donnael.com Open in urlscan Pro
52.49.148.87 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://donnael.com/Hockey.php/Sparta-Warriors/Stavanger-Oilers/179935/
Submission Tags: falconsandbox
Submission: On January 08 via api (January 8th 2024, 5:22:55 pm UTC) from US — Scanned from DE

Summary HTTP 85 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 20 IPs in 6 countries across 14 domains to perform 85 HTTP transactions. The main IP is 52.49.148.87, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is donnael.com.
TLS certificate: Issued by R3 on November 15th 2023. Valid for: 3 months.

This is the only time donnael.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
24	52.49.148.87 52.49.148.87	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2	104.20.95.138 104.20.95.138	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
4	2620:1ec:46::45 2620:1ec:46::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	20.93.81.72 20.93.81.72	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.181.230 142.250.181.230	15169 (GOOGLE) (GOOGLE)
8	194.247.12.182 194.247.12.182	200000 (UKRAINE-AS) (UKRAINE-AS)
8	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
2	52.152.143.207 52.152.143.207	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:80f::2006	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
85	20

24 52.49.148.87 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-148-87.eu-west-1.compute.amazonaws.com

donnael.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

news.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.20.95.138 (None, )

ASN13335 (CLOUDFLARENET, US)

www.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wlwilliamhill.eacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.93.81.72 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

campaigns.williamhill.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 194.247.12.182 (Ukraine)

ASN200000 (UKRAINE-AS, UA)
PTR: web113.default-host.net

img.donnael.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.152.143.207 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

o.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	donnael.com donnael.com img.donnael.com	332 KB
16	google.com news.google.com — Cisco Umbrella Rank: 8103 play.google.com — Cisco Umbrella Rank: 95 region1.analytics.google.com — Cisco Umbrella Rank: 2014	94 KB
10	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 140 tpc.googlesyndication.com — Cisco Umbrella Rank: 185	78 KB
8	gstatic.com www.gstatic.com	161 KB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1280 o.clarity.ms — Cisco Umbrella Rank: 13024 c.clarity.ms — Cisco Umbrella Rank: 2579	28 KB
4	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 184 ad.doubleclick.net — Cisco Umbrella Rank: 199 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 677	30 KB
2	eacdn.com wlwilliamhill.eacdn.com — Cisco Umbrella Rank: 791791	4 KB
2	williamhill.com campaigns.williamhill.com — Cisco Umbrella Rank: 460824	3 KB
2	statcounter.com www.statcounter.com — Cisco Umbrella Rank: 21991 c.statcounter.com — Cisco Umbrella Rank: 13829	15 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 539	761 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 271	65 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 407	193 KB
1	google.de www.google.de — Cisco Umbrella Rank: 4002	408 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	80 KB
85	14

	Domain	Requested by
24	donnael.com	donnael.com
8	www.gstatic.com	news.google.com www.gstatic.com
8	img.donnael.com	donnael.com
8	news.google.com	donnael.com news.google.com www.gstatic.com
7	pagead2.googlesyndication.com	ad.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
7	play.google.com	donnael.com www.gstatic.com
3	tpc.googlesyndication.com	ad.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
2	c.clarity.ms	1 redirects
2	googleads4.g.doubleclick.net	ad.doubleclick.net
2	o.clarity.ms	www.clarity.ms
2	wlwilliamhill.eacdn.com	campaigns.williamhill.com
2	campaigns.williamhill.com	donnael.com wlwilliamhill.eacdn.com
2	www.clarity.ms	donnael.com www.clarity.ms
1	c.bing.com	1 redirects
1	www.googletagservices.com	ad.doubleclick.net
1	s0.2mdn.net	ad.doubleclick.net
1	ad.doubleclick.net	wlwilliamhill.eacdn.com
1	www.google.de	donnael.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	c.statcounter.com	www.statcounter.com
1	www.googletagmanager.com	donnael.com
1	www.statcounter.com	donnael.com
85	23

This site contains links to these domains. Also see Links.

