kooora-lives.com Open in urlscan Pro
2606:4700:3037::6815:3541 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://kooora-lives.com/matches/tottenham-and-manchester-united-on-2023-08-19-in-premier-league-england/
Submission: On August 19 via api (August 19th 2023, 7:39:41 pm UTC) from US — Scanned from DE

Summary HTTP 224 Redirects Links 26 Behaviour Indicators

Summary

This website contacted 44 IPs in 10 countries across 46 domains to perform 224 HTTP transactions. The main IP is 2606:4700:3037::6815:3541, located in United States and belongs to CLOUDFLARENET, US. The main domain is kooora-lives.com.
TLS certificate: Issued by GTS CA 1P5 on July 3rd 2023. Valid for: 3 months.

This is the only time kooora-lives.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	2606:4700:303... 2606:4700:3037::6815:3541	13335 (CLOUDFLAR...) (CLOUDFLARENET)
27	2606:4700::68... 2606:4700::6810:8616	13335 (CLOUDFLAR...) (CLOUDFLARENET)
26	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1 15	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	172.64.152.89 172.64.152.89	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	108.156.2.55 108.156.2.55	16509 (AMAZON-02) (AMAZON-02)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:237... 2600:9000:237d:8e00:a:e047:753:6381	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	162.19.138.82 162.19.138.82	16276 (OVH) (OVH)
1	54.72.84.52 54.72.84.52	16509 (AMAZON-02) (AMAZON-02)
1	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700:10:... 2606:4700:10::6814:41d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 11	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	158.69.254.144 158.69.254.144	16276 (OVH) (OVH)
29	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2 8	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 5	2a02:26f0:350... 2a02:26f0:3500:1b::1724:a39e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	151.101.65.108 151.101.65.108	54113 (FASTLY) (FASTLY)
5	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
4	185.89.210.122 185.89.210.122	29990 (ASN-APPNEX) (ASN-APPNEX)
2 3	2620:116:800d... 2620:116:800d:21:7eb1:3826:be7e:d981	16509 (AMAZON-02) (AMAZON-02)
2 2	2a05:d018:d29... 2a05:d018:d29:3602:5341:747:cc9:c512	16509 (AMAZON-02) (AMAZON-02)
4 28	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1	54.247.148.218 54.247.148.218	16509 (AMAZON-02) (AMAZON-02)
1	159.203.145.121 159.203.145.121	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	52.45.175.185 52.45.175.185	14618 (AMAZON-AES) (AMAZON-AES)
1 1	130.35.192.4 130.35.192.4	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
6	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
4	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 1	34.231.66.47 34.231.66.47	14618 (AMAZON-AES) (AMAZON-AES)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	31.220.27.155 31.220.27.155	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
4 4	37.157.4.29 37.157.4.29	198622 (ADFORM) (ADFORM)
1 1	20.127.253.7 20.127.253.7	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 4	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	213.155.156.185 213.155.156.185	1299 (TWELVE99 ...) (TWELVE99 Arelion)
2 2	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
1	2a02:fa8:8806... 2a02:fa8:8806:20::2040	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	104.102.35.84 104.102.35.84	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	3.122.33.96 3.122.33.96	16509 (AMAZON-02) (AMAZON-02)
1 1	185.29.134.248 185.29.134.248	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.156.56.202 35.156.56.202	16509 (AMAZON-02) (AMAZON-02)
224	44

15 2606:4700:3037::6815:3541 (United States)

ASN13335 (CLOUDFLARENET, US)

kooora-lives.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2606:4700::6810:8616 (United States)

ASN13335 (CLOUDFLARENET, US)

live.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.152.89 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.156.2.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-2-55.mxp63.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:237d:8e00:a:e047:753:6381 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::d (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.82 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.72.84.52 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-84-52.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:41d (United States)

ASN13335 (CLOUDFLARENET, US)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 158.69.254.144 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns548341.ip-158-69-254.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

adsdk.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:3500:1b::1724:a39e (Frankfurt am Main, Germany) 2 redirects

ASN20940 (AKAMAI-ASN1, NL)

www.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.108 (United States)

ASN54113 (FASTLY, US)

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.122 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ams3-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:7eb1:3826:be7e:d981 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3602:5341:747:cc9:c512 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 142.250.186.162 (Grosse Pointe, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.247.148.218 (Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-247-148-218.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.203.145.121 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

cs.chocolateplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.175.185 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-175-185.compute-1.amazonaws.com

im.bluevoox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.35.192.4 (Ashburn, United States) 1 redirects

ASN31898 (ORACLE-BMC-31898, US)

analytics.pangle-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.231.66.47 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-66-47.compute-1.amazonaws.com

fksnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Bad Durrheim, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.155 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.4.29 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.127.253.7 (Tappahannock, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

sync.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:678:cb4:bbbb::11 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.185 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.253 (London, United Kingdom) 2 redirects

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2040 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.102.35.84 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-35-84.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.122.33.96 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-33-96.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.248 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.74.118 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.56.202 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-56-202.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
58	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 125 ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 163	577 KB
54	doubleclick.net 7 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 228 googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 cm.g.doubleclick.net — Cisco Umbrella Rank: 261	367 KB
27	demand.supply live.demand.supply — Cisco Umbrella Rank: 39911	43 KB
15	kooora-lives.com kooora-lives.com	317 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com	118 KB
8	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 3	1 KB
7	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1244 www.googleadservices.com — Cisco Umbrella Rank: 157	555 B
5	adnxs.com cdn.adnxs.com — Cisco Umbrella Rank: 1964 ams3-ib.adnxs.com — Cisco Umbrella Rank: 7048	30 KB
5	bing.com 2 redirects www.bing.com — Cisco Umbrella Rank: 68	6 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 387	110 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 225 Failed	282 KB
4	teads.tv 2 redirects sync.teads.tv — Cisco Umbrella Rank: 1550	901 B
4	turn.com 2 redirects ad.turn.com — Cisco Umbrella Rank: 1080 r.turn.com — Cisco Umbrella Rank: 4432	2 KB
4	adform.net 4 redirects c1.adform.net — Cisco Umbrella Rank: 720	3 KB
4	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 396	1 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 73	5 KB
3	quantserve.com 2 redirects cms.quantserve.com — Cisco Umbrella Rank: 1015	1 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 442 mug.criteo.com — Cisco Umbrella Rank: 2338	7 KB
3	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1013 id5-sync.com — Cisco Umbrella Rank: 440	27 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 1136	2 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 1025 s.tribalfusion.com — Cisco Umbrella Rank: 2306	1 KB
2	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 984	675 B
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 5227	651 B
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 564	2 KB
2	yahoo.com 2 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 545	1 KB
2	histats.com s10.histats.com — Cisco Umbrella Rank: 11601 s4.histats.com — Cisco Umbrella Rank: 11470	5 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1073 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1036	12 KB
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 372	146 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 1009	719 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 1279	732 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3533	104 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 2445	173 B
1	inmobi.com 1 redirects sync.inmobi.com — Cisco Umbrella Rank: 1549	709 B
1	uuidksinc.net 1 redirects s.uuidksinc.net — Cisco Umbrella Rank: 11813	287 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1856	583 B
1	fksnk.com 1 redirects fksnk.com — Cisco Umbrella Rank: 5105	617 B
1	pangle-ads.com 1 redirects analytics.pangle-ads.com — Cisco Umbrella Rank: 14427	860 B
1	bluevoox.com 1 redirects im.bluevoox.com — Cisco Umbrella Rank: 15670	517 B
1	chocolateplatform.com cs.chocolateplatform.com — Cisco Umbrella Rank: 5457	134 B
1	360yield.com match.360yield.com — Cisco Umbrella Rank: 2456	199 B
1	microsoft.com adsdk.microsoft.com — Cisco Umbrella Rank: 4977	33 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 1835	2 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 1611	1 KB
1	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1341	9 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 710	13 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 374	1 KB
224	46

	Domain	Requested by
29	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com kooora-lives.com ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com googleads.g.doubleclick.net
28	cm.g.doubleclick.net	4 redirects ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com googleads.g.doubleclick.net
27	live.demand.supply	kooora-lives.com live.demand.supply client
26	pagead2.googlesyndication.com	kooora-lives.com pagead2.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
15	securepubads.g.doubleclick.net	1 redirects live.demand.supply securepubads.g.doubleclick.net kooora-lives.com ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com
15	kooora-lives.com	kooora-lives.com
11	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com googleads.g.doubleclick.net
8	www.google.com	2 redirects tpc.googlesyndication.com ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com googleads.g.doubleclick.net
6	www.googleadservices.com
5	www.gstatic.com	ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com googleads.g.doubleclick.net
5	www.bing.com	2 redirects ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	www.googletagservices.com	securepubads.g.doubleclick.net ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com googleads.g.doubleclick.net
4	sync.teads.tv	2 redirects
4	c1.adform.net	4 redirects
4	match.adsrvr.org	ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com googleads.g.doubleclick.net
4	ams3-ib.adnxs.com	ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com cdn.adnxs.com
4	fonts.googleapis.com	securepubads.g.doubleclick.net ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com googleads.g.doubleclick.net
3	cms.quantserve.com	2 redirects ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com
3	fonts.gstatic.com	fonts.googleapis.com
3	ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	pm.w55c.net	2 redirects
2	onetag-sys.com	2 redirects
2	d5p.de17a.com	2 redirects
2	r.turn.com
2	ad.turn.com	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	pr-bh.ybp.yahoo.com	2 redirects
2	id5-sync.com	cdn.id5-sync.com
2	gum.criteo.com	1 redirects static.criteo.net
1	x.bidswitch.net	googleads.g.doubleclick.net
1	um.simpli.fi	1 redirects
1	sync.mathtag.com	1 redirects
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	tr.blismedia.com	googleads.g.doubleclick.net
1	sync.inmobi.com	1 redirects
1	s.uuidksinc.net	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	fksnk.com	1 redirects
1	analytics.pangle-ads.com	1 redirects
1	im.bluevoox.com	1 redirects
1	cs.chocolateplatform.com	ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com
1	match.360yield.com	ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com
1	cdn.adnxs.com	ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com
1	adsdk.microsoft.com	ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	s4.histats.com	s10.histats.com
1	s10.histats.com	kooora-lives.com
1	mug.criteo.com	kooora-lives.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	cdn-ima.33across.com	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
224	59

This site contains links to these domains. Also see Links.

Domain
kooora4lives.io
fal3arda-new.com
en.yalla-shoot-matches.com
livekoora-tv.com
koooralive.net
www.facebook.com
twitter.com
web.whatsapp.com
api.whatsapp.com
t.me
shoot-yalla.net
kooora-shoot.com
kooora4ever.com
kooora4lives.tv
go.yalla-shoot-matches.com
kooralive-tv.net
livesoccertv.tv
soccer-stream.tv
livehd7-tv.com
egylive-tv.com
korastar-tv.net
yallalive-tv.net
sulvo.com

Subject Issuer	Validity	Valid
kooora-lives.com GTS CA 1P5	`2023-07-03` - `2023-10-01`	3 months	crt.sh
demand.supply Cloudflare Inc ECC CA-3	`2023-02-19` - `2024-02-19`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-06` - `2023-09-30`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-06-27` - `2023-09-25`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2023-08-10` - `2023-11-08`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
*.id5-sync.com R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
histats.com R3	`2023-06-06` - `2023-09-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
adsdk.microsoft.com Microsoft Azure TLS Issuing CA 05	`2023-04-07` - `2024-04-01`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2023-03-27` - `2024-04-26`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
r.bing.com Microsoft RSA TLS CA 01	`2022-11-15` - `2023-11-15`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
*.chocolateplatform.com ZeroSSL RSA Domain Secure Site CA	`2023-04-03` - `2024-04-02`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-08-07` - `2023-11-05`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh

This page contains 26 frames:

Primary Page: https://kooora-lives.com/matches/tottenham-and-manchester-united-on-2023-08-19-in-premier-league-england/
Frame ID: 89F1795762BC98B88031EA1209E73446
Requests: 82 HTTP requests in this frame

Frame: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 38797D61923223A30ECDF3F317AD7F0E
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=kooora-lives.com
Frame ID: 91713B8C26FB0255608077155E75E940
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20190131/zrt_lookup.html
Frame ID: 4FD3E17A082A18ABA418EB9E78D3EB63
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvwUjZYpayACnTI0g2eNfbKmWzC7wZIOlF-VqWwm7yXgwxgV2dNSh247mRJanVZTNlKC6DX4RWhlZpxQfiFQ5ZSHMqqMaKXzNMIDX04mR3gIDNGQ18ifNdDAKb6pUCzn6u3yiug2B8dx2i4a6aQZ1Rr4ZElYtQmeOOTwYZDOAadR0lJIIQHF2EKX7K-t0-BfvqqAHS3peEbW8mt22pmAXrtVLQctOvW9p6JM40BdOUzWjAzxNQ_nCawobHgRXY6Ezjkg4lCI2ZDjh2MngPuq3eyUoF9eTSMmI3OZXQ4Nhsxb7dJi1RYX0aKwv4bATX2pjq7k3pKasRjJRwwwEyBh7rw-5ebN31CZ8NDT-mGoBnGUOXs5xElawc01DCohlRdG7PQHs-U2k69U9NH78dE&sai=AMfl-YSHevw6Bac5liSkg-GTbuIassPIyDt9mnU-wPBE2LR6H6m7bysZchvlGaN3l-ElzZ2iH0pTvhXioPW6iTRSG7m083NDzSivndsY39EUbq9QwZ-UY76Bf-PIc-gN69OAXmjoK9O9euJ3bMtonHQ&sig=Cg0ArKJSzNL3EBkfsIa9EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 5FF8F1335106C6CC871A5729ED1B4435
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9665057421136574&output=html&adk=1812271804&adf=3025194257&lmt=1692464869&plat=1%3A16777216%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fkooora-lives.com%2Fmatches%2Ftottenham-and-manchester-united-on-2023-08-19-in-premier-league-england%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692473975549&bpp=3&bdt=572&idt=168&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D599f103b0defe3a7%3AT%3D1692473975%3ART%3D1692473975%3AS%3DALNI_Ma2vrDrSg6o7IDeKsW6hnxJu1ab-Q&gpic=UID%3D00000c6474df165f%3AT%3D1692473975%3ART%3D1692473975%3AS%3DALNI_MaZCbsaXbaPoU2AHwyRy-P_-IeR8g&nras=1&correlator=7245167683764&frm=20&pv=2&ga_vid=1548034886.1692473975&ga_sid=1692473975&ga_hid=139209392&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077148%2C42531706%2C44799579%2C44798322&oid=2&pvsid=588273458684202&tmod=1083388400&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&dtd=194
Frame ID: 72263D4AC236621FD530E2E08BD4D91E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7DD2584DEDB932ED2D7620AC731FA5E5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 03B9BCC9084D47CF334333C435FA1079
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvAyj_UXm-91hgtX5yNJmKn1kSqUf5_zAHSaIlgcyu7AvCIW9c4PJP3w1ECRqZdtX1TrQ8mA1VbpQ97gRpitgjV5gR6KyRjvuhpe-NMi1VURkTRiliqYxwM3NXsEFUHaj6oDbGne19k2oGYM0i8NMaGqKPSWEsov7IwZO18qWEV9fGFXimPkbX7xzVevR3pR49m3huBCpN027Bvcv7pOGjFVu5wrmxPyeUGrDGHpumsncSmyOvnsxecuMVQ4Xg3lRy379kq21pKRXxruWQuEuJSRiqQ1tvjimG7E510g3xaN1iEASuZrHjVHIS2P-Cin4qYvR2y85aVxlHZNWHdhZ2_vTobKW5sBtCLNtG2AL_YuGRgzP2C03-BdeZYBPlza_h2u_Mi7cKqT6LFusFr&sai=AMfl-YQ868tdJtJx67aDh4JfxmFoTAAQd1Mj8XHaYHKBRb-ru2AicGvMqyz9gltvt6r5EC8PZMCDSOhnxjq1H5xGDsOlzYOUpqp0g1wFuQO9udQn4rznfdOCzgGPmhfXwMU5H4Xm4y9Pk_7ojEuaHeI&sig=Cg0ArKJSzGblJHmNjKb1EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 6092D14D768D725026C1CF4A2B3180EA
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs
Frame ID: 208CB7DADD4487046963F68EB9AAF65F
Requests: 15 HTTP requests in this frame

Frame: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 72B3A132FD660F6DBB645CD5E1315861
Requests: 18 HTTP requests in this frame

Frame: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A3C3C5ADCD00D925CDFFAC38F0B5C12D
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 0232A1213240BAF62CF1F33DAFF68F22
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A06176EA2D77F93C50FD9F252EFC50B1
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3C6BA7D1ABC0DF82BE125CFB9631D959
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js
Frame ID: 492B12A7E7C8D110F9B03FDBB1DD85D0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1
Frame ID: CCA6056256A4230A21C0E49BFE809B68
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1
Frame ID: EFED146CB453FA0C925A2C86A3164BB2
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1
Frame ID: 26A1749B884D0A0171B04A73C58E186C
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C4A2DA8BA7558D6CCCB02A9175D325F6
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 189CD77235B53B2225332733BDC32F75
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 32CE76ED5D472A27B76DA83C4905D62E
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2C18562EE70124900A0137E67BCA46E1
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js
Frame ID: 1B7294CB065DAA91B7B31C32BD7D0029
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js
Frame ID: 3445225A225B7DCAC2B1CD739EC6B287
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js
Frame ID: ED6E2EF8AA688B31BFC6496F01F7C2C2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Tottenham and Manchester United on 2023-08-19 in Premier League (England) - koora live - English Live broadcast of the most important matches of the day

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

224
Requests

84 %
HTTPS

47 %
IPv6

46
Domains

59
Subdomains

44
IPs

10
Countries

1972 kB
Transfer

5458 kB
Size

44
Cookies

26 Outgoing links

These are links going to different origins than the main page.

URL: https://kooora4lives.io/c/
Title: kora4live

Search URL Search Domain Scan URL

URL: https://fal3arda-new.com/
Title: fel3arda

Search URL Search Domain Scan URL

URL: https://en.yalla-shoot-matches.com/
Title: Yalla Shoot

Search URL Search Domain Scan URL

URL: https://livekoora-tv.com/
Title: live kora

Search URL Search Domain Scan URL

URL: https://kooora4lives.io/go4kora-h2/
Title: Go4Kora

Search URL Search Domain Scan URL

URL: https://koooralive.net/
Title: kooralive

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https://kooora-lives.com/matches/tottenham-and-manchester-united-on-2023-08-19-in-premier-league-england/
Title: facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https://kooora-lives.com/matches/tottenham-and-manchester-united-on-2023-08-19-in-premier-league-england/
Title: twitter

Search URL Search Domain Scan URL

URL: https://web.whatsapp.com/send?text=Tottenham%20and%20Manchester%20United%20on%202023-08-19%20in%20Premier%20League%20(England)%20|%20https://kooora-lives.com/matches/tottenham-and-manchester-united-on-2023-08-19-in-premier-league-england/
Title: whatsapp

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=Tottenham%20and%20Manchester%20United%20on%202023-08-19%20in%20Premier%20League%20(England)%20|%20https://kooora-lives.com/matches/tottenham-and-manchester-united-on-2023-08-19-in-premier-league-england/
Title: whatsapp

Search URL Search Domain Scan URL

URL: https://t.me/share/url?url=Tottenham%20and%20Manchester%20United%20on%202023-08-19%20in%20Premier%20League%20(England)%20|%20https://kooora-lives.com/matches/tottenham-and-manchester-united-on-2023-08-19-in-premier-league-england/
Title: telegram

Search URL Search Domain Scan URL

URL: https://shoot-yalla.net/
Title: يلا شوت

Search URL Search Domain Scan URL

URL: https://kooora-shoot.com/
Title: kora shoot

Search URL Search Domain Scan URL

URL: https://kooora4ever.com/
Title: koora 4 ever

Search URL Search Domain Scan URL

URL: https://kooora4lives.tv/
Title: الرئيسية

Search URL Search Domain Scan URL

URL: https://go.yalla-shoot-matches.com/h3/
Title: yalla shoot

Search URL Search Domain Scan URL

URL: https://kooralive-tv.net/
Title: koora live

Search URL Search Domain Scan URL

URL: https://livesoccertv.tv/
Title: live soccer tv

Search URL Search Domain Scan URL

URL: https://soccer-stream.tv/
Title: soccer stream

Search URL Search Domain Scan URL

URL: https://livehd7-tv.com/
Title: الاسطورة لبث المباريات

Search URL Search Domain Scan URL

URL: https://egylive-tv.com/
Title: ايجي لايف

Search URL Search Domain Scan URL

URL: https://korastar-tv.net/
Title: كورة ستار

Search URL Search Domain Scan URL

URL: https://yallalive-tv.net/
Title: يلا لايف

Search URL Search Domain Scan URL

URL: https://kooora4lives.io/matches-tomorrow-h2/
Title: كوره 4 لايف

Search URL Search Domain Scan URL

URL: https://kooora4lives.io/yalla-shoot-h2/
Title: يلا شوت

Search URL Search Domain Scan URL

URL: https://sulvo.com/?utm_source=https://kooora-lives.com/matches/tottenham-and-manchester-united-on-2023-08-19-in-premier-league-england/&utm_adtype=sticky_display&utm_medium=sulvo

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52

https://gum.criteo.com/sid/json?origin=publishertagids&domain=kooora-lives.com&sn=ChromeSyncframe&so=0&topUrl=kooora-lives.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=cQjQknxQYXRENytEZnIxck9UbEhUR2pNOTZzdERIdWFHNVNnYnlLYXFqdlV1cWc2NmYwaUh3bUoxVkF6VnhRNVNNYmo4ZXAwTTRod3RrNVJyV1pTNEE0RjI3ZFZTU1dRcmwza09GRG5VTWZQYXVyMEFOb2M0TjZZZDlsMUtMRGV4dFZoWFRzSFRadzVaQ2NWZEl4cEhEdTRiek1tZG5PTi9tQzRzc3JrV2prejVQMzZMQWdNQTBxbzIvYit1d0JBdnVCTHJhQkJoZ3BOY0k0ZjFpcStiekVpRkJjbTNFYTJkZGo2Z1VxTm5BMTVtSkUxM2lKR0lmTnFmaDZFQlQ5OHFWVDJUa3ZNWUhwMjJYTEF3RnZTWktDYm1tbkhDS2dMRlRZeXpWREF5UFl5bTl2RT18&cppv=2

Request Chain 103

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=0ca8c09f-451e-4c81-bdd0-82b2c165518f&bidId=1&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=69e9e780-606c-43b4-a762-492df31e2081&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_1-1-0%2816-0%29%3F%26RG%3D5baf4c50cfa04393a1c11be629947694%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=6932594&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_gvrq-pbageby&aid=8999274838266196154 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0(16-0)?&RG=5baf4c50cfa04393a1c11be629947694&SNR=1&GV=2&med=10

Request Chain 134

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESED8vhCWZQ8Bg9lqnQm_EKsw&google_cver=1&google_push=AXcoOmR-r4rd8sZ4kd1i57FcIM4_hLXC02iqOKvnFh27JvTSOvIFkyEX-XcDYsTS3iS8XaRENhq-v6-G8Lghh3onR3Kbs6HiThus HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR-r4rd8sZ4kd1i57FcIM4_hLXC02iqOKvnFh27JvTSOvIFkyEX-XcDYsTS3iS8XaRENhq-v6-G8Lghh3onR3Kbs6HiThus&google_hm=eS1yY19fQUs1RTJwRVhweGpzNGRhZkxOZWVfaHM0ZzZPY35B

Request Chain 135

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENc_ucp34wV5DH12am_WSx8&google_cver=1&google_push=AXcoOmTlrNCE_tJIGkpPMUEhBI3ZC60Cxinric_hpaTpECon4Onan5uuBWnkgBKLMwVT2L3XwY4pw-mdPj7_ETydHkrI9ccU-Z4 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESENc_ucp34wV5DH12am_WSx8&google_push=AXcoOmTlrNCE_tJIGkpPMUEhBI3ZC60Cxinric_hpaTpECon4Onan5uuBWnkgBKLMwVT2L3XwY4pw-mdPj7_ETydHkrI9ccU-Z4&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENc_ucp34wV5DH12am_WSx8&google_hm=ZOEaeG6LCgLAoqYZCtxv7QAAFIUAAAIB&google_nid=index&google_push=AXcoOmTlrNCE_tJIGkpPMUEhBI3ZC60Cxinric_hpaTpECon4Onan5uuBWnkgBKLMwVT2L3XwY4pw-mdPj7_ETydHkrI9ccU-Z4

Request Chain 138

https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEIJRib4HTM5fGcXb503lMvU&google_cver=1&google_push=AXcoOmTAmY4oWjiut08RvzCBy_8uEWK1-VMtfmvvH-7qqk6_jO_xQwcfXBrfTa3w4wURhza537Uwip4yHexkeLfxQ1qZnT73FuWK HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmTAmY4oWjiut08RvzCBy_8uEWK1-VMtfmvvH-7qqk6_jO_xQwcfXBrfTa3w4wURhza537Uwip4yHexkeLfxQ1qZnT73FuWK&google_hm=QlMuOTA2YS0yNWY2LTRjOWQtODY5Ng==

Request Chain 139

https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEGMSjUfSjtd-ISAQmkZwc_4&google_cver=1&google_push=AXcoOmSeNTw8ttw-j4dVJiutdsWf3G2bpsxdQzAl1A0Tafn9Q6FAWLZgpcXIoN-ZM7lnsM88c42z_CvBm-D51Jf7HK8TrH_JCUbD HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmSeNTw8ttw-j4dVJiutdsWf3G2bpsxdQzAl1A0Tafn9Q6FAWLZgpcXIoN-ZM7lnsM88c42z_CvBm-D51Jf7HK8TrH_JCUbD

Request Chain 145

https://securepubads.g.doubleclick.net/pagead/adview?ai=CiYJEdxrhZO_7NozM3gPllJOQBdCK9bdyzM6958oRZBABIJWbyiFgleKQgqAHoAHzj_upKcgBAakCPZodL7Y9sj7gAgCoAwHIA8sEqgTFAk_QwWQW6FNnUdTADkRNhU1LP44eQOx7w8Z13phFahthfSagER7Fg5FafO0UOqkuHsaX1WXvhtDkTshqVM34zIwwBzmZWQlqApwglrSB_Df75m3enUF88ibb93NhNw2i5T0Onbns6bPi-us7kfkAEbFPZoit4zaGo-tlMCDstpdPwic5ukP3mkmmLsyPyabYrXoBQ2_wslJOfQoOLWT9b8FRzcPtkeBrhBOXBE9DkF9XVim0K39_DNUVrrkJOKudQ20w1RVEErlpOxuYiYTxfBokvlQdcTvoyYO_X8tZ88P_Nt2vvLRlTM0DeRsuPrdodsxAxwTodjE6XMF59G3HczU5cyg9BoKf4M9jhh8QDn126rPJUFRHIUnDzc8iB9eAvWc_wNkvB2x-Fk5VPOTxaZKUU5fDIcGbX58ymcIGiHHclJirlTbABLX2gb2tBOAEAZIFBAgEGAGSBQQIBRgEgAfzx8uJBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEELPtBNIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqaCdMCaHR0cHM6Ly9kZS5zaG9mYXN0LmNvbS9kc3I_cT1DbG91ZCUyMENvbnRhY3QlMjBDZW50ZXImYXNpZD16bXdfY2g0MTcmZGU9YyZzY2xpZD0wLTI0MDE1JmdjbGlkPXtnY2xpZH0mcmFjPUNsb3VkJTIwQ29udGFjdCUyMENlbnRlciZ0ZXJtcz1HZW5lc3lzK0Nsb3VkK0NvbnRhY3QrQ2VudGVyJTJDQmVzdCtDbG91ZCtDb250YWN0K0NlbnRlciUyQ2Nsb3VkK2NvbnRhY3QrY2VudGVyK2FzK2Erc2VydmljZSUyQ29yYWNsZStzZXJ2aWNlK2Nsb3VkK2NvbnRhY3QrY2VudGVyJTJDY2xvdWQrY29udGFjdCtjZW50ZXIrcHJvdmlkZXJzJTJDY2xvdWQrYmFzZWQrY29udGFjdCtjZW50ZXIrc29sdXRpb25zgAoDyAsB2BMM0BUBmBYBgBcBshceChwIABIUcHViLTc1MDc0MzkyMzM4NjU0MTUY_fkT&sigh=zCGWQN1QAGw&uach_m=[UACH]&ase=2&cid=CAQSOwBpAlJWbvqB5TkYJPSlWwtN-ceY6jyiQAOzapeYsmrnQ62QmZitmAJc-583mgFi-w9EvXUzbDh928dcGAE&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223263797952906220319%22,%22debug_reporting%22:true,%22destination%22:%22https://shofast.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211093854195%22],%224%22:[%2208-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212786132638851012337%22}&andc=true

