Submitted URL: https://hesgoal-vip.io/
Effective URL: https://live.hesgoal-vip.io/
Submission: On August 15 via api from US — Scanned from CA

Summary

This website contacted 33 IPs in 5 countries across 38 domains to perform 81 HTTP transactions. The main IP is 104.21.12.12, located in and belongs to CLOUDFLARENET, US. The main domain is live.hesgoal-vip.io. The Cisco Umbrella rank of the primary domain is 371545.
TLS certificate: Issued by WE1 on July 22nd 2024. Valid for: 3 months.
This is the only time live.hesgoal-vip.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 8 104.21.12.12 13335 (CLOUDFLAR...)
2 45.133.44.53 39572 (ADVANCEDH...)
1 173.0.146.170 7979 (SERVERS-COM)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 192.243.59.12 39572 (ADVANCEDH...)
4 139.45.197.242 9002 (RETN-AS)
1 2a04:4e42::649 54113 (FASTLY)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 34.224.133.196 14618 (AMAZON-AES)
13 104.21.7.110 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 45.133.44.25 39572 (ADVANCEDH...)
8 192.243.59.13 39572 (ADVANCEDH...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2a02:b48:8301::3 39572 (ADVANCEDH...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
5 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 192.243.61.227 39572 (ADVANCEDH...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 88.198.204.164 24940 (HETZNER-AS)
3 45.133.44.52 39572 (ADVANCEDH...)
2 157.90.84.242 24940 (HETZNER-AS)
1 139.45.195.8 9002 (RETN-AS)
2 2607:f8b0:400... 15169 (GOOGLE)
4 2a01:4f8:252:... 24940 (HETZNER-AS)
1 167.235.163.216 24940 (HETZNER-AS)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
81 33
Apex Domain
Subdomains
Transfer
13 scorarab.com
web-api.scorarab.com — Cisco Umbrella Rank: 334111
176 KB
8 groinopposed.com
groinopposed.com
21 KB
8 hesgoal-vip.io
hesgoal-vip.io — Cisco Umbrella Rank: 350952
live.hesgoal-vip.io — Cisco Umbrella Rank: 371545
656 KB
5 creative-bars1.com
cdn.creative-bars1.com — Cisco Umbrella Rank: 13609
16 KB
4 mbdippex.com
mbdippex.com — Cisco Umbrella Rank: 105857
6 KB
3 metricswpsh.com
metricswpsh.com — Cisco Umbrella Rank: 17454
fp.metricswpsh.com — Cisco Umbrella Rank: 19006
639 B
2 notifypicture.info
notifypicture.info — Cisco Umbrella Rank: 41942
166 KB
2 gstatic.com
fonts.gstatic.com
37 KB
2 mbidinp.com
js.mbidinp.com — Cisco Umbrella Rank: 91003
175 KB
2 littlecdn.com
clck.littlecdn.com — Cisco Umbrella Rank: 81188
107 KB
2 eedsiwhussiy.net
eedsiwhussiy.net
64 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
204 KB
2 acscdn.com
acscdn.com — Cisco Umbrella Rank: 35241
62 KB
2 mbidadm.com
js.mbidadm.com — Cisco Umbrella Rank: 73902
39 KB
1 feedfinder23.info
ipp-10130.feedfinder23.info — Cisco Umbrella Rank: 515451
527 B
1 mbddip.com
mbddip.com — Cisco Umbrella Rank: 89009
202 B
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 5822
549 B
1 mbidpsh.com
js.mbidpsh.com — Cisco Umbrella Rank: 139795
15 KB
1 mbidstorage.com
storage.mbidstorage.com — Cisco Umbrella Rank: 85789
1 crrepo.com
crrepo.com — Cisco Umbrella Rank: 85313
381 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
1 KB
1 unseenreport.com
unseenreport.com — Cisco Umbrella Rank: 10738
488 B
1 adexchangegate.com
adexchangegate.com — Cisco Umbrella Rank: 220192
100 B
1 barscreative1.com
cdn.barscreative1.com — Cisco Umbrella Rank: 15499
704 B
1 mbidtg.com
bid.mbidtg.com — Cisco Umbrella Rank: 79048
2 KB
1 pubtrky.com
pubtrky.com — Cisco Umbrella Rank: 22393
435 B
1 proftrafficcounter.com
proftrafficcounter.com — Cisco Umbrella Rank: 8770
304 B
1 recordedthereby.com
recordedthereby.com — Cisco Umbrella Rank: 8708
28 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 1211
30 KB
1 oapsoulreen.net
oapsoulreen.net — Cisco Umbrella Rank: 469831
3 KB
1 cegloockoar.com
cegloockoar.com — Cisco Umbrella Rank: 326957
3 KB
1 bountyformseedlings.com
bountyformseedlings.com — Cisco Umbrella Rank: 328419
17 KB
1 injectshrslinkblog.com
injectshrslinkblog.com
5 KB
1 vinelethoner.com
ql.vinelethoner.com — Cisco Umbrella Rank: 298413
32 KB
0 bookmsg.com Failed
static.bookmsg.com Failed
0 google.com Failed
accounts.google.com — Cisco Umbrella Rank: 46 Failed
0 shoot-yalla.tv Failed
live.shoot-yalla.tv Failed
81 38
Domain Requested by
13 web-api.scorarab.com live.hesgoal-vip.io
8 groinopposed.com bountyformseedlings.com
live.hesgoal-vip.io
7 live.hesgoal-vip.io live.hesgoal-vip.io
5 cdn.creative-bars1.com bountyformseedlings.com
4 mbdippex.com js.mbidinp.com
2 notifypicture.info
2 fonts.gstatic.com fonts.googleapis.com
2 fp.metricswpsh.com js.mbidadm.com
2 js.mbidinp.com js.mbidadm.com
js.mbidinp.com
2 clck.littlecdn.com live.hesgoal-vip.io
2 eedsiwhussiy.net oapsoulreen.net
cegloockoar.com
2 www.google-analytics.com www.googletagmanager.com
2 www.googletagmanager.com live.hesgoal-vip.io
injectshrslinkblog.com
2 acscdn.com live.hesgoal-vip.io
acscdn.com
2 js.mbidadm.com live.hesgoal-vip.io
js.mbidadm.com
1 ipp-10130.feedfinder23.info 1 redirects
1 mbddip.com js.mbidinp.com
1 my.rtmark.net eedsiwhussiy.net
1 js.mbidpsh.com js.mbidadm.com
1 metricswpsh.com js.mbidadm.com
1 storage.mbidstorage.com js.mbidadm.com
1 crrepo.com
1 fonts.googleapis.com bountyformseedlings.com
1 unseenreport.com
1 adexchangegate.com
1 cdn.barscreative1.com bountyformseedlings.com
1 bid.mbidtg.com js.mbidadm.com
1 pubtrky.com acscdn.com
1 proftrafficcounter.com bountyformseedlings.com
1 recordedthereby.com bountyformseedlings.com
1 code.jquery.com live.hesgoal-vip.io
1 oapsoulreen.net live.hesgoal-vip.io
1 cegloockoar.com live.hesgoal-vip.io
1 bountyformseedlings.com live.hesgoal-vip.io
1 injectshrslinkblog.com live.hesgoal-vip.io
1 ql.vinelethoner.com live.hesgoal-vip.io
1 hesgoal-vip.io 1 redirects
0 static.bookmsg.com Failed
0 accounts.google.com Failed
0 live.shoot-yalla.tv Failed live.hesgoal-vip.io
81 40

This site contains links to these domains. Also see Links.

Domain
eedsiwhussiy.net
t.me
youradexchange.com
Subject Issuer Validity Valid
hesgoal-vip.io
WE1
2024-07-22 -
2024-10-20
3 months crt.sh
js.mbidadm.com
R10
2024-06-17 -
2024-09-15
3 months crt.sh
ql.vinelethoner.com
R11
2024-06-21 -
2024-09-19
3 months crt.sh
injectshrslinkblog.com
WE1
2024-08-10 -
2024-11-08
3 months crt.sh
acscdn.com
WE1
2024-06-25 -
2024-09-23
3 months crt.sh
bountyformseedlings.com
R11
2024-06-17 -
2024-09-15
3 months crt.sh
cegloockoar.com
R11
2024-07-20 -
2024-10-18
3 months crt.sh
oapsoulreen.net
R11
2024-07-17 -
2024-10-15
3 months crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA
2024-06-25 -
2025-06-25
a year crt.sh
*.google-analytics.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
recordedthereby.com
WE1
2024-07-06 -
2024-10-04
3 months crt.sh
proftrafficcounter.com
Amazon RSA 2048 M02
2023-11-21 -
2024-12-19
a year crt.sh
scorarab.com
WE1
2024-07-15 -
2024-10-13
3 months crt.sh
pubtrky.com
WE1
2024-07-14 -
2024-10-12
3 months crt.sh
bid.mbidtg.com
R11
2024-06-30 -
2024-09-28
3 months crt.sh
groinopposed.com
R10
2024-07-04 -
2024-10-02
3 months crt.sh
cdn.barscreative1.com
R10
2024-07-08 -
2024-10-06
3 months crt.sh
eedsiwhussiy.net
R11
2024-08-14 -
2024-11-12
3 months crt.sh
littlecdn.com
WE1
2024-07-07 -
2024-10-05
3 months crt.sh
creative-bars1.com
WE1
2024-08-11 -
2024-11-09
3 months crt.sh
adexchangegate.com
WE1
2024-08-10 -
2024-11-08
3 months crt.sh
*.unseenreport.com
R11
2024-07-20 -
2024-10-18
3 months crt.sh
upload.video.google.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
crrepo.com
WE1
2024-07-01 -
2024-09-29
3 months crt.sh
mbidstorage.com
WE1
2024-06-25 -
2024-09-23
3 months crt.sh
notification.tubecup.net
E5
2024-06-19 -
2024-09-17
3 months crt.sh
js.mbidinp.com
R11
2024-06-21 -
2024-09-19
3 months crt.sh
js.mbidpsh.com
R10
2024-06-17 -
2024-09-15
3 months crt.sh
rtmark.net
R11
2024-07-05 -
2024-10-03
3 months crt.sh
*.gstatic.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
notifypicture.info
WE1
2024-07-26 -
2024-10-24
3 months crt.sh

This page contains 6 frames:

Primary Page: https://live.hesgoal-vip.io/
Frame ID: 2D20858107DDAC055FC69453CB7E5375
Requests: 67 HTTP requests in this frame

Frame: https://eedsiwhussiy.net/5/7596149
Frame ID: E547854DD87EA23DC268858CD6489AAC
Requests: 3 HTTP requests in this frame

Frame: https://eedsiwhussiy.net/5/7596108
Frame ID: 7CDC560D05EE039026CA3B1DDAAAC792
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
Frame ID: D37FB277C56D2D512445B45C07DB60F8
Requests: 6 HTTP requests in this frame

Frame: https://storage.mbidstorage.com/log/count.html
Frame ID: E076FEA8A08F2CE832D3233F1F74486C
Requests: 1 HTTP requests in this frame

Frame: https://notifypicture.info/p/creative-icon/567178.png
Frame ID: 6EE79F6AA8E57A9D2B8A41820302E359
Requests: 3 HTTP requests in this frame

Screenshot

Page Title

Hesgoal TV - Free Live Sports Stream

Page URL History Show full URLs

  1. https://hesgoal-vip.io/ HTTP 301
    https://live.hesgoal-vip.io/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

81
Requests

94 %
HTTPS

55 %
IPv6

38
Domains

40
Subdomains

33
IPs

5
Countries

2250 kB
Transfer

3946 kB
Size

20
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://hesgoal-vip.io/ HTTP 301
    https://live.hesgoal-vip.io/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 71
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
  • https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Ab5oB3oRNJfyQ_x2tUG1ZrcDav2gWMlJijq-lKrwHKiAbLyA6agMXVZSdO_6ppFijW9ENRQULqQ3 HTTP 302
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=Ab5oB3rAHQ0g0wMBk9oms0UW4bSfn6Gxvyf7CYzxTNAgmmFguQF989MHs8P3Yx1ZcyZ6DvMMYaXk&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-887494323%3A1723701274247277&ddm=0
Request Chain 80
  • https://ipp-10130.feedfinder23.info/api/in-page/track?id=43-89frh6&event=1&sig=42b5226fb28ee16e53e554eb2aa4ed&u=aHR0cHM6Ly9ub3RpZnlwaWN0dXJlLmluZm8vcC9jcmVhdGl2ZS1pY29uLzU2NzE3OC5wbmc%3D&time=1723701274&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_l-body&st=0.06&cpa=9371369b-5d52-4418-9980-a510b1ff0b64&prev_step_diff=1449 HTTP 302
  • https://notifypicture.info/p/creative-icon/567178.png

81 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
live.hesgoal-vip.io/
Redirect Chain
  • https://hesgoal-vip.io/
  • https://live.hesgoal-vip.io/
54 KB
9 KB
Document
General
Full URL
https://live.hesgoal-vip.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.12.12 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f99e55419a548e614090e40764b31fb53ac374313c41eb49c94d76771e83de98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
EXPIRED
cf-ray
8b36ee22db2437d0-YYZ
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 15 Aug 2024 05:54:29 GMT
expires
Thu, 15 Aug 2024 06:09:42 GMT
last-modified
Thu, 15 Aug 2024 06:08:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
public
referrer-policy
strict-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PbM11j68kGyOTRYJ4vunwQXcyYDgqA6CE6BxJekQsCI3OYBK52EKREG36Z34SbtpNVi8ZzzfvQ0GLF%2B0ZYb%2BZaWH%2FaNNuZS1KHnUoGAiRaywluHxLSlJu%2BJ19LGnyCv2aj7iE%2BtL"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
EXPIRED
cf-ray
8b36ee1f399737d0-YYZ
content-type
text/html
date
Thu, 15 Aug 2024 05:54:28 GMT
expires
Thu, 15 Aug 2024 06:09:41 GMT
location
https://live.hesgoal-vip.io/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oLIcmpNQ2gfwjnDJmo%2FFLEHTVE%2Fb5F8StYDsRId6jfIC1X2lf8GyWI2vKsr6utX27i698tW1PznoM4THUODFmjX2RulxqVDRG6dzAofZGK7yBznwEXV5Xm8jZcp6gA4KXw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN SAMEORIGIN
x-xss-protection
1; mode=block
app.css
live.hesgoal-vip.io/assets/css/
72 KB
14 KB
Stylesheet
General
Full URL
https://live.hesgoal-vip.io/assets/css/app.css?t=1723702122
Requested by
Host: live.hesgoal-vip.io
URL: https://live.hesgoal-vip.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.12.12 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
251e698350d71b2099fca45f78c5400fa102df568973b193d25e7f79aea7e922
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://live.hesgoal-vip.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 05:54:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 27 Oct 2022 09:08:24 GMT
server
cloudflare
etag
W/"635a4a88-120a5"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KnTauOOtWwu9J%2BEUt%2BOHoTDG%2BYGQQLRVSxpuQaFXFtyHH8RCy3SYbbTIXLHovmNOlG%2B3NpzjLGfAeiSnFop1EgypZr%2BRoDoNTSVUc14LOxV86t9g6yqQPBjQ1myvzet%2BFalqJWsS"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
cf-ray
8b36ee292d7b37d0-YYZ
expires
Sat, 14 Sep 2024 06:08:43 GMT
home.css
live.hesgoal-vip.io/assets/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://live.hesgoal-vip.io/assets/css/home.css?t=1723702122
Requested by
Host: live.hesgoal-vip.io
URL: https://live.hesgoal-vip.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.12.12 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eeff21a699dabd0291e0f9677c7cdd5e198f2c70abcea9afe1329c4f9e528e8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://live.hesgoal-vip.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 05:54:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Mon, 28 Mar 2022 20:50:35 GMT
server
cloudflare
etag
W/"62421f9b-b86"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j5cgplIlcWoBaFANKf2AZmCkj5x%2BJTvEd%2FCxe7hun2z1%2BgXP21oZxAL5QvBCDQ9qOGlkeDVABW7YE%2FPmZe1CKii%2BjiEFfyuX52ACGlYe19x0%2F6Tqu%2FaV1LTzkjFGn2cjBN79g%2FbH"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
cf-ray
8b36ee292d7d37d0-YYZ
expires
Sat, 14 Sep 2024 06:08:43 GMT
matche.css
live.hesgoal-vip.io/assets/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://live.hesgoal-vip.io/assets/css/matche.css?t=1723702122
Requested by
Host: live.hesgoal-vip.io
URL: https://live.hesgoal-vip.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.12.12 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d93b2ad3f1c0e8b5a43c517d409b28d015eb3ccd5f11beed827d6ecfbf16cf4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://live.hesgoal-vip.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 05:54:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Mon, 06 Jun 2022 13:42:39 GMT
server
cloudflare
etag
W/"629e044f-cd3"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p6C7mOAh0UeO0WAOnACotqVhdSdTgu85dobvzL9HbvtxjF5dZGZhAiA4TC9%2FCPVzIcapIHysYHcaH3bPRPZc4nt7eeznsWwTS7jt45XDSVZBr5teY2TDlyODcPFssksWMs%2BBWXBk"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
cf-ray
8b36ee292d8037d0-YYZ
expires
Sat, 14 Sep 2024 06:08:43 GMT
scripts.js
js.mbidadm.com/static/
2 KB
2 KB
Script
General
Full URL
https://js.mbidadm.com/static/scripts.js
Requested by
Host: live.hesgoal-vip.io
URL: https://live.hesgoal-vip.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
cf31e107e8cb091c9477fe99de3a57a65486fe87becf0e8f469846949beff9f3

