHSJ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://v1.fullhdmatch.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Sep 2022 20:10:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://v1.fullhdmatch.live
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.geoplugin.net
URL: http://www.geoplugin.net/json.gp

Verdicts & Comments Add Verdict or Comment

146 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.fullhdmatch.live/	1970-01-20 15:41:31	Name: _ga_TE2HPRNHSJ Value: GS1.1.1663531795.1.0.1663531795.0.0.0
www.clarity.ms/	1970-01-20 14:51:07	Name: CLID Value: 95ccd6ce5b284cf0a6c04613dc38acfd.20220918.20230918
.fullhdmatch.live/	1970-01-20 15:41:31	Name: _ga Value: GA1.2.1040025389.1663531796
.fullhdmatch.live/	1970-01-20 06:06:58	Name: _gid Value: GA1.2.409540405.1663531796
.fullhdmatch.live/	1970-01-20 06:05:31	Name: _gat_gtag_UA_128386009_12 Value: 1
.fullhdmatch.live/	1970-01-20 06:05:31	Name: _gat_blogger Value: 1
.fullhdmatch.live/	1970-01-20 14:51:07	Name: _clck Value: 25jwzm\|1\|f4z\|0
.fullhdmatch.live/	1970-01-20 15:27:07	Name: __gads Value: ID=d8754a9e152d0031-2294f80a27ce0005:T=1663531796:RT=1663531796:S=ALNI_MYgvbOUhRp2-f-9GX1mr0fkhoSrOw
.doubleclick.net/	1970-01-20 15:27:07	Name: IDE Value: AHWqTUmxDpi_Md-C7SIxb_0T7PrfTxFnuVndneDLWhtzI7zfvjnoErxGsb-t5Ao-gN4
.fullhdmatch.live/	1970-01-20 06:06:58	Name: _clsk Value: pemfpa\|1663531797298\|1\|1\|n.clarity.ms/collect
.doubleclick.net/	1970-01-20 06:05:35	Name: DSID Value: NO_DATA
.c.bing.com/	1970-01-20 15:27:07	Name: SRM_B Value: 1E56E573657F6EAB1581F75064D36F25
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 15:27:07	Name: MUID Value: 1E56E573657F6EAB1581F75064D36F25
.c.clarity.ms/	1970-01-20 06:05:32	Name: ANONCHK Value: 0