Request Chain 146

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 151

https://fksnk.com/cs/google?google_gid=CAESEBYUtZtCaqX-SrWnLANbo0o&google_cver=1&google_push=AXcoOmQx53cWOvklhBRw8mDsd5tQsPUemedfMqMTSw-gKsGf4gdLg6ey9TxxvZ59aKhLfstUQDunuNv1qt6S6zChkT7J6oGfRJo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=Q0M2OTIzQzhCMUZCNURFRg==

Request Chain 152

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEDMydrAKQvpSkrjNEZ45eVk&google_cver=1&google_push=AXcoOmREMyjeAZ8CzLuF8ntWXyjGrLJOra_yroLrwHvHTTcyB3DExlxxwWCInW6zYThCQkP6mgrcZ0LIaGb3sAyXhe0EDkwuZzo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI2OTEyMDM3NjI2NTQzOTM5Mg%3D%3D&google_push=AXcoOmREMyjeAZ8CzLuF8ntWXyjGrLJOra_yroLrwHvHTTcyB3DExlxxwWCInW6zYThCQkP6mgrcZ0LIaGb3sAyXhe0EDkwuZzo

Request Chain 153

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMJrawe7VgTTjnC9npbFmuc&google_cver=1&google_push=AXcoOmRXNTPsZ0Ix7a_O7LwaDDRHJmc6CTsuwVdqpRMSg3LM_TJWi7Fm9NHgim2XjOOHDY2za0OasSZASgG6WiFpzENOf9secba7 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRXNTPsZ0Ix7a_O7LwaDDRHJmc6CTsuwVdqpRMSg3LM_TJWi7Fm9NHgim2XjOOHDY2za0OasSZASgG6WiFpzENOf9secba7&google_hm=eS11a2tLZVhGRTJwR0lvWmptUFhFMHVsaDZEajhERkxJVn5B

Request Chain 154

https://s.uuidksinc.net/match/47/?remote_uid=CAESEIalJXsp9nS7_RZDSvPA9zg&c_param1=AXcoOmTNSXQCdJaBBSaQFc-xW3sQ0CYz0Sk61rP2tq-MyfPocvV1vWyy0l8lcuEZ9eUH6iwmfoD41qbzUBasqlTXMK9AUDMs3_g&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmTNSXQCdJaBBSaQFc-xW3sQ0CYz0Sk61rP2tq-MyfPocvV1vWyy0l8lcuEZ9eUH6iwmfoD41qbzUBasqlTXMK9AUDMs3_g

Request Chain 155

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGM3KzjIDzYnwPYuqBhNsHI&google_cver=1&google_push=AXcoOmRVPQxk01BsKxcLWw0cPtId9rSoHunvvF4J5scPrW87l0aUakfLAkPgQonD4-kp0kBLq4Z_o3t3sNxOkNjSwLIHcYp3XuYu HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEGM3KzjIDzYnwPYuqBhNsHI&google_cver=1&google_push=AXcoOmRVPQxk01BsKxcLWw0cPtId9rSoHunvvF4J5scPrW87l0aUakfLAkPgQonD4-kp0kBLq4Z_o3t3sNxOkNjSwLIHcYp3XuYu HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODYyMzA5NzU5Nzg5NDk4NzE0OA&google_push=AXcoOmRVPQxk01BsKxcLWw0cPtId9rSoHunvvF4J5scPrW87l0aUakfLAkPgQonD4-kp0kBLq4Z_o3t3sNxOkNjSwLIHcYp3XuYu

Request Chain 156

https://sync.inmobi.com/gob?google_gid=CAESEE67pgEeoj2I-8pS_PZ8y_M&google_cver=1&google_push=AXcoOmSeKQVGyG5mneUrXxT01EfEb7Aw1eKsqebZ4WEA1WuAmtSEWiWmG_ZfJ69B-SKlt8vhhx-ypgNd3lXexVgxckQGTWrrN0IX HTTP 302
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmSeKQVGyG5mneUrXxT01EfEb7Aw1eKsqebZ4WEA1WuAmtSEWiWmG_ZfJ69B-SKlt8vhhx-ypgNd3lXexVgxckQGTWrrN0IX

Request Chain 191

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAWCbr-7c4-1zsVhoJt-SSQ&google_cver=1&google_push=AXcoOmRISXoGpWUtNODEs1hOdzcj1tufQGkyh3cCRmJxk5EideMtefhsFNUTQN4QrEaV9iL6Lt6d5rYaw_H0P53xMnsHqdqu2FbxBw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODkzMTg1MjQ0MDIxMzg4NDM2MQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDaA-HACMQnLg7fQ2nm20vs&google_cver=1

Request Chain 192

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECaiBKmEl6vhvGJHw02AlMg&google_cver=1&google_push=AXcoOmSnLNW7SZNP3GFCat0SFqyMtoaMYqiZNt0HA2Sd13kM8mhXsDP7gIbiHCaHDHF0v4BVQsVtmSCGP2BxyPVM8KCsZWiSUnsR HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmSnLNW7SZNP3GFCat0SFqyMtoaMYqiZNt0HA2Sd13kM8mhXsDP7gIbiHCaHDHF0v4BVQsVtmSCGP2BxyPVM8KCsZWiSUnsR&google_hm=ri9yrm889NYZCim4B_fZRg

Request Chain 195

https://d5p.de17a.com/cookies/google?google_gid=CAESEK7bKR6qVA2jbDQDqQSkOLA&google_cver=1&google_push=AXcoOmSCpoahbW9d1njzhQSWcNgnncDuHepiR-6ARPrVzYxjsYEAcs2DaVc-WWjOaYsnXvN-f_boET5zjGpuWHOCKHHLWeMhbgjvHA HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEK7bKR6qVA2jbDQDqQSkOLA&google_cver=1&google_push=AXcoOmSCpoahbW9d1njzhQSWcNgnncDuHepiR-6ARPrVzYxjsYEAcs2DaVc-WWjOaYsnXvN-f_boET5zjGpuWHOCKHHLWeMhbgjvHA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSCpoahbW9d1njzhQSWcNgnncDuHepiR-6ARPrVzYxjsYEAcs2DaVc-WWjOaYsnXvN-f_boET5zjGpuWHOCKHHLWeMhbgjvHA

Request Chain 196

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEB-kORCLWw5zRnTmn-DAqos&google_cver=1&google_push=AXcoOmRgSPUs-2Cw_YDyNa9SUWq2zWucpc0QnSg983TUBmLIG-1JbfXdd5JHTO-7XU1G-T45osgF0aktO5B3KYHjrSoHnGsvzcbMiQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODYyMzA5NzU5Nzg5NDk4NzE0OA&google_push=AXcoOmRgSPUs-2Cw_YDyNa9SUWq2zWucpc0QnSg983TUBmLIG-1JbfXdd5JHTO-7XU1G-T45osgF0aktO5B3KYHjrSoHnGsvzcbMiQ

Request Chain 197

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEND2QmbpQIm65aurGBXSaV0&google_cver=1&google_push=AXcoOmQvIZaSxZKm0l9ZKUVTvFTLio426wewKlZqSzthLV3T8YXOiqN1GHIwSLRdNzARdKxD3tOi5-xdRKkgnd8md8_zLUJuwMkPfw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQvIZaSxZKm0l9ZKUVTvFTLio426wewKlZqSzthLV3T8YXOiqN1GHIwSLRdNzARdKxD3tOi5-xdRKkgnd8md8_zLUJuwMkPfw

Request Chain 199

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAWCbr-7c4-1zsVhoJt-SSQ&google_cver=1&google_push=AXcoOmTmUmNS7t_RTMPhvyUlwmDodsgj1JpCaxQsS2pLUGpYB6Oh5U6mdJcp7peFJUcnD3DH6O_3qebf1dGtMzYRlc5els67r-2wSA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzMxMzMzMDQzMDA5MjQ3OTk0NQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDaA-HACMQnLg7fQ2nm20vs&google_cver=1

Request Chain 200

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECaiBKmEl6vhvGJHw02AlMg&google_cver=1&google_push=AXcoOmTCCE8h7aK-eyWGzOl4tJsgEc5lL0KccXBBptsZZjlQSaDluIMrHEE_t0SFR706GLe4HK_KDXfWekJT0_g5zOSdMSmuyHHDJQ HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmTCCE8h7aK-eyWGzOl4tJsgEc5lL0KccXBBptsZZjlQSaDluIMrHEE_t0SFR706GLe4HK_KDXfWekJT0_g5zOSdMSmuyHHDJQ&google_hm=ri9yrm889NYZCim4B_fZRg

Request Chain 202

https://a.tribalfusion.com/i.match?p=b6&u=CAESEF1nDOGX0yLs2bM0gpYstm0&google_cver=1&google_push=AXcoOmSq4pzDsXha3mUXD_n-ODif6QEzJbYqLRZzjo7QV7pBvPYVI0_I2BhCO3LOMjKGl7TebqKHz0stLGFGaJZvtLntDG4Cor0yWQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSq4pzDsXha3mUXD_n-ODif6QEzJbYqLRZzjo7QV7pBvPYVI0_I2BhCO3LOMjKGl7TebqKHz0stLGFGaJZvtLntDG4Cor0yWQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEF1nDOGX0yLs2bM0gpYstm0&google_cver=1&google_push=AXcoOmSq4pzDsXha3mUXD_n-ODif6QEzJbYqLRZzjo7QV7pBvPYVI0_I2BhCO3LOMjKGl7TebqKHz0stLGFGaJZvtLntDG4Cor0yWQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSq4pzDsXha3mUXD_n-ODif6QEzJbYqLRZzjo7QV7pBvPYVI0_I2BhCO3LOMjKGl7TebqKHz0stLGFGaJZvtLntDG4Cor0yWQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 204

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEB-kORCLWw5zRnTmn-DAqos&google_cver=1&google_push=AXcoOmRXwDRjuvyapXwCtQalsPf1O-05sjTpAbQ9EYFhMCLE4VUC1zMZfZiv7PYvsLRHz8WZV--8FVnrGbDzGubZjIFdCwGw5QS6 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODYyMzA5NzU5Nzg5NDk4NzE0OA&google_push=AXcoOmRXwDRjuvyapXwCtQalsPf1O-05sjTpAbQ9EYFhMCLE4VUC1zMZfZiv7PYvsLRHz8WZV--8FVnrGbDzGubZjIFdCwGw5QS6

Request Chain 205

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEIQrOpwDdO8MJnKY6GUbjZc&google_cver=1&google_push=AXcoOmT5MRBoauKAmT0wwhXmcPIazxZnu141Aa-97E1-g6JD7yI6ycX8UKHa7z-Ek1m07ojG3DKEtluWjbm93JQhRFIblvGHEH6mK0c HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmT5MRBoauKAmT0wwhXmcPIazxZnu141Aa-97E1-g6JD7yI6ycX8UKHa7z-Ek1m07ojG3DKEtluWjbm93JQhRFIblvGHEH6mK0c HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 207

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDCS4fFxzL5ErALZUVFHhPQ&google_cver=1&google_push=AXcoOmSb0wtHaElThZtFk0dWW1gUlCzDjve6nN6QQKw5LKxSCBmSUmOP8ukL2Dn7ybaIuhJ0wkbenXA7-BEV0H2IXwVKMtgkGhcrMm4 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDCS4fFxzL5ErALZUVFHhPQ&google_cver=1&google_push=AXcoOmSb0wtHaElThZtFk0dWW1gUlCzDjve6nN6QQKw5LKxSCBmSUmOP8ukL2Dn7ybaIuhJ0wkbenXA7-BEV0H2IXwVKMtgkGhcrMm4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=S0Jkekl3YTcxUXhyTm01&google_gid=CAESEDCS4fFxzL5ErALZUVFHhPQ&google_cver=1&google_push=AXcoOmSb0wtHaElThZtFk0dWW1gUlCzDjve6nN6QQKw5LKxSCBmSUmOP8ukL2Dn7ybaIuhJ0wkbenXA7-BEV0H2IXwVKMtgkGhcrMm4

Request Chain 208

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEFdHFcEzIIsYitzgD1Ea_Hw&google_cver=1&google_push=AXcoOmRkbf6A_LF06pkQokohFnIjauQW6-RFJmqqYUUmOrAe3YIObHnoAAYgv5yzDqPFLIEH4a_HvJaGsuHBL2SemeM5dxaAwU3qWf0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmRkbf6A_LF06pkQokohFnIjauQW6-RFJmqqYUUmOrAe3YIObHnoAAYgv5yzDqPFLIEH4a_HvJaGsuHBL2SemeM5dxaAwU3qWf0

Request Chain 209

https://um.simpli.fi/gp_match?google_gid=CAESEINmMIaJVWr4ysPi4lw2_qQ&google_cver=1&google_push=AXcoOmSCo4r1lIDWI2ivPKuUxB7IzYlnRVQJDkXTvVwnD_p7iw8KIvEl-2YJJKMzNNvzwv38MVnZy17KHjbbAb7qC58y-kz3lZNZbtg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=AE5031A85CBD441D9FB66CBCA199EEFA&google_push=AXcoOmSCo4r1lIDWI2ivPKuUxB7IzYlnRVQJDkXTvVwnD_p7iw8KIvEl-2YJJKMzNNvzwv38MVnZy17KHjbbAb7qC58y-kz3lZNZbtg

Request Chain 212

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEND2QmbpQIm65aurGBXSaV0&google_cver=1&google_push=AXcoOmQpmDSsvnLX56V4ypAUc3cckmmxFOv0eWRWmVNKRd9nzoI1L9non6RpaEeKlJnLy35eD2TXc6fByn9Pm6GNli1I0eW-dP4yVA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQpmDSsvnLX56V4ypAUc3cckmmxFOv0eWRWmVNKRd9nzoI1L9non6RpaEeKlJnLy35eD2TXc6fByn9Pm6GNli1I0eW-dP4yVA

Request Chain 213

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEIQrOpwDdO8MJnKY6GUbjZc&google_cver=1&google_push=AXcoOmSrQa6g8A5Ez3krHbfO0QklwC0JDu4eGUZoaQfIQYNPVHqRE3xAWKi9Vt_e0CdOyCeIAFyL3UJcAMKZbyx0MBqmHWGvKc9VrqJv HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmSrQa6g8A5Ez3krHbfO0QklwC0JDu4eGUZoaQfIQYNPVHqRE3xAWKi9Vt_e0CdOyCeIAFyL3UJcAMKZbyx0MBqmHWGvKc9VrqJv HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 215

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 226

https://googleads.g.doubleclick.net/pagead/adview?ai=C6EUodxrhZOXyL4GntgerxrzQA8Tpp6FynIy1n7oRZBABIMn9-npgleKQgqAHoAHO3fntA8gBCakCPZodL7Y9sj6oAwHIA8sEqgSjAk_QMC_WXAACN4DS886QVLhXW026YjykAzMY_Hum3NY49M0Yo7btT4kh_gI6HUXcNvOUyR3ixgPwUYk2pmy-Sko_4i5VqUMZWX13WxRJ9k2d4h0EN2HvgQz7OAp7DtEhM5qTX5IGeBfzGoh6cDjqWVqoBaqmzMgE3rRyp1hgtgs9SCIaEv6Mk0kjAKxl3PSqTP1u_s-_WOODqiccCKxcn-764v2qGBKC1r9dzLDEakZhedsIdcuIsNylQUMNSBWQ9DJHUxXtgJ0rE_wMW2jl4eXRnypvoc3yJfrjLoX5J-5bAGo9LmU1mw5E0Dle0Joif6qvtzHVcmCcsG9n58MMopiABqtJRZSGQww2Vsmaav-dJMrnrVTXuhrNwanIe6qPal2v9MAEm6KEp8wEkgUECAQYAZIFBAgFGASgBi6AB5qihhKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBC7px_SCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mgkgaHR0cHM6Ly93d3cuZmxpZXNlbi1ib2V0dGlnZXIuZGWACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItOTY2NTA1NzQyMTEzNjU3NBgA&sigh=EkOkUtRiUAs&uach_m=[UACH]&ase=2&cid=CAQSOwBpAlJWtbCdJi4mNayv-OSjlxQrkt4pkvOFzCvIhUQpZphmsxmT0BixZy6QDOjgBWthiK8sANo9vU-9GAE&template_id=5000&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213138615661485885970%22,%22debug_reporting%22:true,%22destination%22:%22https://fliesen-boettiger.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221035890382%22],%224%22:[%2208-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229883042783820228721%22}&andc=true

Request Chain 228

https://googleads.g.doubleclick.net/pagead/adview?ai=CQXVXdxrhZObyL4GntgerxrzQA8Tpp6FynIy1n7oRZBABIMn9-npgleKQgqAHoAHO3fntA8gBCakCPZodL7Y9sj6oAwHIA8sEqgSjAk_QWr2WYpgXz8YhKhZL_0A1JDMQkAFfblIXxCDzR-WPbqXY4fod0gHtjNTGn2q5nO5wekOh7QRZdHcKqpvHvtg6NgNkw2Grqy-E4xLJlxVY94imvn6JsLE6zZvFV0_UfMbPH0v0Cpqcsykh67jTlUhLeR4aQ5E6hoqOCPp2UK4M5xJS9jTCc2rP3wxKLq0Utj-TDhzJFkRXBjum2tWsjJlIbmJ6OeVpXZaKmCP2gGBakjc2z8MV302sh0rTNqpcIAZiiDts9xEu5xnrqZmAWfC92TZN4hOt8kegqNkuCAcRA-11NmztAhFzFdl3leXPUhfJ-itqJm8iEb8mRGB2BBXqF3PrXaVpXziUvWHgUeemPBb0zwfRtH133Z63V4reo19eM8AEm6KEp8wEkgUECAQYAZIFBAgFGASgBi6AB5qihhKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBC9jxLSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mgkgaHR0cHM6Ly93d3cuZmxpZXNlbi1ib2V0dGlnZXIuZGWACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItOTY2NTA1NzQyMTEzNjU3NBgA&sigh=aRrfoNdYIMA&uach_m=[UACH]&ase=2&cid=CAQSOwBpAlJWtbCdJi4mNayv-OSjlxQrkt4pkvOFzCvIhUQpZphmsxmT0BixZy6QDOjgBWthiK8sANo9vU-9GAE&template_id=5000&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215188427661841001305%22,%22debug_reporting%22:true,%22destination%22:%22https://fliesen-boettiger.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221035890382%22],%224%22:[%2208-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210645650876479654721%22}&andc=true

Request Chain 232

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=0ca8c09f-451e-4c81-bdd0-82b2c165518f&bidId=1&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=69e9e780-606c-43b4-a762-492df31e2081&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3D5baf4c50cfa04393a1c11be629947694%26tids%3D1%26med%3D10&rtype=mvFeedbackURL&tagId=6932594&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_gvrq-pbageby&aid=8999274838266196154 HTTP 303
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=5baf4c50cfa04393a1c11be629947694&tids=1&med=10

224 HTTP transactions
15 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
kooora-lives.com/matches/tottenham-and-manchester-united-on-2023-08-19-in-premier-league-england/ 79 KB
23 KB 264ms
224ms Document
text/html 2606:4700:3037::6815:3541
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kooora-lives.com/matches/tottenham-and-manchester-united-on-2023-08-19-in-premier-league-england/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3541 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3dcbdebeab9f3cf015455c9e2f9aa8b1c9fa280c9add98945314863bb4252ec1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 7f94dd063f6e03e4-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 19 Aug 2023 19:39:34 GMT
expires: Sat, 19 Aug 2023 21:39:34 GMT
last-modified: Sat, 19 Aug 2023 19:07:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RrIoRuGHKFNPApEryXr9hkdVoVz8XRoW3X2mkTrCLxmoOzl%2BiNbb7DgfWq8Gh%2F9gSYBneHXz9nYCehDyfDMsqlz9xBUUib5MFnGjG4yxqPlX25fuQThyy8GE20fVfLpQOgqGLakvLP4mHtDGUOB1"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 styles.min.css
kooora-lives.com/wp-content/plugins/football-leagues-by-anwppro-premium-premium/public/css/ 68 KB
12 KB 20ms
18ms Stylesheet
text/css 2606:4700:3037::6815:3541
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kooora-lives.com/wp-content/plugins/football-leagues-by-anwppro-premium-premium/public/css/styles.min.css?ver=0.15.3
Requested by: Host: kooora-lives.com
URL: https://kooora-lives.com/matches/tottenham-and-manchester-united-on-2023-08-19-in-premier-league-england/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3541 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e87e6cbfe9bac10b95b9814d64cc0c5adaac98a4fdf55396df774c9a65cccf91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/matches/tottenham-and-manchester-united-on-2023-08-19-in-premier-league-england/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 19:39:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 525855
alt-svc: h3=":443"; ma=86400
pragma: public
last-modified: Sun, 30 Jul 2023 22:04:05 GMT
server: cloudflare
etag: W/"64c6de55-10ec0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FzoxjMKfmHOg4Y8U53C9NLAoJlhxCRLZzxS8XDjOQ0%2B%2BfKPMXRywSvYKtWZt0ka0eNqpk7I3H1O3GJQZOo1zJdkyoxjbECvOPWnaZgpk%2B2QE7ivagnUAJDLYWIKgJtd12MfRg%2F8nNFkZdLkZ%2B3yO"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7f94dd07a95d03e4-FRA
expires: Tue, 12 Sep 2023 17:35:19 GMT

GET
H2 200 styles.min.css
kooora-lives.com/wp-content/plugins/football-leagues-by-anwppro/public/css/ 101 KB
17 KB 25ms
23ms Stylesheet
text/css 2606:4700:3037::6815:3541
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kooora-lives.com/wp-content/plugins/football-leagues-by-anwppro/public/css/styles.min.css?ver=0.15.2
Requested by: Host: kooora-lives.com
URL: https://kooora-lives.com/matches/tottenham-and-manchester-united-on-2023-08-19-in-premier-league-england/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3541 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efb4762683c1ab088171aeb437ddc224ec616c69ca9d563454f56a09666e12ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/matches/tottenham-and-manchester-united-on-2023-08-19-in-premier-league-england/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 19:39:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 525855
alt-svc: h3=":443"; ma=86400
pragma: public
last-modified: Sun, 30 Jul 2023 22:03:56 GMT
server: cloudflare
etag: W/"64c6de4c-195e1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3KMSaxpZ3PNuzD6YqBLgmb9gn%2BuP4tO%2FQZb7E9VIdWRoriwHaVk4I3PF0KBRqcl7WGE3uNWLq6H2qiWrbx97nruOSPrVTH7IPWl%2FPIhniazTTBTw5T5BSrZ1JFHH1ZSdE3v7Ei4e8n5uVpNi%2BnSM"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7f94dd07a96103e4-FRA
expires: Tue, 12 Sep 2023 17:35:19 GMT

GET
H2 200 flags32.css
kooora-lives.com/wp-content/cache/min/1/wp-content/plugins/football-leagues-by-anwppro/vendor/world-flags-sprite/stylesheets/ 11 KB
2 KB 19ms
18ms Stylesheet
text/css 2606:4700:3037::6815:3541
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kooora-lives.com/wp-content/cache/min/1/wp-content/plugins/football-leagues-by-anwppro/vendor/world-flags-sprite/stylesheets/flags32.css?ver=1692472051
Requested by: Host: kooora-lives.com
URL: https://kooora-lives.com/matches/tottenham-and-manchester-united-on-2023-08-19-in-premier-league-england/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3541 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e7f7707672da42929bfd992bd807fb3b3971ce966c1c11a927931900e55b494

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/matches/tottenham-and-manchester-united-on-2023-08-19-in-premier-league-england/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 19:39:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1894
alt-svc: h3=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Sat, 19 Aug 2023 19:07:31 GMT
server: cloudflare
etag: W/"64e112f3-2b47"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=czxog2z2tpf%2BEdI9XgXMRDHjEHKD7rPmBYfbwP1%2BSnG3wELsF4%2B5qXmt733HVOGvPHNrSpfOcwktaIWphYnm9bs35S4V6H7yTbzqWL6gAxzza74NeXr6hhNIL7lhq97A8sTZ7B5G%2FxLE6si1aFGe"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7f94dd07a96303e4-FRA
expires: Mon, 18 Sep 2023 19:08:00 GMT

GET
H2 200 flags16.css
kooora-lives.com/wp-content/cache/min/1/wp-content/plugins/football-leagues-by-anwppro/vendor/world-flags-sprite/stylesheets/ 10 KB
2 KB 26ms
25ms Stylesheet
text/css 2606:4700:3037::6815:3541
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kooora-lives.com/wp-content/cache/min/1/wp-content/plugins/football-leagues-by-anwppro/vendor/world-flags-sprite/stylesheets/flags16.css?ver=1692472051
Requested by: Host: kooora-lives.com
URL: https://kooora-lives.com/matches/tottenham-and-manchester-united-on-2023-08-19-in-premier-league-england/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3541 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46f4e40356732336b98588530a51ced1fa76cc7f9e576aa087208180db4d4354

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/matches/tottenham-and-manchester-united-on-2023-08-19-in-premier-league-england/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 19:39:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1894
alt-svc: h3=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Sat, 19 Aug 2023 19:07:31 GMT
server: cloudflare
etag: W/"64e112f3-29b5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IhW6MqhuguRaQpLUzSOuxWNEn%2FyuNpcoVHbFd0y7gt4Hy6r0eFeMgP9hi4NFDCPmwLtuM%2BwGa4vylmrx418V04RNcWJSL%2BgYqLd5AsuRDq9Gk2Y%2BFBGF19dnNleWUr0zlrcakUCbsgoH6mWmh5wj"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7f94dd07a96503e4-FRA
expires: Mon, 18 Sep 2023 19:08:00 GMT

GET
H2 200 NeoSansArabic.woff
kooora-lives.com/wp-content/themes/AlbaKora4Live-en/fonts/ 56 KB
56 KB 25ms
25ms Font
application/x-font-woff 2606:4700:3037::6815:3541
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kooora-lives.com/wp-content/themes/AlbaKora4Live-en/fonts/NeoSansArabic.woff
Requested by: Host: kooora-lives.com
URL: https://kooora-lives.com/matches/tottenham-and-manchester-united-on-2023-08-19-in-premier-league-england/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3541 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18588f1581eeeebaef76be52d09261c5c1a886d1a02ede533adb62c334d122e6

Request headers

Referer: https://kooora-lives.com/matches/tottenham-and-manchester-united-on-2023-08-19-in-premier-league-england/
Origin: https://kooora-lives.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 19:39:34 GMT
cf-cache-status: HIT
last-modified: Sun, 05 Mar 2023 22:58:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 426787
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8erARqgBYMwnXuvx7T2A%2Ft%2BLt2BOzjrd4RA%2BrLuW9qLn0KN3nb2rQH4WnZU6IPcP2JKBbkMreb72tEYDpfbyak%2FY5ASnNGwZu7nfZGYBg2dn980l96PAIlS%2FE8WIPqwe79EH2vlQnzJP2FdOkVwu"}],"group":"cf-nel","max_age":604800}
content-type: application/x-font-woff
cache-control: max-age=31536000
cf-ray: 7f94dd07a96703e4-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 13 Aug 2024 21:06:27 GMT

GET
H2 200 up.js Show response
live.demand.supply/ 5 KB
3 KB 137ms
98ms Script
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/up.js
Requested by: Host: kooora-lives.com
URL: https://kooora-lives.com/matches/tottenham-and-manchester-united-on-2023-08-19-in-premier-league-england/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ad7bd0d2645b89579a33033852b055c353700775b6d04117e153cecd732e66a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-nf-request-id: 01H853H86AEQV3CPERRQ4WJXQ8
date: Sat, 19 Aug 2023 19:39:35 GMT
content-encoding: br
cf-cache-status: HIT
age: 50
cf-polished: origSize=4393
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"c39376a5283ec2e1d7746152411a8bd1-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray: 7f94dd07efc5698f-FRA
link: <https://live.demand.supply/impl.v17.13.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v17-10-0/a29vb3JhLWxpdmVzLmNvbS8=>; rel=preload; as=script
timing-allow-origin: *