Domain
play.google.com
www.google.com
www.facebook.com
twitter.com
www.linkedin.com
www.pinterest.com
t.me
www.gamstop.co.uk
www.begambleaware.org

Subject Issuer	Validity	Valid
donnael.com R3	`2023-11-15` - `2024-02-13`	3 months	crt.sh
*.news.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
statcounter.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-05` - `2025-01-03`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
campaigns.williamhill.com HydrantID Server CA O1	`2023-11-07` - `2024-12-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
ia-prod-azurecdn.eacdn.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-24` - `2024-11-29`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
img.tvevents.org R3	`2023-11-25` - `2024-02-23`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://donnael.com/Hockey.php/Sparta-Warriors/Stavanger-Oilers/179935/
Frame ID: 1110E78016C53BEA882FAD185E0DE231
Requests: 49 HTTP requests in this frame

Frame: https://campaigns.williamhill.com/I.ashx?btag=a_1272b_328c_&affid=1564776&siteid=1272&adid=328&c=
Frame ID: 420D2AAC3F7F3A16FC98FE0A33040D9A
Requests: 3 HTTP requests in this frame

Frame: https://news.google.com/swg/ui/v1/serviceiframe?_=1704734570281&sut=Ab9pFDY8wQEWO7ecl2F%2FNTNIgYGMMqepzkOLUsgF9Qb7AiyVhlceM68X9wdiRJ9ggJuRyFYKwZRqs%2Ff7JE5yoH%2F%2BIN3qhUfg1uyrtOwXWSVrZKA%3D&publicationId=CAowip2fDA
Frame ID: 1A9510E9DD4CFD9C362DE5C3237461CB
Requests: 14 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N189204.277573INCOMEACCESS/B23701631.265235729;sz=160x600;kw=[url_encoded_publisher_data];click=https://campaigns.williamhill.com/C.ashx?btag=a_1272b_328c_&affid=1564776&siteid=1272&adid=328&c=&MediaID=386&IsAd=1&IAref=https%3A%2F%2Fdonnael.com%2F&asclurl=;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Frame ID: 37822B8B058D3222DA142A7549D4ACA4
Requests: 11 HTTP requests in this frame

Frame: https://campaigns.williamhill.com/T.ashx?btag=a_1272b_328c_&affid=1564776&siteid=1272&adid=328&c=&t=638403313702880000&MediaID=386&MediaIndex=0&XYZ=120%2610%26148%26%26%26%260%260%26%26
Frame ID: B476233000E92AF4B8CB1642E6F9CD71
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 33E8CA67ADCF93B96FC33CF0F3D00716
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Frame ID: D2673E1D8F8EA87B7FD9CE5FFCED7CBD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sparta Warriors vs Stavanger Oilers scores, tips & h2h results

Detected technologies

Cart Functionality (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

<a[^>]*href=[^>]*/Basket

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Statcounter (Analytics) Expand

Overall confidence: 100%
Detected patterns

statcounter\.com/counter/counter

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

85
Requests

99 %
HTTPS

62 %
IPv6

14
Domains

23
Subdomains

20
IPs

6
Countries

1084 kB
Transfer

2526 kB
Size

22
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://play.google.com/store/apps/details?id=com.donnael.twa

Search URL Search Domain Scan URL

URL: https://www.google.com/search?q=Sparta%20Amfi%20(Sarpsborg)
Title: Sparta Amfi (Sarpsborg)

Search URL Search Domain Scan URL

URL: https://www.facebook.com/live2sport/?fref=ts

Search URL Search Domain Scan URL

URL: https://twitter.com/Live2Sport_com

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/nazarii-kusyi/

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/donnaelcom/

Search URL Search Domain Scan URL

URL: https://t.me/live2sport

Search URL Search Domain Scan URL

URL: https://www.gamstop.co.uk/

Search URL Search Domain Scan URL

URL: https://www.begambleaware.org/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 72