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: http://v1.fullhdmatch.live/ Message: Access to fetch at 'http://www.geoplugin.net/json.gp' from origin 'http://v1.fullhdmatch.live' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: http://www.geoplugin.net/json.gp Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://cdn.ampproject.org/rtv/012208242209000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20220914/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271802&client=ca-pub-8695615805843515&fa=2&ifi=7&uci=a!7&btvi=1&xpc=o45cubAKQe&p=http%3A//v1.fullhdmatch.live Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
adservice.google.com
adservice.google.de
assets.khelnow.com
blogger.googleusercontent.com
c.bing.com
c.clarity.ms
cdn.ampproject.org
cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.imgur.com
lh3.googleusercontent.com
ljii.github.io
mrfixitstips.co.uk
n.clarity.ms
p.typekit.net
pagead2.googlesyndication.com
partner.googleadservices.com
pro.fontawesome.com
region1.google-analytics.com
static.doubleclick.net
tpc.googlesyndication.com
use.typekit.net
v1.fullhdmatch.live
worldsoccertalk.com
www.blogger.com
www.clarity.ms
www.geoplugin.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.insidesport.in
www.geoplugin.net
104.21.40.195
142.250.185.226
151.101.12.193
192.0.66.25
193.33.186.13
20.234.93.27
2001:4860:4802:32::36
2001:4860:4802:34::178
2604:4f00:10:8b9b:0:35:739:1
2606:4700::6811:190e
2606:4700::6812:1734
2606:50c0:8003::153
2620:1ec:27::cafe:1846
2620:1ec:c11::200
2a00:1450:4001:800::2009
2a00:1450:4001:806::2002
2a00:1450:4001:809::2001
2a00:1450:4001:80e::2003
2a00:1450:4001:812::2002
2a00:1450:4001:828::2003
2a00:1450:4001:829::2002
2a00:1450:4001:829::2004
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::2006
2a00:1450:400a:808::200a
2a00:1450:400e:80f::2013
2a02:26f0:11a::6867:4851
2a02:26f0:3500:16::215:1495
2a03:2880:f007:8:face:b00c:0:1
52.184.204.244
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
165ec2e19d2faa9e3562a32cd4e82e03ab835c7ebd6e7a66b589d6687b5fb3d7
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18b9cc12a133112794e4c684d27e6f5bd56672a7f798cf9df38ae42ec399d81a
1960e96dffec2f85eb5815b99af79f54998d8cecb7272b033e4ca7c3f008a03a
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
208a9fd6f39dfbaa56f79d8d951b1b9f8337c16e4fa992556afd4622d9ba5bcb
23172aeac73f560d438bdbd420482e8ec9abd1f2aed44795f86ee7e9149e95a9
23b2fd21777b1f79dcd57f38ec1254fde451e11aa5ebc24938b1079a7b4e8a6c
23fa80d9f0dc837a0d75bfda66c67f3995b30f2839591902784cf6492eff8e7c
271130753c77d2c7d102a6ccae65da76c0f17e1319eb06c6a9306a0d285fe4f9
2973860bd7eb587ee150ea3ef89c7ac5ee687a7bb8fbe6713be70eff8a196432
2f12ad3d2b285721274006277aa26fb321c2ee548959e37a06c333c149c240f1
30bb35526f5650c9ab695a08b448c46f7092086934e3d0e2326940859f31deca
33dbef54fad3c441c3dd762fb63f0b4e31f2652642270bf3bfe8d487aaa31df3
350ba3a68b0c9570047c44e52b340a14dd6c66f8c17ff85ebf7d8a95e3766f7d
357abec0133efb2d00e08db6666c4e89b04f8fdc96b3eea43bde026e2fa78075
39a863ee88d492b15aec9562edfe18615bacf28067a9de4d64a8bbd4654b9a68
3a89baeeddf42182b6b6847f1ad6f45d2c81457c4970ed9baec3be9e44d84fc5
3b40b457fa316cee42f8a4bc97d77182cc54120e33ffbb8a812c05836501134a
3db460c0f0d9a415a5d2bbd7f2894e985a7bcc2afd8b00eb6496cc1b713cb962
3f01d6d6a4059fe36ff06fa5765b378bd74f326fa441a48cde415e775a714bfd
42fa7740568dc6425cd4a5562e89e67632280349e368fe348914d808064c9ffc
476756d5ca23f4bc0086789ce0af7a810be71053bbfa8ea98aed92cc14f123dc
493ab3b4b04a8f0a5e78f3dc70ccde31314e5915d8d2a68c49a9af3edba1b461
4aa0aeaa1c8cdb17cba5fffd620642edad90c30336c7fd99edf0d30b0e8bb8ec
4ad6ee324c05459cfc159b68c3425d3f7f510ad05b3c89c904ab8357b25ead2a
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4d33791eed9d501591182e0c07bf27c07ce80819cd50e45b7aa0b48c83c8c2d9
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4de49631fe60b17010f7cda29a6236ca6ad6102ea204e5c31d2c1e79ee276938
4debc1432030dddfbf4cec74807fc57c4815dc123de2de5023cf5a7cfb8d1afa
4e7062d9de7e67dbfac33df706d9f37ff098e9881954cf83800ec35bb12e8b68
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