GET
H2 200 koora-live-Live-broadcast-of-the-most-important-matches-of-the-day.jpg
kooora-lives.com/wp-content/uploads/2023/03/ 52 KB
52 KB 14ms
13ms Image
image/jpeg 2606:4700:3037::6815:3541
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora-lives.com/wp-content/uploads/2023/03/koora-live-Live-broadcast-of-the-most-important-matches-of-the-day.jpg
Requested by: Host: kooora-lives.com
URL: https://kooora-lives.com/matches/tottenham-and-manchester-united-on-2023-08-19-in-premier-league-england/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3541 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75878746f86699575801c0577246a773787835cf9075ea5753deed6fcba3bc52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/matches/tottenham-and-manchester-united-on-2023-08-19-in-premier-league-england/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 19:39:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 525701
alt-svc: h3=":443"; ma=86400
content-length: 53002
pragma: public
last-modified: Wed, 15 Mar 2023 12:47:42 GMT
server: cloudflare
etag: "6411be6e-cf0a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r18xG9%2BMmGQbMIyHeyDkcqrMKCWO7koz2G3B95zJV5Xge8VWuf43c4JpnXvXTWs5tcU8pTLwWU40MPb8JB2uk0UbCqN%2FxC3BRGpADfBGfrhkm5mjK0R5Rz4l%2BED%2FfBPPNVPp124yOnIcQV4AjraO"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7f94dd07a96a03e4-FRA
expires: Tue, 12 Sep 2023 17:37:53 GMT

GET
H2 200 spinner.gif
kooora-lives.com/wp-admin/images/ 4 KB
4 KB 21ms
20ms Image
image/gif 2606:4700:3037::6815:3541
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora-lives.com/wp-admin/images/spinner.gif
Requested by: Host: kooora-lives.com
URL: https://kooora-lives.com/matches/tottenham-and-manchester-united-on-2023-08-19-in-premier-league-england/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3541 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c2d44038a6c53bd74f3a26e690c1974e1385fffbc6def4c59f91dc1f738f0b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/matches/tottenham-and-manchester-united-on-2023-08-19-in-premier-league-england/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 19:39:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 525701
alt-svc: h3=":443"; ma=86400
content-length: 3656
pragma: public
last-modified: Sat, 12 Nov 2022 14:24:07 GMT
server: cloudflare
etag: "636fac87-e48"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LEap2nl1ikUa831oC5Q4l7IkAOdAqftKf%2FkRWR8YEnMLIeFbNMBtyaWXAZ143V1isKogl%2Bno0g5fwaz7UPbjOf3C4Hsp23trahuDlwJFSJxxDRde3GxHaP0cSiCwHwd%2BB1Yt1AQPLnoWI%2FURyBW2"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7f94dd07a96c03e4-FRA
expires: Tue, 12 Sep 2023 17:37:53 GMT

GET
H2 200 rocket-loader.min.js Show response
kooora-lives.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 9ms
8ms Script
application/javascript 2606:4700:3037::6815:3541
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kooora-lives.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: kooora-lives.com
URL: https://kooora-lives.com/matches/tottenham-and-manchester-united-on-2023-08-19-in-premier-league-england/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:3541 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/matches/tottenham-and-manchester-united-on-2023-08-19-in-premier-league-england/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 19:39:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 17 Aug 2023 10:58:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64ddfd41-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EcOZZhy%2B9zei1YYynZGSkGfrAu8SmkMlSHAOq%2BeW70bokUR%2FoLEW9LhD%2BPs1vlwTq6g%2BZYsQt2%2F3Bh07N8x5WlM0Z6Go1UivySaLwcwIltYNQ77ktehJqyG5869zww3oo%2BJH2ppEVfmca4vPio7r"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7f94dd07a96d03e4-FRA
expires: Mon, 21 Aug 2023 19:39:34 GMT

GET
H3 200 jquery.min.js Show response
kooora-lives.com/wp-content/themes/AlbaKora4Live-en/js/ 87 KB
32 KB 26ms
26ms Script
application/javascript 2606:4700:3037::6815:3541
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kooora-lives.com/wp-content/themes/AlbaKora4Live-en/js/jquery.min.js?ver=6.3
Requested by: Host: kooora-lives.com
URL: https://kooora-lives.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:3541 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62bb02fa91c1537efbce823d5d1981982d3925bcdaac667dc6ca64f8469e2284

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/matches/tottenham-and-manchester-united-on-2023-08-19-in-premier-league-england/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 19:39:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 525830
alt-svc: h3=":443"; ma=86400
pragma: public
last-modified: Sun, 05 Mar 2023 22:58:10 GMT
server: cloudflare
etag: W/"64051e82-15d2e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UM8RtHXqr64TQ8kzfsvBE69Zg16Mhrp4i0LyNtTVEPrkxlwsUC9FfJSJYbP3bosD3o9CRrd013IZWFv8iu007xYpS67hi6723kXe3ze4QLcdEy8MWWKvbaR2we9rwBBRLXf55KV3NNilUwarE2P6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7f94dd07fbefbbf5-FRA
expires: Tue, 12 Sep 2023 17:35:45 GMT

GET
H3 200 anwp-fl-pro-public.min.js Show response
kooora-lives.com/wp-content/plugins/football-leagues-by-anwppro-premium-premium/public/js/ 106 KB
33 KB 20ms
19ms Script
application/javascript 2606:4700:3037::6815:3541
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kooora-lives.com/wp-content/plugins/football-leagues-by-anwppro-premium-premium/public/js/anwp-fl-pro-public.min.js?ver=0.15.3
Requested by: Host: kooora-lives.com
URL: https://kooora-lives.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:3541 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2270eb61dcfa969d306647b435189e762387878b34d09c2cbe596ea4bf457d0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/matches/tottenham-and-manchester-united-on-2023-08-19-in-premier-league-england/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 19:39:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 525830
alt-svc: h3=":443"; ma=86400
pragma: public
last-modified: Sun, 30 Jul 2023 22:04:05 GMT
server: cloudflare
etag: W/"64c6de55-1a974"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V2frn6DXFnrnqOS0dv5%2BzsE%2FlbWTFKulT9UObHQOV2hv0EhdI6oLP1OUmx3mCgAzUMc%2FdDvEIsm%2BPKsv%2FTSFAY%2B3H0ZD6RjQaGDDz3sAQTPpkVq0ubeZD9CSebw8%2FFIX%2F525L4eHiQkbDGHEcmKY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7f94dd07fbf0bbf5-FRA
expires: Tue, 12 Sep 2023 17:35:45 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 91ms
67ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3024901627449599

Requested by

Host: kooora-lives.com
URL: https://kooora-lives.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3e7c78f3b9a18bb0f2021bb4cd19b9515810f06a44542f16fb2a4f40a7f7b81f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kooora-lives.com/
Origin: https://kooora-lives.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 19:39:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51009
x-xss-protection: 0
server: cafe
etag: 15073543456872657591
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 19 Aug 2023 19:39:35 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 79ms
56ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9665057421136574

Requested by

Host: kooora-lives.com
URL: https://kooora-lives.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78d45e928e15632bca130e47bbb68845fefb0046e419388de43ff87df3378eaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kooora-lives.com/
Origin: https://kooora-lives.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 19:39:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51008
x-xss-protection: 0
server: cafe
etag: 7131583323879561989
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 19 Aug 2023 19:39:35 GMT

GET
H3 200 micromodal.min.js Show response
kooora-lives.com/wp-content/plugins/football-leagues-by-anwppro/vendor/micromodal/ 7 KB
3 KB 34ms
33ms Script
application/javascript 2606:4700:3037::6815:3541
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kooora-lives.com/wp-content/plugins/football-leagues-by-anwppro/vendor/micromodal/micromodal.min.js?ver=0.4.10
Requested by: Host: kooora-lives.com
URL: https://kooora-lives.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:3541 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46dc1f18ef5fd887b12b7a2866c824a7097b62c6127ee4016f51bad9118bb6a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/matches/tottenham-and-manchester-united-on-2023-08-19-in-premier-league-england/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 19:39:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 525830
alt-svc: h3=":443"; ma=86400
pragma: public
last-modified: Sun, 30 Jul 2023 22:03:56 GMT
server: cloudflare
etag: W/"64c6de4c-1bbe"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3mSS%2FVDgU8Rk%2FeyV8PO6thqUIBwC3qFjSfe3Jg3Ln%2F42OlRxsU5%2BDBA%2BZZihSSViyfYj0VtWjWW%2FT8JOCda1CHRZiGJE3WIzAz6lQGGZCJPVYeeB%2F%2FA1t6sPsHuhNfTZXNTDQUnPz8YFWT%2BW%2FvCa"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7f94dd07fbf2bbf5-FRA
expires: Tue, 12 Sep 2023 17:35:45 GMT

GET
DATA 200
OK truncated
/ 944 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 183a8a45d21c9e08f327306b313a677e14df544b7fbe005f832bae1ae0828f4a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 248 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50b355d30ddbdcfbc57eb2a32734c6574995395b4c64f278ce270f8646b5f3b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 460 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 725695280088b4a7f1f43936b2ff0ec321040d4921c1b782e97c74cc5c89e02f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 451 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H3 200 b.jpg
kooora-lives.com/wp-content/themes/AlbaKora4Live-en/img/ 32 KB
33 KB 26ms
25ms Image
image/jpeg 2606:4700:3037::6815:3541
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora-lives.com/wp-content/themes/AlbaKora4Live-en/img/b.jpg
Requested by: Host: kooora-lives.com
URL: https://kooora-lives.com/matches/tottenham-and-manchester-united-on-2023-08-19-in-premier-league-england/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:3541 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c63f11c5dc238bc2e0eeb277c6937dce9b7edaebee949155af358dd264488a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/matches/tottenham-and-manchester-united-on-2023-08-19-in-premier-league-england/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 19:39:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 522949
alt-svc: h3=":443"; ma=86400
content-length: 32915
pragma: public
last-modified: Sun, 05 Mar 2023 22:58:10 GMT
server: cloudflare
etag: "64051e82-8093"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dx1ed6Q4Cd7HWOrN3O897kfLw8Mqy1iF3v8O4hXgW3F3IHJl3gInYO4aKNsNLGfP2lHmnGAPgoQ%2Bw5ExNFSFuSUlAIBD0M2vefx6hktc6Zvy00ZknXeg5uRuBX0q8%2FamG37rIf%2FT%2BorlOAfbeVCt"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7f94dd080c0ebbf5-FRA
expires: Tue, 12 Sep 2023 18:23:46 GMT

GET
H2 200 impl.v17.13.0.js Show response
live.demand.supply/ 82 KB
27 KB 19ms
17ms Script
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/impl.v17.13.0.js
Requested by: Host: kooora-lives.com
URL: https://kooora-lives.com/matches/tottenham-and-manchester-united-on-2023-08-19-in-premier-league-england/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e07f7b09d3fcc9d6fa58c0036595bc7e31cef44fe28633039e8da7777fed1a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-nf-request-id: 01H853H4DTJBRHQWEZJR7DWCW6
date: Sat, 19 Aug 2023 19:39:35 GMT
content-encoding: br
cf-cache-status: HIT
age: 85381
cf-polished: origSize=84202
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"79d1b3af02d0c875ba79da1ec3cbc215-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 7f94dd08891c698f-FRA

GET
H2 200 a29vb3JhLWxpdmVzLmNvbS8= Show response
live.demand.supply/p4/v17-10-0/ 1 KB
775 B 52ms
51ms Script
text/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v17-10-0/a29vb3JhLWxpdmVzLmNvbS8=
Requested by: Host: kooora-lives.com
URL: https://kooora-lives.com/matches/tottenham-and-manchester-united-on-2023-08-19-in-premier-league-england/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 423261ba9321ce2431400956e3d91d335a79433e091c38f4dcb7ead7c3797213

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 19:39:35 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 7f94dd08891f698f-FRA
alt-svc: h3=":443"; ma=86400

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
516 B 42ms
22ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?e=ll&d=139&cs=c&dsReferer=a29vb3JhLWxpdmVzLmNvbS9tYXRjaGVzL3RvdHRlbmhhbS1hbmQtbWFuY2hlc3Rlci11bml0ZWQtb24tMjAyMy0wOC0xOS1pbi1wcmVtaWVyLWxlYWd1ZS1lbmdsYW5kLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-nf-request-id: 01H6W2K5X02WA91Z8JPREG3PRY
date: Sat, 19 Aug 2023 19:39:35 GMT
cf-cache-status: HIT
age: 893437
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "545852e4b58a0ecff618993a297ee53b-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7f94dd08a85f8fdc-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 99 KB
29 KB 118ms
72ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c949b5ff1c9e3a32653ff976d8549d90c149fdce567cc821f65d617fe407aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 19:39:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29376
x-xss-protection: 0
server: cafe
etag: 852 / 19588 / 31077195 / config-hash: 4570674370816517536
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 19 Aug 2023 19:39:35 GMT

GET
H2 200 a29vb3JhLWxpdmVzLmNvbS9tYXRjaGVzL3RvdHRlbmhhbS1hbmQtbWFuY2hlc3Rlci11bml0ZWQtb24tMjAyMy0wOC0xOS1pbi1wcmVtaWVyLWxlYWd1ZS1lbmdsYW5kLw== Show response
live.demand.supply/p4/v17-10-0/ 1 KB
706 B 65ms
64ms Script
text/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v17-10-0/a29vb3JhLWxpdmVzLmNvbS9tYXRjaGVzL3RvdHRlbmhhbS1hbmQtbWFuY2hlc3Rlci11bml0ZWQtb24tMjAyMy0wOC0xOS1pbi1wcmVtaWVyLWxlYWd1ZS1lbmdsYW5kLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 423261ba9321ce2431400956e3d91d335a79433e091c38f4dcb7ead7c3797213

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 19:39:35 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 7f94dd088925698f-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 ds.2.html Show response
live.demand.supply/ 413 B
589 B 41ms
22ms XHR
text/html 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-nf-request-id: 01H6W3CEFSG3EFQNH6ZWF6AFD6
date: Sat, 19 Aug 2023 19:39:35 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 1394859
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 7f94dd08a8648fdc-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 kooora-lives.com_fluid_sq_25-7-ads Show response
live.demand.supply/cp/ 29 B
374 B 145ms
145ms XHR
text/plain 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/kooora-lives.com_fluid_sq_25-7-ads?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=a29vb3JhLWxpdmVzLmNvbS9tYXRjaGVzL3RvdHRlbmhhbS1hbmQtbWFuY2hlc3Rlci11bml0ZWQtb24tMjAyMy0wOC0xOS1pbi1wcmVtaWVyLWxlYWd1ZS1lbmdsYW5kLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.13.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de0a200f1b57caab7157b6bc4277ad9077c29f7b4e9d929f01a55a4afb628ba2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 19:39:35 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 7f94dd08b86a8fdc-FRA
alt-svc: h3=":443"; ma=86400
content-length: 29

GET
H3 200 kooora-lives.com_fluid_sq_25-7-ads Show response
live.demand.supply/cp/ 29 B
374 B 140ms
140ms XHR
text/plain 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/kooora-lives.com_fluid_sq_25-7-ads?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=a29vb3JhLWxpdmVzLmNvbS9tYXRjaGVzL3RvdHRlbmhhbS1hbmQtbWFuY2hlc3Rlci11bml0ZWQtb24tMjAyMy0wOC0xOS1pbi1wcmVtaWVyLWxlYWd1ZS1lbmdsYW5kLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.13.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de0a200f1b57caab7157b6bc4277ad9077c29f7b4e9d929f01a55a4afb628ba2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 19:39:35 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 7f94dd08b86c8fdc-FRA
alt-svc: h3=":443"; ma=86400
content-length: 29

GET
H3 200 kooora-lives.com_auto_728x90_sticky_display_bottom Show response
live.demand.supply/cp/ 28 B
370 B 233ms
232ms XHR
text/plain 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/kooora-lives.com_auto_728x90_sticky_display_bottom?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=a29vb3JhLWxpdmVzLmNvbS9tYXRjaGVzL3RvdHRlbmhhbS1hbmQtbWFuY2hlc3Rlci11bml0ZWQtb24tMjAyMy0wOC0xOS1pbi1wcmVtaWVyLWxlYWd1ZS1lbmdsYW5kLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.13.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acfd6872dcf390e8d7ba25794835d8e15fd3b3a9e726d5d9ac7a121cf92b57b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 19:39:35 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 7f94dd08f8bb8fdc-FRA
alt-svc: h3=":443"; ma=86400
content-length: 28

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/ 402 KB
127 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js?cb=31077195

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed0b6cf04cd484a5a817d7e64121674b837a42c361df9231f899270acbf49dfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 17:45:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6862
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129577
x-xss-protection: 0
server: cafe
etag: 2336233631454045957
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 18 Aug 2024 17:45:13 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
478 B 13ms
12ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=kooora-lives.com_fluid_sq_25-7-ads&pdc=0.4836135387420655&ucv=null&e=tcp&dsReferer=a29vb3JhLWxpdmVzLmNvbS9tYXRjaGVzL3RvdHRlbmhhbS1hbmQtbWFuY2hlc3Rlci11bml0ZWQtb24tMjAyMy0wOC0xOS1pbi1wcmVtaWVyLWxlYWd1ZS1lbmdsYW5kLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.13.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-nf-request-id: 01H6W2K5X02WA91Z8JPREG3PRY
date: Sat, 19 Aug 2023 19:39:35 GMT
cf-cache-status: HIT
age: 893437
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "545852e4b58a0ecff618993a297ee53b-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7f94dd09994b8fdc-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
481 B 14ms
13ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=da&r=kooora-lives.com_fluid_sq_25-7-ads&dsReferer=a29vb3JhLWxpdmVzLmNvbS9tYXRjaGVzL3RvdHRlbmhhbS1hbmQtbWFuY2hlc3Rlci11bml0ZWQtb24tMjAyMy0wOC0xOS1pbi1wcmVtaWVyLWxlYWd1ZS1lbmdsYW5kLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.13.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-nf-request-id: 01H4ERN2KZRBB6S0HJTY7HT3Z8
date: Sat, 19 Aug 2023 19:39:35 GMT
cf-cache-status: HIT
age: 1725725
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "acf50ad34a007c86592c40dc67a2d894-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7f94dd09994e8fdc-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
480 B 14ms
14ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=kooora-lives.com_auto_interstitial_desktop&sn=1&ific=true&e=iar2&dsReferer=a29vb3JhLWxpdmVzLmNvbS9tYXRjaGVzL3RvdHRlbmhhbS1hbmQtbWFuY2hlc3Rlci11bml0ZWQtb24tMjAyMy0wOC0xOS1pbi1wcmVtaWVyLWxlYWd1ZS1lbmdsYW5kLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.13.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-nf-request-id: 01H6W2K5X02WA91Z8JPREG3PRY
date: Sat, 19 Aug 2023 19:39:35 GMT
cf-cache-status: HIT
age: 893437
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "545852e4b58a0ecff618993a297ee53b-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7f94dd09c9708fdc-FRA

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 59ms
15ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js?cb=31077195

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 19:39:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 41943
x-jsd-version: master
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230042-FRA, cache-jnb7027-JNB
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jkyg5E9nFJLiN%2FXN6vZPwmyAYCHWA2D4n5i4Wf7zKMBsSrPbSJLUezrLmY%2BBTAn6DAhWG8ccQqXpWNt0lmL%2Fg%2BRUessS7XwBMfrWAjHQ%2B0pIo9N%2FaUgZkNA%2FnyzNdmd90lUCAU3CZ73T9J0FoWM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7f94dd0a2843048f-FRA

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 43 KB
13 KB 56ms
24ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js?cb=31077195

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

14b4caf239342334bf7b8280605e60f67c33c589762047b8bd67c0552fdb80a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 19:39:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 03 Aug 2023 11:12:29 GMT
server: nginx
etag: W/"64cb8b9d-aa04"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 20 Aug 2023 19:39:35 GMT

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 40 KB
9 KB 57ms
20ms Script
application/javascript 172.64.152.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js?cb=31077195
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41fd4ed5ad93e39cd84d043e905e66e3bbb9dbb50cf2d7bbf68bfeef79f3d3cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 19:39:35 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 04 Aug 2023 18:38:49 GMT
server: cloudflare
age: 183904
etag: W/"64cd45b9-a13f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7f94dd0a1bc30374-FRA
expires: Tue, 22 Aug 2023 19:39:35 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 38 KB
12 KB 77ms
16ms Script
text/javascript 108.156.2.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js?cb=31077195
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.2.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-2-55.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 11:35:24 GMT
content-encoding: gzip
via: 1.1 7aebe5536aa81207909dbe4ca368b9be.cloudfront.net (CloudFront)
last-modified: Wed, 31 May 2023 20:34:33 GMT
server: AmazonS3
x-amz-cf-pop: MXP63-P4
age: 29065
x-amz-server-side-encryption: AES256
etag: W/"550ead3a95bd6cfcd917d45c5f8f4553"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: kjqKJu8CLEdD_FIYHFmBQYT35CKnCpD-REW-pyXpF0ISI1OHp-b7aA==

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 59ms
23ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js?cb=31077195
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 19:39:35 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: 5c50e8a3ec2401bba4f8ac29b81dba3c
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 120ms
26ms Script
text/javascript 2600:9000:237d:8e00:a:e047:753:6381
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js?cb=31077195
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:8e00:a:e047:753:6381 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id: null
Date: Sat, 19 Aug 2023 05:08:18 GMT
Via: 1.1 73b81cd9bd041c21d2fd170c0f53e030.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 May 2023 00:14:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: MUC50-P2
Age: 52278
x-amz-server-side-encryption: AES256
ETag: "4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1858
X-Amz-Cf-Id: KmC3VpR30uWcpeK0xaKkrz36pCog6rje15p9V_iutaacPY63o5fhBQ==

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 112 KB
26 KB 48ms
27ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js?cb=31077195

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0c750b97759124bffe209a81cfb7a3aa05dd20ca1168314348cb865254f1ce2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 19:39:35 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 02 Aug 2023 11:32:19 GMT
server: cloudflare
x-amz-request-id: 65DF8G3K09D60167
age: 1645
etag: W/"25c6f4638264ba52fb77e06351d38d61"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7f94dd0a0d038fe2-FRA
x-amz-id-2: 4ka36iv55x+n1/nQ20UH4ZWDTqKukFEzwHlzC5df0NTPPZMUXzRqH3xadu8EFewIM76WhVsw/kQ=

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
821 B 199ms
199ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=588273458684202&correlator=1667727784877771&eid=31077195%2C44799390%2C31070232&output=ldjh&gdfp_req=1&vrg=202308170101&ptt=17&impl=fif&iu_parts=44890869%3A22853861021%2Cca-pub-3831894559014614-tag%2Cc4a28945-651e-4009-a170-3a52427824b5&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&didk=46689329&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1692473975346&lmt=1692464869&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fkooora-lives.com%2Fmatches%2Ftottenham-and-manchester-united-on-2023-08-19-in-premier-league-england%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1548034886.1692473975&ga_sid=1692473975&ga_hid=139209392&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYqcS9-qAxSABSAghkEhkKCnB1YmNpZC5vcmcYqMS9-qAxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGKnEvfqgMUgAUgIIZBIXCghydGJob3VzZRipxL36oDFIAFICCGQSGQoKdWlkYXBpLmNvbRipxL36oDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGKnEvfqgMUgAUgIIZA..&dlt=1692473974977&idt=321&prev_scp=ti%3D51b3b78a-04e4-4d71-8b54-4b3a64198437%26interstitials-bid%3D14%26bid-p%3Dgoogle%26bsc%3D86&adks=3632308521&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js?cb=31077195

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3af598e09846b5626baacfb888afde9ab3c51baab6348fa5df0260bbf96a101d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 19:39:35 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 790
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kooora-lives.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3879 6 KB
3 KB 78ms
15ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js?cb=31077195

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kooora-lives.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 19:39:35 GMT
expires: Sun, 18 Aug 2024 19:39:35 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/ 37 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl_page_level_ads.js?cb=31077195

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js?cb=31077195

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85546fc1dc5bd86a9db3f5d39e5cbc0dd92106c5e67c147d78eddf19b3f13a2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 11:36:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28986
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13156
x-xss-protection: 0
server: cafe
etag: 1643040129009188309
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 18 Aug 2024 11:36:29 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
478 B 97ms
97ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=kooora-lives.com_fluid_sq_25-7-ads&pdc=0.4836135387420655&ucv=null&e=tcp&dsReferer=a29vb3JhLWxpdmVzLmNvbS9tYXRjaGVzL3RvdHRlbmhhbS1hbmQtbWFuY2hlc3Rlci11bml0ZWQtb24tMjAyMy0wOC0xOS1pbi1wcmVtaWVyLWxlYWd1ZS1lbmdsYW5kLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.13.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-nf-request-id: 01H6W2K5X02WA91Z8JPREG3PRY
date: Sat, 19 Aug 2023 19:39:35 GMT
cf-cache-status: HIT
age: 893437
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "545852e4b58a0ecff618993a297ee53b-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7f94dd0a09b88fdc-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
479 B 15ms
14ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=da&r=kooora-lives.com_fluid_sq_25-7-ads&dsReferer=a29vb3JhLWxpdmVzLmNvbS9tYXRjaGVzL3RvdHRlbmhhbS1hbmQtbWFuY2hlc3Rlci11bml0ZWQtb24tMjAyMy0wOC0xOS1pbi1wcmVtaWVyLWxlYWd1ZS1lbmdsYW5kLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.13.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-nf-request-id: 01H4ERN2KZRBB6S0HJTY7HT3Z8
date: Sat, 19 Aug 2023 19:39:35 GMT
cf-cache-status: HIT
age: 1725725
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "acf50ad34a007c86592c40dc67a2d894-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7f94dd0a09b98fdc-FRA

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 64 KB
15 KB 484ms
484ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=588273458684202&correlator=3295971892693775&eid=31077195%2C44799390%2C31070232&output=ldjh&gdfp_req=1&vrg=202308170101&ptt=17&impl=fif&iu_parts=44890869%3A22853861021%2Cca-pub-3831894559014614-tag%2Ce333732b-5f31-4628-ac22-4b3040f7b65f&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280%7C750x300%7C750x200%7C930x180%7C970x250&ifi=2&didk=3741431233&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1692473975379&lmt=1692464869&adxs=262&adys=684&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fkooora-lives.com%2Fmatches%2Ftottenham-and-manchester-united-on-2023-08-19-in-premier-league-england%2F&vis=1&psz=1076x296&msz=1076x296&fws=0&ohw=0&ga_vid=1548034886.1692473975&ga_sid=1692473975&ga_hid=139209392&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYqcS9-qAxSABSAghkEhkKCnB1YmNpZC5vcmcYqMS9-qAxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGKnEvfqgMUgAUgIIZBIXCghydGJob3VzZRipxL36oDFIAFICCGQSGQoKdWlkYXBpLmNvbRipxL36oDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGKnEvfqgMUgAUgIIZA..&dlt=1692473974977&idt=321&prev_scp=ti%3D51b3b78a-04e4-4d71-8b54-4b3a64198437%26chrand%3Dy%26pof%3D0%26bid%3D0.2%26bid-p%3Dgoogle%26bsc%3D86&adks=3176782333&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js?cb=31077195

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4f9750d1b5abf19981a64993d9f4486523c8d5f1dd50d8f424216f03fa8c61c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 19:39:35 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15003
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kooora-lives.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
12 KB 396ms
396ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=588273458684202&correlator=1281702382320736&eid=31077195%2C44799390%2C31070232&output=ldjh&gdfp_req=1&vrg=202308170101&ptt=17&impl=fif&iu_parts=44890869%3A22853861021%2Cca-pub-3831894559014614-tag%2Ce333732b-5f31-4628-ac22-4b3040f7b65f&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280%7C750x300%7C750x200%7C930x180%7C970x250&ifi=3&didk=3741431232&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1692473975389&lmt=1692464869&adxs=262&adys=100&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fkooora-lives.com%2Fmatches%2Ftottenham-and-manchester-united-on-2023-08-19-in-premier-league-england%2F&vis=1&psz=1076x296&msz=1076x296&fws=0&ohw=0&ga_vid=1548034886.1692473975&ga_sid=1692473975&ga_hid=139209392&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYqcS9-qAxSABSAghkEhkKCnB1YmNpZC5vcmcYqMS9-qAxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGKnEvfqgMUgAUgIIZBIXCghydGJob3VzZRipxL36oDFIAFICCGQSGQoKdWlkYXBpLmNvbRipxL36oDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGKnEvfqgMUgAUgIIZA..&dlt=1692473974977&idt=321&prev_scp=ti%3D51b3b78a-04e4-4d71-8b54-4b3a64198437%26chrand%3Dy%26pof%3D0%26bid%3D0.2%26bid-p%3Dgoogle%26bsc%3D86&adks=3910575283&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js?cb=31077195