Request headers

Referer
https://live.hesgoal-vip.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-proxy-cache
HIT
date
Thu, 15 Aug 2024 05:54:31 GMT
last-modified
Fri, 09 Aug 2024 08:25:07 GMT
server
nginx/1.18.0
etag
"66b5d263-6c4"
x-cdn-host-id
ds8138
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
content-length
1732
expires
Thu, 15 Aug 2024 05:59:31 GMT
83292
ql.vinelethoner.com/gaGLLSj9CaaVb9Nq/
118 KB
32 KB
Script
General
Full URL
https://ql.vinelethoner.com/gaGLLSj9CaaVb9Nq/83292
Requested by
Host: live.hesgoal-vip.io
URL: https://live.hesgoal-vip.io/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
173.0.146.170 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
5ff6522cf7fb34db44c1628d1a4ff86fe8006d6a29f5603abf67500ec15f90e1
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://live.hesgoal-vip.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Thu, 15 Aug 2024 05:54:31 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=1
Transfer-Encoding
chunked
Connection
keep-alive
Server
nginx
Accept-ch
sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
https://live.hesgoal-vip.io
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Credentials
true
Vary
Accept-Encoding
Keep-Alive
timeout=20
Access-Control-Allow-Headers
content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
script.js
injectshrslinkblog.com/popup/
9 KB
5 KB
Script
General
Full URL
https://injectshrslinkblog.com/popup/script.js
Requested by
Host: live.hesgoal-vip.io
URL: https://live.hesgoal-vip.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:572c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
0102c596db22318194870f8988b1dec2bc462954a57ecd545725f6a2965ffb8b

Request headers

Referer
https://live.hesgoal-vip.io/
Origin
https://live.hesgoal-vip.io
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 05:54:30 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
cdn-cache-control
public, max-age=100
server
cloudflare
etag
W/"223e-zDu1wzN48Tm0S5dNbgBoKRv3zbA"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6IZLxTaKogv4MsgJP4IhxpVEGhfXUDvfSKhtpx0TJkWW%2FZO3GhI5JSEd6ZvA9o%2FKgP2TqrvvY1aSxZ%2BcDqPQIZlPkORLjfBRRc%2Bn1sbXLrsHvi0UYnID%2FVPXNuYStieZrJV%2FCA9sUbZuFydzjIM24uvSiwBW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
https://live.hesgoal-vip.io
cache-control
max-age=0
access-control-allow-credentials
true
cf-ray
8b36ee2ac89eabd3-YYZ
aclib.js
acscdn.com/script/
124 KB
40 KB
Script
General
Full URL
https://acscdn.com/script/aclib.js
Requested by
Host: live.hesgoal-vip.io
URL: https://live.hesgoal-vip.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:b1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4873719675ebb677d87c57edf12fda7285b02b19b27151061d3b4c6e5216941b

Request headers

Referer
https://live.hesgoal-vip.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 05:54:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
61
x-guploader-uploadid
AHxI1nN2Kmcb6zIXRdFU9mhLaDn66LOYFlL1C9Vc03J0ntI67hrYjmBGSLswRYbn1JStCMDR6QM
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 12 Aug 2024 07:59:05 GMT
server
cloudflare
etag
W/"8a79961b8d2032a86c616f0486df550c"
vary
Accept-Encoding
x-goog-hash
crc32c=c6HJ2w==, md5=inmWG40gMqhsYW8Eht9VDA==
x-goog-generation
1723449545625891
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NitWqyCfJQ8lizoywTkyZV2IC1FrJ9%2BmXZVVQpxcof89VrqaLc8aIHDP%2B%2FudKjiciaXvcqSw2XRSUqY%2FJJEtgFtThe%2B9nWsW2Z9QGzzljhDSu%2FmXZcFF%2FiHX3u%2BP1F%2Fi0AryEPxU%2FcMz"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
126653
cf-ray
8b36ee2acc81ac26-YYZ
expires
Thu, 15 Aug 2024 06:53:29 GMT
7cdee121cec3460941807a332080c42f.js
bountyformseedlings.com/7c/de/e1/
44 KB
17 KB
Script
General
Full URL
https://bountyformseedlings.com/7c/de/e1/7cdee121cec3460941807a332080c42f.js
Requested by
Host: live.hesgoal-vip.io
URL: https://live.hesgoal-vip.io/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
7339d0b07433a8fb7cd58dde6c704cbdb6af8bd6b676d32ab0369ad78d6f1c39
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

Referer
https://live.hesgoal-vip.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Aug 2024 05:54:31 GMT
Strict-Transport-Security
max-age=0; includeSubdomains
Content-Encoding
gzip
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Cache-Control
no-cache, max-age=0, private, no-cache
Connection
keep-alive
X-Request-ID
ac1703235e490456911d230e3e15b832
Expires
Thu, 01 Jan 1970 00:00:01 GMT
btag.min.js
cegloockoar.com/
6 KB
3 KB
Script
General
Full URL
https://cegloockoar.com/btag.min.js
Requested by
Host: live.hesgoal-vip.io
URL: https://live.hesgoal-vip.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
7845091bfb4747ce666ec456e25217b52d7c4af200b3bd91f07b6469e0bb7cb1
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://live.hesgoal-vip.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 05:54:31 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
gzip
x-trace-id
e8f5ad92e2db2ab1a8a9b79c124efa6a
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
expires
Tue, 11 Jan 1994 10:00:00 GMT
btag.min.js
oapsoulreen.net/
6 KB
3 KB
Script
General
Full URL
https://oapsoulreen.net/btag.min.js
Requested by
Host: live.hesgoal-vip.io
URL: https://live.hesgoal-vip.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
7845091bfb4747ce666ec456e25217b52d7c4af200b3bd91f07b6469e0bb7cb1
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://live.hesgoal-vip.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 05:54:31 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
gzip
x-trace-id
6af2fe2b137071b9e115c5724519fb17
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
expires
Tue, 11 Jan 1994 10:00:00 GMT
jquery-3.7.1.min.js
code.jquery.com/
85 KB
30 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.7.1.min.js
Requested by
Host: live.hesgoal-vip.io
URL: https://live.hesgoal-vip.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Request headers

Referer
https://live.hesgoal-vip.io/
Origin
https://live.hesgoal-vip.io
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 05:54:30 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
2819352
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
30336
x-served-by
cache-lga21978-LGA, cache-yyz4532-YYZ
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1723701270.170887,VS0,VE0
etag
W/"28feccc0-155ed"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
176476, 14452
js
www.googletagmanager.com/gtag/
308 KB
102 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-J005H456G7
Requested by
Host: live.hesgoal-vip.io
URL: https://live.hesgoal-vip.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6f3b24c5dc75f76328ad035e883512db53a670c35a4290154e343382012ed3c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://live.hesgoal-vip.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 05:54:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
104245
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 15 Aug 2024 05:54:31 GMT
sfp.js
recordedthereby.com/
83 KB
28 KB
Script
General
Full URL
https://recordedthereby.com/sfp.js
Requested by
Host: bountyformseedlings.com
URL: https://bountyformseedlings.com/7c/de/e1/7cdee121cec3460941807a332080c42f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:5b18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4acac8b8ff23671d365150818f3c39bbbfa08b1a1842d73de5933e0fea26454b
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

Referer
https://live.hesgoal-vip.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 05:54:31 GMT
strict-transport-security
max-age=0; includeSubdomains
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400
x-request-id
05bdca01b0ff1a9dbde8074aae43617b
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nkiaTGzEwGeo5ru%2FyixzeGZIG3R1EhRVHDMGlrGerRUw9amfo6E7whDjFVYn%2FbB0ib7wz20R3ytwGl1Nz6hsr0b4knouABqvzscjzAjJZp8Y65XGHj4LYQsED1kXcBXOJE9AoB1ZqppxuO%2Fb8wWTN4Us"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, max-age=0, private, no-cache
cf-ray
8b36ee31fb4336db-YYZ
expires
Thu, 01 Jan 1970 00:00:01 GMT
stats
proftrafficcounter.com/
40 B
304 B
XHR
General
Full URL
https://proftrafficcounter.com/stats
Requested by
Host: bountyformseedlings.com
URL: https://bountyformseedlings.com/7c/de/e1/7cdee121cec3460941807a332080c42f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.224.133.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-133-196.compute-1.amazonaws.com
Software
fasthttp /
Resource Hash
e836e44077eb4dde1bec5b02081f024bb28342d241a2d9a81966c4a3d395adbb

Request headers

Referer
https://live.hesgoal-vip.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
https://live.hesgoal-vip.io
date
Thu, 15 Aug 2024 05:54:31 GMT
access-control-allow-credentials
true
server
fasthttp
content-length
40
vary
Origin
content-type
text/html; charset=UTF-8
truncated
/
401 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c5a8cec60b5774c8e0ea5d3feed60f15820528d3cf18a4634cd29c6b23baa2b4