571f3315ae256f0b822d2c0717b0c93d7cb201554c15e3215f2d64f3557551d2
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
60d2947d13d6218ad3e42dc1e5678e1aff3bd06ef67e0a38959a78f8f75339cb
61a00380733557bdf076f52f44f08f036131d7529ea14c53580388324e8756e0
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
659e88497037086f548b785858e67802177b50f906e65ab77c6985841b370cf9
68eaf8ac60d0942a6bcee0b4538d7d50ebe41bd26e332550d05d8b9d37fa16e4
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6fbb34e0b0934377843d6fa4ca0b9d54d7fcde3f845f223ae2947a62ac4154ca
6ffb38b7fb160d89c551f2045ff9890f70268ef268dbb39c0603cf43713990c9
71cc47073942229daa4876211024eac98434713ce7169dc7896d098244518904
73d16aca9b019e42dd2de3a10e5049b5606268ce0d8e3a167b05b37acb9b0e9c
784cb3820f7a77fd4194683aa3842c4c16ed9dcb66f651eba33991339ec6ea65
7cd2df345488171f36ff248868b19d2759d24b295f25c0968d3f5ce7370f01bb
7d2cdc33a01967787075c67728204819a1c4b23d621bdeb44727fa612a25d585
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
81b0c1cd77f6f45aafa137202a9c3eee4d4c3a92a1a0445e7e4da747b4f6332a
839ce8e32e994f4fb4af526183b8f41ba67e47c7025746cc94e7e6a53d3d3453
85b4d468bc6bac81af12ab7af4aa5dd7c85d31b220aefc46730386b12e56e1b8
87699878773345d6e7207ceab7074468991c353d70ceb8586fde33a5d40d6929
88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8e54cf54044e468826bde311710e96cac79ce702ecca83a3eb30b2f630625c95
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
92e312b1e75233467070ff3c19d1a008566cc789e65cdc5656feb06b543758c3
9385a7faf372c2e46cb1aa4bb40cfc481533c846d3611b5649b2b1935e469f55
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
98a2bc2afc0f4cab2b795ad4073bcb8fb4093f2ef1df15ea4f616864416bc7a9
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99e1e2ff18a9992b927863c125fa1e46f2ff2e1959f0a8fdb7571ed4de5ca771
9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a29ee7f631d3e9d0982fb25160454b11de5bcebfb7197decf36bd4e735091644
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aa3777d578531c63cb5b48a28d1f0135a9769ca2ee44ae916aadb341089140e1
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41
b5849f4b119d2aaf9332c5eb250a8a27b7ba02ab4e55c6cc6681a8afe1ffdf13
bbffae0d03e6d48b808856596e595ab718c08bbc4476e7323bfcff4a6f833260
bcd3ea17cbf6c1c1e8b723ac4013c9f23c5ec57085b27a38b3ac59f401890591
c0f98d1c99cb46e2ed6bf2c3e09cfa4db1c69971c3569bbe6a296fcaeb533fc2
c1c30918a861cb6a985ab55d54ad7e861682354197f164cb3b7194f20eed67ac
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
ca94478ca0723256684f18d88ad73ab863aa0387796b03fa3096a807181a8e32
cb8517a5952b702c327dccd457f16ae4ecdd3b738937d04c19c51f7fd10d5c1f
ce302760c9165399e108bb066aee20128ed32555c0201b8b240a9342a61b9847
ce9bff1452ff831c6c58ad4ab5664ed6d5586c585fa5a2b30afe80cb2d527d15
cee09a37367f9f7c7774b0a7cf94c5872a3ea2c1bc01f172cd9f2463d0c61ca0
cf2d49f967e0112be0eb0cab4103cdec4cbf10f49810197750ecea6fbe2ba116
d1bf4221afb666d073944447af9e228817065cefcfb273028f5d018cbf7932c4
d954556a9ec67e4ce63d993d026abf4b6cab1fdd80d3df2d55a76f8c8aaef415
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9854e16e3b6269893c6df9e03f1ff05d294131e2e0f37174993e99d6d5880ec
eb3d38c69cdf3a4756a8ac6af469292dd027a02c98449b4530e699d39a92d788
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f86391f8f5e12c3838b2bb51d1910da2a1a2aa975e44bfc3e189dc8bccdc0549
fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce
fcab803c6d01082f69e5510655ca566241f3a4fd3ee7aa1506b1308e2d069ccb
fd4166a69eaa2d6cf37f33cb021cda0767429283b038db80e64e4fdd7adac908

v1.fullhdmatch.live Open in urlscan Pro 2a00:1450:400e:80f::2013 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

141 Requests

94 %HTTPS

79 %IPv6

28 Domains

37 Subdomains

34 IPs

7 Countries

2658 kBTransfer

5885 kBSize

15 Cookies

12 Outgoing links

Redirected requests

141 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

v1.fullhdmatch.live Open in urlscan Pro
2a00:1450:400e:80f::2013 Public Scan

Screenshot
Live screenshot

Full Image

141
Requests

94 %
HTTPS

79 %
IPv6

28
Domains

37
Subdomains

34
IPs

7
Countries

2658 kB
Transfer

5885 kB
Size

15
Cookies

141 HTTP transactions
3 data transactions