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c315d375d8043731d14eb5937d823451840f4dafa20b6a79e29ed568c18d6579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 19:39:35 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12336
x-xss-protection: 0
google-lineitem-id: 5564063969
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138332681208
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kooora-lives.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 9171 15 KB
6 KB 51ms
17ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=kooora-lives.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://kooora-lives.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 19:39:34 GMT
server: Kestrel
server-processing-duration-in-ticks: 298629
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
325 B 41ms
12ms XHR
text/plain 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://kooora-lives.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://kooora-lives.com
date: Sat, 19 Aug 2023 19:39:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
334 B 105ms
32ms XHR
application/json 54.72.84.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.84.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-84-52.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 64bef4a0bbce47628d1d17da9a2ef4c58290f50f9c0f99a20f2af730d97de75a

Request headers

Referer: https://kooora-lives.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 19:39:35 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://kooora-lives.com
cache-control: no-cache
x-server: 10.45.26.85
access-control-allow-credentials: true
content-length: 60
expires: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
478 B 13ms
13ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=kooora-lives.com_auto_728x90_sticky_display_bottom&pdc=0.265375018119812&ucv=null&e=tcp&dsReferer=a29vb3JhLWxpdmVzLmNvbS9tYXRjaGVzL3RvdHRlbmhhbS1hbmQtbWFuY2hlc3Rlci11bml0ZWQtb24tMjAyMy0wOC0xOS1pbi1wcmVtaWVyLWxlYWd1ZS1lbmdsYW5kLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.13.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-nf-request-id: 01H6W2K5X02WA91Z8JPREG3PRY
date: Sat, 19 Aug 2023 19:39:35 GMT
cf-cache-status: HIT
age: 893437
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "545852e4b58a0ecff618993a297ee53b-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7f94dd0a7a088fdc-FRA

GET
H3 200 sdb.css
live.demand.supply/css/ 4 KB
2 KB 101ms
101ms Stylesheet
text/css 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/css/sdb.css
Requested by: Host: client
URL: about:client
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-nf-request-id: 01H4B84TTR0HYCCB4BQBXB73YW
date: Sat, 19 Aug 2023 19:39:35 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 2545124
etag: W/"c7e963c0d989e2de7e1130bf3281bc3e-ssl-df"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 7f94dd0a7f762bdf-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
12 KB 205ms
204ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=588273458684202&correlator=3260582153135313&eid=31077195%2C44799390%2C31070232&output=ldjh&gdfp_req=1&vrg=202308170101&ptt=17&impl=fif&iu_parts=44890869%3A22853861021%2Cca-pub-3831894559014614-tag%2C09adebc8-fc87-4187-946d-0e30a6aa4fbe&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90&ifi=4&didk=1055437860&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1692473975434&lmt=1692464869&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fkooora-lives.com%2Fmatches%2Ftottenham-and-manchester-united-on-2023-08-19-in-premier-league-england%2F&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=1548034886.1692473975&ga_sid=1692473975&ga_hid=139209392&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYqcS9-qAxSABSAghkEhkKCnB1YmNpZC5vcmcY_8S9-qAxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGKnEvfqgMUgAUgIIZBIXCghydGJob3VzZRiAxb36oDFIAFICCGoSGQoKdWlkYXBpLmNvbRipxL36oDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGKnEvfqgMUgAUgIIZA..&dlt=1692473974977&idt=321&prev_scp=ti%3D51b3b78a-04e4-4d71-8b54-4b3a64198437%26chrand%3Dy%26pof%3D0%26bid%3D0.13%26bid-p%3Dgoogle%26rfi%3D30%26stt%3Dbhs%26bsc%3D86&adks=4288808975&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js?cb=31077195

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78dd18679bae06ce284222c334cf8b57d0ef51397afe2c0def8e8cc592e6f432

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 19:39:35 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12296
x-xss-protection: 0
google-lineitem-id: 5564062997
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138332681208
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kooora-lives.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 9171
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=kooora-lives.com&sn=ChromeSyncframe&so=0&topUrl=kooora-lives.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=cQjQknxQYXRENytEZnIxck9UbEhUR2pNOTZzdERIdWFHNVNnYnlLYXFqdlV1cWc2NmYwaUh3bUoxVkF6VnhRNVNNYmo4ZXAwTTRod3RrNVJyV1pTNEE0RjI3ZFZTU1dRcmwza09GRG5VTWZQYXVyMEFOb2M0TjZZZDlsMU...

452 B
673 B

65ms
17ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=cQjQknxQYXRENytEZnIxck9UbEhUR2pNOTZzdERIdWFHNVNnYnlLYXFqdlV1cWc2NmYwaUh3bUoxVkF6VnhRNVNNYmo4ZXAwTTRod3RrNVJyV1pTNEE0RjI3ZFZTU1dRcmwza09GRG5VTWZQYXVyMEFOb2M0TjZZZDlsMUtMRGV4dFZoWFRzSFRadzVaQ2NWZEl4cEhEdTRiek1tZG5PTi9tQzRzc3JrV2prejVQMzZMQWdNQTBxbzIvYit1d0JBdnVCTHJhQkJoZ3BOY0k0ZjFpcStiekVpRkJjbTNFYTJkZGo2Z1VxTm5BMTVtSkUxM2lKR0lmTnFmaDZFQlQ5OHFWVDJUa3ZNWUhwMjJYTEF3RnZTWktDYm1tbkhDS2dMRlRZeXpWREF5UFl5bTl2RT18&cppv=2

Requested by

Host: kooora-lives.com
URL: https://kooora-lives.com/matches/tottenham-and-manchester-united-on-2023-08-19-in-premier-league-england/

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7e16130187ab63307474378ebb17e4b52f388aa72ff1ae10039f49299fdebe78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 19:39:34 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1185244
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 19 Aug 2023 19:39:34 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=cQjQknxQYXRENytEZnIxck9UbEhUR2pNOTZzdERIdWFHNVNnYnlLYXFqdlV1cWc2NmYwaUh3bUoxVkF6VnhRNVNNYmo4ZXAwTTRod3RrNVJyV1pTNEE0RjI3ZFZTU1dRcmwza09GRG5VTWZQYXVyMEFOb2M0TjZZZDlsMUtMRGV4dFZoWFRzSFRadzVaQ2NWZEl4cEhEdTRiek1tZG5PTi9tQzRzc3JrV2prejVQMzZMQWdNQTBxbzIvYit1d0JBdnVCTHJhQkJoZ3BOY0k0ZjFpcStiekVpRkJjbTNFYTJkZGo2Z1VxTm5BMTVtSkUxM2lKR0lmTnFmaDZFQlQ5OHFWVDJUa3ZNWUhwMjJYTEF3RnZTWktDYm1tbkhDS2dMRlRZeXpWREF5UFl5bTl2RT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 439231
content-length: 0
expires: 0

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
5 KB 48ms
20ms Script
text/javascript 2606:4700:10::6814:41d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: kooora-lives.com
URL: https://kooora-lives.com/matches/tottenham-and-manchester-united-on-2023-08-19-in-premier-league-england/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:41d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 19:39:35 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 13231
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 7f94dd0b4eb36993-FRA
content-length: 4547

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308150101/ 392 KB
132 KB 84ms
69ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9665057421136574&plah=kooora-lives.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9665057421136574

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1f6a475723e4f5f4999aab7e0d91d8d178bc379b873e682e9ad5583b672b1e4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 19:39:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134727
x-xss-protection: 0
server: cafe
etag: 13441428149670257919
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 19 Aug 2023 19:39:35 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230816/r20190131/ Frame 4FD3 10 KB
5 KB 29ms
7ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230816/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9665057421136574

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kooora-lives.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 28358
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4542
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 11:46:57 GMT
etag: 13776922816869014096
expires: Sat, 02 Sep 2023 11:46:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 109ms
108ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=puberror&context=166&msg=TagError%3A%20adsbygoogle.push()%20error%3A%20Warning%3A%20Do%20not%20add%20multiple%20property%20codes%20with%20AdSense%20tag%20to%20avoid%20seeing%20unexpected%20behavior.%20These%20codes%20were%20found%20on%20the%20page%20ca-pub-3024901627449599%2C%20ca-pub-9665057421136574%0Aat%20dq%20(https%3A%2F%2Fpagead2.googlesyndication.com%2Fpagead%2Fjs%2Fadsbygoogle.js%3Fclient%3Dca-pub-3024901627449599%3A216%3A171)%0Aat%20cq%20(adsbygoogle.js%3Fclient%3Dca-pub-3024901627449599%3A214%3A326)%0Aat%20adsbygoogle.js%3Fclient%3Dca-pub-3024901627449599%3A229%3A475%0Aat%20he.ga%20(adsbygoogle.js%3Fclient%3Dca-pub-3024901627449599%3A51%3A239)%0Aa&shv=r20230816&mjsv=m202308150101&eid=44759876%2C44759927%2C44759837%2C31077148%2C42531706%2C44799579&url=https%3A%2F%2Fkooora-lives.com%2Fmatches%2Ftottenham-and-manchester-united-on-2023-08-19-in-premier-league-england%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 19:39:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
480 B 13ms
13ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=kooora-lives.com_auto_interstitial_desktop&e=nai&dsReferer=a29vb3JhLWxpdmVzLmNvbS9tYXRjaGVzL3RvdHRlbmhhbS1hbmQtbWFuY2hlc3Rlci11bml0ZWQtb24tMjAyMy0wOC0xOS1pbi1wcmVtaWVyLWxlYWd1ZS1lbmdsYW5kLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.13.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-nf-request-id: 01H6W2K5X02WA91Z8JPREG3PRY
date: Sat, 19 Aug 2023 19:39:35 GMT
cf-cache-status: HIT
age: 893437
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "545852e4b58a0ecff618993a297ee53b-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7f94dd0b7b258fdc-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
480 B 14ms
13ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=kooora-lives.com_auto_interstitial_desktop&sn=2&ific=false&e=iar2&dsReferer=a29vb3JhLWxpdmVzLmNvbS9tYXRjaGVzL3RvdHRlbmhhbS1hbmQtbWFuY2hlc3Rlci11bml0ZWQtb24tMjAyMy0wOC0xOS1pbi1wcmVtaWVyLWxlYWd1ZS1lbmdsYW5kLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.13.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-nf-request-id: 01H6W2K5X02WA91Z8JPREG3PRY
date: Sat, 19 Aug 2023 19:39:35 GMT
cf-cache-status: HIT
age: 893437
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "545852e4b58a0ecff618993a297ee53b-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7f94dd0b8b2e8fdc-FRA

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 972 B
511 B 267ms
266ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=588273458684202&correlator=3194741050652444&eid=31077195%2C44799390%2C31070232&output=ldjh&gdfp_req=1&vrg=202308170101&ptt=17&impl=fif&iu_parts=44890869%3A22853861021%2Cca-pub-3831894559014614-tag%2C424b9e5c-d21e-4112-85c9-2231f6883a22&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=6&didk=1047621112&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3D137231f695da055e%3AT%3D1692473975%3ART%3D1692473975%3AS%3DALNI_MYDxeH98nYnwottH5wHuaJqoo1IBQ&gpic=UID%3D00000c6473d6ea0b%3AT%3D1692473975%3ART%3D1692473975%3AS%3DALNI_MaJN9tIlTtEln3X625hH1Vo5E3ppA&abxe=1&dt=1692473975601&lmt=1692464869&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fkooora-lives.com%2Fmatches%2Ftottenham-and-manchester-united-on-2023-08-19-in-premier-league-england%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1548034886.1692473975&ga_sid=1692473975&ga_hid=139209392&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYqcS9-qAxSABSAghkEhkKCnB1YmNpZC5vcmcY_8S9-qAxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGKnEvfqgMUgAUgIIZBIXCghydGJob3VzZRiAxb36oDFIAFICCGoSGQoKdWlkYXBpLmNvbRipxL36oDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGKnFvfqgMUgAUgIIag..&dlt=1692473974977&idt=321&prev_scp=ti%3D51b3b78a-04e4-4d71-8b54-4b3a64198437%26interstitials-bid%3D6%26bid-p%3Dgoogle%26bsc%3D86&adks=3641882075&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js?cb=31077195

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a235a544beaabf0ff3571282894a0ea5d4e7b452f9e954b04fdc960634fd2541

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 19:39:35 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 479
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kooora-lives.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
481 B 15ms
15ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=fs&dsReferer=a29vb3JhLWxpdmVzLmNvbS9tYXRjaGVzL3RvdHRlbmhhbS1hbmQtbWFuY2hlc3Rlci11bml0ZWQtb24tMjAyMy0wOC0xOS1pbi1wcmVtaWVyLWxlYWd1ZS1lbmdsYW5kLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.13.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-nf-request-id: 01H4ERN2KZRBB6S0HJTY7HT3Z8
date: Sat, 19 Aug 2023 19:39:35 GMT
cf-cache-status: HIT
age: 1725725
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "acf50ad34a007c86592c40dc67a2d894-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7f94dd0b9b488fdc-FRA

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 60ms
59ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308170101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js?cb=31077195

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7cf929fc3a49c5e85f27023dbf1a17bb404f788c596b43fdc75f6946861716d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 19:39:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11729
x-xss-protection: 0

GET
H3 200 47-1.png
kooora-lives.com/wp-content/uploads/2023/03/ 11 KB
12 KB 14ms
14ms Image
image/png 2606:4700:3037::6815:3541
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora-lives.com/wp-content/uploads/2023/03/47-1.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:3541 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e96eb9ef662beb2cf75392ac7a99dd0d7e678a5cdc9aa7c97c81e65181804b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/matches/tottenham-and-manchester-united-on-2023-08-19-in-premier-league-england/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 19:39:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 126018
alt-svc: h3=":443"; ma=86400
content-length: 11731
pragma: public
last-modified: Thu, 16 Mar 2023 22:14:57 GMT
server: cloudflare
etag: "641394e1-2dd3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QfndbUWRLHWma8scsZ1DGQT%2FPnUhK%2FQMdWhYq8ReAKW2eeXFqLY6qfvQoWCBw8KKbFaLUy3vC%2BSj88lYgahX044aTN67t%2Bp8Yg74sev88mUrXjIOW%2BlOonewsnexoE7CEYVNC7EqbTK2sMDgV9Je"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7f94dd0ba902bbf5-FRA
expires: Sun, 17 Sep 2023 08:39:17 GMT

GET
H3 200 33-1.png
kooora-lives.com/wp-content/uploads/2023/03/ 32 KB
33 KB 22ms
21ms Image
image/png 2606:4700:3037::6815:3541
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora-lives.com/wp-content/uploads/2023/03/33-1.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:3541 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 891522ce75d989b789bf28488295a58d5c0b41c58f2fea9b02529e824a2ad51f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/matches/tottenham-and-manchester-united-on-2023-08-19-in-premier-league-england/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 19:39:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 126018
alt-svc: h3=":443"; ma=86400
content-length: 33019
pragma: public
last-modified: Wed, 15 Mar 2023 19:00:27 GMT
server: cloudflare
etag: "641215cb-80fb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rWSGQ5oFleYZA844Le6ngZCiQIeo26wNRXnayHsTVzTbrE6GAuP1fYQ9WL2QvON5k%2FIfl3zu5ZXGcped%2FZPlVqmgS8A0%2BZaCGTLabNJnR3JtCo3dpEhTS6NFHI7n14LusqRJC7w9ISHmnCd%2BMLIU"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7f94dd0ba904bbf5-FRA
expires: Sun, 17 Sep 2023 08:39:17 GMT

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 52 B
186 B 299ms
95ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4750114&@f16&@g1&@h1&@i1&@j1692473975627&@k0&@l1&@mTottenham%20and%20Manchester%20United%20on%202023-08-19%20in%20Premier%20League%20(England)%20-%20koora%20live%20-%20English%20Live%20broadcast%20of%20the%20most%20important%20matches%20of%20the%20day&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-87723760&@b3:1692473976&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttps%3A%2F%2Fkooora-lives.com%2Fmatches%2Ftottenham-and-manchester-united-on-2023-08-19-in-premier-league-england%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: d42bd7af8853d691e58fb2f7467032d143ba84b6585af2cf363800198872dee8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Sat, 19 Aug 2023 19:39:35 GMT
Connection: close
Content-Length: 52
Content-Type: text/html;charset=UTF-8

GET view
securepubads.g.doubleclick.net/pcs/ Frame 5FF8 0
0

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5FF8 0
0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 48 KB
20 KB 363ms
362ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=588273458684202&correlator=4073535369284587&eid=31077195%2C44799390%2C31070232&output=ldjh&gdfp_req=1&vrg=202308170101&ptt=17&impl=fif&iu_parts=44890869%3A22853861021%2Cca-pub-3831894559014614-tag%2C75225509-4ccc-4779-8d12-c835a6029a43&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90&ifi=7&didk=1055437860&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D599f103b0defe3a7%3AT%3D1692473975%3ART%3D1692473975%3AS%3DALNI_Ma2vrDrSg6o7IDeKsW6hnxJu1ab-Q&gpic=UID%3D00000c6474df165f%3AT%3D1692473975%3ART%3D1692473975%3AS%3DALNI_MaZCbsaXbaPoU2AHwyRy-P_-IeR8g&abxe=1&dt=1692473975661&lmt=1692464869&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fkooora-lives.com%2Fmatches%2Ftottenham-and-manchester-united-on-2023-08-19-in-premier-league-england%2F&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=1548034886.1692473975&ga_sid=1692473975&ga_hid=139209392&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYqcS9-qAxSABSAghkEhkKCnB1YmNpZC5vcmcY_8S9-qAxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGKnEvfqgMUgAUgIIZBIXCghydGJob3VzZRiAxb36oDFIAFICCGoSGQoKdWlkYXBpLmNvbRipxL36oDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGKnFvfqgMUgAUgIIag..&dlt=1692473974977&idt=321&prev_scp=ti%3D51b3b78a-04e4-4d71-8b54-4b3a64198437%26chrand%3Dy%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26rfi%3D30%26stt%3Dbhs%26bsc%3D86&adks=3349416666&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js?cb=31077195

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1bd0c42c4c0cfe3a7e6f9ae1d4a55e6ada238f69b9808e559e5f3e6b3408207f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 19:39:36 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20023
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kooora-lives.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 55ms
26ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js?cb=31077195

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 19:39:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 19 Aug 2023 19:39:35 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 220 B
555 B 39ms
16ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=kooora-lives.com&callback=_gfp_s_&client=ca-pub-9665057421136574&cookie=ID%3D599f103b0defe3a7%3AT%3D1692473975%3ART%3D1692473975%3AS%3DALNI_Ma2vrDrSg6o7IDeKsW6hnxJu1ab-Q&gpic=UID%3D00000c6474df165f%3AT%3D1692473975%3ART%3D1692473975%3AS%3DALNI_MaZCbsaXbaPoU2AHwyRy-P_-IeR8g

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9665057421136574&plah=kooora-lives.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a3192c63948e85bd80e8dcedc5aaf816c14caaa2ebc61f88be1b6abba3226b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 19:39:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 204
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7226 437 KB
74 KB 587ms
586ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9665057421136574&output=html&adk=1812271804&adf=3025194257&lmt=1692464869&plat=1%3A16777216%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fkooora-lives.com%2Fmatches%2Ftottenham-and-manchester-united-on-2023-08-19-in-premier-league-england%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692473975549&bpp=3&bdt=572&idt=168&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D599f103b0defe3a7%3AT%3D1692473975%3ART%3D1692473975%3AS%3DALNI_Ma2vrDrSg6o7IDeKsW6hnxJu1ab-Q&gpic=UID%3D00000c6474df165f%3AT%3D1692473975%3ART%3D1692473975%3AS%3DALNI_MaZCbsaXbaPoU2AHwyRy-P_-IeR8g&nras=1&correlator=7245167683764&frm=20&pv=2&ga_vid=1548034886.1692473975&ga_sid=1692473975&ga_hid=139209392&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077148%2C42531706%2C44799579%2C44798322&oid=2&pvsid=588273458684202&tmod=1083388400&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&dtd=194

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9adb52998d44c814bbd1ae182fcafdcd6fe1d28c2059222feb72846b0e0fd55e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kooora-lives.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 75190
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 19:39:36 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 104ms
104ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=demand-supply__sd%20demand-supply__sd--bottom&ign=false&pw=1600&ph=1200&x=800&y=1130.4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 19:39:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7DD2 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kooora-lives.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1484
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 19:14:51 GMT
expires: Sun, 18 Aug 2024 19:14:51 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 03B9 829 B
1 KB 37ms
16ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

13c642e94840539568e97ed94e91eed38047f67bc694362f2d43f3f82f4a5b7e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mAlttBUubVOh2_TcduRVlg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kooora-lives.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 536
content-security-policy: script-src 'report-sample' 'nonce-mAlttBUubVOh2_TcduRVlg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 19:39:35 GMT
expires: Sat, 19 Aug 2023 19:39:35 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 7DD2 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

699ad0977ade1c52eb5f1214e634d7ebb6dfa494c6af475f8bed6acb21154994

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 05:14:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51907
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14741
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 18 Aug 2024 05:14:28 GMT

GET view
securepubads.g.doubleclick.net/pcs/ Frame 6092 0
0

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6092 0
0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 120 KB
42 KB 324ms
323ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=588273458684202&correlator=2243762241472732&eid=31077195%2C44799390%2C31070232&output=ldjh&gdfp_req=1&vrg=202308170101&ptt=17&impl=fif&iu_parts=44890869%3A22853861021%2Cca-pub-3831894559014614-tag%2Cc6ad126d-0294-4c4f-971c-66d5792c47ea&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280%7C750x300%7C750x200%7C930x180%7C970x250&ifi=8&didk=3741431232&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D4e2dffb6d36e5d39%3AT%3D1692473975%3ART%3D1692473975%3AS%3DALNI_MbswAB-O_wrCVnLOEKPf6fg1cjzSw&gpic=UID%3D00000c6474544f02%3AT%3D1692473975%3ART%3D1692473975%3AS%3DALNI_Mbu6awXwCkN0Ot3B8rSi8cAjoPbkw&abxe=1&dt=1692473975828&lmt=1692464869&adxs=262&adys=100&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fkooora-lives.com%2Fmatches%2Ftottenham-and-manchester-united-on-2023-08-19-in-premier-league-england%2F&vis=1&psz=1076x296&msz=1076x296&fws=0&ohw=0&ga_vid=1548034886.1692473975&ga_sid=1692473975&ga_hid=139209392&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYqcS9-qAxSABSAghkEhkKCnB1YmNpZC5vcmcY_8S9-qAxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGKnEvfqgMUgAUgIIZBIXCghydGJob3VzZRiAxb36oDFIAFICCGoSGQoKdWlkYXBpLmNvbRipxL36oDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGKnFvfqgMUgAUgIIag..&dlt=1692473974977&idt=321&prev_scp=ti%3D51b3b78a-04e4-4d71-8b54-4b3a64198437%26chrand%3Dy%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D86&adks=353029019&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js?cb=31077195

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

236ffa5dd2b5ea53b0f376a6cc03092017118417ebf57e2251609115ef011f4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 19:39:36 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43129
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kooora-lives.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012307272333000/ Frame 208C 222 KB
61 KB 45ms
20ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js?cb=31077195

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca0b13088e4cc740b37d30f2a5dd83dba46709641f40678950fc0a8f41c9c14c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 15 Aug 2023 01:15:31 GMT
age: 411844
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62092
x-xss-protection: 0
server: sffe
etag: "72571316e23440c4"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 14 Aug 2024 01:15:31 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 208C 15 KB
5 KB 51ms
27ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js?cb=31077195

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fdd9957f328674a49573806215c9fe67a6f827515607cf8d7db980fc94b771c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 15 Aug 2023 01:15:23 GMT
age: 411852
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5267
x-xss-protection: 0
server: sffe
etag: "85c6144a0af9a6d8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 14 Aug 2024 01:15:23 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 208C 94 KB
29 KB 36ms
11ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js?cb=31077195

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a68a7aaf623132b6e47f6d9753c49336cc812251cc91a1b82280aca86144b29a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 15 Aug 2023 10:46:54 GMT
age: 377561
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29055
x-xss-protection: 0
server: sffe
etag: "34be4077024c0aa5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 14 Aug 2024 10:46:54 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 208C 5 KB
2 KB 50ms
26ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js?cb=31077195

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b70f0a80bac892e1e492a9ee5cee527ea2a9a2ff162614ff7a3acc78b2e83db0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 14 Aug 2023 17:11:00 GMT
age: 440915
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1908
x-xss-protection: 0
server: sffe
etag: "a56399b21b8bf15b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 13 Aug 2024 17:11:00 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 208C 40 KB
13 KB 42ms
18ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js?cb=31077195

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

485567ada85d2d82f3c23210e6082009fcd03700751bf61a07a56a256b1e8918

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 14 Aug 2023 17:11:00 GMT
age: 440915
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13018
x-xss-protection: 0
server: sffe
etag: "62ea6ad255afcfa9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 13 Aug 2024 17:11:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 208C 4 KB
1 KB 45ms
21ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js?cb=31077195

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 19 Aug 2023 19:39:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 19 Aug 2023 18:10:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 19 Aug 2023 19:39:35 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 208C 2 KB
2 KB 7ms
7ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: kooora-lives.com
URL: https://kooora-lives.com/matches/tottenham-and-manchester-united-on-2023-08-19-in-premier-league-england/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 21:26:59 GMT
x-content-type-options: nosniff
server: cafe
age: 79956
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Sat, 19 Aug 2023 21:26:59 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 208C 295 B
319 B 8ms
7ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: kooora-lives.com
URL: https://kooora-lives.com/matches/tottenham-and-manchester-united-on-2023-08-19-in-premier-league-england/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 21:40:34 GMT
x-content-type-options: nosniff
server: cafe
age: 79141
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Sat, 19 Aug 2023 21:40:34 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
480 B 24ms
24ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.2&b=2&r=kooora-lives.com_fluid_sq_25-7-ads&sy=75cbd19f-767c-4a81-94ac-08440fdad85d&ts=86&cd=2&pud=139&pus=c&pue=409&pid=21&pis=c&pie=430&ppd=57&pps=a&ppe=466&pcl=323&ttc=583&tti=1189&ttif=0&lca=466&lcak=ppe&lct=466&lctk=ppe&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=kooora-lives.com&mlre=undefined&mlin=0&mlsi=1024x280&mlbw=4g&mlcs=NaN&mltp=51b3b78a-04e4-4d71-8b54-4b3a64198437&e=lm&dsReferer=a29vb3JhLWxpdmVzLmNvbS9tYXRjaGVzL3RvdHRlbmhhbS1hbmQtbWFuY2hlc3Rlci11bml0ZWQtb24tMjAyMy0wOC0xOS1pbi1wcmVtaWVyLWxlYWd1ZS1lbmdsYW5kLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.13.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-nf-request-id: 01H6W2K5X02WA91Z8JPREG3PRY
date: Sat, 19 Aug 2023 19:39:35 GMT
cf-cache-status: HIT
age: 893437
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "545852e4b58a0ecff618993a297ee53b-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7f94dd0d6d008fdc-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
479 B 108ms
108ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=kooora-lives.com_auto_interstitial_desktop&e=nai&dsReferer=a29vb3JhLWxpdmVzLmNvbS9tYXRjaGVzL3RvdHRlbmhhbS1hbmQtbWFuY2hlc3Rlci11bml0ZWQtb24tMjAyMy0wOC0xOS1pbi1wcmVtaWVyLWxlYWd1ZS1lbmdsYW5kLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.13.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-nf-request-id: 01H6W2K5X02WA91Z8JPREG3PRY
date: Sat, 19 Aug 2023 19:39:36 GMT
cf-cache-status: HIT
age: 893438
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "545852e4b58a0ecff618993a297ee53b-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7f94dd0d6d078fdc-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
480 B 32ms
32ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=kooora-lives.com_auto_interstitial_desktop&sn=3&ific=false&e=iar2&dsReferer=a29vb3JhLWxpdmVzLmNvbS9tYXRjaGVzL3RvdHRlbmhhbS1hbmQtbWFuY2hlc3Rlci11bml0ZWQtb24tMjAyMy0wOC0xOS1pbi1wcmVtaWVyLWxlYWd1ZS1lbmdsYW5kLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.13.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-nf-request-id: 01H6W2K5X02WA91Z8JPREG3PRY
date: Sat, 19 Aug 2023 19:39:35 GMT
cf-cache-status: HIT
age: 893437
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "545852e4b58a0ecff618993a297ee53b-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7f94dd0d6d098fdc-FRA