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/
500 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
din-regular.woff
live.hesgoal-vip.io/assets/webfonts/
63 KB
63 KB
Font
General
Full URL
https://live.hesgoal-vip.io/assets/webfonts/din-regular.woff
Requested by
Host: live.hesgoal-vip.io
URL: https://live.hesgoal-vip.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.12.12 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0fd8366f85ca9b53a88fba4c1a9a2a043d273e1152b923af231ebcd708fbb26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://live.hesgoal-vip.io/
Origin
https://live.hesgoal-vip.io
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 05:54:31 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
188802
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Sun, 06 Mar 2022 19:55:08 GMT
server
cloudflare
etag
W/"6225119c-fbc4"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
font/woff
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4FnL8HNBHgHa3cQvF00T6KV9VbSjsLPo3hOBxuxyyKMd4GbjhmhEFdA7tZ0iR%2Beau%2FeDghsC%2FD7fJSUjU62RkieGHwAzEwCblLCg6qDUd6eGSYg4p681shJV1UmK%2FK9YySNzTJk9"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
cf-ray
8b36ee31d95537d0-YYZ
expires
Thu, 12 Sep 2024 01:41:58 GMT
1558223294.png
web-api.scorarab.com/uploads/team/
6 KB
7 KB
Image
General
Full URL
https://web-api.scorarab.com/uploads/team/1558223294.png
Requested by
Host: live.hesgoal-vip.io
URL: https://live.hesgoal-vip.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.7.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21aa49579e8ed712d60f2b10e7888512705cfb0b4bba22f7258a3865d05753d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://live.hesgoal-vip.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 05:54:31 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
30058
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 08 Dec 2021 17:06:39 GMT
server
cloudflare
etag
W/"61b0e61f-1979"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=agjcO10nXhkdo4H8LkNzjidW1KOhncSzz%2FccfC%2BGf2U1InGCH6ty6uITugJeRb%2BE8DQkSWhKhZCu89LwyZKu4ksfNSg4H%2BgNuRJc5rLcW9K%2BPpUFSTHD324O%2Fq13FD%2FemBFMpGbCwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
8b36ee32fc30ac3f-YYZ
expires
Fri, 13 Sep 2024 21:33:33 GMT
1556300765.png
web-api.scorarab.com/uploads/team/
33 KB
34 KB
Image
General
Full URL
https://web-api.scorarab.com/uploads/team/1556300765.png
Requested by
Host: live.hesgoal-vip.io
URL: https://live.hesgoal-vip.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.7.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
daaeacc65b938cbd6ee107da0791c0ffb2afa825cd36efba737ffa121e43d395
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://live.hesgoal-vip.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 05:54:31 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
30058
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 08 Dec 2021 17:06:39 GMT
server
cloudflare
etag
W/"61b0e61f-848a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JFxqjFIjijw3a3oZ9gwyIot8qlbwI8Cq10OUXG%2Fl7PkdseyP57C5AZDxFeWXbKm0lACbUzqtcF0caVoThaqkVOXmFks%2FvOg7Ny7XgCzE%2BCpHR58afpPfO9APiZIbwpK0ss9QdCt1LA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
8b36ee32fc2aac3f-YYZ
expires
Fri, 13 Sep 2024 21:33:33 GMT
Ajax.png
web-api.scorarab.com/uploads/team/
64 KB
65 KB
Image
General
Full URL
https://web-api.scorarab.com/uploads/team/Ajax.png
Requested by
Host: live.hesgoal-vip.io
URL: https://live.hesgoal-vip.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.7.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4eb18d4a3dc3cf7b96c81faf4b6ec93fef85f16e3769225607dafc5d6aa197a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://live.hesgoal-vip.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 05:54:31 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
30058
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 08 Dec 2021 17:06:39 GMT
server
cloudflare
etag
W/"61b0e61f-10025"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TiFZLDTI%2BZHG8bRzjOFyafgH2fgAa5ja2y5FS4MwxCkWiXAMxYJPhAm%2BitVlLDwmWOC0PaLviiDoBnPjsThkRrXTR592bTu93kNw49gvnKJDPaefZz8nJXra5rU0EGUfU5Zeu1XFgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
8b36ee32fc2cac3f-YYZ
expires
Fri, 13 Sep 2024 21:33:33 GMT
1628896975.jpg
web-api.scorarab.com/uploads/team/
7 KB
7 KB
Image
General
Full URL
https://web-api.scorarab.com/uploads/team/1628896975.jpg
Requested by
Host: live.hesgoal-vip.io
URL: https://live.hesgoal-vip.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.7.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0db8371c27dd0c5bf9fef81122033a8e525c827c39043fe9e0de4c71bab3ce2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://live.hesgoal-vip.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 05:54:31 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
30058
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 08 Dec 2021 17:06:39 GMT
server
cloudflare
etag
W/"61b0e61f-1b74"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=39uYP4%2FXQGyM6JlPhPIOzN5z2Ou7d9yQnvwwirtNUdj5jG0Id%2BExIMEPDdlLjGtniZ83Tub9qEU0BZLmGARVHu%2FKJ0bFCQFV1kdmKmFxlbPw8e5WOO9T09lr7%2BAQwh9wFHOLBCrJtg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
8b36ee32fc2eac3f-YYZ
expires
Fri, 13 Sep 2024 21:33:33 GMT
1690321447.png
web-api.scorarab.com/uploads/team/
8 KB
8 KB
Image
General
Full URL
https://web-api.scorarab.com/uploads/team/1690321447.png
Requested by
Host: live.hesgoal-vip.io
URL: https://live.hesgoal-vip.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.7.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51127825a06d01e64013865f4471a854ae739d3b113f863fe592c90b4b9698d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://live.hesgoal-vip.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 05:54:31 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
30058
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 25 Jul 2023 21:44:07 GMT
server
cloudflare
etag
W/"64c04227-1f01"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OS0i3JfM39w%2B5tlo3J%2FKtX4ohvINMMKGMWA1LDAFJI%2FP%2BkU1RpzM3v1kZFqsOWYEZhQOsH33DtbhrjBTwnIPaJfWkNkXIdmrzWWoCx1TiZqlFe%2F6Zwcqp%2Bx264vv14r4spfW%2F1ACgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
8b36ee32fc33ac3f-YYZ
expires
Fri, 13 Sep 2024 21:33:33 GMT
1582206314.png
web-api.scorarab.com/uploads/team/
8 KB
9 KB
Image
General
Full URL
https://web-api.scorarab.com/uploads/team/1582206314.png
Requested by
Host: live.hesgoal-vip.io
URL: https://live.hesgoal-vip.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.7.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce6e9bcf60efb417042be5f03efc407b39cbc7301553c47252226f122f8d50cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://live.hesgoal-vip.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 05:54:31 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
30058
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 08 Dec 2021 17:06:40 GMT
server
cloudflare
etag
W/"61b0e620-206a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9AEj%2F2A5sZdRjOZgKkL88LpFM4Eck48ZLt8LgJyFl63n43GtGtO6SDzN1Na01JajkGmnoRq0YuS4HMrD6XGiqQty2lvctkkmNdw6c4NTKlFgp4FTsl%2BVaFdzPF2vd3rSgUXPw0Mr7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
8b36ee337c6bac3f-YYZ
expires
Fri, 13 Sep 2024 21:33:33 GMT
1568929636.png
web-api.scorarab.com/uploads/team/
6 KB
6 KB
Image
General
Full URL
https://web-api.scorarab.com/uploads/team/1568929636.png
Requested by
Host: live.hesgoal-vip.io
URL: https://live.hesgoal-vip.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.7.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5178889809d60f1cb128a7a0037118504920e7c0bd6638fdc5f97048301e367
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://live.hesgoal-vip.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 05:54:31 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
30057
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 08 Dec 2021 17:06:40 GMT
server
cloudflare
etag
W/"61b0e620-17bd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BsOkSLX0XffRy1kEErrFFsghh6QvbVhfdUkLM3XT0ZCEn1Sa%2FMSsNZ7MF9oyMNmLbZ33vbX%2F5Mb6mVYZzVpSfJorokZlrsOxxEZDg%2B383m3Iy9oJ0sIXgN8MddQuvrbdoCpKCNSg6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
8b36ee337c6eac3f-YYZ
expires
Fri, 13 Sep 2024 21:33:34 GMT
1663205167.png
web-api.scorarab.com/uploads/team/
8 KB
8 KB
Image
General
Full URL
https://web-api.scorarab.com/uploads/team/1663205167.png
Requested by
Host: live.hesgoal-vip.io
URL: https://live.hesgoal-vip.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.7.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5ac04d13568759f45dabe6f090948f8f0995ef710e87fcf889c66e385694d01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://live.hesgoal-vip.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 05:54:31 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
30057
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 15 Sep 2022 01:26:07 GMT
server
cloudflare
etag
W/"63227f2f-1f4c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KGr1VnHcxIzqQvUR39NVpptsXZcvqRdGlSxn2JkLQC3JS1m3%2FlLOz0h1aFhfPGirHsSO0LbLlvSDyhMPJznKSktnA4d%2BDll6opYQNAhNEkX55NJVeywGHSYjarfSm8KATV%2F17%2B0A1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
8b36ee337c6fac3f-YYZ
expires
Fri, 13 Sep 2024 21:33:34 GMT
1571881050.png
web-api.scorarab.com/uploads/team/
8 KB
9 KB
Image
General
Full URL
https://web-api.scorarab.com/uploads/team/1571881050.png
Requested by
Host: live.hesgoal-vip.io
URL: https://live.hesgoal-vip.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.7.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35c1de7c5272c086d404d33dab935009b0a970f80558ddfa50de1ada4e6f54b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://live.hesgoal-vip.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 05:54:31 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
30057
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 08 Dec 2021 17:06:39 GMT
server
cloudflare
etag
W/"61b0e61f-2025"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3UVu8TMRNLSQ%2BMpPyS4ZMaFL39e69JKrzx3zmbRLE3FR5%2Bb6hnq8thu3DCWfg9QqYWWJCEeTjZYN0MDAf2Cy%2BK8PQa0ImRfD0e16mTE9%2BL6GvXs8aoXheMLPq6hYyS8D5aufNhlYAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
8b36ee337c71ac3f-YYZ
expires
Fri, 13 Sep 2024 21:33:34 GMT
1662585204.png
web-api.scorarab.com/uploads/team/
6 KB
6 KB
Image
General
Full URL
https://web-api.scorarab.com/uploads/team/1662585204.png
Requested by
Host: live.hesgoal-vip.io
URL: https://live.hesgoal-vip.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.7.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ecb5f7bbbfe4a800647363c4be4e8679cf192a230eb1130ce079df61c8c1a3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://live.hesgoal-vip.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 05:54:31 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
30057
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 07 Sep 2022 21:13:24 GMT
server
cloudflare
etag
W/"63190974-1677"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y4NLscWM6Yyn1R26zfY3%2Fm8U748zj3bQr2IdItU8RQGG4SknTILKIULyqsxRv5rOqrbsxrZX46vH1qtoNz7pVQbWX8NyImeF3yGlyrC%2FIRV9KkPHy9cxKBrMVonz%2BdtiDk%2FofVKsCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
8b36ee337c72ac3f-YYZ
expires
Fri, 13 Sep 2024 21:33:34 GMT
1558221913.png
web-api.scorarab.com/uploads/team/
9 KB
9 KB
Image
General
Full URL
https://web-api.scorarab.com/uploads/team/1558221913.png
Requested by
Host: live.hesgoal-vip.io
URL: https://live.hesgoal-vip.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.7.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92d90c4941c7cbea5451d0688b2297d80478e54e084c4b2db55c43b0f824688d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://live.hesgoal-vip.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 05:54:31 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
30058
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 08 Dec 2021 17:06:39 GMT
server
cloudflare
etag
W/"61b0e61f-225d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0VCYoPL50xH0sWRMX25gWwAWg4iP7slRKOFvJx%2FoM0BEA1QlRT9GVd8dV5F9QwUDcwiv6BsxDImXeAc4dgxoiyoDaUjKdOVCrKXGGE6LlyT0kIJp0UIECKM3Lodn1NBrianJorfGCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
8b36ee337c73ac3f-YYZ
expires
Fri, 13 Sep 2024 21:33:33 GMT
1600200657.png
web-api.scorarab.com/uploads/team/
7 KB
7 KB
Image
General
Full URL
https://web-api.scorarab.com/uploads/team/1600200657.png
Requested by
Host: live.hesgoal-vip.io
URL: https://live.hesgoal-vip.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.7.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0eaedcd2f342b29a8ce0c22294618f8885aa34d6413d580e56b8fed1d486b60e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://live.hesgoal-vip.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 05:54:31 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
30058
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 08 Dec 2021 17:06:40 GMT
server
cloudflare
etag
W/"61b0e620-1adc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=be2v3oIvE9W%2FQ7HysbS3ztjk08trWWShdbjYXHyCFAEVdkIX2ADFs%2FbLwcnwg6OE5RsWwKuR81Jc2cm%2BO1bPGErf1Q0EeIta69vPFen8RgbZefMj8VCCv6XMZ%2B1oSlCKhXTYuEoO1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
8b36ee337c74ac3f-YYZ
expires
Fri, 13 Sep 2024 21:33:33 GMT
1.png
live.hesgoal-vip.io/uploads/img/post/
565 KB
566 KB
Image
General
Full URL
https://live.hesgoal-vip.io/uploads/img/post/1.png
Requested by
Host: live.hesgoal-vip.io
URL: https://live.hesgoal-vip.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.12.12 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f18028a8c8f9685c4c8b79a102de82aefe1786bc627d1af57db26834903e1a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://live.hesgoal-vip.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 05:54:31 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
188803
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Wed, 13 Dec 2023 11:07:49 GMT
server
cloudflare
etag
W/"65799085-8d3ae"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PD6ZJ%2FPw83q1YqKWYVAiW%2B6Rt4nPExK6PC9TMJUKhOUnuOK2ipJZPmbQnXvKhfc1VDG5qEIiXG46KWq7Dx0qfmiPWVUkHhXU130zQiyWalotRK4SmoOU80EJKWlp4gv2Ah0wooWS"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
cf-ray
8b36ee31d95437d0-YYZ
expires
Thu, 12 Sep 2024 01:41:57 GMT
ut.js
acscdn.com/script/
62 KB
23 KB
Script
General
Full URL
https://acscdn.com/script/ut.js?cb=1723701271333
Requested by
Host: acscdn.com
URL: https://acscdn.com/script/aclib.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:b1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0deb5082ddbcd905a8d9fff21cf5dfd1afdac4744f149a4db2801af971850390

Request headers

Referer
https://live.hesgoal-vip.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 05:54:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
647
x-guploader-uploadid
AHxI1nOpddTMfgMbnRBaXXvtFidEge2ooivmVZnN5mu0cyEOsSCPxQppsYDKbNJNMMEsyrtn7T1tDUlFkw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 24 Jul 2024 11:41:54 GMT
server
cloudflare
etag
W/"e7bb8a3e002fb7cbc1b3ca32b73e6ac5"
vary
Accept-Encoding
x-goog-hash
crc32c=IaaDjg==, md5=57uKPgAvt8vBs8oytz5qxQ==
x-goog-generation
1721821314858390
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wiR3ds2J3CdQHD4TFmA35K6yvNY5vTCD26uFWH24D1mUhWpAQ658vK2JtIfg8JdvrrOEjoONzD23bnrLaRcjmTdeVYZkps9td9jlk2zZy%2BJs00T9SXwNOoRqdJj75OcVtPxtnyTNhI7k"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
63280
cf-ray
8b36ee31f825ac26-YYZ
expires
Thu, 15 Aug 2024 05:58:35 GMT
live.hesgoal-vip.io
web-api.scorarab.com/api/all-matches/en/2024-08-15/
4 KB
1 KB
Fetch
General
Full URL
https://web-api.scorarab.com/api/all-matches/en/2024-08-15/live.hesgoal-vip.io?t=54
Requested by
Host: live.hesgoal-vip.io
URL: https://live.hesgoal-vip.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.7.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b749400be62abc8659ff82219f03ae56458f30155095722675521e6c9eed4d75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://live.hesgoal-vip.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 05:54:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y%2F0ysirkiBGFe5diOs%2BB0qWnn60LiGNvQVA%2B33PNTClV0aiEwwM%2BozdH5oodNyQPbCyaPzWAYFODCnxmcLbHLcxqzl9m%2BbFT%2FuOo2GHo4VIU3m5XdKqZMlTJQ3Kp%2FZSN%2BcwWjTu2wg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
cf-ray
8b36ee33091c37cf-YYZ
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
expires
Thu, 15 Aug 2024 05:55:31 GMT
js
www.googletagmanager.com/gtag/
308 KB
102 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-9HDBRPHLGC
Requested by
Host: injectshrslinkblog.com
URL: https://injectshrslinkblog.com/popup/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3e3387702f06d418e560eb3d7a64952362ad2fb1202176a28f76dd3323cb22d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://live.hesgoal-vip.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 05:54:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
104358
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 15 Aug 2024 05:54:31 GMT
telegram.svg
live.shoot-yalla.tv/uploads/img/
0
0

scripts.m.js
js.mbidadm.com/static/
114 KB
37 KB
Script
General
Full URL
https://js.mbidadm.com/static/scripts.m.js
Requested by
Host: js.mbidadm.com
URL: https://js.mbidadm.com/static/scripts.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2522fbf41d5f96d76feecbb4857fe9842aed9e21cab71fa9ad65b49642d51649

Request headers

Referer
https://live.hesgoal-vip.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-proxy-cache
HIT
date
Thu, 15 Aug 2024 05:54:31 GMT
content-encoding
gzip
last-modified
Fri, 09 Aug 2024 08:25:11 GMT
server
nginx/1.18.0
etag
W/"66b5d267-1c910"
x-cdn-host-id
ds8138
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=300
expires
Thu, 15 Aug 2024 05:59:31 GMT
hb.php
pubtrky.com/ut/
0
435 B
Ping
General
Full URL
https://pubtrky.com/ut/hb.php?cb=0.911037311283929&v=1
Requested by
Host: acscdn.com
URL: https://acscdn.com/script/ut.js?cb=1723701271333
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:bc6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://live.hesgoal-vip.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain; charset=utf-8

Response headers

date
Thu, 15 Aug 2024 05:54:31 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S9Ahx5o4EXuc4PPbhG8VtBN%2F2MeYAUcm8%2BN9BjpBGNEpSQTNAwBFWeHKZ505CKiiddjhvRtH7Msp7VbWuxCR6CVbIR%2FTyKTrNFKKJRONqfuWEESMWHva118AH1G87jPHuZDcwtyT3lQjZg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
8b36ee342ffdabbb-YYZ
alt-svc
h3=":443"; ma=86400
215645
bid.mbidtg.com/tags/
2 KB
2 KB
XHR
General
Full URL
https://bid.mbidtg.com/tags/215645?version_name=d&domain=live.hesgoal-vip.io
Requested by
Host: js.mbidadm.com
URL: https://js.mbidadm.com/static/scripts.m.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.25 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
2f942eddda34fadddce6c1ed9dec0e43cb492722465211420ceebddd521d5892

Request headers

Referer
https://live.hesgoal-vip.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 05:54:32 GMT
server
nginx/1.24.0
x-cdn-host-id
ds8138
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=300, public
content-length
1900
x-proxy-cache
EXPIRED
sbar.json
groinopposed.com/
26 KB
17 KB
XHR
General
Full URL
https://groinopposed.com/sbar.json?key=7cdee121cec3460941807a332080c42f&uuid=46330d71-0b41-465a-bc18-44b76d07adc6%3A3%3A1
Requested by
Host: bountyformseedlings.com
URL: https://bountyformseedlings.com/7c/de/e1/7cdee121cec3460941807a332080c42f.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
0639985b995883a12a29c48cb25eec147d8ee42146ecce4aeaa6b220563d5c27
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

Referer
https://live.hesgoal-vip.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Thu, 15 Aug 2024 05:54:32 GMT
Custom-Referer
https://live.hesgoal-vip.io
Content-Encoding
gzip
Strict-Transport-Security
max-age=0; includeSubdomains
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection
keep-alive
X-Request-ID
2aa010bc731c48d02dbde2e39ee92bfe
Pragma
no-cache
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://live.hesgoal-vip.io
Cache-Control
no-cache, max-age=0, private, no-cache
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:01 GMT
collect
www.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-J005H456G7&gtm=45je48c0h1v9133091940za200&_p=1723701271329&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=1057505190.1723701272&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1723701271&sct=1&seg=0&dl=https%3A%2F%2Flive.hesgoal-vip.io%2F&dt=Hesgoal%20TV%20-%20Free%20Live%20Sports%20Stream&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3768
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J005H456G7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://live.hesgoal-vip.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Aug 2024 05:54:32 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://live.hesgoal-vip.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-9HDBRPHLGC&gtm=45je48c0v9192935442za200&_p=1723701271329&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=1057505190.1723701272&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1723701271&sct=1&seg=0&dl=https%3A%2F%2Flive.hesgoal-vip.io%2F&dt=Hesgoal%20TV%20-%20Free%20Live%20Sports%20Stream&en=page_view&_fv=1&_ss=1&_ee=1&tfd=3830
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9HDBRPHLGC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://live.hesgoal-vip.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Aug 2024 05:54:32 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://live.hesgoal-vip.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
cdn.barscreative1.com/sb/notifications/rtb/msngr_1/social-media/instagram/1/
1 KB
704 B
XHR
General
Full URL
https://cdn.barscreative1.com/sb/notifications/rtb/msngr_1/social-media/instagram/1/index.html
Requested by
Host: bountyformseedlings.com
URL: https://bountyformseedlings.com/7c/de/e1/7cdee121cec3460941807a332080c42f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:b48:8301::3 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
84e00fb01d3af8aa19e2d293bd264eefe73c7731349dafba3a426be55f341f9d

Request headers

Referer
https://live.hesgoal-vip.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-proxy-cache
HIT
date
Thu, 15 Aug 2024 05:54:32 GMT
content-encoding
gzip
last-modified
Fri, 19 Jan 2024 14:28:03 GMT
server
nginx/1.21.6
etag
W/"65aa86f3-49a"
x-cdn-host-id
ds7961
content-type
text/html; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Date
cache-control
max-age=3600
expires
Thu, 15 Aug 2024 06:54:32 GMT
ren.gif
groinopposed.com/
7 B
733 B
Image
General
Full URL
https://groinopposed.com/ren.gif?sid=H4sIAAAAAAAC%2F3yXy8%2Fk2FXA6%2BuOEFIEEgmLSAjpU750yEhxf34%2FGI1GrrfL9XC5ylXlUkvFtX3LvuVn%2BfpVZhMlCGVHw4rlN7czkwwBJVmwAQWhb1ggjYQ0zapnMRv4AxCIFbNA3dNheAw5tnTPPedYPuf4%2FGT7D98pP%2BmwpAQv4CxtURSBW%2BExff2tHcO8eT1FSdlcN7J4EPk3rtUsi%2BAWOjoqbgVOesyJ19%2FSx%2BvZ9NvXEQrh9Qi6YfrGdS%2FI0xjeMqz0mH55XK%2FAEeTo9SUEZX%2FBiOJj%2BjFLC48ZmSdN%2Fr8MuLwiGFwRr%2Fqk8xWCvOe%2F%2Fh%2F%2FNCXIvSdJ%2FNM%2BxGGRZt8exGUEijQnlfdDKwmTtE5I%2FLl6zK%2FIMfnh62iS4o%2BGf0PS5N1XFZG0%2Bq9ABz3vPPhySZzkvc8SJ071jGEl4kQEJsTxvkzq6p7A6J4gcE%2Fc9HsEeb9DXI%2F0VJLE7%2FVAAjzwmQ%2B89D3vPPj9fyaoft55ePouSeIfd2EUXb8Oa453BDX3BPn3JCs%2FIEX7KUH1B8QtvkuQ9w%2BdJ3%2F9JkniH83SpMghiAjyXnyDFzmO9iSGoh2eoXhRAJTjMjLF844kerQEPFd81R2E7gk63pMIPiUAPyQlviIluiLl8YqU2RWJvRfXzPGoMLTjAZoRhKPoOYxMH2kgH4EsyEdHJqX7soinpMieEjd6Stz8OyTLv0NC9McfPfwjkpd%2FS3BwR7B3RXDRIZV3R2rYITXukBp0SI06pC46pK7u3vUizOK797wIlw7zemVfr9zds7Tw3wHvpoUPk68RkD8luXf3TvZJ5zdeNvHq%2BNZfkhC%2BuJZcD0KGZVzocrxIKzwj0xLgOJaWaZdnjwSjO4LwAwLwFWnR886b%2F%2F4pydDzzlff%2FnvigA8Ijj4gLvoqAeVvE1DfERDckTb5CRNA7KcgoiqUPUYp8dI7khVfIsXl6p3ok85vvXqS%2FU%2F%2FlUD3w7fv%2F%2B39nwZfkYmb35EsvyMn9Hcd4kfff2amdecHZlrjzs8WWYFi1IICpcmqAAXs%2FJkOL3Wae1ofP31fdV86Xqp%2Fvoa4mILEQ4mPOz%2FuIs%2BD%2BTDNXdj5uYa30DFKHHTLPCmzqdEbanGWQ4xRmtwTgD5yNsRFzzu%2F9iu%2F%2BWp0v%2FnGrxKUf0Dy8uOHXwqKIsO%2Fe3sLPNi4AUh86IMCPnbT%2BNZLb93HWZC9jQsQg%2BKt%2BJHUe8S%2BPJfssLSDwbkYWVx3QI3GtDfwxgbXGI89WXzE9vBqTmPoTBb42PdhsxEcJt9xVsLWqsLNp9xxg5xAPo0AihxxwWwW1vQ050MhlpFlr%2FaHpBW78rRpwNafdYMVKPu9VcDX5Yi2XWsOukOX45BujGADHXot9LV9mqa5Zni5QyO7u29P5aKLpYjJ67Uag2PgNy0X1FxILdlLd2ePhN6InaQ29I1cGO3T%2FbpCjr9yipk65c%2F9LgBKs9zByl0Y1mSfC8u9exyYwcos3LwAZne8YuuLuI%2BbqTcEwsJracvjuZ7A9NB0G0e9buBPzCxRlDmzsvWmXDUUVoTDfGAtau5Y5Ip1nJ5h5k69GMrFopiPAJ%2BN0Mo8TuU%2BJ4%2FAxVNcHTc9Ye1i9cjbjL%2FTTmyUDQ7tebIxxxYeqE6dQyMPnYlin2BKqa0H6h3t19pk1%2FdFZFNULjtlsEWV2Gvas5ztZnVodmlgYJAAvZQ3urQJuYNaN3jqH2QWJml%2FNtuOqeXwZI%2B743zX8NxJslMhKDNTVvFIo3U1UyZFDXgmZeU1qmpjYmWyufXZWb72qvEaTrsgTWRKkbLdATINouahsV708IqiZ%2BWxpsepV6ord%2B3F9Xy4bWjLxvxy6%2FX7rSSGVnES61YtvTREVsLjfvcQDio9tYflxPbMYGh68lKhig09vdhxLFzgnrf04z4Nu32OY3rTrXfAu9Oemu8rNrywI6u1ZoHH1jtza2v5eMN47nmoGWNehdxyvEX0I7ZH4vLDt%2F%2Bl80oISu%2BJm%2F3Bj25utN5ifnPz4vd%2BgYib5zBLX6EBm8IByS2nKArH0yx96%2BYQFKiC%2BJblZFZSZPoWijLrMTTH05BlIACcwzJHRTpyLuAh5KUDz4rC4yzxf3Jz0x%2BseqZmrLWXd%2FyrdZpdT1IHX6PkegwSD1OL5DpPI4h%2FdnNjLFbrrtrTD5Y5Xd3cfPzQ%2FPpnCT65ffIFFL%2B0NU9u0wwmeeE8uWWf3NYo%2BWKs1cBgtcDO05dY7%2F8H1hIQHrE9QdFPRi4jYQkmtaEvR4t9uMnPfsG5ip3k6hi2Sz%2FtNkNpp9XbbQHGprV3Q1uhubq02jXVIHOgGIY9SarxYMJKWq2zs7OT7SbmSpyoy5nQ9tNFb7lVUO7skNLmywOdNDS7EaaxKIjrRSX1wjOrDrd01q3jdiwDbXsJGBPSXBuoTqWOB0ylX0IfUZAJthcrOW9ifw3R2Qk2vsaptGH6jW8XNqbxbJ%2F1U2thDPbRTrl41XnqmJdgOxHnrHKM1O1a3rnaElXLNR9hXFBWhVWpOpWH3YqaLtiodoPhVux1qxyO5UU%2B717cEefoq4GRp4O1mSjZYKvObMqKizGjLJhTshOkkKcnbu4uSzlJzOW6ZF3O5lt9doCzQdbGWTow8OA8WRZur3TMZbhJaI6B6sq014PIqE8Sz3djTM3QlM27AU5xuB9qutlb%2BEVd4WrchP4KMqGRzrBSFdpMU7SxC4Y21bZbd9lOfIjLPm7MfXjamXPP8fbmeNZfSIExMuQdOrGzWSmvlwMD0bWaZa2TS7BbWfmaU6VtVyraZaMLMz%2BrktFuFqP2cHZymAvjVrw0HLWfd%2Fs7BEUN1OfJwB6mwEbcYobnpisVUjy38JlrtmE1ks6m3mgIXFQ%2FtrfC0BKpvrjb7raBvw41XVlP2JXWzQ7CSMZ9fthTWBgMypXZ9MLdNhlouz2Aw5W7z7iuZ4UViCbHZrzmea4V6tLwy8t8a2Ihk8%2BlflpcVC90fG0%2FOIcD6pxKE9Nt7MOpf9AgWH42%2FN8EXnPIcuTCt77%2B%2Fs3NWltPB7%2BURYKzDzuvheC0Q%2FLo872TXZG6%2FPjh5Je8X4HX%2FILLW%2Fb%2Fp3KJ9Jg%2FaasvoJIXpEdsL52jU1Iti4ugD0vOgDTvXuJeArfwHPYv3GI%2F71Z20oPTtYLVqB3v56qu2Ea9Dw70moNbf7OddgUvnIeMNgEbhc3gSUT2SefYhey2EmMe%2BrbvTdrKE7MNn7QTtWEOjBvtMlc74uFxiqhmPdCX1riieoOz5537nJDpepxpG2hrprcsurtz34inowJZ3RT1Z1w5anbySB2EOkvVK9Xy2yUdG31W3MxgVjsWHRj7Zj5b9MTKiETpfDpoQma0Yi9cpj08ZLo0EAejXREp%2FVXbz%2BjF5mB51Y630QxBTqN8CmV8xpgTYzQ7yfxxV431Dd4Vdjl3A4tWNeews7iNrjFWpaHSjaZDAKi4NlhvE7WbocOMnQotzoPRMDj1N%2B22HjpQtsplDCM9NGe7Q1CtynmwqBVnYLZwGozUo7wa7%2F1ugJIprVaLxMjW7AZfpBHqUv1a2leSqDEA2eO9sR%2FTTlueeNqp5wt%2F2%2BQeF%2FWzcWNu8M5gpi1Da6d6MrXBGbYZnY2VgxFOBP%2Fkr0eUdNlP4vNJxEaTzGxl15uZ29l57DIKNXO7taZueiNL8zkF%2B6tCv4wCM7%2FE4Zk78AkFTHa8MgZtfBH0dNTKwrgXNUArhsvE4LabNBGx4IvOrugb1uKyXlgVtwRtWsJaRodQ30prBV%2Fsi8AWAuuu1pOqB2b%2BJim0bDGNlFMYe36pDyJN8iI6N1iRPzR1GfZnjDy%2F8Kkl7aXEs%2FX10s6laIcvg1RvhXLiHWtdLeSujeOpQYli3bb%2Fl8pnOet8%2FlkdoQ6J4OfAAeeO4P%2B2dz7Xn%2BWgfPENWuaPtOKKlCsePYpXvCPl0C6kaMflXcg4rsCAZzlAL77JSCwn0QwrMYzEsMK6p643PCvJAi3RAkvzmyMQaPYd%2FH3i5w8IKL5HkviOVPkdqaI7AqKnBJcPnxVZ%2FuHb%2F8i9EuJED545Uf7gB06UR3%2Fy6ifheWeVY4LRi2sZSByUZBrINKQZmgU05zAMDR33CJgjK5ACPz%2F%2B%2FE%2B%2F9p8BAAD%2F%2Fzi2dv93DwAA
Requested by
Host: live.hesgoal-vip.io
URL: https://live.hesgoal-vip.io/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

Referer
https://live.hesgoal-vip.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Aug 2024 05:54:32 GMT
Strict-Transport-Security
max-age=0; includeSubdomains
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
image/gif
Cache-Control
no-cache, max-age=0, private, no-cache
Connection
keep-alive
Content-Length
7
X-Request-ID
be4a66099731e2955668f46d4679020b
Expires
Thu, 01 Jan 1970 00:00:01 GMT
7596149
eedsiwhussiy.net/5/ Frame E547
71 KB
32 KB
Script
General
Full URL
https://eedsiwhussiy.net/5/7596149
Requested by
Host: oapsoulreen.net
URL: https://oapsoulreen.net/btag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
7fadd5e978fcf4154de1904b0619add86264ec261653c736b40dedbb9bb43162

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 05:54:32 GMT
content-encoding
gzip
x-trace-id
fe226a56d0c1745be14ab40e3378516f
pragma
no-cache, no-cache
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
expires
Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
2.png
clck.littlecdn.com/web/static/300x250/ Frame E547
11 KB
11 KB
Image
General
Full URL
https://clck.littlecdn.com/web/static/300x250/2.png
Requested by
Host: live.hesgoal-vip.io
URL: https://live.hesgoal-vip.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:af4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd76a538f793b17d97c6773a83db4094e59377b0c6d431a8c7bc79c503287352

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 05:54:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
53780
alt-svc
h3=":443"; ma=86400
content-length
10778
last-modified
Mon, 17 Jul 2023 11:26:20 GMT
server
cloudflare
etag
"664ef47e5e57a086571a3ab30d1a2366"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fr5yf3ZghjnRd2NrEaG2aUl5DjlTz%2B1qXKYBM1a7%2FxhovIVmnKzbq53Izn4AcoqMlDiU%2BulKXS7%2B247H29%2F2phxZpkxP%2B7Hy2lLdJfCYipvD3QUZROiUE%2BunUDIS36FfdLpuP%2F3zTEMCsQ7Tofprt%2Bg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8b36ee39484c3a09-YYZ
expires
Thu, 15 Aug 2024 14:58:12 GMT
7596108
eedsiwhussiy.net/5/ Frame 7CDC
71 KB
32 KB
Script
General
Full URL
https://eedsiwhussiy.net/5/7596108
Requested by
Host: cegloockoar.com
URL: https://cegloockoar.com/btag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
26b650a493190c183094756830561b64693fad7736e45d879306c812d19f63fb