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 972 B
494 B 267ms
266ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=588273458684202&correlator=2811889916838182&eid=31077195%2C44799390%2C31070232&output=ldjh&gdfp_req=1&vrg=202308170101&ptt=17&impl=fif&iu_parts=44890869%3A22853861021%2Cca-pub-3831894559014614-tag%2C83819793-3917-48a8-9672-8f7946ad381b&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=9&didk=3448708090&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3D966c1ba7feebae0d%3AT%3D1692473975%3ART%3D1692473975%3AS%3DALNI_MboO5asAOC3pigNZ2r9tIY62dyENA&gpic=UID%3D00000c6474e593a5%3AT%3D1692473975%3ART%3D1692473975%3AS%3DALNI_MY4hhz7LInkw_2qp0GizuH6QIA9Tg&abxe=1&dt=1692473975907&lmt=1692464869&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fkooora-lives.com%2Fmatches%2Ftottenham-and-manchester-united-on-2023-08-19-in-premier-league-england%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1548034886.1692473975&ga_sid=1692473975&ga_hid=139209392&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYqcS9-qAxSABSAghkEhkKCnB1YmNpZC5vcmcY_8S9-qAxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGKnEvfqgMUgAUgIIZBIXCghydGJob3VzZRiAxb36oDFIAFICCGoSGQoKdWlkYXBpLmNvbRipxL36oDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGKnFvfqgMUgAUgIIag..&dlt=1692473974977&idt=321&prev_scp=ti%3D51b3b78a-04e4-4d71-8b54-4b3a64198437%26interstitials-bid%3D0.2%26bid-p%3Dgoogle%26bsc%3D86&adks=1594324048&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js?cb=31077195

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b3f7a6857947fe0887882801e182840ab7ea792dd7cc467019592cccc53eac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 19:39:36 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 464
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kooora-lives.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/4087420896472347600/ Frame 208C 13 KB
13 KB 78ms
78ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4087420896472347600/14763004658117789537?w=600&h=314

Requested by

Host: kooora-lives.com
URL: https://kooora-lives.com/matches/tottenham-and-manchester-united-on-2023-08-19-in-premier-league-england/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df45363153f65a586eee11cd8cc5bad2ad47e7827d7dd237415c9884fdc943a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 19:39:35 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12890
x-xss-protection: 0
last-modified: Fri, 12 May 2023 12:43:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 18 Aug 2024 19:39:35 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/2012689837100650280/ Frame 208C 7 KB
7 KB 8ms
7ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2012689837100650280/14763004658117789537?w=100&h=100

Requested by

Host: kooora-lives.com
URL: https://kooora-lives.com/matches/tottenham-and-manchester-united-on-2023-08-19-in-premier-league-england/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f38565d0f0de8ca571bb76952d499ced5a8a1d2d274f9c8763787e0b994f0524

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 06:31:34 GMT
x-content-type-options: nosniff
age: 392881
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6756
x-xss-protection: 0
last-modified: Tue, 02 May 2023 12:34:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 14 Aug 2024 06:31:34 GMT

GET
DATA 200
OK truncated
/ Frame 208C 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: edc9ebd1966eca1cd53021980ed445f8847d31a55ed2caf4b1b402dfe36819d3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 03B9 0
0 105ms
105ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308170101&jk=588273458684202&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 208C 16 KB
16 KB 31ms
9ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://kooora-lives.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 17:26:14 GMT
x-content-type-options: nosniff
age: 353601
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Aug 2024 17:26:14 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 208C 15 KB
16 KB 28ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://kooora-lives.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 22:08:16 GMT
x-content-type-options: nosniff
age: 250279
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Aug 2024 22:08:16 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7DD2 0
10 B 7ms
6ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?3nSYjQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 19:39:36 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 container.html Show response
ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 72B3 6 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js?cb=31077195

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kooora-lives.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 19:39:35 GMT
expires: Sun, 18 Aug 2024 19:39:35 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
478 B 15ms
15ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=kooora-lives.com_auto_728x90_sticky_display_bottom&pn=2&sn=3&pc=0.265375018119812&ds=true&e=wdp&dsReferer=a29vb3JhLWxpdmVzLmNvbS9tYXRjaGVzL3RvdHRlbmhhbS1hbmQtbWFuY2hlc3Rlci11bml0ZWQtb24tMjAyMy0wOC0xOS1pbi1wcmVtaWVyLWxlYWd1ZS1lbmdsYW5kLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.13.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-nf-request-id: 01H6W2K5X02WA91Z8JPREG3PRY
date: Sat, 19 Aug 2023 19:39:36 GMT
cf-cache-status: HIT
age: 893438
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "545852e4b58a0ecff618993a297ee53b-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7f94dd0e4e018fdc-FRA

GET
DATA 200
OK truncated
/ 182 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 834 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
480 B 18ms
17ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.01&b=3&r=kooora-lives.com_auto_728x90_sticky_display_bottom&sy=75cbd19f-767c-4a81-94ac-08440fdad85d&ts=86&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=kooora-lives.com&mlre=undefined&mlin=0&mlsi=728x90&mlbw=4g&mlcs=NaN&mltp=51b3b78a-04e4-4d71-8b54-4b3a64198437&e=lm&dsReferer=a29vb3JhLWxpdmVzLmNvbS9tYXRjaGVzL3RvdHRlbmhhbS1hbmQtbWFuY2hlc3Rlci11bml0ZWQtb24tMjAyMy0wOC0xOS1pbi1wcmVtaWVyLWxlYWd1ZS1lbmdsYW5kLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.13.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-nf-request-id: 01H6W2K5X02WA91Z8JPREG3PRY
date: Sat, 19 Aug 2023 19:39:36 GMT
cf-cache-status: HIT
age: 893438
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "545852e4b58a0ecff618993a297ee53b-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7f94dd0e5e098fdc-FRA

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame 72B3 80 KB
33 KB 143ms
16ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com
URL: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 6d217af9105d69f82cd5e29239c0caea643aa9af6854a7ed32da9452a9634ec0

Request headers

Referer: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/
Origin: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sat, 19 Aug 2023 19:39:36 GMT
content-encoding: br
last-modified: Wed, 16 Aug 2023 17:14:29 GMT
vary: Accept-Encoding
x-azure-ref: 20230819T193936Z-rdhfatsgnp7et8zrf8gzuqqavn000000032000000000wr4r
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 3b728dc5-901e-008a-066d-d033fe000000
cache-control: private, max-age=3600
x-cache: TCP_HIT
x-ms-version: 2009-09-19

GET
H2

200

c.gif
www.bing.com/aes/ Frame 72B3
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=0ca8c09f-451e-4c81-bdd0-82b2c165518f&bidId=1&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=69e9e780-606c-43b4-a76...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0(16-0)?&RG=5baf4c50cfa04393a1c11be629947694&SNR=1&GV=2&med=10

0
544 B

64ms
63ms

Image
text/plain

2a02:26f0:3500:1b::1724:a39e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0(16-0)?&RG=5baf4c50cfa04393a1c11be629947694&SNR=1&GV=2&med=10
Requested by: Host: ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com
URL: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2a02:26f0:3500:1b::1724:a39e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 19:39:36 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3702228ABCE040CC995820A98690A313 Ref B: FRAEDGE1409 Ref C: 2023-08-19T19:39:36Z
x-cdn-traceid: 0.9ea12417.1692473976.17139c6e
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Sat, 19 Aug 2023 19:39:36 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5B68E872AD2D4437BB593D02ECFE7B69 Ref B: MIL30EDGE1122 Ref C: 2023-08-19T19:39:36Z
x-cdn-traceid: 0.9ea12417.1692473976.17139b7d
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0(16-0)?&RG=5baf4c50cfa04393a1c11be629947694&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 156
expires: 0

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/239/ Frame 72B3 80 KB
28 KB 47ms
6ms Script
application/x-javascript 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/239/trk.js
Requested by: Host: ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com
URL: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Expires: Wed, 10 Jul 2024 11:56:20 GMT
Date: Sat, 19 Aug 2023 19:39:36 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 3397396
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 27646
X-Served-By: cache-lga21944-LGA, cache-fra-eddf8230050-FRA
Last-Modified: Tue, 11 Jul 2023 11:56:12 GMT
Server: AkamaiNetStorage
X-Timer: S1692473976.142789,VS0,VE0
ETag: "615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 5, 697379

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 72B3 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/window_focus_fy2021.js

Requested by

Host: ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com
URL: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 19:52:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85614
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Sep 2023 19:52:42 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 72B3 20 KB
8 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com
URL: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 13:28:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22265
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Sep 2023 13:28:31 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 72B3 0
0 15ms
14ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT8F7cSPScK5RW7mQLbAbHNKu85P41vZedDXn2ZG4sXO-oo4wGYNa-xGLR-dlMoanq3XgEpv24v_O0KknQ52M9soe-hFQ
Requested by: Host: ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com
URL: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 72B3 24 KB
6 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com
URL: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 13:49:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20980
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 18 Aug 2024 13:49:56 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 72B3 180 KB
57 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com
URL: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 19:39:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57620
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692185840427238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Aug 2023 19:39:36 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 208C 0
0 54ms
52ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CQlB3dxrhZLiTGq2PjuwPr6G3iAKIscOAcqvB3f--EY7WhZKMDhABIJWbyiFgleKQgqAHoAHv1fWxKcgBCeACAKgDAcgDCqoEwgJP0AvElzEevvjH1v3MjwoPXq7yQbys1O6x0OO82UhzQw7Rew9TuKT05tRRAQfTCwUW0by9B1b8qMxjQblIOm6qc_ivliu5WPmnxRaLVhotWfHrilhYihoyyzP45jStjHN4th7zPiHKY60CFTnknNFKcLW8ESy4TsTghGt0AAGqsF7zVybqwEovskSLQqqFOtrMhAka3sQ_lFvWPaQV65EGWw0zrAwaTrfYWsoFqMUBXPpCqDplY70eiYv-Ooo1iEgkA7gCNVe7CcpzMlPwunaU6d9FyzUzMJm3u66XMmG3FlBWQsJyI97aKrYnXXS4JpyaElV9MJ_U4PwZYSbmtUFcbszaUKKd6jVQTnmsy49GD_LRFs5uwgGNsf3tM_W8okEcm7MO_t2_VDrm2b__fnzwhuFZQBqpaY4ka33174NjMHFTwAT2hsLnuQTgBAGSBQQIBBgBkgUECAUYBKAGLoAH743GkQSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDylg7SCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6mgmtAWh0dHBzOi8vd3d3LmhlbHB3aXJlLmNvbS9hcnRpY2xlcz9jb250PWhmMyZxPXBlcmZvcm1hbmNlK3Jldmlldytzb2Z0d2FyZSZzcmM9bWcmZ2NoPVQwMDAwNTA0JnZpc2l0b3JfaWQ9e2djbGlkfV9fX19rb29vcmEtbGl2ZXMuY29tJmxpbmtfa2V5PWFlN2M0ZTM4MTZkM2ZlNzJhY2ZlNDMyZmE5NzgzZTJmgAoDyAsBuBPkA9gTDNAVAZgWAYAXAbIXHgocCAASFHB1Yi03NTA3NDM5MjMzODY1NDE1GP35Ew&sigh=B8VlrlvfaK8&uach_m=[]&ase=2&cid=CAQSTABpAlJW5M15rtAbrxvNYaK1Df3cAF9Tooqgp_A9WVJ4Ppdekxh6ep7eQW2C-_znEcDgtcdlvxoBd7DbUxGveOL_fYWmpJKZ7v4v6jEYAQ&template_id=484&cbvp=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
479 B 13ms
13ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=kooora-lives.com_auto_interstitial_desktop&e=nai&dsReferer=a29vb3JhLWxpdmVzLmNvbS9tYXRjaGVzL3RvdHRlbmhhbS1hbmQtbWFuY2hlc3Rlci11bml0ZWQtb24tMjAyMy0wOC0xOS1pbi1wcmVtaWVyLWxlYWd1ZS1lbmdsYW5kLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.13.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-nf-request-id: 01H6W2K5X02WA91Z8JPREG3PRY
date: Sat, 19 Aug 2023 19:39:36 GMT
cf-cache-status: HIT
age: 893438
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "545852e4b58a0ecff618993a297ee53b-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7f94dd0f1ecf8fdc-FRA

GET
H3 200 container.html Show response
ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A3C3 6 KB
3 KB 8ms
8ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js?cb=31077195

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kooora-lives.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 19:39:35 GMT
expires: Sun, 18 Aug 2024 19:39:35 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
479 B 15ms
14ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=kooora-lives.com_fluid_sq_25-7-ads&pn=2&sn=3&pc=0.4836135387420655&ds=true&e=wdp&dsReferer=a29vb3JhLWxpdmVzLmNvbS9tYXRjaGVzL3RvdHRlbmhhbS1hbmQtbWFuY2hlc3Rlci11bml0ZWQtb24tMjAyMy0wOC0xOS1pbi1wcmVtaWVyLWxlYWd1ZS1lbmdsYW5kLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.13.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-nf-request-id: 01H6W2K5X02WA91Z8JPREG3PRY
date: Sat, 19 Aug 2023 19:39:36 GMT
cf-cache-status: HIT
age: 893438
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "545852e4b58a0ecff618993a297ee53b-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7f94dd0f4ef08fdc-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
479 B 14ms
13ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.01&b=3&r=kooora-lives.com_fluid_sq_25-7-ads&sy=75cbd19f-767c-4a81-94ac-08440fdad85d&ts=86&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=kooora-lives.com&mlre=undefined&mlin=0&mlsi=1024x280&mlbw=4g&mlcs=NaN&mltp=51b3b78a-04e4-4d71-8b54-4b3a64198437&e=lm&dsReferer=a29vb3JhLWxpdmVzLmNvbS9tYXRjaGVzL3RvdHRlbmhhbS1hbmQtbWFuY2hlc3Rlci11bml0ZWQtb24tMjAyMy0wOC0xOS1pbi1wcmVtaWVyLWxlYWd1ZS1lbmdsYW5kLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.13.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-nf-request-id: 01H6W2K5X02WA91Z8JPREG3PRY
date: Sat, 19 Aug 2023 19:39:36 GMT
cf-cache-status: HIT
age: 893438
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "545852e4b58a0ecff618993a297ee53b-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7f94dd0f4ef38fdc-FRA

GET
H2 200 63e0a2a793d720ddab32c7ad1c79b976.js Show response
www.gstatic.com/mysidia/ Frame A3C3 9 KB
4 KB 31ms
8ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/63e0a2a793d720ddab32c7ad1c79b976.js?tag=client_fast_engine_2019

Requested by

Host: ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com
URL: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac6c7df9ea6f8e1bcacee7bbb1df0c7902650aa2bef04e536ae838e7c9146aa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 14:52:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 103616
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3931
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 00:01:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 16 Nov 2023 14:52:40 GMT

GET
H2 200 b293f88652ab0f749d3615e759df59dc.js Show response
www.gstatic.com/mysidia/ Frame A3C3 11 KB
5 KB 32ms
9ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b293f88652ab0f749d3615e759df59dc.js?tag=text/vanilla_highlight_ms

Requested by

Host: ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com
URL: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f205dd4bbec77e28fde200ae38a6ea019d6c92caac85570c141f20d4a0216cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 14:52:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 103616
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4722
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 00:01:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 16 Nov 2023 14:52:40 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame A3C3 14 KB
1 KB 16ms
14ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com
URL: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 19 Aug 2023 19:39:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 19 Aug 2023 18:07:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 19 Aug 2023 19:39:36 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame A3C3 2 KB
892 B 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com
URL: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 13:28:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22271
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Sep 2023 13:28:25 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/ Frame A3C3 23 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/abg_lite_fy2021.js

Requested by

Host: ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com
URL: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 13:47:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21134
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9092
x-xss-protection: 0
server: cafe
etag: 9312205082594545078
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Sep 2023 13:47:22 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame A3C3 3 KB
1 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/window_focus_fy2021.js

Requested by

Host: ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com
URL: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 19:52:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85614
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Sep 2023 19:52:42 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame A3C3 20 KB
8 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com
URL: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 13:28:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22265
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Sep 2023 13:28:31 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A3C3 0
0 15ms
14ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSQvPcwfcwhgacKg0oPPxSVg4676o3ksG8axYE6C7mJZKHCf0dnuMdPlXKmos7xoO9NiJmrz91DKGAhqr7A04J6DKTfGQ
Requested by: Host: ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com
URL: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A3C3 180 KB
56 KB 20ms
18ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com
URL: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 19:39:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57620
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692185840427238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Aug 2023 19:39:36 GMT

GET
H2 200 e822d7071992e030a786d1a51b1f59a7.js Show response
www.gstatic.com/mysidia/ Frame A3C3 35 KB
15 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e822d7071992e030a786d1a51b1f59a7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com
URL: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 14:52:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 103607
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14926
x-xss-protection: 0
last-modified: Fri, 18 Aug 2023 02:42:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 16 Nov 2023 14:52:49 GMT

GET
H3 200 th
www.bing.com/ Frame 72B3 5 KB
5 KB 19ms
18ms Image
image/jpeg 2a02:26f0:3500:1b::1724:a39e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.7215681733567_1OPX7YLQRKINJLK5IH&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=200&h=105&qlt=90
Requested by: Host: ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com
URL: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:3500:1b::1724:a39e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: bf6d9263f976f528370f48dd981aba46b1dfe41ec61b999ef59025f8fadc38e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 19:39:36 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.9ea12417.1692473976.17139d3b
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 4743
alt-svc: h3=":443"; ma=93600
quic-version: 0x00000001

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame 72B3 0
532 B 52ms
13ms Script
text/html 185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fkooora-lives.com%2Fmatches%2Ftottenham-and-manchester-united-on-2023-08-19-in-premier-league-england&e=wqT_3QKxBOgxAgAAAwDWAAUBCPe0hKcGELrh3peQmfbxfBgAKjYJeBcRcfIBvD8RSUKYP9kquz8ZAAAA4KNw9T8hSQ0SACkRJNAxAAAAoHA92j8w8pCnAzi1AUC1XkjjA1C6iYq2AVitxD1gAGjcAXjI8gWAAQGKAQNVU0SSAQEG8O2YAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqPAMeoCaGh0dHBzOi8va29vb3JhLWxpdmVzLmNvbS9tYXRjaGVzL3RvdHRlbmhhbS1hbmQtbWFuY2hlc3Rlci11bml0ZWQtb24tMjAyMy0wOC0xOS1pbi1wcmVtaWVyLWxlYWd1ZS1lbmdsYW5kgAMAiAMBkAMAmAMJoAMBqgMAwAPYBMgDANgDAOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEJQ9YiAUBmAUAoAWn-u25y52l-QrABQDJBQAFARTwP9IFCQkFC3gAAADYBQHgBQHwBf1R-gUECAAQAJAGAJgGALgGAMEGASA0AADwP9AGwo0E2gYWChAJEhkBAYpg4AYB8gYCCACABwGIBwCgBwHIB8jyBdIHDRVkASYI2gcGAV6AGADgBwDqBwIIAPAHh-MCiggCEACVCAAAgD-YCAHACPAG&s=43f438c6b0019de655605306e89fdd00c7bec76c&bdref=https%3A%2F%2Fkooora-lives.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fkooora-lives.com%2F,https%3A%2F%2Fab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&

Requested by

Host: ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com
URL: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 19:39:36 GMT
an-x-request-uuid: 24451862-e3ba-467a-a847-78d1c2793ae0
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 45.141.152.75; 45.141.152.75; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0232 143 B
166 B 7ms
6ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com
URL: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1882
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 19:08:14 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame A061 1 KB
643 B 8ms
7ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com
URL: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 38086
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 09:04:50 GMT
etag: 48472445140208031
expires: Sun, 20 Aug 2023 09:04:50 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A3C3 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 219b983fad698d972f3e089eb4392d2f024bf6b89e5b5eb14bad6afd00fa6b52

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame A3C3 33 KB
33 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 05:14:28 GMT
x-content-type-options: nosniff
age: 311108
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Aug 2024 05:14:28 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3C6B 1 KB
643 B 8ms
6ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com
URL: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 38086
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 09:04:50 GMT
etag: 48472445140208031
expires: Sun, 20 Aug 2023 09:04:50 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 72B3 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d36510ca693d2c867f9ba89a6bbf6187ab5b297c4c777868308a667efbe5d45d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame A061 35 B
465 B 28ms
10ms Image
image/gif 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECaiBKmEl6vhvGJHw02AlMg&google_cver=1&google_push=AXcoOmSf1gyr2qjFew63cdOBYpo1ZvA_sB6D09kVYemPxc_icNZolMO5Vpei1UeevOijdwTaWYHXetwnTwaAmO-HG9Tgmj8eYL26

Requested by

Host: ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com
URL: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 19:39:36 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A061
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESED8vhCWZQ8Bg9lqnQm_EKsw&google_cver=1&google_push=AXcoOmR-r4rd8sZ4kd1i57FcIM4_hLXC02iqOKvnFh27JvTSOvIFkyEX-XcDYsTS3iS8XaRENhq-v6-G8Lghh3onR3Kbs6H...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR-r4rd8sZ4kd1i57FcIM4_hLXC02iqOKvnFh27JvTSOvIFkyEX-XcDYsTS3iS8XaRENhq-v6-G8Lghh3onR3Kbs6HiThus&google_hm=eS1yY19fQUs1RTJwRVhweG...

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR-r4rd8sZ4kd1i57FcIM4_hLXC02iqOKvnFh27JvTSOvIFkyEX-XcDYsTS3iS8XaRENhq-v6-G8Lghh3onR3Kbs6HiThus&google_hm=eS1yY19fQUs1RTJwRVhweGpzNGRhZkxOZWVfaHM0ZzZPY35B

Protocol

Server

142.250.186.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 19:39:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 19 Aug 2023 19:39:36 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR-r4rd8sZ4kd1i57FcIM4_hLXC02iqOKvnFh27JvTSOvIFkyEX-XcDYsTS3iS8XaRENhq-v6-G8Lghh3onR3Kbs6HiThus&google_hm=eS1yY19fQUs1RTJwRVhweGpzNGRhZkxOZWVfaHM0ZzZPY35B
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A061
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENc_ucp34wV5DH12am_WSx8&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESENc_ucp34wV5DH12am_WSx8&google_push=AX...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENc_ucp34wV5DH12am_WSx8&google_hm=ZOEaeG6LCgLAoqYZCtxv7QAAFIUAAAIB&google_nid=index&google_push=AXcoOmTlrNCE_tJIGkpPMUEhBI3ZC60Cxinri...

170 B
329 B

25ms
24ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENc_ucp34wV5DH12am_WSx8&google_hm=ZOEaeG6LCgLAoqYZCtxv7QAAFIUAAAIB&google_nid=index&google_push=AXcoOmTlrNCE_tJIGkpPMUEhBI3ZC60Cxinric_hpaTpECon4Onan5uuBWnkgBKLMwVT2L3XwY4pw-mdPj7_ETydHkrI9ccU-Z4

Protocol

Server

142.250.186.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 19:39:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 19 Aug 2023 19:39:36 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENc_ucp34wV5DH12am_WSx8&google_hm=ZOEaeG6LCgLAoqYZCtxv7QAAFIUAAAIB&google_nid=index&google_push=AXcoOmTlrNCE_tJIGkpPMUEhBI3ZC60Cxinric_hpaTpECon4Onan5uuBWnkgBKLMwVT2L3XwY4pw-mdPj7_ETydHkrI9ccU-Z4
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H2 200 ebda
match.360yield.com/match/ Frame A061 43 B
199 B 126ms
30ms Image
image/gif 54.247.148.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/match/ebda?google_gid=CAESEMva25ydNAqtvP4tb2Hq_oY&google_cver=1&google_push=AXcoOmSaZGFb3OtMtPld2ZUrIleHErSaxrA9qVopO6NJwbwhSmEKrjfbvavIuLCWSLI1D_L8D59s-m5te4K-44X6jP5zTthXcohG
Requested by: Host: ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com
URL: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.247.148.218 , Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-247-148-218.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 19 Aug 2023 19:39:36 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 200
OK pub
cs.chocolateplatform.com/ Frame A061 0
134 B 425ms
98ms Image
text/plain 159.203.145.121
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEHYG6X0ovWqd61RkUYyxun8&google_cver=1&google_push=AXcoOmR9wwYqk3qN_cHoRqbDL5k3Tsvjg01SbtbwF7RH6UH-vBRy4pQu88NIfF0Y7TY6F9RdSMFs3OaNGAyuY0BvcppFN8942VIB
Requested by: Host: ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com
URL: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.203.145.121 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: CookieSync Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 19 Aug 2023 19:39:36 GMT
server: CookieSync Server
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A061
Redirect Chain

https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEIJRib4HTM5fGcXb503lMvU&google_cver=1&google_push=AXcoOmTAmY4oWjiut08RvzCBy_8uEWK1-VMtfmvvH-7qqk6_jO_xQwcfX...
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmTAmY4oWjiut08RvzCBy_8uEWK1-VMtfmvvH-7qqk6_jO_xQwcfXBrfTa3w4wURhza537Uwip4yHexkeLfxQ1qZnT73FuWK&google_hm=QlMuOTA2YS0yNWY2LT...