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 05:54:32 GMT
content-encoding
gzip
x-trace-id
3e6def959525b5f41dd681f286476802
pragma
no-cache, no-cache
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
expires
Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
11.png
clck.littlecdn.com/web/static/728x90/ Frame 7CDC
96 KB
96 KB
Image
General
Full URL
https://clck.littlecdn.com/web/static/728x90/11.png
Requested by
Host: live.hesgoal-vip.io
URL: https://live.hesgoal-vip.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:af4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a16cb2c48e0e0f8ac562eb5b85f71be3626842cec840df453d3be543202a21b6

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 05:54:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
13416
alt-svc
h3=":443"; ma=86400
content-length
97849
last-modified
Tue, 30 Apr 2024 12:16:05 GMT
server
cloudflare
etag
"8ff309019097c1f033c694bf283747d1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cFZ51RG340qLYurJxGkc95V2B4%2F0siKne7LVUS%2Fz3dRsRLe596%2BGBJAF1mcq2lw9NPjlksugXN1BbG%2FnXtqIKouv2ze5ekE4TW8F5QOq1Roko5NIgXSRYsTzLE%2BflQif0K7kOAQd3vjQK2udI%2Fg%2BT60%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8b36ee39484d3a09-YYZ
expires
Fri, 16 Aug 2024 02:10:56 GMT
favicon.ico
live.hesgoal-vip.io/
552 B
569 B
Other
General
Full URL
https://live.hesgoal-vip.io/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.12.12 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a980b60a8922f510d2da527e74ec9443a57dcc65444dbd6a3ae87dceb28090eb

Request headers

Referer
https://live.hesgoal-vip.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 05:54:33 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RTTeqC6orLDcNIlQMZLgHilGJz0sKWPjqod9dWd3%2B%2FiNeHyxekh8QKKMiqA4dAOKKh19UxG%2F5sh1vnjHZ%2BgS9%2Bct1zdRlvqv2P8JN4RJ%2BUprh0%2Bc8FuaRHpQqV9zDvhdjb%2F8XFLt"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
cf-ray
8b36ee3a8ca337d0-YYZ
alt-svc
h3=":443"; ma=86400
animate.css
cdn.creative-bars1.com/sb/notifications/rtb/msngr_1/social-media/instagram/1/css/
77 KB
5 KB
XHR
General
Full URL
https://cdn.creative-bars1.com/sb/notifications/rtb/msngr_1/social-media/instagram/1/css/animate.css
Requested by
Host: bountyformseedlings.com
URL: https://bountyformseedlings.com/7c/de/e1/7cdee121cec3460941807a332080c42f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:46fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb7d1393b65701b2f97d8da244c2c6023e9cbc3463ecb0136b915cfc775c6887

Request headers

Referer
https://live.hesgoal-vip.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 05:54:32 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
44291
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 19 Jan 2024 14:28:03 GMT
server
cloudflare
etag
W/"65aa86f3-13361"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RkGcCIz%2B0uqXaR8DElbv72xK3cIGduXvgSAI5JqC30w1f1WG43cFUn%2FzaJJc5tbarIUseDmTU5WK4f0VqFXvhTKploEmAhOrDNMg4NjP4mk98g%2FQwT8amy8xGFEFAp99BGGKIgFWQG0jsnWzbD2aCF5w1Smk"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Date
cache-control
public, max-age=315360000
cf-ray
8b36ee3bb814ac6f-YYZ
expires
Thu, 31 Dec 2037 23:55:55 GMT
style.css
cdn.creative-bars1.com/sb/notifications/rtb/msngr_1/social-media/instagram/1/css/
5 KB
2 KB
XHR
General
Full URL
https://cdn.creative-bars1.com/sb/notifications/rtb/msngr_1/social-media/instagram/1/css/style.css
Requested by
Host: bountyformseedlings.com
URL: https://bountyformseedlings.com/7c/de/e1/7cdee121cec3460941807a332080c42f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:46fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30d010e0c3ac60ec1934151dab5fbf9f0df067aea5ffa1e849532581483582d0

Request headers

Referer
https://live.hesgoal-vip.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 05:54:32 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
44291
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 19 Jan 2024 14:28:03 GMT
server
cloudflare
etag
W/"65aa86f3-137e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c8tb8tEzG5YlPTYdeStM9lc%2FZN%2FBPiCS%2BPmwzt9VLT5sxKnCBb5Sb5j9Y%2FWacRu%2FPXbt0Cx6mR%2BjJ9cFzjcow%2BlfEZfq%2Bl%2F6wnYLf6QrrfdDwB84zrM4M8nud7%2BRHxzSd41UBj48Nsk%2F0ARPTN%2FtPaqVAlnB"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Date
cache-control
public, max-age=315360000
cf-ray
8b36ee3bb816ac6f-YYZ
expires
Thu, 31 Dec 2037 23:55:55 GMT
script.js
cdn.creative-bars1.com/sb/notifications/rtb/msngr_1/social-media/instagram/1/js/
386 B
733 B
XHR
General
Full URL
https://cdn.creative-bars1.com/sb/notifications/rtb/msngr_1/social-media/instagram/1/js/script.js
Requested by
Host: bountyformseedlings.com
URL: https://bountyformseedlings.com/7c/de/e1/7cdee121cec3460941807a332080c42f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:46fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
520a0196a18cbe656f7382a02ec828125e68bdac511b9ebe2bf27f31e262d037

Request headers

Referer
https://live.hesgoal-vip.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 05:54:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
44291
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 19 Jan 2024 14:28:03 GMT
server
cloudflare
etag
W/"65aa86f3-182"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ntKMky4onuNf%2BhAuedIJove565YQdM2zu%2FOvvXhSIfJ2td4PLmpbyHaNkwkqUFtWwKYYW1vpRN11Qw5MFT5Ne1ZdLh3JYOB6ySm0iFcoaofsEHBDtKKN4F9biYF4krx1j0kCq1c6cdVADK4Ogk3OAuLti8Rr"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Date
cache-control
public, max-age=315360000
cf-ray
8b36ee3bb812ac6f-YYZ
expires
Thu, 31 Dec 2037 23:55:55 GMT
sbls
groinopposed.com/pixel/
0
469 B
Image
General
Full URL
https://groinopposed.com/pixel/sbls?bv=24.32.3879&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fnotifications%2Frtb%2Fmsngr_1%2Fsocial-media%2Finstagram%2F1%2Findex.html&l=1178&fd=440.5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://live.hesgoal-vip.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Thu, 15 Aug 2024 05:54:32 GMT
Server
nginx/1.19.5
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
win.php
adexchangegate.com/adx/openrtb/2/
0
100 B
Image
General
Full URL
https://adexchangegate.com/adx/openrtb/2/win.php?stamat=m%7C%2C%2CAhP2IhYroGU3BZ-GH0dEdHP3xP.7a5%2C59KjPr8i5QaJwPKQGOZkVrqgt3c9YnrAHezQgoBxF7XIwWWtaHRUZckY903wuUzT-xiRE9PPYJnvHEJ27IwK2MqbpXJRS6JAQM5zDoOCQW9irbXi9zrQ_0nx02V5Lm656TOv7Ckq2AFW0pBwmzH8aIWyh1Re03zhAbvAHE1vKykgi-e1hWyUnqVmgTeiqbhVgI3A0PRgxgYtYs0sMZpDoUOPEZlX9ydvqLbRyhWJ6N29flAWT8XcIQivQT4lsst-UvsA7vju_XS-LO2lwchFW6CBvreH8OrNBycG3bKSEProETRn9pEWAMY-UmtH19O1jnX57k40JcrcQu8nnRQTu2c3Y4zKM_eMEpzmpoEPsEqJQtcCubRQkVn031eASRYTElPwj744Bms-MiL2rBhsoskZFIKRCOgtwvsvHxkgSe1kPoMs9vtIMI9IHcaFY-zzWcQzJgesuDsxRZkjXRNdbdZRHMDO7hPGP8Xij2MMu8TQEPi0wAppzbr7eBvUrT3A7WB7tzQxK5MgpvnGXMmiz_qbrer5Hz6yx3-ZNBDXie6IawqJEYFoaYi3OMsNRc7t7mNUsq3xWkvG7qRKxIiayAgmYW5FU6-D6XWXWhgTkIK9TJ2SIBp_5G8sD4FC92ehEuSRxCkXWnEIXZaeFScZp3BdUkvalJfxHT443z5wuPguyNWRs5p8quKjOyAdkbgIZEqkE-qo7JRcxY_jD_IeaQ%2C%2C&adx_price=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:746 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://live.hesgoal-vip.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 15 Aug 2024 05:54:32 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8b36ee3bddc9ac66-YYZ
pxf.gif
unseenreport.com/
1 B
488 B
Image
General
Full URL
https://unseenreport.com/pxf.gif?uuid=46330d71-0b41-465a-bc18-44b76d07adc6&eb=4795fe8c3ab37b58900c2b2c4806a2e8&te=288e03b52f4b20ef1af349a70a6bcc7f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F127.0.0.0%20Safari%2F537.36&dev=r&res=14.31&b_frame=0&pk=7cdee121cec3460941807a332080c42f&bl=en-CA&sr=1200x1600&sz=1200x1600&hjs=22
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

Referer
https://live.hesgoal-vip.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Aug 2024 05:54:33 GMT
Strict-Transport-Security
max-age=0; includeSubdomains
Server
nginx/1.21.6
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache, max-age=0, private, no-cache
Connection
keep-alive
Content-Length
1
X-Request-ID
d5af4606f607f4b1ac3856ade326f539
Expires
Thu, 01 Jan 1970 00:00:01 GMT
css
fonts.googleapis.com/ Frame D37F
7 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
Requested by
Host: bountyformseedlings.com
URL: https://bountyformseedlings.com/7c/de/e1/7cdee121cec3460941807a332080c42f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a27edb907b4b9c1580815a6312982c8d6f926acb9143fd7784ffceaca42e9595
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 15 Aug 2024 05:54:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 15 Aug 2024 04:39:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 15 Aug 2024 05:54:33 GMT
close.png
cdn.creative-bars1.com/sb/notifications/rtb/msngr_1/social-media/instagram/1/img/ Frame D37F
6 KB
7 KB
Image
General
Full URL
https://cdn.creative-bars1.com/sb/notifications/rtb/msngr_1/social-media/instagram/1/img/close.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:46fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39724e1379deb5afe7ea9139a57b6e9ada37d9db28302083b23c941ebf40b8d1

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 05:54:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8603213
alt-svc
h3=":443"; ma=86400
content-length
6318
last-modified
Fri, 19 Jan 2024 14:28:03 GMT
server
cloudflare
etag
"65aa86f3-18ae"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KvY8M%2Brt2DKLH4xw4dcBtBbFVLPET4NjTx3vqYGgDiTua4xcDil%2FGqj%2BhZlTcRpkcFItaLejR%2BI%2FUrh3zH8r4JP5gQogScrUCCBE6kYCK7HtWer8n7NG%2FbGsaOB4idWHv3S9uEMnyVKSkXoWcE%2F8XK6o%2FK63"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Date
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
8b36ee3c487bac2a-YYZ
expires
Thu, 31 Dec 2037 23:55:55 GMT
number.png
cdn.creative-bars1.com/sb/notifications/rtb/msngr_1/social-media/instagram/1/img/ Frame D37F
1 KB
2 KB
Image
General
Full URL
https://cdn.creative-bars1.com/sb/notifications/rtb/msngr_1/social-media/instagram/1/img/number.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:46fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b977ec6e7cf5d35df03cd3a8041f5f523f5d4059ac67c152c0a7b613e20b762

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 05:54:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8603103
alt-svc
h3=":443"; ma=86400
content-length
1138
last-modified
Fri, 19 Jan 2024 14:28:03 GMT
server
cloudflare
etag
"65aa86f3-472"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FgvQKLI7Nw6Lmg3DgIB7hW69%2FTiB8BmVnEoE6U9d%2FhTiSbOgUVghLY0Q86eUWcRs9do5gbpaThKw5MyH03SFJAUV3bBv8%2Bexlh6CI5GGMwiFSTUUztLzSHQwl4F51%2FLxVvQk1OeSw%2FcwVxrmPOlKHdltGSvm"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Date
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
8b36ee3c487aac2a-YYZ
expires
Thu, 31 Dec 2037 23:55:55 GMT
e682d10340e21eaa3b21f97f3ca4ee47_4265.png
crrepo.com/extban/399934020/creatives/23827980/ Frame D37F
380 KB
381 KB
Image
General
Full URL
https://crrepo.com/extban/399934020/creatives/23827980/e682d10340e21eaa3b21f97f3ca4ee47_4265.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:e9c8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09d906948c8d589e3858973c57d20142aca6b76f1e7f5569d14e1804e40898a1

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 05:54:33 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
REVALIDATED
last-modified
Fri, 14 Jun 2024 19:47:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"666c9e65-5f1a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fXvPoTb6UZ%2Bqtl4tatSWrCawc0%2Bwzs6Cdhb205B%2BK8M1X7l%2BRNqFNpbzawn59hI%2FghxKnGJJ0avbQYJ1o%2BSRBH0ONUT%2BoLqjunXSCHWbSyD1Ui6%2BRjpHaF7H%2BySIkHtQzqa8zWAgQRqy"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
cf-ray
8b36ee3d5d9d6096-ORD
alt-svc
h3=":443"; ma=86400
count.html
storage.mbidstorage.com/log/ Frame E076
0
0
Document
General
Full URL
https://storage.mbidstorage.com/log/count.html
Requested by
Host: js.mbidadm.com
URL: https://js.mbidadm.com/static/scripts.m.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:a4f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://live.hesgoal-vip.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8b36ee3d4a1fab6f-YYZ
content-encoding
br
content-type
text/html
date
Thu, 15 Aug 2024 05:54:33 GMT
last-modified
Mon, 18 Sep 2023 14:39:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y8cIAoeY0LKF4kOOLXfkKi7FQ4i3bGcLEzzqifVqgiG2JfyvgK2ryMNPkqIenN01l76OQFgpBtTyZ2i%2FLrHVKsU5GEf2mUxDiHdFAlu0wj9oDmh3i%2BLNbA%2F%2FQhtcVWDRLckd%2BpSSmOOqPZ2q4PQQmFJp4deBrg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-request-id
adfa03515d06a6ae0fffb005bcbe2313
track
metricswpsh.com/in/
0
202 B
XHR
General
Full URL
https://metricswpsh.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiIxMjU4MzkyNjY4MDM1MDgwMjAwMCIsInRpbWV6b25lIjotNywidmVyIjoiMy4xMjcuMyIsInRhZ19pZCI6MjE1NjQ1LCJzY3JlZW5fcmVzb2x1dGlvbiI6IjE2MDB4MTIwMCIsImFkYmxvY2siOjAsInRpbWV6b25lX29sc29uIjoiQW1lcmljYS9WYW5jb3V2ZXIiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MS4zMSwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowfQ==
Requested by
Host: js.mbidadm.com
URL: https://js.mbidadm.com/static/scripts.m.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
88.198.204.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-204-164.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://live.hesgoal-vip.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Aug 2024 05:54:33 GMT
server
nginx/1.18.0
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
0
npush.m.js
js.mbidinp.com/npc/sdk/wpu/
181 KB
50 KB
Script
General
Full URL
https://js.mbidinp.com/npc/sdk/wpu/npush.m.js
Requested by
Host: js.mbidadm.com
URL: https://js.mbidadm.com/static/scripts.m.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
b7c405dd3b9111861bc703dc29de3baac07410b2328701cff30f7c20da87809a

Request headers

Referer
https://live.hesgoal-vip.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-proxy-cache
HIT
date
Thu, 15 Aug 2024 05:54:33 GMT
content-encoding
gzip
last-modified
Tue, 13 Aug 2024 11:23:50 GMT
server
nginx/1.18.0
etag
W/"66bb4246-2d381"
x-cdn-host-id
ds8137
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=300
expires
Thu, 15 Aug 2024 05:59:33 GMT
push.m.js
js.mbidpsh.com/npc/sdk/
33 KB
15 KB
Script
General
Full URL
https://js.mbidpsh.com/npc/sdk/push.m.js?v=1
Requested by
Host: js.mbidadm.com
URL: https://js.mbidadm.com/static/scripts.m.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
7e37ff193f8ff270be63999a72f18ee2dc05833e5dac26a6e7e925c476ea3296

Request headers

Referer
https://live.hesgoal-vip.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-proxy-cache
HIT
date
Thu, 15 Aug 2024 05:54:33 GMT
content-encoding
gzip
last-modified
Mon, 29 Jul 2024 12:35:47 GMT
server
nginx/1.18.0
etag
W/"66a78ca3-85f3"
x-cdn-host-id
ds8137
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=300
expires
Thu, 15 Aug 2024 05:59:33 GMT
fp
fp.metricswpsh.com/
58 B
437 B
XHR
General
Full URL
https://fp.metricswpsh.com/fp?tag_id=215645
Requested by
Host: js.mbidadm.com
URL: https://js.mbidadm.com/static/scripts.m.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
157.90.84.242 Ismaning, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.242.84.90.157.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
b3a73cba36a0f02a0727750f5520369d1bbbcfdff9f2f47bf4e0fd35ae5483e6

Request headers

Referer
https://live.hesgoal-vip.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Date
Thu, 15 Aug 2024 05:54:34 GMT
Server
nginx/1.20.1
Vary
Origin
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://live.hesgoal-vip.io
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
58
sbls
groinopposed.com/pixel/
0
469 B
Image
General
Full URL
https://groinopposed.com/pixel/sbls?bv=24.32.3879&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Frtb%2Fmsngr_1%2Fsocial-media%2Finstagram%2F1%2Fcss%2Fstyle.css&l=4990&fd=220.80000001192093
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://live.hesgoal-vip.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Thu, 15 Aug 2024 05:54:32 GMT
Server
nginx/1.19.5
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
sbls
groinopposed.com/pixel/
0
469 B
Image
General
Full URL
https://groinopposed.com/pixel/sbls?bv=24.32.3879&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Frtb%2Fmsngr_1%2Fsocial-media%2Finstagram%2F1%2Fcss%2Fanimate.css&l=78689&fd=223.69999998807907
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://live.hesgoal-vip.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Thu, 15 Aug 2024 05:54:33 GMT
Server
nginx/1.19.5
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
sbls
groinopposed.com/pixel/
0
469 B
Image
General
Full URL
https://groinopposed.com/pixel/sbls?bv=24.32.3879&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Frtb%2Fmsngr_1%2Fsocial-media%2Finstagram%2F1%2Fjs%2Fscript.js&l=386&fd=220
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://live.hesgoal-vip.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Thu, 15 Aug 2024 05:54:33 GMT
Server
nginx/1.19.5
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
fp
fp.metricswpsh.com/ Frame
0
0
Preflight
General
Full URL
https://fp.metricswpsh.com/fp?tag_id=215645
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
157.90.84.242 Ismaning, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.242.84.90.157.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://live.hesgoal-vip.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin
https://live.hesgoal-vip.io
Connection
keep-alive
Date
Thu, 15 Aug 2024 05:54:33 GMT
Server
nginx/1.20.1
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
gid.js
my.rtmark.net/ Frame E547
65 B
549 B
XHR
General
Full URL
https://my.rtmark.net/gid.js?userId=0080b933e4684c0fe504f863d3a8358c
Requested by
Host: eedsiwhussiy.net
URL: https://eedsiwhussiy.net/5/7596149
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
437fe0a517820693a41b57a2a7cad115fc479efd5715bee9b098791d00ad3e92
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 05:54:33 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://live.hesgoal-vip.io
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
impr.gif
groinopposed.com/
7 B
733 B
Image
General
Full URL
https://groinopposed.com/impr.gif?sid=H4sIAAAAAAAC%2F3yXy6%2Fk2F3H63ZHCCkCiYRFJIR0lZsOGSnu6%2FeD0WjkertcD5erXFUutVQc26fsU36Wj19lNlGCUHY0rFjeOZ2ZZAgoyYINKAjdYYE0EtI0q57FbOAPQCBWzAJ1T4fhMeRnS%2Bd3zu9nyef4fL4%2Fnz98p%2Fykw5ISvICztEVRBG6Fx%2FT1t3YM8%2Bb1FCVlc93I4kHk37hWsyyCW%2BjoqLgVOOkxJ15%2FSx%2BvZ9NvX0cohNcj6IbpG9e9IE9jeMuw0mP65XW9AkeQo9ePEJT9BSOKj%2BnHLC08ZmSeNPn%2FGsDlFcHginjVJ52vEOQ9%2F%2FX%2F%2BKcpQe49SeKf9iEOizT79iAuI1CkOam8H1pJmKR1QuLP3WN%2BRY7JD19nkxR%2FNPwbkibvvpoRSav%2FSnTQ886DL5fESd777MWJUz1jWIk4EYEJcbwvk7q6JzC6JwjcEzf9HkHe7xDXIz2VJPF7PZAAD3wWAy9jzzsPfv%2BfCaqfdx6evkuS%2BMddGEXXr9Oa4x1BzT1B%2Fj3Jyg9I0X5KUP0BcYvvEuT9Q%2BfJX79JkvhHszQpcggigrwX3%2BBFjqM9iaFoh2coXhQA5biMTPG8I4keLQHPFV%2BtDkL3BB3vSQSfEoAfkhJfkRJdkfJ4RcrsisTei2vmeFQY2vEAzQjCUfQcRqaPNJCPQBbkoyOT0n05iaekyJ4SN3pK3Pw7JMu%2FQ0L0xx89%2FCOSl39LcHBHsHdFcNEhlXdHatghNe6QGnRIjTqkLjqkru7e9SLM4rv3vAiXDvO6ZV%2B33N2ztPDfAe%2BmhQ%2BTrxGQPyW5d%2FdO9knnN14u4tXxrb8kIXxxLbkehAzLuNDleJFWeEamJcBxLC3TLs8eCUZ3BOEHBOAr0qLnnTf%2F%2FVOSoeedr77998QBHxAcfUBc9FUCyt8moL4jILgjbfITJoDYT0FEVSh7jFLipXckK75EisvVO9Ennd969SX7n%2F4rge6Hb9%2F%2F2%2Fs%2FDb4iEze%2FI1l%2BR07o7zrEj77%2FzEzrzg%2FMtMadny2yAsWoBQVKk1UBCtj5Mx1e6jT3tD5%2B%2Br7qvgy8dP98DXExBYmHEh93ftxFngfzYZq7sPNzDW%2BhY5Q46JZ5UmZTozfU4iyHGKM0uScAfeRsiIued37tV37z1db95hu%2FSlD%2BAcnLjx9%2BKSiKDP%2Fu7S3wYOMGIPGhDwr42E3jWy%2B9dR9nQfY2LkAMirfiR1LvEfvyXrLD0g4G52Jkcd0BNRrT3sAbG1xjPPZk8RHbw6s5jaEzWeBj34fNRnCYfMdZCVurCjefcscNcgL5NAIocsQFs1lY09OcD4VYRpa92h%2BSVuzK06YBW3%2FWDVag7PdWAV%2BXI9p2rTnoDl2OQ7oxgg106LXQ1%2FZpmuaa4eUOjezuvj2Viy6WIiav12oMjoHftFxQcyG1ZC%2FdnT0SeiN2ktrQN3JhtE%2F36wo5%2FsopZuqUP%2Fe7ACjNcgcrd2FYk30uLPfucWAGK7Nw8wKY3fGKrS%2FiPm6m3hAIC6%2BlLY%2FnegLTQ9NtHPW6gT8xs0RR5szK1pty1VBYEQ7zgbWouWORK9ZxeoaZO%2FViKBeLYj4CfDZCK%2FM4lfucPAIXT3F13PSEtYvVI28z%2Fk47sVE2OLTnycYcW3igOnUOjTx0Jop9gimlth6od7Rfa5Nd3xeRTVG57JTBFlVir2nPcrab1aHZpYGBQQL0Ut7o0ibkDmrd4Kl%2FkFmYpP3ZbDumlsOTPe6O813DcyfJToWgzExZxSON1tVMmRQ14JmUldeoqo2Jlcnm1mdn%2Bdqrxms47YI0kSlFynYHyDSImofGetHDK4qelceaHqdeqa7ctRfX8%2BG2oS0b88ut1%2B%2B3khhaxUmsW7X00hBZCY%2F73UM4qPTUHpYT2zODoenJS4UqNvT0YsexcIF73tKP%2BzTs9jmO6U233gHvTntqvq%2FY8MKOrNaaBR5b78ytreXjDeO556FmjHkVcsvxFtGP2B6Jyw%2Ff%2FpfOKyMovSdu9gc%2FubnpD1Y9UzPW2mJ%2Bc%2FNX6zS7nqQOvkbJ9RgkHqYWyXWeRhD%2F7ObGWKzWXbWnHyxzurq5%2Bfih%2BfXPwHpy%2B%2BQL0Ho51jy5TTOY5IXz5JZ9cluj5ItZUwOD1QI7T1%2Bytv8frElAeMT2BEU%2FGbmMhCWY1Ia%2BHC324SY%2F%2BwXnKnaSq2PYLv202wylnVZvtwUYm9beDW2F5urSatdUg8yBYhj2JKnGgwkrabXOzs5OtpuYK3GiLmdC208XveVWQbmzQ0qbLw900tDsRpjGoiCuF5XUC8%2BsOtzSWbeO27EMtO0lYExIc22gOpU6HjCVfgl9REEm2F6s5LyJ%2FTVEZyfY%2BBqn0obpN75d2JjGs33WT62FMdhHO%2BXiVeepY16C7UScs8oxUrdreedqS1Qt13yEcUFZFVal6lQeditqumCj2g2GW7HXrXI4lhf5vHtxR5yjrwZGng7WZqJkg606sykrLsaMsmBOyU6QQp6euLm7LOUkMZfrknU5m2%2F12QHOBlkbZ%2BnAwIPzZFm4vdIxl%2BEmoTkGqivTXg8ioz5JPN%2BNMTVDUzbvBjjF4X6o6WZv4Rd1hatxE%2ForyIRGOsNKVWgzTdHGLhjaVNtu3WU78SEu%2B7gx9%2BFpZ849x9ub41l%2FIQXGyJB36MTOZqW8Xg4MRNdqlrVOLsFuZeVrTpW2Xalol40uzPysSka7WYzaw9nJYS6MW%2FHScNR%2B3u3vEBQ1UJ8nA3uYAhtxixmem65USPHcwmeu2YbVSDqbeqMhcFH92N4KQ0uk%2BuJuu9sG%2FjrUdGU9YVdaNzsIIxn3%2BWFPYWEwKFdm0wt322Sg7fYADlfuPuO6nhVWIJocm%2FGa57lWqEvDLy%2FzrYmFTD6X%2BmlxUb3Q8bX94BwOqHMqTUy3sQ%2Bn%2FkGDYPnZ5v8m8JpDliMXvvX1929u1tp6OvilLP7o5kbrveT1xe%2F9orK5eQ6z9FVFg03hgOSWUxSF42mWvnVzCApUQXzLcjIrKTJ9C0WZ9Ria42nIMhAAzmGZoyIdORfwEPLSgWdF4XGW%2BARnH3ZeG8Fph%2BTR530nuyJ1%2BfHDyS%2Bpr8BrfiEBt%2Bz%2FLwBLpMf8SVt9gQDwgvSI7aVzdEqqZXER9GHJGZDm3UvcS%2BAWnsP%2BhVvs593KTnpwulawGrXj%2FVzVFduo98GBXnNw62%2B2067ghfOQ0SZgo7AZPInIPukcu5DdVmLMQ9%2F2vUlbeWK24ZN2ojbMgXGjXeZqRzw8ThHVrAf60hpXVG9w9rxznxMyXY8zbQNtzfSWRXd37hvxdFQgq5ui%2FowrR81OHqmDUGepeqVafrukY6PPipsZzGrHogNj38xni55YGZEonU8HTciMVuyFy7SHh0yXBuJgtCsipb9q%2Bxm92Bwsr9rxNpohyGmUT6GMzxhzYoxmJ5k%2F7qqxvsG7wi7nbmDRquYcdha30TXGqjRUutF0CAAV1wbrbaJ2M3SYsVOhxXkwGgan%2Fqbd1kMHyla5jGGkh%2BZsdwiqVTkPFrXiDMwWToORepRX473fDVAypdVqkRjZmt3gizRCXapfS%2FtKEjUGIHu8N%2FZj2mnLE0879Xzhb5vc46J%2BNm7MDd4ZzLRlaO1UT6Y2OMM2o7OxcjDCieCf%2FPWIki77SXw%2Bidhokpmt7Hozczs7j11GoWZut9bUTW9kaT6nYH9V6JdRYOaXODxzBz6hgMmOV8agjS%2BCno5aWRj3ogZoxXCZGNx2kyYiFnzR2RV9w1pc1gur4pagTUtYy%2BgQ6ltpreCLfRHYQmDd1XpS9cDM3ySFli2mkXIKY88v9UGkSV5E5wYr8oemLsP%2BjJHnFz61pL2UeLa%2BXtq5FO3wZZDqrVBOvGOtq4XctXE8NShRrNv2%2FwrAs5x1Pv%2BtjlCHRPBz4IBzR%2FB%2F6zuf%2B89yUL74Bi3zR1pxRcoVjx7FK96RcmgXUrTj8i5kHFdgwLMcoBffZCSWk2iGlRhGYlhh3VPXG56VZIGWaIGl%2Bc0RCDT7Dv4%2B8fMHBBTfI0l8R6r8jlTRHQHRU4LLh8%2BKLP%2Fw7X%2FkXhlxogfPnCh%2F8AMnyqM%2FeXVIeN5Z5Zhg9OKaBrQrHx2X5kTFFYArs5AXGNYVHShBhXVIgZ8ff%2F6nX%2FvPAAAA%2F%2F8ckJemdw8AAA%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