170 B
188 B

21ms
20ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmTAmY4oWjiut08RvzCBy_8uEWK1-VMtfmvvH-7qqk6_jO_xQwcfXBrfTa3w4wURhza537Uwip4yHexkeLfxQ1qZnT73FuWK&google_hm=QlMuOTA2YS0yNWY2LTRjOWQtODY5Ng==

Protocol

Server

142.250.186.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 19:39:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmTAmY4oWjiut08RvzCBy_8uEWK1-VMtfmvvH-7qqk6_jO_xQwcfXBrfTa3w4wURhza537Uwip4yHexkeLfxQ1qZnT73FuWK&google_hm=QlMuOTA2YS0yNWY2LTRjOWQtODY5Ng==
Date: Sat, 19 Aug 2023 19:39:36 GMT
Server: openresty
Connection: close
Content-Length: 142
Content-Type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A061
Redirect Chain

https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEGMSjUfSjtd-ISAQmkZwc_4&google_cver=1&google_push=AXcoOmSeNTw8ttw-j4dVJiutdsWf3G2bpsxdQzAl1A0Tafn9Q6FAWLZgpcXIoN-ZM7l...
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmSeNTw8ttw-j4dVJiutdsWf3G2bpsxdQzAl1A0Tafn9Q6FAWLZgpcXIoN-ZM7lnsM88c42z_CvBm-D51Jf7HK8TrH_JCUbD

170 B
188 B

20ms
20ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmSeNTw8ttw-j4dVJiutdsWf3G2bpsxdQzAl1A0Tafn9Q6FAWLZgpcXIoN-ZM7lnsM88c42z_CvBm-D51Jf7HK8TrH_JCUbD

Protocol

Server

142.250.186.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 19:39:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 19 Aug 2023 19:39:36 GMT
X-Bytefaas-Request-Id: 20230819193936DF9321C9E679C355D8C4
x-tt-trace-tag: id=00;cdn-cache=miss
Connection: keep-alive
server-timing: inner; dur=4
Content-Length: 0
Server: nginx
X-Tt-Logid: 20230819193936DF9321C9E679C355D8C4
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmSeNTw8ttw-j4dVJiutdsWf3G2bpsxdQzAl1A0Tafn9Q6FAWLZgpcXIoN-ZM7lnsM88c42z_CvBm-D51Jf7HK8TrH_JCUbD
X-Bytefaas-Execution-Duration: 3.24
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
x-tt-trace-host: 0100825f2de55336f17e5f56eeb3099817cbef04932b6313288688f970254be66002e257fce59aea62d9a6cbadb3882fb1cd5147cf07124a7a678b00579e6218356cef2c8111742e00ebc365673bc9b7b2
Access-Control-Allow-Headers: *

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame A061 0
130 B 37ms
15ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JUNk4dhyUZJU36QNmLV5yRFz5d9C0RJamwRg68S6u0HPqCvl2Iq6n5-l2cdC2D7Y3-zCjElVA

Requested by

Host: ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com
URL: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 19:39:36 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308150101/ 154 KB
52 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308150101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f06720a9d1b634c298d3bdc94f445e04b3c8b5e1453b9d4e4d72fa456bc05fb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 19:39:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53688
x-xss-protection: 0
server: cafe
etag: 7722200379230020171
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Aug 2023 19:39:36 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 106ms
105ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pm&rt=2%2C3%2C4&c=ca-pub-9665057421136574&eid=44759876%2C44759927%2C44759837%2C31077148%2C42531706%2C44799579%2C44798322

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 19:39:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 72B3 0
580 B 18ms
17ms Ping
text/html 185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fkooora-lives.com%2Fmatches%2Ftottenham-and-manchester-united-on-2023-08-19-in-premier-league-england&e=wqT_3QLEB-jEAwAAAwDWAAUBCPe0hKcGELrh3peQmfbxfBgAKjYJeBcRcfIBvD8RSUKYP9kquz8ZAAAA4KNw9T8hSQ0SACkRJNAxAAAAoHA92j8w8pCnAzi1AUC1XkjjA1C6iYq2AVitxD1gAGjcAXjI8gWAAQGKAQNVU0SSAQEG9D8DmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqPAMeoCaGh0dHBzOi8va29vb3JhLWxpdmVzLmNvbS9tYXRjaGVzL3RvdHRlbmhhbS1hbmQtbWFuY2hlc3Rlci11bml0ZWQtb24tMjAyMy0wOC0xOS1pbi1wcmVtaWVyLWxlYWd1ZS1lbmdsYW5kgAMAiAMBkAMAmAMJoAMBqgOTAwqtAmh0dHBzOi8vd3d3LmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPTY5ZTllNzgwLTYwNmMtNDNiNC1hNzYyLTQ5MmRmMzFlMjA4MSZjbUV4cElkPUxWMyZvQWRVbml0PTM5MTQ2NiZwdWJsaXNoZXJJZD0xNjI2NDUzMzAmcklkPTY5ZTllNzgwLTYwNmMtNDNiNC1hNzYyLTQ5MmRmMzFlMjA4MSZydHlwZT1udXJsJnRhZ0lkPTY5MzI1OTQmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJnRyYWZmaWNTdWJHcm91cD16emYlM0FrbmFxZV8zY19ndnJxLXBiYWdlYnkmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM4OTk5Mjc0ODM4MjY2MTk2MTU0IgkzODE4NDY3MTQqBGJpbmc6NFUyVmhjbU5vUVdRak56STNOelF5TWpRek5qTTVORGNqTnpJM056UTJOelU1TWpZMU5UWT3AA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFp_rtucudpfkKwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF_VH6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcByAfI8gXSBw0JAAAAAAAAAAAQABgA2gcGCAAQABgA4AcA6gcCCADwB4fjAooIAhAAlQgAAIA_mAgBwAjwBg..&s=b2e494a107c136f26aeabc15e0640734649f3b44&type=nv&nvt=5&jm=1140|1141|1003&px=0&py=0&bw=182&bh=90&sid=2121311991719058985&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6932594&sw=1600&sh=1200&pw=728&ph=90&ww=728&wh=90&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 19:39:36 GMT
an-x-request-uuid: eabdd37f-767d-4ea0-a9dc-07b3e42a7dca
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 45.141.152.75; 45.141.152.75; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H3 204 adview
securepubads.g.doubleclick.net/pagead/ Frame 0
0 56ms
41ms Preflight
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=CiYJEdxrhZO_7NozM3gPllJOQBdCK9bdyzM6958oRZBABIJWbyiFgleKQgqAHoAHzj_upKcgBAakCPZodL7Y9sj7gAgCoAwHIA8sEqgTFAk_QwWQW6FNnUdTADkRNhU1LP44eQOx7w8Z13phFahthfSagER7Fg5FafO0UOqkuHsaX1WXvhtDkTshqVM34zIwwBzmZWQlqApwglrSB_Df75m3enUF88ibb93NhNw2i5T0Onbns6bPi-us7kfkAEbFPZoit4zaGo-tlMCDstpdPwic5ukP3mkmmLsyPyabYrXoBQ2_wslJOfQoOLWT9b8FRzcPtkeBrhBOXBE9DkF9XVim0K39_DNUVrrkJOKudQ20w1RVEErlpOxuYiYTxfBokvlQdcTvoyYO_X8tZ88P_Nt2vvLRlTM0DeRsuPrdodsxAxwTodjE6XMF59G3HczU5cyg9BoKf4M9jhh8QDn126rPJUFRHIUnDzc8iB9eAvWc_wNkvB2x-Fk5VPOTxaZKUU5fDIcGbX58ymcIGiHHclJirlTbABLX2gb2tBOAEAZIFBAgEGAGSBQQIBRgEgAfzx8uJBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEELPtBNIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqaCdMCaHR0cHM6Ly9kZS5zaG9mYXN0LmNvbS9kc3I_cT1DbG91ZCUyMENvbnRhY3QlMjBDZW50ZXImYXNpZD16bXdfY2g0MTcmZGU9YyZzY2xpZD0wLTI0MDE1JmdjbGlkPXtnY2xpZH0mcmFjPUNsb3VkJTIwQ29udGFjdCUyMENlbnRlciZ0ZXJtcz1HZW5lc3lzK0Nsb3VkK0NvbnRhY3QrQ2VudGVyJTJDQmVzdCtDbG91ZCtDb250YWN0K0NlbnRlciUyQ2Nsb3VkK2NvbnRhY3QrY2VudGVyK2FzK2Erc2VydmljZSUyQ29yYWNsZStzZXJ2aWNlK2Nsb3VkK2NvbnRhY3QrY2VudGVyJTJDY2xvdWQrY29udGFjdCtjZW50ZXIrcHJvdmlkZXJzJTJDY2xvdWQrYmFzZWQrY29udGFjdCtjZW50ZXIrc29sdXRpb25zgAoDyAsB2BMM0BUBmBYBgBcBshceChwIABIUcHViLTc1MDc0MzkyMzM4NjU0MTUY_fkT&sigh=zCGWQN1QAGw&uach_m=[UACH]&ase=2&cid=CAQSOwBpAlJWbvqB5TkYJPSlWwtN-ceY6jyiQAOzapeYsmrnQ62QmZitmAJc-583mgFi-w9EvXUzbDh928dcGAE&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 19 Aug 2023 19:39:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame A3C3
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=CiYJEdxrhZO_7NozM3gPllJOQBdCK9bdyzM6958oRZBABIJWbyiFgleKQgqAHoAHzj_upKcgBAakCPZodL7Y9sj7gAgCoAwHIA8sEqgTFAk_QwWQW6FNnUdTADkRNhU1LP44eQOx7w8Z1...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223263797952906220319%22,%22debug_reporting%22:true,%22destination%22:%22https://shofast.com%22,%22event_report_window%22:%2...

0
0

61ms
43ms

Fetch
text/css

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223263797952906220319%22,%22debug_reporting%22:true,%22destination%22:%22https://shofast.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211093854195%22],%224%22:[%2208-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212786132638851012337%22}&andc=true

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 19:39:36 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"3263797952906220319","debug_reporting":true,"destination":"https://shofast.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11093854195"],"4":["08-19"],"6":["true"]},"priority":"500","source_event_id":"12786132638851012337"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: null
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 19 Aug 2023 19:39:36 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 19 Aug 2023 19:39:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"3263797952906220319","debug_reporting":true,"destination":"https://shofast.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11093854195"],"4":["08-19"],"6":["true"]},"priority":"500","source_event_id":"12786132638851012337"}&andc=true
access-control-allow-origin: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0232
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

15ms
14ms

Document
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com
URL: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 19:39:36 GMT
expires: Sat, 19 Aug 2023 19:39:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 19:39:36 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 492B 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js

Requested by

Host: ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com
URL: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

699ad0977ade1c52eb5f1214e634d7ebb6dfa494c6af475f8bed6acb21154994

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 05:14:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51908
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14741
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 18 Aug 2024 05:14:28 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 72B3 0
0 53ms
53ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CyM_jdxrhZInuKuCQjuwPi_OT4AHS4Nfgbo-ktpOTCsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJ4AIAqAMByAMCqgTpAk_Q7_ue--9FT13W4cbDPvBdsYeeso6gxrusg3s69wKKdWuQBpjvm7wJQIV7whLovT_Yzc42Nepdf0DL_-EkBbkpBWyEjNVBEG9aRQKE5jNS1S98GbFU6_jgzwNFG6sAsQhL0mGw8hPUtkrExEOKciiQtqy5dGmOquekz67byuVJJUjQYXkJPDMnZmzZSaSRZD2LEDHqnLKOp5yTQZOCp_dF2U89vIYGQJmFuzGeDERDRr-0H1TJJQXFHaiGkVjrI6t7rNjDqCivLC0ubec_5gZKN5ZGURL7IuhBAqR2oqNaRhTA0ZTfA0yxt0DJHeQhuYqDALoOlPpKLok1R6l-fmAIwiVJhHIfbEK4ye7f0WXsJ6YaZuHOpg1FRjQU7kt5i2UP20iOJRsCMpejetrjvUgbakNIMDlkW9cD4Jv0EfrIFRX3I_kFtZvCaFscYdB2YWZ791lurjrdCxqJI7-A4yEnvJWwKupWz93gBAGABr-Q-8Cx4MqI4wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMzgzMTg5NDU1OTAxNDYxNBj9-RM&sigh=5jR0EQqQS1U&uach_m=[UACH]&cid=CAQSOwBpAlJW_giqiybb28VzXTGNAlM-w-EKC9-UVkmPsRw8X_1r-2GesRieelnG0hkrhnvOkiMN69RPDxzbGAE&cbvp=2&vis=1
Requested by: Host: ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com
URL: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H2 200 it
ams3-ib.adnxs.com/ Frame 72B3 0
531 B 13ms
13ms Image
text/html 185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fkooora-lives.com%2Fmatches%2Ftottenham-and-manchester-united-on-2023-08-19-in-premier-league-england&e=wqT_3QLEB-jEAwAAAwDWAAUBCPe0hKcGELrh3peQmfbxfBgAKjYJeBcRcfIBvD8RSUKYP9kquz8ZAAAA4KNw9T8hSQ0SACkRJNAxAAAAoHA92j8w8pCnAzi1AUC1XkjjA1C6iYq2AVitxD1gAGjcAXjI8gWAAQGKAQNVU0SSAQEG9D8DmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqPAMeoCaGh0dHBzOi8va29vb3JhLWxpdmVzLmNvbS9tYXRjaGVzL3RvdHRlbmhhbS1hbmQtbWFuY2hlc3Rlci11bml0ZWQtb24tMjAyMy0wOC0xOS1pbi1wcmVtaWVyLWxlYWd1ZS1lbmdsYW5kgAMAiAMBkAMAmAMJoAMBqgOTAwqtAmh0dHBzOi8vd3d3LmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPTY5ZTllNzgwLTYwNmMtNDNiNC1hNzYyLTQ5MmRmMzFlMjA4MSZjbUV4cElkPUxWMyZvQWRVbml0PTM5MTQ2NiZwdWJsaXNoZXJJZD0xNjI2NDUzMzAmcklkPTY5ZTllNzgwLTYwNmMtNDNiNC1hNzYyLTQ5MmRmMzFlMjA4MSZydHlwZT1udXJsJnRhZ0lkPTY5MzI1OTQmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJnRyYWZmaWNTdWJHcm91cD16emYlM0FrbmFxZV8zY19ndnJxLXBiYWdlYnkmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM4OTk5Mjc0ODM4MjY2MTk2MTU0IgkzODE4NDY3MTQqBGJpbmc6NFUyVmhjbU5vUVdRak56STNOelF5TWpRek5qTTVORGNqTnpJM056UTJOelU1TWpZMU5UWT3AA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFp_rtucudpfkKwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF_VH6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcByAfI8gXSBw0JAAAAAAAAAAAQABgA2gcGCAAQABgA4AcA6gcCCADwB4fjAooIAhAAlQgAAIA_mAgBwAjwBg..&s=b2e494a107c136f26aeabc15e0640734649f3b44&pp=ZOEadwAKtwkHg4hgAAT5i59-t0Ww5gEXP41ZRw&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-QgQdxrhZInuKuCQjuwPi_OT4AHS4Nfgbo-ktpOTCsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJ4AIAqAMByAMCqgTsAk_Q7_ue--9FT13W4cbDPvBdsYeeso6gxrusg3s69wKKdWuQBpjvm7wJQIV7whLovT_Yzc42Nepdf0DL_-EkBbkpBWyEjNVBEG9aRQKE5jNS1S98GbFU6_jgzwNFG6sAsQhL0mGw8hPUtkrExEOKciiQtqy5dGmOquekz67byuVJJUjQYXkJPDMnZmzZSaSRZD2LEDHqnLKOp5yTQZOCp_dF2U89vIYGQJmFuzGeDERDRr-0H1TJJQXFHaiGkVjrI6t7rNjDqCivLC0ubec_5gZKN5ZGURL7IuhBAqR2oqNaRhTA0ZTfA0yxt0DJHeQhuYqDALoOlPpKLok1R6l-fmAIwiVJhHIfbEK4ye7f0WXsJ6YaZuHOpg1FRjQU7kt5i2UP20iOJRsCMpejetrjvUgbakNIMDlkW9cD4Jv0EfrIFRX3YfskJ1lmkjaIm6TD_z__QV1NpL7UJQJQgTnZZ52nlrmo6mu0oknVhLLgBAGABr-Q-8Cx4MqI4wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2j9z0FEd7DaDTfexUgm1mCxFYjtw%26client%3Dca-pub-3831894559014614%26adurl%3D&cbvp=2

Requested by

Host: ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com
URL: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 19:39:36 GMT
an-x-request-uuid: 77695948-dbb5-4c8e-8e89-7e67eb26bc9a
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 45.141.152.75; 45.141.152.75; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 3C6B 70 B
265 B 96ms
30ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESENEuXgx0GeTRJ6xhrAkaA7w&google_cver=1&google_push=AXcoOmTjr6Iv8_3TGmgiqHSX6gLMkmBEoPmgmoxUk9lJ0jMkbXLdk558hDuY_QBs3X3VYA6r9uToug7tkiUhSobkXzW3Do41FMSf
Requested by: Host: ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com
URL: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 19 Aug 2023 19:39:36 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3C6B
Redirect Chain

https://fksnk.com/cs/google?google_gid=CAESEBYUtZtCaqX-SrWnLANbo0o&google_cver=1&google_push=AXcoOmQx53cWOvklhBRw8mDsd5tQsPUemedfMqMTSw-gKsGf4gdLg6ey9TxxvZ59aKhLfstUQDunuNv1qt6S6zChkT7J6oGfRJo
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=Q0M2OTIzQzhCMUZCNURFRg==

170 B
188 B

19ms
19ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=Q0M2OTIzQzhCMUZCNURFRg==

Protocol

Server

142.250.186.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 19:39:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=Q0M2OTIzQzhCMUZCNURFRg==
date: Sat, 19 Aug 2023 19:39:36 GMT
content-language: en-US
content-type: text/html;charset=ISO-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3C6B
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEDMydrAKQvpSkrjNEZ45eVk&google_cver=1&google_push=AXcoOmREMyjeAZ8CzLuF8ntWXyjGrLJOra_yroLrwHvHTTcyB3DExlxxwWCInW6zYThCQkP6mgrcZ0LIaGb3sA...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI2OTEyMDM3NjI2NTQzOTM5Mg%3D%3D&google_push=AXcoOmREMyjeAZ8CzLuF8ntWXyjGrLJOra_yroLrwHvHTTcyB3DExlxxwWCInW6zYThCQkP6mgrcZ0LIaGb3sAyXhe...

170 B
188 B

19ms
18ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI2OTEyMDM3NjI2NTQzOTM5Mg%3D%3D&google_push=AXcoOmREMyjeAZ8CzLuF8ntWXyjGrLJOra_yroLrwHvHTTcyB3DExlxxwWCInW6zYThCQkP6mgrcZ0LIaGb3sAyXhe0EDkwuZzo

Requested by

Host: ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com
URL: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 19:39:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI2OTEyMDM3NjI2NTQzOTM5Mg%3D%3D&google_push=AXcoOmREMyjeAZ8CzLuF8ntWXyjGrLJOra_yroLrwHvHTTcyB3DExlxxwWCInW6zYThCQkP6mgrcZ0LIaGb3sAyXhe0EDkwuZzo
Date: Sat, 19 Aug 2023 19:39:36 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3C6B
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMJrawe7VgTTjnC9npbFmuc&google_cver=1&google_push=AXcoOmRXNTPsZ0Ix7a_O7LwaDDRHJmc6CTsuwVdqpRMSg3LM_TJWi7Fm9NHgim2XjOOHDY2za0OasSZASgG6WiFpzENOf9s...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRXNTPsZ0Ix7a_O7LwaDDRHJmc6CTsuwVdqpRMSg3LM_TJWi7Fm9NHgim2XjOOHDY2za0OasSZASgG6WiFpzENOf9secba7&google_hm=eS11a2tLZVhGRTJwR0lvWm...

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRXNTPsZ0Ix7a_O7LwaDDRHJmc6CTsuwVdqpRMSg3LM_TJWi7Fm9NHgim2XjOOHDY2za0OasSZASgG6WiFpzENOf9secba7&google_hm=eS11a2tLZVhGRTJwR0lvWmptUFhFMHVsaDZEajhERkxJVn5B

Requested by

Host: ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com
URL: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 19:39:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 19 Aug 2023 19:39:36 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRXNTPsZ0Ix7a_O7LwaDDRHJmc6CTsuwVdqpRMSg3LM_TJWi7Fm9NHgim2XjOOHDY2za0OasSZASgG6WiFpzENOf9secba7&google_hm=eS11a2tLZVhGRTJwR0lvWmptUFhFMHVsaDZEajhERkxJVn5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3C6B
Redirect Chain

https://s.uuidksinc.net/match/47/?remote_uid=CAESEIalJXsp9nS7_RZDSvPA9zg&c_param1=AXcoOmTNSXQCdJaBBSaQFc-xW3sQ0CYz0Sk61rP2tq-MyfPocvV1vWyy0l8lcuEZ9eUH6iwmfoD41qbzUBasqlTXMK9AUDMs3_g&gdpr=%%GDPR%%&a...
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmTNSXQCdJaBBSaQFc-xW3sQ0CYz0Sk61rP2tq-MyfPocvV1vWyy0l8lcuEZ9eUH6iwmfoD41qbzUBasqlTXMK9AUDMs3_g

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmTNSXQCdJaBBSaQFc-xW3sQ0CYz0Sk61rP2tq-MyfPocvV1vWyy0l8lcuEZ9eUH6iwmfoD41qbzUBasqlTXMK9AUDMs3_g

Protocol

Server

142.250.186.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 19:39:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmTNSXQCdJaBBSaQFc-xW3sQ0CYz0Sk61rP2tq-MyfPocvV1vWyy0l8lcuEZ9eUH6iwmfoD41qbzUBasqlTXMK9AUDMs3_g
date: Sat, 19 Aug 2023 19:39:36 GMT
server: nginx/1.23.2
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3C6B
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGM3KzjIDzYnwPYuqBhNsHI&google_cver=1&google_push=AXcoOmRVPQxk01BsKxcLWw0cPtId9rSoHunvvF4J5scPrW87l0aUakfLAkPgQonD4-kp0kBLq4Z_o3t3...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEGM3KzjIDzYnwPYuqBhNsHI&google_cver=1&google_push=AXcoOmRVPQxk01BsKxcLWw0cPtId9rSoHunvvF4J5scPrW87l0aUakfLAkPgQonD4-kp0kBLq4Z...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODYyMzA5NzU5Nzg5NDk4NzE0OA&google_push=AXcoOmRVPQxk01BsKxcLWw0cPtId9rSoHunvvF4J5scPrW87l0aUakfLAkPgQonD4-kp0kBLq4Z_o3...

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODYyMzA5NzU5Nzg5NDk4NzE0OA&google_push=AXcoOmRVPQxk01BsKxcLWw0cPtId9rSoHunvvF4J5scPrW87l0aUakfLAkPgQonD4-kp0kBLq4Z_o3t3sNxOkNjSwLIHcYp3XuYu

Protocol

Server

142.250.186.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 19:39:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 19 Aug 2023 19:39:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODYyMzA5NzU5Nzg5NDk4NzE0OA&google_push=AXcoOmRVPQxk01BsKxcLWw0cPtId9rSoHunvvF4J5scPrW87l0aUakfLAkPgQonD4-kp0kBLq4Z_o3t3sNxOkNjSwLIHcYp3XuYu
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200

0.gif
id5-sync.com/i/495/ Frame 3C6B
Redirect Chain

https://sync.inmobi.com/gob?google_gid=CAESEE67pgEeoj2I-8pS_PZ8y_M&google_cver=1&google_push=AXcoOmSeKQVGyG5mneUrXxT01EfEb7Aw1eKsqebZ4WEA1WuAmtSEWiWmG_ZfJ69B-SKlt8vhhx-ypgNd3lXexVgxckQGTWrrN0IX
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmSeKQVGyG5mneUrXxT01EfEb7Aw1eKsqebZ4WEA1WuA...

43 B
1 KB

22ms
7ms

Image
image/gif

162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmSeKQVGyG5mneUrXxT01EfEb7Aw1eKsqebZ4WEA1WuAmtSEWiWmG_ZfJ69B-SKlt8vhhx-ypgNd3lXexVgxckQGTWrrN0IX

Protocol

HTTP/1.1

Server

162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Sat, 19 Aug 2023 19:39:36 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

Redirect headers

date: Sat, 19 Aug 2023 19:39:36 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
expect-ct: max-age=0
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
location: https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmSeKQVGyG5mneUrXxT01EfEb7Aw1eKsqebZ4WEA1WuAmtSEWiWmG_ZfJ69B-SKlt8vhhx-ypgNd3lXexVgxckQGTWrrN0IX
x-download-options: noopen
vary: Accept
content-length: 271
x-xss-protection: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 3C6B 0
40 B 15ms
14ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LSlW89Wh0NZaRs-OSD65InBFPwq2sCpjhqzHMq2f6i-RC6krnJZ0LtDmnkdnhvnoXp_7wVfQ

Requested by

Host: ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com
URL: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 19:39:36 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 105ms
105ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pr&rt=2%2C3%2C4&c=ca-pub-9665057421136574&eid=44759876%2C44759927%2C44759837%2C31077148%2C42531706%2C44799579%2C44798322

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 19:39:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/ Frame CCA6 10 KB
4 KB 13ms
7ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kooora-lives.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 26107
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4542
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 12:24:29 GMT
etag: 13776922816869014096
expires: Sat, 02 Sep 2023 12:24:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/ Frame EFED 10 KB
4 KB 13ms
7ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kooora-lives.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 26107
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4542
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 12:24:29 GMT
etag: 13776922816869014096
expires: Sat, 02 Sep 2023 12:24:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/ Frame 26A1 10 KB
4 KB 12ms
8ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kooora-lives.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 26107
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4542
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 12:24:29 GMT
etag: 13776922816869014096
expires: Sat, 02 Sep 2023 12:24:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 154ms
41ms Preflight
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: null
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 19 Aug 2023 19:39:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 111ms
111ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308170101&jk=588273458684202&bg=!TU6lThrNAAZGPLJIZjw7ADkAdvg8WmhJE9M2r9su7wjE-4OEJH-3MKkSYMTSdmsmo3PNeKS5F1lyRDhTBMfV8_oelIFAwfxlFygCAAABM1IAAAAHaAEHmQLCCnBo8uh_8CTFL3gaC4iTsw9iSTDiCZNjYjEjCNbNfbzKcHkArjmJWRtnfawNQXZALgFk7Xx5VR1Gdb4fzEhZUr9cyZlIhXLjf2gnRwQDsriOWtoD83OgBJtNvAC8Td7iLb4x8NA2mqMGKVCqu9oix2_qFwRTrzrN1EHCI5mgN-YXaNKCdiKAJ6X7KrqSzFXg3ArzE9Z3jm3q65ByDV4jxJTfuAuxHxlw9UWrRsfyqyvmBswZl9rqrAQl4-4x6C5aYPzmzAA5ktYbj3jA5CgFOkh9XQUc_mdIgY2bHv1YLyQMZ4ToWK5CzB3G5oT5sXjvumD4xUF0wfi0JJBLNrdnc0woxH2P0Ef_72M4tjX3QP7y7VQtqWCx-Wqlyy96XDDPHW6W9xeJ_c_ZccQaEkS-o9_0ckNzC6X0YMHCt8Zb-pZITgaVTbqbamwDGuPnykJfTzKmx-pbzxd6ktiXWcsQX5UTsFkonbewoTqA1dFVCw5dOxjVa5kIgITqNjzt0_no3aXw2ppdzUco5F0RevYX7CuFllxR1WLf55gl0holrYIvIhvhrKltNadHPOalGisMfmWsSw657iUNS1L5Q9w93jM8jHa7aFaWoL5WnhdEMjFEAIr-sHJd4UVSK1upfZeCeDJFCd7YaEbHpLKH3qSV716F3tjvnBG1GWE5ZU2pi7vrSzx1w2mod8ZPWEDoOPIhYMUoaovf23ATd4zBJht9RCtbxnWcM9YmytWW76cnZuPQhWFvU7EsesV0T2uiP157b6qdo0pEW_1VQR7BgU0Sjvpa0dcgVY3kX71HYEbRMjXslG__U_ZgzNxWZBvv7ybLTpgPKh6TiJKEpNPcE4684tUDaMPZJrC0qyHGvgsBTMTgsU3-F4BDPRRXw0gikIytLW3yda3o0prtapsgy20LhTfORhifUzi333sqgVQe5zymIQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/ Frame CCA6 23 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 13:47:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21134
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9092
x-xss-protection: 0
server: cafe
etag: 9312205082594545078
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Sep 2023 13:47:22 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C4A2 143 B
166 B 10ms
8ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1882
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 19:08:14 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame CCA6 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 19:52:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85614
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Sep 2023 19:52:42 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 189C 1 KB
643 B 8ms
7ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 38086
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 09:04:50 GMT
etag: 48472445140208031
expires: Sun, 20 Aug 2023 09:04:50 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame CCA6 20 KB
8 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 13:28:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22265
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Sep 2023 13:28:31 GMT

GET
H3 200 14581985908512972729
tpc.googlesyndication.com/simgad/ Frame CCA6 18 KB
18 KB 10ms
10ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14581985908512972729?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qnbZJN8I6o2SQ_TuR0Sj2dzmPGaCA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cdbfef28665248e82519f3a8e6f6770702c1e8d19eab4301988395af8e2fc29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 22:02:09 GMT
x-content-type-options: nosniff
age: 423447
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18706
x-xss-protection: 0
last-modified: Fri, 11 Aug 2023 14:19:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 13 Aug 2024 22:02:09 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame CCA6 0
0 15ms
14ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQOC5X26LiuFy8jHe5ftTKrPKAvVTGafhTW_gskgw5_3GA_BgCd_MXRtEOqUo30YGjyGoaQnmD27pB-7C7VdTfeG7-dfw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CCA6 180 KB
56 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 19:39:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57620
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692185840427238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Aug 2023 19:39:36 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame CCA6 35 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ea20bedd24c2721275fc920672ccf787385ec6b8cb5ccbfc6682aeee658e78b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 15:02:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16601
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14294
x-xss-protection: 0
server: cafe
etag: 17218437938740726354
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Sep 2023 15:02:55 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame EFED 14 KB
1 KB 17ms
16ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 19 Aug 2023 19:39:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 19 Aug 2023 18:07:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 19 Aug 2023 19:39:36 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame EFED 2 KB
892 B 15ms
14ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 13:28:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22271
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Sep 2023 13:28:25 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/ Frame EFED 23 KB
9 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 13:47:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21134
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9092
x-xss-protection: 0
server: cafe
etag: 9312205082594545078
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Sep 2023 13:47:22 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame EFED 3 KB
1 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 19:52:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85614
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Sep 2023 19:52:42 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 32CE 1 KB
643 B 13ms
12ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 38086
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 09:04:50 GMT
etag: 48472445140208031
expires: Sun, 20 Aug 2023 09:04:50 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame EFED 20 KB
8 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 13:28:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22265
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Sep 2023 13:28:31 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame EFED 0
0 23ms
23ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR02HO9mlkHWhNW8qr3UDLyUZkrFHkdLBujC1acdUs1k-PZ2gUDcTgo7JBhaSwpMm-NiLjIGANIdgEacTvGM9LUjNAWZQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EFED 180 KB
56 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 19:39:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57620
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692185840427238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Aug 2023 19:39:36 GMT

GET
H3 200 e822d7071992e030a786d1a51b1f59a7.js Show response
www.gstatic.com/mysidia/ Frame EFED 35 KB
15 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e822d7071992e030a786d1a51b1f59a7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 14:52:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 103607
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14926
x-xss-protection: 0
last-modified: Fri, 18 Aug 2023 02:42:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 16 Nov 2023 14:52:49 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 26A1 14 KB
1 KB 19ms
18ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 19 Aug 2023 19:39:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 19 Aug 2023 18:12:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 19 Aug 2023 19:39:36 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 26A1 2 KB
892 B 9ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 13:28:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22271
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Sep 2023 13:28:25 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/ Frame 26A1 23 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 13:47:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21134
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9092
x-xss-protection: 0
server: cafe
etag: 9312205082594545078
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Sep 2023 13:47:22 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 26A1 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 19:52:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85614
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Sep 2023 19:52:42 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2C18 1 KB
643 B 7ms
7ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 38086
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 09:04:50 GMT
etag: 48472445140208031
expires: Sun, 20 Aug 2023 09:04:50 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 26A1 20 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 13:28:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22265
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Sep 2023 13:28:31 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 26A1 0
0 15ms
15ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTUxlwldC6Q6B87jnIUgqn6q1wO9RQtF7TLMqXB3H_xdJ_sBkV3bucLXXDQhR8mFBNPWaM1VOD3Xjr6ohRY3j-N-cvtCw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 26A1 180 KB
56 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 19:39:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57620
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692185840427238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Aug 2023 19:39:36 GMT

GET
H3 200 e822d7071992e030a786d1a51b1f59a7.js Show response
www.gstatic.com/mysidia/ Frame 26A1 35 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e822d7071992e030a786d1a51b1f59a7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 14:52:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 103607
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14926
x-xss-protection: 0
last-modified: Fri, 18 Aug 2023 02:42:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 16 Nov 2023 14:52:49 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 189C
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAWCbr-7c4-1zsVhoJt-SSQ&google_cver=1&google_push=AXcoOmRISXoGpWUtNODEs1hOdzcj1tufQGkyh3cCRmJxk5EideMtefhsFNUTQN4QrEaV9iL6Lt6d5rYaw_H0P53xMnsHqdqu2FbxBw
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODkzMTg1MjQ0MDIxMzg4NDM2MQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDaA-HACMQnLg7fQ2nm20vs&google_cver=1

43 B
398 B

83ms
41ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDaA-HACMQnLg7fQ2nm20vs&google_cver=1
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 19 Aug 2023 19:39:36 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sat, 19 Aug 2023 19:39:37 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDaA-HACMQnLg7fQ2nm20vs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 189C
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECaiBKmEl6vhvGJHw02AlMg&google_cver=1&google_push=AXcoOmSnLNW7SZNP3GFCat0SFqyMtoaMYqiZNt0HA2Sd13kM8mhXsDP7gI...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmSnLNW7SZNP3GFCat0SFqyMtoaMYqiZNt0HA2Sd13kM8mhXsDP7gIbiHCaHDHF0v4BVQsVtmSCGP2BxyPVM8KCsZWiSUnsR&google_hm=ri9yrm889NYZ...

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmSnLNW7SZNP3GFCat0SFqyMtoaMYqiZNt0HA2Sd13kM8mhXsDP7gIbiHCaHDHF0v4BVQsVtmSCGP2BxyPVM8KCsZWiSUnsR&google_hm=ri9yrm889NYZCim4B_fZRg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.186.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 19:39:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmSnLNW7SZNP3GFCat0SFqyMtoaMYqiZNt0HA2Sd13kM8mhXsDP7gIbiHCaHDHF0v4BVQsVtmSCGP2BxyPVM8KCsZWiSUnsR&google_hm=ri9yrm889NYZCim4B_fZRg
pragma: no-cache
date: Sat, 19 Aug 2023 19:39:36 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 189C 70 B
264 B 33ms
29ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESED2QJjf9Ty7jjVDEfMjGfLo&google_cver=1&google_push=AXcoOmQg42IwO1gPYvSYSxspeOVWvGOSACSMOmwI4WneUhwumZ-eRlaxNifk_fvxx0X3skgPHW-Tc5FlZIVLbwh8EtLt2JnZ6xdOhA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 19 Aug 2023 19:39:36 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 189C 0
173 B 42ms
14ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEKp0VNt7R7v77Z3CZJM9-0c&google_cver=1&google_push=AXcoOmRS6x7GAam3Z6ddxfsdvuPoaeRiEVf6_ZolZ64reQ56lYyYbAw-iWAYmDasMUgG7OrBNmes-AK21ZGKPfmDvo8cHh-lkoB7
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 19:39:36 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 189C
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEK7bKR6qVA2jbDQDqQSkOLA&google_cver=1&google_push=AXcoOmSCpoahbW9d1njzhQSWcNgnncDuHepiR-6ARPrVzYxjsYEAcs2DaVc-WWjOaYsnXvN-f_boET5zjGpuWHOCKHHLWeM...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEK7bKR6qVA2jbDQDqQSkOLA&google_cver=1&google_push=AXcoOmSCpoahbW9d1njzhQSWcNgnncDuHepiR-6ARPrVzYxjsYEAcs2DaVc-WWjOaYsnXvN-f_boET5zjGpuWHOCKHHLW...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSCpoahbW9d1njzhQSWcNgnncDuHepiR-6ARPrVzYxjsYEAcs2DaVc-WWjOaYsnXvN-f_boET5zjGpuWHOCKHHLWeMhbgjvHA

170 B
188 B

19ms
19ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSCpoahbW9d1njzhQSWcNgnncDuHepiR-6ARPrVzYxjsYEAcs2DaVc-WWjOaYsnXvN-f_boET5zjGpuWHOCKHHLWeMhbgjvHA

Protocol

Server

142.250.186.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 19:39:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSCpoahbW9d1njzhQSWcNgnncDuHepiR-6ARPrVzYxjsYEAcs2DaVc-WWjOaYsnXvN-f_boET5zjGpuWHOCKHHLWeMhbgjvHA
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 189C
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEB-kORCLWw5zRnTmn-DAqos&google_cver=1&google_push=AXcoOmRgSPUs-2Cw_YDyNa9SUWq2zWucpc0QnSg983TUBmLIG-1JbfXdd5JHTO-7XU1G-T45osgF0akt...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODYyMzA5NzU5Nzg5NDk4NzE0OA&google_push=AXcoOmRgSPUs-2Cw_YDyNa9SUWq2zWucpc0QnSg983TUBmLIG-1JbfXdd5JHTO-7XU1G-T45osgF0a...

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODYyMzA5NzU5Nzg5NDk4NzE0OA&google_push=AXcoOmRgSPUs-2Cw_YDyNa9SUWq2zWucpc0QnSg983TUBmLIG-1JbfXdd5JHTO-7XU1G-T45osgF0aktO5B3KYHjrSoHnGsvzcbMiQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.186.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 19:39:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 19 Aug 2023 19:39:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODYyMzA5NzU5Nzg5NDk4NzE0OA&google_push=AXcoOmRgSPUs-2Cw_YDyNa9SUWq2zWucpc0QnSg983TUBmLIG-1JbfXdd5JHTO-7XU1G-T45osgF0aktO5B3KYHjrSoHnGsvzcbMiQ
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 189C
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEND2QmbpQIm65aurGBXSaV0&google_cver=1&google_push=AXcoOmQvIZaSxZKm0l9ZKUVTvFTLio426wewKlZqSzthLV3T8YXOiqN1GHIwSLRdNzARdKxD3tOi5-xdRKkg...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQvIZaSxZKm0l9ZKUVTvFTLio426wewKlZqSzthLV3T8YXOiqN1GHIwSLRdNzARdKxD3tOi5-xdRKkgnd8md8_zLUJuwMkPfw

170 B
188 B

18ms
17ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQvIZaSxZKm0l9ZKUVTvFTLio426wewKlZqSzthLV3T8YXOiqN1GHIwSLRdNzARdKxD3tOi5-xdRKkgnd8md8_zLUJuwMkPfw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.186.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 19:39:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQvIZaSxZKm0l9ZKUVTvFTLio426wewKlZqSzthLV3T8YXOiqN1GHIwSLRdNzARdKxD3tOi5-xdRKkgnd8md8_zLUJuwMkPfw
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 189C 0
12 B 18ms
15ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KOxJcZj917wkra8Yy0Blnz0CUu8ahZjy-AodaaY69nLzZaFqunQWFzrMhNd4ZstRQMo9r0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 19:39:36 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 32CE
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAWCbr-7c4-1zsVhoJt-SSQ&google_cver=1&google_push=AXcoOmTmUmNS7t_RTMPhvyUlwmDodsgj1JpCaxQsS2pLUGpYB6Oh5U6mdJcp7peFJUcnD3DH6O_3qebf1dGtMzYRlc5els67r-2wSA
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzMxMzMzMDQzMDA5MjQ3OTk0NQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDaA-HACMQnLg7fQ2nm20vs&google_cver=1

43 B
398 B

83ms
42ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDaA-HACMQnLg7fQ2nm20vs&google_cver=1
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 19 Aug 2023 19:39:36 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sat, 19 Aug 2023 19:39:37 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDaA-HACMQnLg7fQ2nm20vs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 32CE
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECaiBKmEl6vhvGJHw02AlMg&google_cver=1&google_push=AXcoOmTCCE8h7aK-eyWGzOl4tJsgEc5lL0KccXBBptsZZjlQSaDluIMrHE...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmTCCE8h7aK-eyWGzOl4tJsgEc5lL0KccXBBptsZZjlQSaDluIMrHEE_t0SFR706GLe4HK_KDXfWekJT0_g5zOSdMSmuyHHDJQ&google_hm=ri9yrm889N...

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmTCCE8h7aK-eyWGzOl4tJsgEc5lL0KccXBBptsZZjlQSaDluIMrHEE_t0SFR706GLe4HK_KDXfWekJT0_g5zOSdMSmuyHHDJQ&google_hm=ri9yrm889NYZCim4B_fZRg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.186.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 19:39:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmTCCE8h7aK-eyWGzOl4tJsgEc5lL0KccXBBptsZZjlQSaDluIMrHEE_t0SFR706GLe4HK_KDXfWekJT0_g5zOSdMSmuyHHDJQ&google_hm=ri9yrm889NYZCim4B_fZRg
pragma: no-cache
date: Sat, 19 Aug 2023 19:39:36 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 32CE 0
104 B 99ms
25ms Image
text/plain 2a02:fa8:8806:20::2040
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEJJP3XzY54fpa7t9Ztg92Eg&google_cver=1&google_push=AXcoOmRRS39bud8XH3ngECwcZypsAXTfkrpD1XDEfTTN8C1Q6mApilvxhldgeGSGeUenXEHiY3iPOFd0vq1Ut6TswlX4U5iVhf1v
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2040 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 19:39:36 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 32CE
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEF1nDOGX0yLs2bM0gpYstm0&google_cver=1&google_push=AXcoOmSq4pzDsXha3mUXD_n-ODif6QEzJbYqLRZzjo7QV7pBvPYVI0_I2BhCO3LOMjKGl7TebqKHz0stLGFGaJZvtLntDG4Cor0yW...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEF1nDOGX0yLs2bM0gpYstm0&google_cver=1&google_push=AXcoOmSq4pzDsXha3mUXD_n-ODif6QEzJbYqLRZzjo7QV7pBvPYVI0_I2BhCO3LOMjKGl7TebqKHz0stLGFGaJZvtLntDG4Cor0...

43 B
424 B

184ms
173ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEF1nDOGX0yLs2bM0gpYstm0&google_cver=1&google_push=AXcoOmSq4pzDsXha3mUXD_n-ODif6QEzJbYqLRZzjo7QV7pBvPYVI0_I2BhCO3LOMjKGl7TebqKHz0stLGFGaJZvtLntDG4Cor0yWQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSq4pzDsXha3mUXD_n-ODif6QEzJbYqLRZzjo7QV7pBvPYVI0_I2BhCO3LOMjKGl7TebqKHz0stLGFGaJZvtLntDG4Cor0yWQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 19:39:37 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7f94dd14f8e35b7a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 19 Aug 2023 19:39:37 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 663
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEF1nDOGX0yLs2bM0gpYstm0&google_cver=1&google_push=AXcoOmSq4pzDsXha3mUXD_n-ODif6QEzJbYqLRZzjo7QV7pBvPYVI0_I2BhCO3LOMjKGl7TebqKHz0stLGFGaJZvtLntDG4Cor0yWQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSq4pzDsXha3mUXD_n-ODif6QEzJbYqLRZzjo7QV7pBvPYVI0_I2BhCO3LOMjKGl7TebqKHz0stLGFGaJZvtLntDG4Cor0yWQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7f94dd13c8035b7a-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 32CE 70 B
264 B 30ms
29ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESED2QJjf9Ty7jjVDEfMjGfLo&google_cver=1&google_push=AXcoOmQxU6E3cnsc1jf4aKVSVBWSKY4znGpX7VDuwyIjyCYwRepAsaN__E8IjDhC_wmzi7ByskITeHAW6uke-MPIDSc5ROPZR0yANw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 19 Aug 2023 19:39:36 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 32CE
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEB-kORCLWw5zRnTmn-DAqos&google_cver=1&google_push=AXcoOmRXwDRjuvyapXwCtQalsPf1O-05sjTpAbQ9EYFhMCLE4VUC1zMZfZiv7PYvsLRHz8WZV--8FVnr...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODYyMzA5NzU5Nzg5NDk4NzE0OA&google_push=AXcoOmRXwDRjuvyapXwCtQalsPf1O-05sjTpAbQ9EYFhMCLE4VUC1zMZfZiv7PYvsLRHz8WZV--8FV...

170 B
188 B

19ms
19ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODYyMzA5NzU5Nzg5NDk4NzE0OA&google_push=AXcoOmRXwDRjuvyapXwCtQalsPf1O-05sjTpAbQ9EYFhMCLE4VUC1zMZfZiv7PYvsLRHz8WZV--8FVnrGbDzGubZjIFdCwGw5QS6

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.186.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 19:39:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 19 Aug 2023 19:39:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODYyMzA5NzU5Nzg5NDk4NzE0OA&google_push=AXcoOmRXwDRjuvyapXwCtQalsPf1O-05sjTpAbQ9EYFhMCLE4VUC1zMZfZiv7PYvsLRHz8WZV--8FVnrGbDzGubZjIFdCwGw5QS6
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

report
sync.teads.tv/um/ Frame 32CE
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEIQrOpwDdO8M...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmT5MRBoauKAmT0wwhXmcPIazxZnu141Aa-97E1-g6JD7yI6ycX8UKHa7z-Ek1m07ojG3DKEtluWjbm93JQhRFIblvGHEH6mK0c
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

83ms
81ms

Image
image/gif

104.102.35.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-35-84.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

expires: Sat, 19 Aug 2023 19:39:37 GMT
pragma: no-cache
date: Sat, 19 Aug 2023 19:39:37 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 19 Aug 2023 19:39:37 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 32CE 0
12 B 16ms
15ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J9Q0U3HmSgQV4jIxO71V2F-Q9O9hIqOWDP-SZnXhGmDfwsfNR6fpE4RlbcZ7Fmgu1AH-ZUrw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 19:39:36 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2C18
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDCS4fFxzL5ErALZUVFHhPQ&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDCS4fFxzL5ErALZUVFHhPQ&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=S0Jkekl3YTcxUXhyTm01&google_gid=CAESEDCS4fFxzL5ErALZUVFHhPQ&google_cver=1&google_push=AXcoOmSb0wtHaElThZtFk0dWW1gUlCzDjve6nN6QQKw5LKx...

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=S0Jkekl3YTcxUXhyTm01&google_gid=CAESEDCS4fFxzL5ErALZUVFHhPQ&google_cver=1&google_push=AXcoOmSb0wtHaElThZtFk0dWW1gUlCzDjve6nN6QQKw5LKxSCBmSUmOP8ukL2Dn7ybaIuhJ0wkbenXA7-BEV0H2IXwVKMtgkGhcrMm4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.186.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 19:39:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 19 Aug 2023 19:39:36 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-0f5e39ca57a5c2bae@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=S0Jkekl3YTcxUXhyTm01&google_gid=CAESEDCS4fFxzL5ErALZUVFHhPQ&google_cver=1&google_push=AXcoOmSb0wtHaElThZtFk0dWW1gUlCzDjve6nN6QQKw5LKxSCBmSUmOP8ukL2Dn7ybaIuhJ0wkbenXA7-BEV0H2IXwVKMtgkGhcrMm4
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2C18
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEFdHFcEzIIsYitzgD1Ea_Hw&google_cver=1&google_push=AXcoOmRkbf6A_LF06pkQokohFnIjauQW6-RFJmqqYUUmOrAe3YIObHnoAAYgv5yzDqPFLIEH4a_HvJaGsuHBL2Se...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmRkbf6A_LF06pkQokohFnIjauQW6-RFJmqqYUUmOrAe3YIObHnoAAYgv5yzDqPFLIEH4a_HvJaGsuHBL2SemeM5dxaAwU3qWf0

170 B
188 B

18ms
17ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmRkbf6A_LF06pkQokohFnIjauQW6-RFJmqqYUUmOrAe3YIObHnoAAYgv5yzDqPFLIEH4a_HvJaGsuHBL2SemeM5dxaAwU3qWf0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.186.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 19:39:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 19 Aug 2023 19:39:36 GMT
Server: MT3 1031 59fd23a master cdg cdg-pixel-x34 config_version:"1438"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmRkbf6A_LF06pkQokohFnIjauQW6-RFJmqqYUUmOrAe3YIObHnoAAYgv5yzDqPFLIEH4a_HvJaGsuHBL2SemeM5dxaAwU3qWf0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 19 Aug 2023 19:39:35 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2C18
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEINmMIaJVWr4ysPi4lw2_qQ&google_cver=1&google_push=AXcoOmSCo4r1lIDWI2ivPKuUxB7IzYlnRVQJDkXTvVwnD_p7iw8KIvEl-2YJJKMzNNvzwv38MVnZy17KHjbbAb7qC58y-kz3lZNZbtg
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=AE5031A85CBD441D9FB66CBCA199EEFA&google_push=AXcoOmSCo4r1lIDWI2ivPKuUxB7IzYlnRVQJDkXTvVwnD_p7iw8KIvEl-2YJJKMzNNvzwv38MVnZy17KHjbbAb7...

170 B
188 B

19ms
19ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=AE5031A85CBD441D9FB66CBCA199EEFA&google_push=AXcoOmSCo4r1lIDWI2ivPKuUxB7IzYlnRVQJDkXTvVwnD_p7iw8KIvEl-2YJJKMzNNvzwv38MVnZy17KHjbbAb7qC58y-kz3lZNZbtg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.186.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 19:39:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 19 Aug 2023 19:39:36 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=AE5031A85CBD441D9FB66CBCA199EEFA&google_push=AXcoOmSCo4r1lIDWI2ivPKuUxB7IzYlnRVQJDkXTvVwnD_p7iw8KIvEl-2YJJKMzNNvzwv38MVnZy17KHjbbAb7qC58y-kz3lZNZbtg
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 18 Aug 2023 19:39:36 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 2C18 70 B
264 B 31ms
29ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESED2QJjf9Ty7jjVDEfMjGfLo&google_cver=1&google_push=AXcoOmTaTfx10JyGX0ldRcTxX1xZWHvm25W_azSfSMoP53maS-FXP7J3GEnfu13fD4I4Zof0aFNQBgMv8PX-A7_bPhgk34HiBZijsg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 19 Aug 2023 19:39:36 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 sync
x.bidswitch.net/ Frame 2C18 43 B
146 B 26ms
7ms Image
image/gif 35.156.56.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEIPCvAWHC410tBTQujhYACg&google_cver=1&google_push=AXcoOmQtjc4xfhAd7ZQ0L4q9Jbne3lVKjKCR0UgwgeLdbfV6RAuYXeIQ1ddkCpCrTlqcqP3YEFiCfV7dZfCY4Ain-Gl_LXBPi6Gahw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.56.202 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-56-202.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 19:39:36 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2C18
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEND2QmbpQIm65aurGBXSaV0&google_cver=1&google_push=AXcoOmQpmDSsvnLX56V4ypAUc3cckmmxFOv0eWRWmVNKRd9nzoI1L9non6RpaEeKlJnLy35eD2TXc6fByn9P...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQpmDSsvnLX56V4ypAUc3cckmmxFOv0eWRWmVNKRd9nzoI1L9non6RpaEeKlJnLy35eD2TXc6fByn9Pm6GNli1I0eW-dP4yVA

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQpmDSsvnLX56V4ypAUc3cckmmxFOv0eWRWmVNKRd9nzoI1L9non6RpaEeKlJnLy35eD2TXc6fByn9Pm6GNli1I0eW-dP4yVA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.186.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 19:39:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQpmDSsvnLX56V4ypAUc3cckmmxFOv0eWRWmVNKRd9nzoI1L9non6RpaEeKlJnLy35eD2TXc6fByn9Pm6GNli1I0eW-dP4yVA
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

report
sync.teads.tv/um/ Frame 2C18
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEIQrOpwDdO8M...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmSrQa6g8A5Ez3krHbfO0QklwC0JDu4eGUZoaQfIQYNPVHqRE3xAWKi9Vt_e0CdOyCeIAFyL3UJcAMKZbyx0MBqmHWGvKc9VrqJv
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

100ms
97ms

Image
image/gif

104.102.35.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-35-84.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

expires: Sat, 19 Aug 2023 19:39:37 GMT
pragma: no-cache
date: Sat, 19 Aug 2023 19:39:37 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 19 Aug 2023 19:39:37 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 2C18 0
12 B 16ms
14ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IHCCFhm-vW85F4Tz4lo5eDVR8oQtiZcdxBAHfWcjMrS_Wlf-Dt5yD5GsAuzuyHIyUlVay2Bw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 19:39:36 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C4A2
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

21ms
20ms

Document
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 19:39:36 GMT
expires: Sat, 19 Aug 2023 19:39:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 19:39:36 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/11442605788750596262/ Frame EFED 20 KB
20 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11442605788750596262/14763004658117789537?w=400&h=209

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e71c480a63c62ff6d79b67c51c569c9e55f68a01160a91ae0efc2206f3106937

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 05:59:07 GMT
x-content-type-options: nosniff
age: 394830
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20671
x-xss-protection: 0
last-modified: Fri, 26 May 2023 13:58:59 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 14 Aug 2024 05:59:07 GMT

GET
DATA 200
OK truncated
/ Frame EFED 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame EFED 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame EFED 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a7594ebe696d725c760dff0624e5917d7aa7b38e72d120c939dc07da3a6360ef

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/11442605788750596262/ Frame 26A1 20 KB
20 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11442605788750596262/14763004658117789537?w=400&h=209

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e71c480a63c62ff6d79b67c51c569c9e55f68a01160a91ae0efc2206f3106937

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 05:59:07 GMT
x-content-type-options: nosniff
age: 394830
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20671
x-xss-protection: 0
last-modified: Fri, 26 May 2023 13:58:59 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 14 Aug 2024 05:59:07 GMT

GET
DATA 200
OK truncated
/ Frame 26A1 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 26A1 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 26A1 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3fd72e18c55b4c0b00c1838b47d8f0194b3734d27c4f9e526efb7d58c5e14912

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 1B72 37 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

699ad0977ade1c52eb5f1214e634d7ebb6dfa494c6af475f8bed6acb21154994

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 05:14:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51909
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14741
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 18 Aug 2024 05:14:28 GMT

GET
H3 200 aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 3445 37 KB
14 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js

Requested by

Host: kooora-lives.com
URL: https://kooora-lives.com/matches/tottenham-and-manchester-united-on-2023-08-19-in-premier-league-england/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

699ad0977ade1c52eb5f1214e634d7ebb6dfa494c6af475f8bed6acb21154994

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 05:14:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51909
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14741
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 18 Aug 2024 05:14:28 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame EFED
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C6EUodxrhZOXyL4GntgerxrzQA8Tpp6FynIy1n7oRZBABIMn9-npgleKQgqAHoAHO3fntA8gBCakCPZodL7Y9sj6oAwHIA8sEqgSjAk_QMC_WXAACN4DS886QVLhXW026YjykAzMY_Hum3NY...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213138615661485885970%22,%22debug_reporting%22:true,%22destination%22:%22https://fliesen-boettiger.de%22,%22event_report_wi...

0
0

43ms
42ms

Fetch
text/css

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213138615661485885970%22,%22debug_reporting%22:true,%22destination%22:%22https://fliesen-boettiger.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221035890382%22],%224%22:[%2208-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229883042783820228721%22}&andc=true

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 19:39:37 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"13138615661485885970","debug_reporting":true,"destination":"https://fliesen-boettiger.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1035890382"],"4":["08-19"],"6":["true"]},"priority":"500","source_event_id":"9883042783820228721"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 19 Aug 2023 19:39:37 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 19 Aug 2023 19:39:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"13138615661485885970","debug_reporting":true,"destination":"https://fliesen-boettiger.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1035890382"],"4":["08-19"],"6":["true"]},"priority":"500","source_event_id":"9883042783820228721"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js Show response
pagead2.googlesyndication.com/bg/ Frame ED6E 37 KB
14 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js

Requested by

Host: kooora-lives.com
URL: https://kooora-lives.com/matches/tottenham-and-manchester-united-on-2023-08-19-in-premier-league-england/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

699ad0977ade1c52eb5f1214e634d7ebb6dfa494c6af475f8bed6acb21154994

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 05:14:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51909
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14741
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 18 Aug 2024 05:14:28 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 26A1
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CQXVXdxrhZObyL4GntgerxrzQA8Tpp6FynIy1n7oRZBABIMn9-npgleKQgqAHoAHO3fntA8gBCakCPZodL7Y9sj6oAwHIA8sEqgSjAk_QWr2WYpgXz8YhKhZL_0A1JDMQkAFfblIXxCDzR-W...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215188427661841001305%22,%22debug_reporting%22:true,%22destination%22:%22https://fliesen-boettiger.de%22,%22event_report_wi...