Referer
https://live.hesgoal-vip.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Aug 2024 05:54:33 GMT
Strict-Transport-Security
max-age=0; includeSubdomains
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
image/gif
Cache-Control
no-cache, max-age=0, private, no-cache
Connection
keep-alive
Content-Length
7
X-Request-ID
527af4096436e868f07a0cf7bf0206bb
Expires
Thu, 01 Jan 1970 00:00:01 GMT
sbs
groinopposed.com/pixel/
0
469 B
Image
General
Full URL
https://groinopposed.com/pixel/sbs?c=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://live.hesgoal-vip.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Thu, 15 Aug 2024 05:54:33 GMT
Server
nginx/1.19.5
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ Frame D37F
18 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://live.hesgoal-vip.io
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 20:46:32 GMT
x-content-type-options
nosniff
age
551281
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18596
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 20:41:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Aug 2025 20:46:32 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ Frame D37F
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://live.hesgoal-vip.io
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 20:46:30 GMT
x-content-type-options
nosniff
age
551283
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18536
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Aug 2025 20:46:30 GMT
identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
  • https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Ab5oB3oRNJfyQ_x2tUG1ZrcDav2gWMlJijq-lKrwHKiAbLyA6agMXVZSdO_6p...
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=Ab5oB3rAHQ0g0wMBk9oms0UW4bSfn6Gxvyf7CYzxTNAgmmFguQF989MHs8P3Yx1ZcyZ6DvMMYaXk&passive=t...
0
0

nmain.m.js
js.mbidinp.com/skins/
529 KB
125 KB
Script
General
Full URL
https://js.mbidinp.com/skins/nmain.m.js
Requested by
Host: js.mbidinp.com
URL: https://js.mbidinp.com/npc/sdk/wpu/npush.m.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0ebfbcbf3457da6d378a665bc6305a2c7264256ffbdd01be7ccbb91a45710d89

Request headers

Referer
https://live.hesgoal-vip.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-proxy-cache
HIT
date
Thu, 15 Aug 2024 05:54:33 GMT
content-encoding
gzip
last-modified
Tue, 13 Aug 2024 11:23:46 GMT
server
nginx/1.18.0
etag
W/"66bb4242-844da"
x-cdn-host-id
ds8137
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=300
expires
Thu, 15 Aug 2024 05:59:33 GMT
multy
mbdippex.com/in/ Frame
0
0
Preflight
General
Full URL
https://mbdippex.com/in/multy
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a01:4f8:252:561a::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://live.hesgoal-vip.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
date
Thu, 15 Aug 2024 05:54:34 GMT
pragma
no-cache
server
nginx/1.20.1
vary
Origin
dip
mbddip.com/in/
0
202 B
XHR
General
Full URL
https://mbddip.com/in/dip?site=native-push&wl=0&event_id=373dfc03-c425-43ba-a98c-03142c6ca898&subid=1891527520&sid=3261985548&spot_id=2003567&created_at=2024-08-14&timezone=-7&ver=8.182.1&is_native=1
Requested by
Host: js.mbidinp.com
URL: https://js.mbidinp.com/npc/sdk/wpu/npush.m.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
167.235.163.216 Bühl, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.216.163.235.167.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://live.hesgoal-vip.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Aug 2024 05:54:34 GMT
server
nginx/1.20.1
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
0
multy
mbdippex.com/in/
44 KB
6 KB
XHR
General
Full URL
https://mbdippex.com/in/multy
Requested by
Host: js.mbidinp.com
URL: https://js.mbidinp.com/npc/sdk/wpu/npush.m.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a01:4f8:252:561a::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
c3fe751fc2804142a99dc445802eb920afc256f19de879893c454dc47c6a4fad

Request headers

Referer
https://live.hesgoal-vip.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 15 Aug 2024 05:54:35 GMT
content-encoding
gzip
server
nginx/1.20.1
vary
Origin
access-control-allow-methods
*
content-type
application/json
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
5458
SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp
static.bookmsg.com/creatives/SG/
0
0

SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp
static.bookmsg.com/creatives/SG/
0
0

/
mbdippex.com/in/show/
0
202 B
Image
General
Full URL
https://mbdippex.com/in/show/?tag_ab=d&site_id=312003567&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,tz_offset&ssp=3964&page=https%3A%2F%2Flive.hesgoal-vip.io%2F&refdom=live.hesgoal-vip.io&auction_time=1723701274&subid=1891527520&sid=3261985548&tcid=0&ver=8.182.1&ver_c=&spot_id=2003567&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-08-14&iabcat=IAB17&keywords=&user_fp=4195996890090051353&score=100&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1891527520%26spot_id%3D2003567%26is_adult%3D0%26p%3Dhttps%253A%252F%252Flive.hesgoal-vip.io%252F%26idzone%3D0%26sid%3D1885&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fpodefr2.net%2Fb2%2Fl%2Fc%2Fredir%3Fasid%3D3276291526ZOlGqmfY%26cid%3D1%26did%3DT3htZ1o%26eid%3D11884%26n%3D99f00503405d98298c62d826%26nid%3D1%26sid%3DQ8bpW%252FnrzwPFhpz%252FV748rZI9H9wBfyx4LM9rt7bv6UFV3JJ7pCX91dJPQ01myQa8dRUqUT8Pzy0uMyki4QvoMGV%252F6n99hYQKFtbLDaEMO2SKEVS0vn5tvoUaTTmNTmC94KefS4PR4Z4Z5Y6T29luHKDbBRL7hIko3Ev6t317YeiQNCRSP1J1XeHvPMLvR9AZTKE2%252FJRJAzbPqy%252F0OpTw%252BAzhM63iHLe1ymjyHZWt8QUNPEGzdpU1LSl8TBW94F6aOPBaJGj8Hi8I8vecHbEvz%252FHsZjwKnN1OJ87NyBdopdQcfDkoUxJlaVp%252Btl0w%252FUp9e2y9tr601F1oTjxJaHFYVp4npilr6%252FHCTLZHYBF8tIOLaTxAXXHgrpmlSi%252BUInqu1R5mKJIVS3THVcUL5sod3JosK%252BrMwRxsD5HzASIuv4QHRljd%252FhIagBmNLtvmp3RW6CauSPzYCVhEx3qI%252FVlM7vKuwnTkvxLeJnOSNA7Lsg4JWA6cglIeEI8ezFiQUhAAYQeJ15MWQOjz0h2r063GIrPFmX7sjZ1lcnlegEoFkWYC6BsiAqLbIQaCBsUlHodTHHVU9kza%252FdvEYMjw7YgvJHiVpVOfa7GbBEQ0llyEx0NzHSrWl08ZCVQ9%252Fe3r4jPU08d0oxZPcV3BD2DYv4wOBK26Xa0c8MjerIz%252F9IN9i4FQdlXbaH1PXWzAccNpzyz9m5SQiK38R5zKcPi0jrWwT8tX7L1fZ%252BUPbzjNoWLyLK%252B96uOc%252B4%252B0D8peIJr4Z1qXSPVlR2WPoMcz4SYFSNIRZr86nQJ7mUMd%252FJxUD7mPYiADmNE8mzM1GjSXr46V3ocka3rYITMJuiXwnCLNwWnWE15%252Bh9ZFClSXvtRwZ7Io35ncZOmINuwtnJg3tXJr55lo52leeRoV%252FwP5mav2v3JxUPY%252BtQsG5cqIls5%252BZLkhuQ7V24A589nGgyo1qF1cVtOIinhmMelgxcHX7neBEikBTtXKKsCax7bu1VQ%252B0QTDNmw5uIRQNn1pt9SumZ%252BMHdj3u3d20kMfeMBCfb080qa8z7ZkkbYyK98G7gV1a%252FBeZniY354cwMN22HRa3ELi2XoGX8GO2I4yZOYgk2UAZYRY8%252BvWiPOjM7cdS8UWAGhckdut%252BINGTSOE1%252BWsDWz9EXLL8RebiupKJWEJ910HpjMT1IrhlMlb1AqFTxupc7puonre1crFg2GH3R7nFkFvAhky6J50uWacij%252FiCHMpKhWcxxTsdktwbyeJX3gQx43oM9%252FkDySiPPZuFko8BDJ6yvLqYk7n1CK0zWjbcWYVreQjgnc%252B6NUAwAaMyxi2mO5KlWDtvatuCD%252FaDoU0%252FPB%252B8yhy2qu8bDxQFBZGsZNJwvZ5bvnv5KZICNYUDGmKiiUeEkHbfz9xxPZzNxgXVnDs75U6PCmExOS130nLwV6aQB9Zddo1lGC92iOzZkGDMVjzxc8J04MG6XhdY8TjuKEWVpnCscmJHwHCkrZqC1gPmYcLuX7I%252BkW3%252FevCxq7jv%252BWtd58GdA7VYz0qU1dIOeBoU9xbaCBNtM1K4NvYe5zbdIpfgjLASTphLdEWZnEA18RVm3cZJ%252B0MLsshmasn6czicyWIDxIodHWGUZMxodPbCLWaBqeNmtYZwBybt8oremtKkgaQfISuclTE3h1%252BmDMYg7lN7aCQOJLPk%252Foww2T5JQyOe5mmlV%252FELdE84zgF4hxeGqy8%252BcOosAxuJ%252Fv%252B9Ps7dZtu21%252BHePitH414hoo2NkAo4vN39Y3%252BQHWCz1uAsqo1XJu4BzVsoGx4f4og0dS20IeXFjaYUUMhJJK1vEJKBLZiFpmAjE3UjoD%252B8%252BnZ1p%252FcW4bW0C1mks54BcRVVR4WGELhrgswEwuEJslkVWu0X62i2lQLLi800Ch2FWBq08TO9sjWDRS4QK5l%252F7VzxMWLIriUQCTQkGfUVva7B%252BzyKGW36lkrwOYU9yRJLq9gca4BExiB5uXAkB2pECfHumm3s%252FcDwjsfWHiVrDjvas16VrexAZiusKwa53V6lYe38vrGddH3fXLBI4npgQ%26ssid%3D3276291526ZOlGqmfY%26ts%3D1723701274%26ttl%3D7200%26v%3Dv5.11.22&icons=hToPj2ekdE-rvZwOlFZjTxwyu72egyvuhSEH2nOVOgE1r4nAOv0XbBz4guBMC4DrYGsTnIfaJ_OEUnBeIYy2FJkISmurRF1cb8dp3p6KGLYwVByoXk0FRBpBOFhkaQzYHWhXyXqOehrgNKRdXaFhEt7sUnBMSccyODHb11GTt_ZdSRQWHw&ext_cid=0&px_id=532003567&min_cpm=0.0015652513019929171&out_id=1&campaign_type=lq-pop&aid=61&cid=13353&uniq=&mid=6522902484475029070&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.016380292733575115&cpm=0&verify_hash=36ce487e745b1f3b08319753ea90e2f6&is_native=2&real_bid=0.00025618222812360473&original_bid_usd=0.000262079&original_bid=0.000262079&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F127.0.0.0%20Safari%2F537.36&ip_mismatch=2001:4958:1420:151::184&geo=CA&carrier=-&label_ids=27,108,0,83,89,20&need_redirect_show=0&applied_features=coef_090,main-skins-settings&show_count=1&expiration_timestamp=1723787674&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-mainstream&price=0.000262079&hostname=auc-inpage-hz-3-b&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=America/Vancouver&topics=&historical_keywords=&pop_cpc=0.00000026207900000000005&ext_campaign_id_str=&is_webview=0&client_price=0&direct_client_price=0&priority=0&client_payment_model=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_l-body&mlf=1&mlc=1&st=0.06&cpa=12818a22-ddae-498c-a09b-d19295b66955&prev_step_diff=1449
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a01:4f8:252:561a::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://live.hesgoal-vip.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Aug 2024 05:54:35 GMT
server
nginx/1.20.1
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
0
/
mbdippex.com/in/show/
0
201 B
Image
General
Full URL
https://mbdippex.com/in/show/?tag_ab=d&site_id=312003567&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,tz_offset&ssp=3964&page=https%3A%2F%2Flive.hesgoal-vip.io%2F&refdom=live.hesgoal-vip.io&auction_time=1723701274&subid=1891527520&sid=3261985548&tcid=0&ver=8.182.1&ver_c=&spot_id=2003567&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-08-14&iabcat=IAB17&keywords=&user_fp=4195996890090051353&score=100&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1891527520%26spot_id%3D2003567%26is_adult%3D0%26p%3Dhttps%253A%252F%252Flive.hesgoal-vip.io%252F%26idzone%3D0%26sid%3D1885&is_cpm=1&resp_type=&crid=s567178&crtid=5fb78099ad779428e2e7baecd2305b67&url=http%3A%2F%2Fipp-10130.feedfinder23.info%2Fapi%2Fin-page%2Ftrack%3Fid%3D43-89frh6%26event%3D2%26time%3D1723701274&icons=pIB6N35zLTllR_RAzqGjWiGhtiEfJ9aObK2xVq9N3ZvuCY6ecu95pTUZiUwsoaWpzqFjYC4pYUkHOtnICrkm7EWEjLF8ricarmVbcL8rdKAjk_v09-s448-DJyt9qIuRv2ynrRer9KJaNGfHSUL9Wxopg7AAH9AnAK6-eg8b_-r5qURmMd0wPQHkKa-49keNC-IaiQcIdkLmiXoZZNIG5stjHV0woq0tlGXx9q1rG4-1Lj_8ZzlSasxdPBd9yI_lW6lH-4-a4fwcqif1JtrddVlKSgUMAujsr4uMzcaMwhgaD0EzHaeyj9hrH4tyVPskiR0&ext_cid=312007&px_id=1800348106&min_cpm=9.154386346341993e-05&out_id=0&campaign_type=hq&aid=3705&cid=15381&uniq=&mid=6522902484475029070&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.00016&cpm=0.00016&verify_hash=0ecb687b4ffd4299ad585d17e1f2c1ca&is_native=1&real_bid=0.00016&original_bid_usd=0.00016&original_bid=0.00016&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F127.0.0.0%20Safari%2F537.36&ip_mismatch=2001:4958:1420:151::184&geo=CA&carrier=-&label_ids=83,90,108,0&need_redirect_show=0&applied_features=coef_090,main-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fnotifypicture.info%2Fp%2Fcreative-image%2F567178.png&site=native-push-mainstream&price=0&hostname=auc-inpage-hz-3-b&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=America/Vancouver&topics=&historical_keywords=&pop_cpc=0&ext_campaign_id_str=312007&is_webview=0&client_price=0&direct_client_price=0&priority=0&client_payment_model=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_l-body&st=0.06&cpa=51893aae-8843-4278-81f2-6203f9f1ccbd&prev_step_diff=1449
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a01:4f8:252:561a::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://live.hesgoal-vip.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Aug 2024 05:54:35 GMT
server
nginx/1.20.1
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
0
567178.png
notifypicture.info/p/creative-icon/ Frame 6EE7
Redirect Chain
  • https://ipp-10130.feedfinder23.info/api/in-page/track?id=43-89frh6&event=1&sig=42b5226fb28ee16e53e554eb2aa4ed&u=aHR0cHM6Ly9ub3RpZnlwaWN0dXJlLmluZm8vcC9jcmVhdGl2ZS1pY29uLzU2NzE3OC5wbmc%3D&time=17237...
  • https://notifypicture.info/p/creative-icon/567178.png
67 KB
67 KB
Image
General
Full URL
https://notifypicture.info/p/creative-icon/567178.png
Protocol
H2
Server
2606:4700:3038::6815:eabf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
871523b8e5b8e16bfb07a8cbcd27117759db0ea4083fd7d0a904fc37aab236cb