0
0

44ms
44ms

Fetch
text/css

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215188427661841001305%22,%22debug_reporting%22:true,%22destination%22:%22https://fliesen-boettiger.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221035890382%22],%224%22:[%2208-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210645650876479654721%22}&andc=true

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 19:39:37 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"15188427661841001305","debug_reporting":true,"destination":"https://fliesen-boettiger.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1035890382"],"4":["08-19"],"6":["true"]},"priority":"500","source_event_id":"10645650876479654721"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 19 Aug 2023 19:39:37 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 19 Aug 2023 19:39:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"15188427661841001305","debug_reporting":true,"destination":"https://fliesen-boettiger.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1035890382"],"4":["08-19"],"6":["true"]},"priority":"500","source_event_id":"10645650876479654721"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 208C 42 B
64 B 111ms
111ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssiLcgbLnF4eJ6DuVYPdnZCt9lRmODf7T1NEx2UchmN065Rl_GXw-mFfTwe7eMQAzB8b-wKTTShVau_V8HYH9IpHI_oWnsl7X5q7CaUSydcLJ1FWROBUz1pEuqexMFgIr6Sa5maQ3Il9gso&sai=AMfl-YT41SbINkI5gLqZrqOhB1HPDMkA_OYkOGLoqlT1yRKHzJWYlAlS4kNE8s56RLw4ovoEOpIl290Ubw9VBUun0VMmVuchlv_D5JMNzv2XHTKaOUvQi5xwfI7NUIAh0nRLQ10q5Hmh344b6q3bgg&sig=Cg0ArKJSzNHJM2zEVuKVEAE&cid=CAQSTABpAlJW5M15rtAbrxvNYaK1Df3cAF9Tooqgp_A9WVJ4Ppdekxh6ep7eQW2C-_znEcDgtcdlvxoBd7DbUxGveOL_fYWmpJKZ7v4v6jEYAQ&id=ampim&o=288,684&d=1024,300&ss=1600,1200&bs=1600,1200&mcvt=1010&mtos=0,0,0,1010,1010&tos=0,0,0,1010,0&tfs=205&tls=1215&g=100&h=100&tt=1215&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kooora-lives.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 19:39:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 42ms
41ms Preflight
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 19 Aug 2023 19:39:37 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 41ms
41ms Preflight
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 19 Aug 2023 19:39:37 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

c.gif
www.bing.com/aes/ Frame 72B3
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=0ca8c09f-451e-4c81-bdd0-82b2c165518f&bidId=1&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=69e9e780-606c-43b4-a76...
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=5baf4c50cfa04393a1c11be629947694&tids=1&med=10

0
18 B

62ms
62ms

Image
text/plain

2a02:26f0:3500:1b::1724:a39e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=5baf4c50cfa04393a1c11be629947694&tids=1&med=10
Protocol: H3
Server: 2a02:26f0:3500:1b::1724:a39e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 19:39:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7B7B58F5484F494F967F4FC3F1BF3314 Ref B: FRAEDGE1920 Ref C: 2023-08-19T19:39:37Z
x-cdn-traceid: 0.9ea12417.1692473977.1713ae19
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

expires: 0
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Sat, 19 Aug 2023 19:39:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BD41330F44DD4CD5A98D3470331659CF Ref B: MIL30EDGE1307 Ref C: 2023-08-19T19:39:37Z
x-cdn-traceid: 0.9ea12417.1692473977.1713ab09
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=5baf4c50cfa04393a1c11be629947694&tids=1&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 142
quic-version: 0x00000001

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 72B3 42 B
64 B 117ms
116ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvLGLghO7fmkP3KFZEWm1DVimGN-ywuWAKKO_Vo1w_685soAYkUVMQnQbeCfC36i1E9qpnKiiu6w9JCLiCm892SSUDsGfZukHjCm7B8&sig=Cg0ArKJSzAls0brXs5bJEAE&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230816&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3349416666&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692473976040&rpt=409&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 19:39:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A3C3 42 B
64 B 119ms
118ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssvK2G496slu8vkDvyOurDO9PNZGzUHBM8YVLmfkpOxewabV7pAP6JEA2HGx5y-V6kAblzVtEQrIyZW-K_L0iQQm0YzgCYGwakyvvUWQMtgERSh-6bP8W5JlNI9rNdkvNdK4rqo_kZODghI&sai=AMfl-YRXDREkidZd4aeWl7IuV3nsM7Hawv-U7-bZ5Bg5vCqcxQQgfCtPsMOl47ZaD2vygD7k3M-_52PPEODahduG5z4ykAtUnSy_8vBtaMHanJRiLvEKa8K07yTaK5U&sig=Cg0ArKJSzEixpAx2qdLqEAE&cid=CAQSOwBpAlJWbvqB5TkYJPSlWwtN-ceY6jyiQAOzapeYsmrnQ62QmZitmAJc-583mgFi-w9EvXUzbDh928dcGAE&id=lidar2&mcvt=1000&p=100,288,400,1312&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230816&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=353029019&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692473976197&rpt=299&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 19:39:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 72B3 0
580 B 13ms
13ms Ping
text/html 185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fkooora-lives.com%2Fmatches%2Ftottenham-and-manchester-united-on-2023-08-19-in-premier-league-england&e=wqT_3QLEB-jEAwAAAwDWAAUBCPe0hKcGELrh3peQmfbxfBgAKjYJeBcRcfIBvD8RSUKYP9kquz8ZAAAA4KNw9T8hSQ0SACkRJNAxAAAAoHA92j8w8pCnAzi1AUC1XkjjA1C6iYq2AVitxD1gAGjcAXjI8gWAAQGKAQNVU0SSAQEG9D8DmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqPAMeoCaGh0dHBzOi8va29vb3JhLWxpdmVzLmNvbS9tYXRjaGVzL3RvdHRlbmhhbS1hbmQtbWFuY2hlc3Rlci11bml0ZWQtb24tMjAyMy0wOC0xOS1pbi1wcmVtaWVyLWxlYWd1ZS1lbmdsYW5kgAMAiAMBkAMAmAMJoAMBqgOTAwqtAmh0dHBzOi8vd3d3LmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPTY5ZTllNzgwLTYwNmMtNDNiNC1hNzYyLTQ5MmRmMzFlMjA4MSZjbUV4cElkPUxWMyZvQWRVbml0PTM5MTQ2NiZwdWJsaXNoZXJJZD0xNjI2NDUzMzAmcklkPTY5ZTllNzgwLTYwNmMtNDNiNC1hNzYyLTQ5MmRmMzFlMjA4MSZydHlwZT1udXJsJnRhZ0lkPTY5MzI1OTQmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJnRyYWZmaWNTdWJHcm91cD16emYlM0FrbmFxZV8zY19ndnJxLXBiYWdlYnkmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM4OTk5Mjc0ODM4MjY2MTk2MTU0IgkzODE4NDY3MTQqBGJpbmc6NFUyVmhjbU5vUVdRak56STNOelF5TWpRek5qTTVORGNqTnpJM056UTJOelU1TWpZMU5UWT3AA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFp_rtucudpfkKwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF_VH6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcByAfI8gXSBw0JAAAAAAAAAAAQABgA2gcGCAAQABgA4AcA6gcCCADwB4fjAooIAhAAlQgAAIA_mAgBwAjwBg..&s=b2e494a107c136f26aeabc15e0640734649f3b44&type=pv&jm=1140|1141|1003&px=0&py=0&bw=182&bh=90&sf=1&sid=2121311991719058985&vd=ct~0|rr~5&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6932594&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 19:39:37 GMT
an-x-request-uuid: c519a1a8-5814-4b10-a7b9-b7b0dd3eae39
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 45.141.152.75; 45.141.152.75; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EFED 42 B
64 B 119ms
119ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuZtFNG-wbOgiE5-GuNL2cKduiwoIN3xhSlfWATWzPUmEPSt5sEaq4EpVIBF14UHqirPlJS9JOZ557p-upSR3YVTOOyuQxXDl-sVfMWo3z8QkdSvKNuDBKUXG8HdUWdltIs3B2e_afcoryA&sai=AMfl-YRIaiCpemU5ZRVn_vykF1rV76iCe3gIkKgo8-G4JaC0zSoSih-FcJHCkDdUJp7U5kVzmgYwMedW-mdF_TEDKpQd4D2-moYRMEtxtrKKyveK7wXz3dgsYvrvLJg&sig=Cg0ArKJSzDUM__2q51-cEAE&cid=CAQSOwBpAlJWtbCdJi4mNayv-OSjlxQrkt4pkvOFzCvIhUQpZphmsxmT0BixZy6QDOjgBWthiK8sANo9vU-9GAE&id=lidar2&mcvt=1000&p=0,0,600,200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230816&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692473976611&rpt=442&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 19:39:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 26A1 42 B
64 B 125ms
125ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstrcFtTXyRB6yT8SD8soLajr3yjtTskPhZYAA9C-N4Q2tiiPjQzg-jU6hxLdtBwULRpYsCep9z6c933mledyXwwzevBlJ25fFvmi-n2bJV5hjJ-CBtBvSKBfOSO0W2Cl3F5Py9FO6kFv1HZ&sai=AMfl-YSJVxOx-_4rhloeeBDCYvDzZnW8ckkzL10VnDBPwrZJPhttPTjU5hAJXV-JbvCmz_zp-jaOjIqsep8KB-iK3JmUaqqJGsn9tWHijd5Q8wrXdvVnpu1HRbvrrhs&sig=Cg0ArKJSzIQXA3owNdCBEAE&cid=CAQSOwBpAlJWtbCdJi4mNayv-OSjlxQrkt4pkvOFzCvIhUQpZphmsxmT0BixZy6QDOjgBWthiK8sANo9vU-9GAE&id=lidar2&mcvt=1000&p=0,0,600,200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230816&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692473976612&rpt=461&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 19:39:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvwUjZYpayACnTI0g2eNfbKmWzC7wZIOlF-VqWwm7yXgwxgV2dNSh247mRJanVZTNlKC6DX4RWhlZpxQfiFQ5ZSHMqqMaKXzNMIDX04mR3gIDNGQ18ifNdDAKb6pUCzn6u3yiug2B8dx2i4a6aQZ1Rr4ZElYtQmeOOTwYZDOAadR0lJIIQHF2EKX7K-t0-BfvqqAHS3peEbW8mt22pmAXrtVLQctOvW9p6JM40BdOUzWjAzxNQ_nCawobHgRXY6Ezjkg4lCI2ZDjh2MngPuq3eyUoF9eTSMmI3OZXQ4Nhsxb7dJi1RYX0aKwv4bATX2pjq7k3pKasRjJRwwwEyBh7rw-5ebN31CZ8NDT-mGoBnGUOXs5xElawc01DCohlRdG7PQHs-U2k69U9NH78dE&sai=AMfl-YSHevw6Bac5liSkg-GTbuIassPIyDt9mnU-wPBE2LR6H6m7bysZchvlGaN3l-ElzZ2iH0pTvhXioPW6iTRSG7m083NDzSivndsY39EUbq9QwZ-UY76Bf-PIc-gN69OAXmjoK9O9euJ3bMtonHQ&sig=Cg0ArKJSzNL3EBkfsIa9EAE&uach_m=[UACH]&urlfix=1&adurl=

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvAyj_UXm-91hgtX5yNJmKn1kSqUf5_zAHSaIlgcyu7AvCIW9c4PJP3w1ECRqZdtX1TrQ8mA1VbpQ97gRpitgjV5gR6KyRjvuhpe-NMi1VURkTRiliqYxwM3NXsEFUHaj6oDbGne19k2oGYM0i8NMaGqKPSWEsov7IwZO18qWEV9fGFXimPkbX7xzVevR3pR49m3huBCpN027Bvcv7pOGjFVu5wrmxPyeUGrDGHpumsncSmyOvnsxecuMVQ4Xg3lRy379kq21pKRXxruWQuEuJSRiqQ1tvjimG7E510g3xaN1iEASuZrHjVHIS2P-Cin4qYvR2y85aVxlHZNWHdhZ2_vTobKW5sBtCLNtG2AL_YuGRgzP2C03-BdeZYBPlza_h2u_Mi7cKqT6LFusFr&sai=AMfl-YQ868tdJtJx67aDh4JfxmFoTAAQd1Mj8XHaYHKBRb-ru2AicGvMqyz9gltvt6r5EC8PZMCDSOhnxjq1H5xGDsOlzYOUpqp0g1wFuQO9udQn4rznfdOCzgGPmhfXwMU5H4Xm4y9Pk_7ojEuaHeI&sig=Cg0ArKJSzGblJHmNjKb1EAE&uach_m=[UACH]&urlfix=1&adurl=

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Verdicts & Comments Add Verdict or Comment

202 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

44 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
live.demand.supply/	1970-01-20 23:43:53	Name: demandSupplyTi Value: 51b3b78a-04e4-4d71-8b54-4b3a64198437
.demand.supply/	1970-01-20 14:07:55	Name: __cf_bm Value: ezOWY5R4BHUVLi5VMTrfvxUOfnQ7VFBctxptP_YOkuU-1692473975-0-AdoVqd3TWleG2rTRrURO3w8dzHLFWkUhFYodJlWUqO93eEjL/QfVktg04b7/DPKKeVXqtbJIG/afDeFSvxPmAuk=
.criteo.com/	1970-01-20 23:29:29	Name: uid Value: e42e05f9-6999-4d03-bf0c-542d81a6ba57
kooora-lives.com/	1970-01-20 22:53:29	Name: HstCfa4750114 Value: 1692473975627
kooora-lives.com/	1970-01-20 22:53:29	Name: HstCla4750114 Value: 1692473975627
kooora-lives.com/	1970-01-20 22:53:29	Name: HstCmu4750114 Value: 1692473975627
kooora-lives.com/	1970-01-20 22:53:29	Name: HstPn4750114 Value: 1
kooora-lives.com/	1970-01-20 22:53:29	Name: HstPt4750114 Value: 1
kooora-lives.com/	1970-01-20 22:53:29	Name: HstCnv4750114 Value: 1
kooora-lives.com/	1970-01-20 22:53:29	Name: HstCns4750114 Value: 1
.kooora-lives.com/	1970-01-20 23:29:29	Name: cto_bundle Value: iZHDWF9sZnZ3NUZaaUs0YVBaa3FNTzE1NHg2VXNiYVRhZWFBOGJlTkNOd1hZTE0lMkZ2Wld6TklGeDRBZlZIVHQzdzllWW5iSWlpYlpIRDMlMkZjUjVNRWkyMTEyM2txTTNtU1FGWjNSUHQxaDZkSGFRNkN2YkUxMmtTZVAlMkZsbVYwbmZLdFlGbmMzRkNPbkZBTEF2MVhCY2prQiUyQmYxZEowQWk0M01odTFPUDZmMEtSeXNPSSUzRA
.kooora-lives.com/	1970-01-20 23:29:29	Name: __gads Value: ID=966c1ba7feebae0d:T=1692473975:RT=1692473975:S=ALNI_MboO5asAOC3pigNZ2r9tIY62dyENA
.kooora-lives.com/	1970-01-20 23:29:29	Name: __gpi Value: UID=00000c6474e593a5:T=1692473975:RT=1692473975:S=ALNI_MY4hhz7LInkw_2qp0GizuH6QIA9Tg
.doubleclick.net/	1970-01-20 23:29:29	Name: IDE Value: AHWqTUmqT-HaZ-6u8vg-Q8oKK0fF-FivmeCBdlvuvgkjM_scyvJYpCSwRscKZM9gCcg
.bing.com/	1970-01-20 23:29:29	Name: MUID Value: 0117897F362060ED133B9A0D37FD6188
.casalemedia.com/	1970-01-20 22:53:29	Name: CMID Value: ZOEaeG6LCgLAoqYZCtxv7QAA
.casalemedia.com/	1970-01-20 16:17:29	Name: CMPS Value: 5253
.casalemedia.com/	1970-01-20 16:17:29	Name: CMPRO Value: 5253
.quantserve.com/	1970-01-20 16:17:29	Name: d Value: EG4BCQHfKYEA
.quantserve.com/	1970-01-20 23:38:08	Name: mc Value: 64e11a78-75d97-dff16-b4ab1
.doubleclick.net/	1970-01-20 14:07:57	Name: DSID Value: NO_DATA
.adfarm1.adition.com/	1970-01-20 16:17:29	Name: UserID1 Value: 7269120376265439392
.yahoo.com/	1970-01-20 22:53:51	Name: A3 Value: d=AQABBHga4WQCEH0y9IV9R-obzDK2VMyL4vAFEgEBAQFr4mTqZAAAAAAA_eMAAA&S=AQAAAjodwf-4Kpm0aZeF_e1bmz8
.uuidksinc.net/	1970-01-20 22:53:29	Name: jcsuuid Value: WOlNVqIaJcyEa4UsjbnF
.adform.net/	1970-01-20 14:52:32	Name: C Value: 1
.googleadservices.com/	1970-01-20 16:17:29	Name: ar_debug Value: 1
fksnk.com/	1970-01-20 14:17:58	Name: AWSALBCORS Value: h/ZyJiMMw3N/F+0rIUjveeIhflhqE20IW9+Ta+uPn9Id+lasBcu9wZSgoNIdJgOd7rpYePwY2lzm6aU5hUxcyhabR9PuGVsrSOklwEXjMYOyaANMtbLJLQTjQB3R
.fksnk.com/	1970-01-20 16:17:29	Name: f_001 Value: CC6923C8B1FB5DEF
.fksnk.com/	1970-01-20 14:09:20	Name: g_001 Value: 1
.adform.net/	1970-01-20 15:34:17	Name: uid Value: 8623097597894987148
.id5-sync.com/	1970-01-20 14:07:54	Name: cf Value:
.id5-sync.com/	1970-01-20 14:07:54	Name: cip Value:
.id5-sync.com/	1970-01-20 14:07:54	Name: cnac Value:
.id5-sync.com/	1970-01-20 14:07:54	Name: car Value:
.id5-sync.com/	1970-01-20 14:07:54	Name: gdpr Value:
.id5-sync.com/	1970-01-20 14:07:54	Name: callback Value:
.blismedia.com/	1970-01-20 22:53:33	Name: b Value: 64E11A78ABA95DFAFB0A8EB1BLIS
.simpli.fi/	1970-01-20 22:54:56	Name: suid Value: AE5031A85CBD441D9FB66CBCA199EEFA
.w55c.net/	1970-01-20 23:39:34	Name: wfivefivec Value: KBdzIwa71QxrNm5
.mathtag.com/	1970-01-20 14:51:05	Name: mt_mop Value: 4:1692473976
.de17a.com/	1970-01-20 22:46:17	Name: guid Value: 1.8765068940709015168
.w55c.net/	1970-01-20 14:51:05	Name: matchgoogle Value: 5
.turn.com/	1970-01-20 18:27:05	Name: uid Value: 3313330430092479945
.tribalfusion.com/	1970-01-20 16:17:29	Name: ANON_ID Value: ayntuJRwEfES2QVoq6vnSCEDsj9hbvjUECm9adPZbYltbZbZaiq05RcBWWkMnl3Ajy7TkP1p9qZcZaWWEcMAS6324LTb4

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271803&client=ca-pub-9665057421136574&fa=3&ifi=11&uci=a!b&btvi=2&xpc=svyODfeDrj&p=https%3A//kooora-lives.com Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1#RS-2-&adk=1812271804&client=ca-pub-9665057421136574&fa=4&ifi=12&uci=a!c&btvi=3&xpc=s578A0qx0K&p=https%3A//kooora-lives.com Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://kooora-lives.com/matches/tottenham-and-manchester-united-on-2023-08-19-in-premier-league-england/ Message: The resource https://live.demand.supply/p4/v17-10-0/a29vb3JhLWxpdmVzLmNvbS8= was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ab5d6814cdca73961382392a93312ac2.safeframe.googlesyndication.com
ad.turn.com
adsdk.microsoft.com
ams3-ib.adnxs.com
analytics.pangle-ads.com
bcp.crwdcntrl.net
c1.adform.net
cdn-ima.33across.com
cdn.adnxs.com
cdn.ampproject.org
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cm.g.doubleclick.net
cms.quantserve.com
cs.chocolateplatform.com
d5p.de17a.com
dclk-match.dotomi.com
dsp.adfarm1.adition.com
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
id5-sync.com
im.bluevoox.com
invstatic101.creativecdn.com
kooora-lives.com
live.demand.supply
match.360yield.com
match.adsrvr.org
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pm.w55c.net
pr-bh.ybp.yahoo.com
r.turn.com
s.tribalfusion.com
s.uuidksinc.net
s10.histats.com
s4.histats.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.criteo.net
sync.inmobi.com
sync.mathtag.com
sync.teads.tv
tags.crwdcntrl.net
tpc.googlesyndication.com
tr.blismedia.com
um.simpli.fi
www.bing.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
securepubads.g.doubleclick.net
www.googletagservices.com
104.102.35.84
108.156.2.55
130.35.192.4
142.250.186.162
15.197.193.217
151.101.65.108
158.69.254.144
159.203.145.121
162.19.138.82
172.64.152.89
178.250.7.13
185.29.134.248
185.80.39.216
185.89.210.122
20.127.253.7
2001:678:cb4:bbbb::11
213.155.156.185
216.58.206.34
2600:9000:237d:8e00:a:e047:753:6381
2606:4700:10::6814:41d
2606:4700:10::6816:3456
2606:4700:3037::6815:3541
2606:4700::6810:5814
2606:4700::6810:8616
2606:4700::6812:19ad
2620:116:800d:21:7eb1:3826:be7e:d981
2620:1ec:bdf::45
2a00:1450:4001:801::2001
2a00:1450:4001:806::2002
2a00:1450:4001:806::2004
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:81c::2003
2a00:1450:4001:81c::200a
2a00:1450:4001:828::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:830::2002
2a00:1450:4001:830::2003
2a02:2638:3::3
2a02:2638:d::d
2a02:26f0:3500:1b::1724:a39e
2a02:fa8:8806:20::2040
2a05:d018:d29:3602:5341:747:cc9:c512
3.122.33.96
31.220.27.155
34.231.66.47
34.96.105.8
34.96.70.87
35.156.56.202
35.204.74.118
37.157.4.29
51.89.9.253
52.45.175.185
54.247.148.218
54.72.84.52
85.114.159.118
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ea20bedd24c2721275fc920672ccf787385ec6b8cb5ccbfc6682aeee658e78b
0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528
13c642e94840539568e97ed94e91eed38047f67bc694362f2d43f3f82f4a5b7e
14b4caf239342334bf7b8280605e60f67c33c589762047b8bd67c0552fdb80a6
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
183a8a45d21c9e08f327306b313a677e14df544b7fbe005f832bae1ae0828f4a
18588f1581eeeebaef76be52d09261c5c1a886d1a02ede533adb62c334d122e6
1bd0c42c4c0cfe3a7e6f9ae1d4a55e6ada238f69b9808e559e5f3e6b3408207f
1f6a475723e4f5f4999aab7e0d91d8d178bc379b873e682e9ad5583b672b1e4a
219b983fad698d972f3e089eb4392d2f024bf6b89e5b5eb14bad6afd00fa6b52
2270eb61dcfa969d306647b435189e762387878b34d09c2cbe596ea4bf457d0a
236ffa5dd2b5ea53b0f376a6cc03092017118417ebf57e2251609115ef011f4d
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3af598e09846b5626baacfb888afde9ab3c51baab6348fa5df0260bbf96a101d
3dcbdebeab9f3cf015455c9e2f9aa8b1c9fa280c9add98945314863bb4252ec1
3e7c78f3b9a18bb0f2021bb4cd19b9515810f06a44542f16fb2a4f40a7f7b81f
3e7f7707672da42929bfd992bd807fb3b3971ce966c1c11a927931900e55b494
3f205dd4bbec77e28fde200ae38a6ea019d6c92caac85570c141f20d4a0216cc
3fd72e18c55b4c0b00c1838b47d8f0194b3734d27c4f9e526efb7d58c5e14912
3fdd9957f328674a49573806215c9fe67a6f827515607cf8d7db980fc94b771c
41fd4ed5ad93e39cd84d043e905e66e3bbb9dbb50cf2d7bbf68bfeef79f3d3cc
423261ba9321ce2431400956e3d91d335a79433e091c38f4dcb7ead7c3797213
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46dc1f18ef5fd887b12b7a2866c824a7097b62c6127ee4016f51bad9118bb6a7
46f4e40356732336b98588530a51ced1fa76cc7f9e576aa087208180db4d4354
476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb
485567ada85d2d82f3c23210e6082009fcd03700751bf61a07a56a256b1e8918
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4ad7bd0d2645b89579a33033852b055c353700775b6d04117e153cecd732e66a
50b355d30ddbdcfbc57eb2a32734c6574995395b4c64f278ce270f8646b5f3b4
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a3192c63948e85bd80e8dcedc5aaf816c14caaa2ebc61f88be1b6abba3226b3
5c2d44038a6c53bd74f3a26e690c1974e1385fffbc6def4c59f91dc1f738f0b3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62bb02fa91c1537efbce823d5d1981982d3925bcdaac667dc6ca64f8469e2284
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
64bef4a0bbce47628d1d17da9a2ef4c58290f50f9c0f99a20f2af730d97de75a
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
699ad0977ade1c52eb5f1214e634d7ebb6dfa494c6af475f8bed6acb21154994
6cdbfef28665248e82519f3a8e6f6770702c1e8d19eab4301988395af8e2fc29
6d217af9105d69f82cd5e29239c0caea643aa9af6854a7ed32da9452a9634ec0
725695280088b4a7f1f43936b2ff0ec321040d4921c1b782e97c74cc5c89e02f
75878746f86699575801c0577246a773787835cf9075ea5753deed6fcba3bc52
78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7
78d45e928e15632bca130e47bbb68845fefb0046e419388de43ff87df3378eaa
78dd18679bae06ce284222c334cf8b57d0ef51397afe2c0def8e8cc592e6f432
7e16130187ab63307474378ebb17e4b52f388aa72ff1ae10039f49299fdebe78
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b
85546fc1dc5bd86a9db3f5d39e5cbc0dd92106c5e67c147d78eddf19b3f13a2b
891522ce75d989b789bf28488295a58d5c0b41c58f2fea9b02529e824a2ad51f
8c63f11c5dc238bc2e0eeb277c6937dce9b7edaebee949155af358dd264488a2
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e07f7b09d3fcc9d6fa58c0036595bc7e31cef44fe28633039e8da7777fed1a1
8e96eb9ef662beb2cf75392ac7a99dd0d7e678a5cdc9aa7c97c81e65181804b3
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9adb52998d44c814bbd1ae182fcafdcd6fe1d28c2059222feb72846b0e0fd55e
9c949b5ff1c9e3a32653ff976d8549d90c149fdce567cc821f65d617fe407aa0
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a235a544beaabf0ff3571282894a0ea5d4e7b452f9e954b04fdc960634fd2541
a4f9750d1b5abf19981a64993d9f4486523c8d5f1dd50d8f424216f03fa8c61c
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd
a68a7aaf623132b6e47f6d9753c49336cc812251cc91a1b82280aca86144b29a
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a7594ebe696d725c760dff0624e5917d7aa7b38e72d120c939dc07da3a6360ef
a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ac6c7df9ea6f8e1bcacee7bbb1df0c7902650aa2bef04e536ae838e7c9146aa8
acfd6872dcf390e8d7ba25794835d8e15fd3b3a9e726d5d9ac7a121cf92b57b3
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
b3f7a6857947fe0887882801e182840ab7ea792dd7cc467019592cccc53eac20
b70f0a80bac892e1e492a9ee5cee527ea2a9a2ff162614ff7a3acc78b2e83db0
b7cf929fc3a49c5e85f27023dbf1a17bb404f788c596b43fdc75f6946861716d
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
bf6d9263f976f528370f48dd981aba46b1dfe41ec61b999ef59025f8fadc38e0
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7
c315d375d8043731d14eb5937d823451840f4dafa20b6a79e29ed568c18d6579
ca0b13088e4cc740b37d30f2a5dd83dba46709641f40678950fc0a8f41c9c14c
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d36510ca693d2c867f9ba89a6bbf6187ab5b297c4c777868308a667efbe5d45d
d42bd7af8853d691e58fb2f7467032d143ba84b6585af2cf363800198872dee8
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
de0a200f1b57caab7157b6bc4277ad9077c29f7b4e9d929f01a55a4afb628ba2
de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9
df45363153f65a586eee11cd8cc5bad2ad47e7827d7dd237415c9884fdc943a9
e0c750b97759124bffe209a81cfb7a3aa05dd20ca1168314348cb865254f1ce2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e71c480a63c62ff6d79b67c51c569c9e55f68a01160a91ae0efc2206f3106937
e87e6cbfe9bac10b95b9814d64cc0c5adaac98a4fdf55396df774c9a65cccf91
ed0b6cf04cd484a5a817d7e64121674b837a42c361df9231f899270acbf49dfb
edc9ebd1966eca1cd53021980ed445f8847d31a55ed2caf4b1b402dfe36819d3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb4762683c1ab088171aeb437ddc224ec616c69ca9d563454f56a09666e12ea
f06720a9d1b634c298d3bdc94f445e04b3c8b5e1453b9d4e4d72fa456bc05fb8
f38565d0f0de8ca571bb76952d499ced5a8a1d2d274f9c8763787e0b994f0524
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

kooora-lives.com Open in urlscan Pro 2606:4700:3037::6815:3541 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

224 Requests

84 %HTTPS

47 %IPv6

46 Domains

59 Subdomains

44 IPs

10 Countries

1972 kBTransfer

5458 kBSize

44 Cookies

26 Outgoing links

Redirected requests

224 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 15 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

kooora-lives.com Open in urlscan Pro
2606:4700:3037::6815:3541 Public Scan

Screenshot
Live screenshot

Full Image

224
Requests

84 %
HTTPS

47 %
IPv6

46
Domains

59
Subdomains

44
IPs

10
Countries

1972 kB
Transfer

5458 kB
Size

44
Cookies

224 HTTP transactions
15 data transactions