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 05:54:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
231371
content-disposition
inline; filename="creative-icon-567178.png"
alt-svc
h3=":443"; ma=86400
content-length
68444
pragma
public
last-modified
Sun, 23 Jun 2024 09:24:51 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZRZdr4uODDmGHJzt1dTRGlN7f%2BTAv%2FGywTW28aMyg478nbynIATlsH1lgurNNMRB8Ddhp7CKUF4m%2F3awoW%2F9tsDXucMpuYY07l1CSYlgw3JUcz7sbHEK13mFgwEIlB%2B9k2vsU%2Fi1hqjL%2FzstZunazZg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=864000
accept-ranges
bytes
cf-ray
8b36ee4d0cdf1050-ORD
expires
0

Redirect headers

date
Thu, 15 Aug 2024 05:54:35 GMT
referrer-policy
no-referrer
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T%2FlkGEokSH6oyMxEHJwa4h5mfy%2BPgicKkO%2FWdTWw5GeoONfOrwfDpexPFCRy3ssFvtNfBpDJW5mECNRt%2BlVmoo5tEk%2FyObHuKe8X58HiBc9n50WZ1eJFXrP0mLsisMA5trL9mRx7z2AGBSjnYGmrkchmkM4tMeic1eI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=UTF-8
location
https://notifypicture.info/p/creative-icon/567178.png
cf-ray
8b36ee4b9cc5ab9a-YYZ
alt-svc
h3=":443"; ma=86400
567178.png
notifypicture.info/p/creative-image/ Frame 6EE7
98 KB
99 KB
Image
General
Full URL
https://notifypicture.info/p/creative-image/567178.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eabf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5da34a2c8cc65d23486e73be5954acb4ee504e2bac86ca2a470798ad4f643d0c

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 05:54:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
194715
content-disposition
inline; filename="creative-image-567178.png"
alt-svc
h3=":443"; ma=86400
content-length
100588
pragma
public
last-modified
Sun, 23 Jun 2024 09:24:51 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4QfDajelGiOK7ciUgN5DMzOeIm8%2FdEFaF6M8uSZaXq91Eqg2DBsRQmNdGHAgh9nywIAMpuvzYxRDQQFv9AHrkxyAZ0S1zCBuGLxvxhP4UHO187hQSRbCQcI6442bH9fmvOLEWVZSUqNzIrdZQFxfYOk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=864000
accept-ranges
bytes
cf-ray
8b36ee4cccae1050-ORD
expires
0
truncated
/ Frame 6EE7
483 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
444a68f8495f8630e1a536a36db8f87ae01cc45e59a3ebf341e1568cc0904cf0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
live.shoot-yalla.tv
URL
https://live.shoot-yalla.tv/uploads/img/telegram.svg
Domain
accounts.google.com
URL
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=Ab5oB3rAHQ0g0wMBk9oms0UW4bSfn6Gxvyf7CYzxTNAgmmFguQF989MHs8P3Yx1ZcyZ6DvMMYaXk&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-887494323%3A1723701274247277&ddm=0
Domain
static.bookmsg.com
URL
https://static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_l-body&mlf=1&mlc=1&st=0.06&cpa=5c0c9d8c-ce5b-4dc3-a43e-f68b192e9f36&prev_step_diff=1449
Domain
static.bookmsg.com
URL
https://static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 string| currentUrl string| mainURL number| p function| Adcash function| AtcshAltNm string| rgxngibqxq object| aclib function| _0x4412 function| _0x2609 object| sbslms function| reload_home function| $ function| jQuery string| API_TEAM_URL string| API_LEAGUE_URL number| time string| todayDate string| currentDomain string| API_URL_MATCHES string| API_PRD_URL_MATCHES object| matchTable function| postToNewTab function| go_link function| isMobile function| formatDate function| reverseScore function| addMatchTile function| get_prd_api function| gtag object| dataLayer object| _shareusssp boolean| user_engagement814 function| _0x43e5 function| _0x4625 object| LieDetector string| utsid-send object| __adFormats object| __formatsGetters object| _admSptsInVw object| AdManager object| a3klsam object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| $insertQueue1ab165c233f6$ object| 642fuexiwg6 object| zfgformats object| syncCallbacks function| getRemoteSubscriber function| init object| activesInpages function| __fp-init object| __inpageSkins

20 Cookies

Domain/Path Name / Value
proftrafficcounter.com/ Name: uid_id2
Value: 46330d71-0b41-465a-bc18-44b76d07adc6:3:1
live.hesgoal-vip.io/ Name: dom3ic8zudi28v8lr6fgphwffqoz0j6c
Value: 46330d71-0b41-465a-bc18-44b76d07adc6%3A3%3A1
live.hesgoal-vip.io/ Name: sb_main_7cdee121cec3460941807a332080c42f
Value: 1
live.hesgoal-vip.io/ Name: sb_count_7cdee121cec3460941807a332080c42f
Value: 1
ql.vinelethoner.com/ Name: GL_UI4
Value: eJw9jd1Og0AQhaGwtNWCTsID%2BAgUpOil6a3vQAZ2oGuX3WbYUn17VxO9Oj%2F5ck4QBKv8AcIl2UJ0xRqeKvl6GF6oqPC53JcV1XVZoRzqvm4ORYMStmpuHXaaXAybeUJ2rVti2I1kiFXf9lZSCo%2Be%2BmvOxt5MDKJjNDIFMXlCp7Du2N5m4jyC2OBEkBxPbL2KCT8sQ7QvG%2B%2BV8T4sYGXnPMruQLwrc%2F3MdkmQZUkA9xeNbrA8tUr6KEZGSRC%2BwaZHR6PlL1hLms%2FOXgCslu0%2F%2F%2Fsp9M8aJJIW1fto3Yn4G3C9Tjs%3D
ql.vinelethoner.com/ Name: GL_GI10
Value: eJwtykEOgjAQBdCZCakadPEjB%2FAEFYwSt1qXuiCeoJTGkDSFFPT8unD78ohIijWkH7Gp6lqX%2BlCedHU%2Bgl8Qc4G4CGVstJ0FJ0hjIOlHzdu33oEdlo8hzsnbAO6RX30Iu%2F%2BXOGFlbBv8%2Fva8g0dFkHlYZJCpKwj8Udsvu9ob4g%3D%3D
.hesgoal-vip.io/ Name: _ga_J005H456G7
Value: GS1.1.1723701271.1.0.1723701271.0.0.0
.hesgoal-vip.io/ Name: _ga
Value: GA1.1.1057505190.1723701272
.hesgoal-vip.io/ Name: _ga_9HDBRPHLGC
Value: GS1.1.1723701271.1.0.1723701271.0.0.0
groinopposed.com/ Name: u_pl
Value: 23477685
groinopposed.com/ Name: uid_id2
Value: 46330d71-0b41-465a-bc18-44b76d07adc6:3:1
groinopposed.com/ Name: pdhtkv
Value: true
groinopposed.com/ Name: uncs
Value: 1
groinopposed.com/ Name: pdhtkv29
Value: true
groinopposed.com/ Name: uncs29
Value: 1
live.hesgoal-vip.io/ Name: pbpr0tpuw4isk85t8yg3jb2lj5vqf
Value: groinopposed.com
eedsiwhussiy.net/ Name: oaidts
Value: 1723701272
eedsiwhussiy.net/ Name: OAID
Value: 0080b97ab93a42bdec7b0eadd49c0e88
my.rtmark.net/ Name: ID
Value: 0080b933e4684c0fe504f863d3a8358c
fp.metricswpsh.com/ Name: id
Value: 5517760617152602993

2 Console Messages

Source Level URL
Text
network error URL: https://live.shoot-yalla.tv/uploads/img/telegram.svg
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://live.hesgoal-vip.io/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
acscdn.com
adexchangegate.com
bid.mbidtg.com
bountyformseedlings.com
cdn.barscreative1.com
cdn.creative-bars1.com
cegloockoar.com
clck.littlecdn.com
code.jquery.com
crrepo.com
eedsiwhussiy.net
fonts.googleapis.com
fonts.gstatic.com
fp.metricswpsh.com
groinopposed.com
hesgoal-vip.io
injectshrslinkblog.com
ipp-10130.feedfinder23.info
js.mbidadm.com
js.mbidinp.com
js.mbidpsh.com
live.hesgoal-vip.io
live.shoot-yalla.tv
mbddip.com
mbdippex.com
metricswpsh.com
my.rtmark.net
notifypicture.info
oapsoulreen.net
proftrafficcounter.com
pubtrky.com
ql.vinelethoner.com
recordedthereby.com
static.bookmsg.com
storage.mbidstorage.com
unseenreport.com
web-api.scorarab.com
www.google-analytics.com
www.googletagmanager.com
accounts.google.com
live.shoot-yalla.tv
static.bookmsg.com
104.21.12.12
104.21.7.110
139.45.195.8
139.45.197.242
157.90.84.242
167.235.163.216
173.0.146.170
192.243.59.12
192.243.59.13
192.243.61.227
2606:4700:3031::6815:46fd
2606:4700:3031::6815:b1a
2606:4700:3032::ac43:a4f1
2606:4700:3032::ac43:bc6e
2606:4700:3033::6815:572c
2606:4700:3035::6815:19e1
2606:4700:3035::6815:5b18
2606:4700:3038::6815:e9c8
2606:4700:3038::6815:eabf
2606:4700::6812:746
2606:4700::6812:af4
2607:f8b0:4006:80d::2003
2607:f8b0:4006:80e::200e
2607:f8b0:4006:81c::200a
2607:f8b0:4006:822::2008
2a01:4f8:252:561a::2
2a02:b48:8301::3
2a04:4e42::649
34.224.133.196
45.133.44.25
45.133.44.52
45.133.44.53
88.198.204.164
0102c596db22318194870f8988b1dec2bc462954a57ecd545725f6a2965ffb8b
0639985b995883a12a29c48cb25eec147d8ee42146ecce4aeaa6b220563d5c27
09d906948c8d589e3858973c57d20142aca6b76f1e7f5569d14e1804e40898a1
0b977ec6e7cf5d35df03cd3a8041f5f523f5d4059ac67c152c0a7b613e20b762
0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea
0deb5082ddbcd905a8d9fff21cf5dfd1afdac4744f149a4db2801af971850390
0eaedcd2f342b29a8ce0c22294618f8885aa34d6413d580e56b8fed1d486b60e
0ebfbcbf3457da6d378a665bc6305a2c7264256ffbdd01be7ccbb91a45710d89
21aa49579e8ed712d60f2b10e7888512705cfb0b4bba22f7258a3865d05753d3
251e698350d71b2099fca45f78c5400fa102df568973b193d25e7f79aea7e922
2522fbf41d5f96d76feecbb4857fe9842aed9e21cab71fa9ad65b49642d51649
26b650a493190c183094756830561b64693fad7736e45d879306c812d19f63fb
2f942eddda34fadddce6c1ed9dec0e43cb492722465211420ceebddd521d5892
30d010e0c3ac60ec1934151dab5fbf9f0df067aea5ffa1e849532581483582d0
35c1de7c5272c086d404d33dab935009b0a970f80558ddfa50de1ada4e6f54b8
39724e1379deb5afe7ea9139a57b6e9ada37d9db28302083b23c941ebf40b8d1
3e3387702f06d418e560eb3d7a64952362ad2fb1202176a28f76dd3323cb22d4
437fe0a517820693a41b57a2a7cad115fc479efd5715bee9b098791d00ad3e92
444a68f8495f8630e1a536a36db8f87ae01cc45e59a3ebf341e1568cc0904cf0
4873719675ebb677d87c57edf12fda7285b02b19b27151061d3b4c6e5216941b
4acac8b8ff23671d365150818f3c39bbbfa08b1a1842d73de5933e0fea26454b
4eb18d4a3dc3cf7b96c81faf4b6ec93fef85f16e3769225607dafc5d6aa197a5
4ecb5f7bbbfe4a800647363c4be4e8679cf192a230eb1130ce079df61c8c1a3f
51127825a06d01e64013865f4471a854ae739d3b113f863fe592c90b4b9698d1
520a0196a18cbe656f7382a02ec828125e68bdac511b9ebe2bf27f31e262d037
5da34a2c8cc65d23486e73be5954acb4ee504e2bac86ca2a470798ad4f643d0c
5f18028a8c8f9685c4c8b79a102de82aefe1786bc627d1af57db26834903e1a9
5ff6522cf7fb34db44c1628d1a4ff86fe8006d6a29f5603abf67500ec15f90e1
6f3b24c5dc75f76328ad035e883512db53a670c35a4290154e343382012ed3c1
7339d0b07433a8fb7cd58dde6c704cbdb6af8bd6b676d32ab0369ad78d6f1c39
7845091bfb4747ce666ec456e25217b52d7c4af200b3bd91f07b6469e0bb7cb1
7e37ff193f8ff270be63999a72f18ee2dc05833e5dac26a6e7e925c476ea3296
7fadd5e978fcf4154de1904b0619add86264ec261653c736b40dedbb9bb43162
84e00fb01d3af8aa19e2d293bd264eefe73c7731349dafba3a426be55f341f9d
871523b8e5b8e16bfb07a8cbcd27117759db0ea4083fd7d0a904fc37aab236cb
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
92d90c4941c7cbea5451d0688b2297d80478e54e084c4b2db55c43b0f824688d
a0fd8366f85ca9b53a88fba4c1a9a2a043d273e1152b923af231ebcd708fbb26
a16cb2c48e0e0f8ac562eb5b85f71be3626842cec840df453d3be543202a21b6
a27edb907b4b9c1580815a6312982c8d6f926acb9143fd7784ffceaca42e9595
a5ac04d13568759f45dabe6f090948f8f0995ef710e87fcf889c66e385694d01
a980b60a8922f510d2da527e74ec9443a57dcc65444dbd6a3ae87dceb28090eb
b3a73cba36a0f02a0727750f5520369d1bbbcfdff9f2f47bf4e0fd35ae5483e6
b749400be62abc8659ff82219f03ae56458f30155095722675521e6c9eed4d75
b7c405dd3b9111861bc703dc29de3baac07410b2328701cff30f7c20da87809a
c3fe751fc2804142a99dc445802eb920afc256f19de879893c454dc47c6a4fad
c5a8cec60b5774c8e0ea5d3feed60f15820528d3cf18a4634cd29c6b23baa2b4
cb7d1393b65701b2f97d8da244c2c6023e9cbc3463ecb0136b915cfc775c6887
ce6e9bcf60efb417042be5f03efc407b39cbc7301553c47252226f122f8d50cc
cf31e107e8cb091c9477fe99de3a57a65486fe87becf0e8f469846949beff9f3
d93b2ad3f1c0e8b5a43c517d409b28d015eb3ccd5f11beed827d6ecfbf16cf4a
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
daaeacc65b938cbd6ee107da0791c0ffb2afa825cd36efba737ffa121e43d395
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e836e44077eb4dde1bec5b02081f024bb28342d241a2d9a81966c4a3d395adbb
eeff21a699dabd0291e0f9677c7cdd5e198f2c70abcea9afe1329c4f9e528e8c
f0db8371c27dd0c5bf9fef81122033a8e525c827c39043fe9e0de4c71bab3ce2
f5178889809d60f1cb128a7a0037118504920e7c0bd6638fdc5f97048301e367
f99e55419a548e614090e40764b31fb53ac374313c41eb49c94d76771e83de98
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
fd76a538f793b17d97c6773a83db4094e59377b0c6d431a8c7bc79c503287352