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=362D836C139F4CDCB14EE9B87D14ED26&RedC=c.clarity.ms&MXFR=0C6928E9FB116C4F354A3CE9FF116280 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=362D836C139F4CDCB14EE9B87D14ED26&MUID=216054423E0560F31D6840423F8E6161

85 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
donnael.com/Hockey.php/Sparta-Warriors/Stavanger-Oilers/179935/ 15 KB
6 KB 364ms
266ms Document
text/html 52.49.148.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://donnael.com/Hockey.php/Sparta-Warriors/Stavanger-Oilers/179935/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.49.148.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-148-87.eu-west-1.compute.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

6158b4723a0c309007799226d5be7ec179c8c5e20228b344180eb71fbe96715a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 5279
Content-Type: text/html; charset=UTF-8
Date: Mon, 08 Jan 2024 17:22:49 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: nginx/1.18.0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN

GET
H2 200 swg-basic.js Show response
news.google.com/swg/js/v1/ 249 KB
72 KB 93ms
20ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-basic.js

Requested by

Host: donnael.com
URL: https://donnael.com/Hockey.php/Sparta-Warriors/Stavanger-Oilers/179935/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11b8d317dbb1c4a558356b812d18a65a83da56d511b245fb3bf7862f214972bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donnael.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:55:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1643
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73420
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 21:19:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/javascript
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Mon, 08 Jan 2024 17:45:26 GMT

GET
H/1.1 200
OK jquery.min.js Show response
donnael.com/layout/scripts/ 84 KB
30 KB 96ms
94ms Script
application/javascript 52.49.148.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://donnael.com/layout/scripts/jquery.min.js

Requested by

Host: donnael.com
URL: https://donnael.com/Hockey.php/Sparta-Warriors/Stavanger-Oilers/179935/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.49.148.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-148-87.eu-west-1.compute.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

8fa73ad0b9417ac75f861e9e22eeec8b91f0cf67560047162a1b1fdbe5116fe2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donnael.com/Hockey.php/Sparta-Warriors/Stavanger-Oilers/179935/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 17:22:49 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Mon, 16 Jan 2023 22:00:53 GMT
Server: nginx/1.18.0
Content-Encoding: gzip
ETag: "14e59-5f268b785992e-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29892

GET
H/1.1 200
OK jquery-ui.min.js Show response
donnael.com/layout/scripts/ 248 KB
67 KB 192ms
105ms Script
application/javascript 52.49.148.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://donnael.com/layout/scripts/jquery-ui.min.js

Requested by

Host: donnael.com
URL: https://donnael.com/Hockey.php/Sparta-Warriors/Stavanger-Oilers/179935/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.49.148.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-148-87.eu-west-1.compute.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

2c4b6ade9aa4548b635ce4babd1f1fd206ca7225a61bb105ad93de3b6834d6b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donnael.com/Hockey.php/Sparta-Warriors/Stavanger-Oilers/179935/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 17:22:49 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Mon, 16 Jan 2023 22:00:52 GMT
Server: nginx/1.18.0
Content-Encoding: gzip
ETag: "3dee4-5f268b7828bed-gzip"
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800, public
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK eventlist2.js Show response
donnael.com/main-page-posts/js/ 128 KB
22 KB 188ms
98ms Script
application/javascript 52.49.148.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://donnael.com/main-page-posts/js/eventlist2.js

Requested by

Host: donnael.com
URL: https://donnael.com/Hockey.php/Sparta-Warriors/Stavanger-Oilers/179935/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.49.148.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-148-87.eu-west-1.compute.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

14fc3cd4e91a066734186c7fdfd8f8365371e89576caa8cf1b4c8283ea4381b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donnael.com/Hockey.php/Sparta-Warriors/Stavanger-Oilers/179935/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 17:22:49 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Mon, 08 Jan 2024 15:13:42 GMT
Server: nginx/1.18.0
Content-Encoding: gzip
ETag: "1ff44-60e70a4aa1580-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22026

GET
H/1.1 200
OK jquery.mobilemenu.js Show response
donnael.com/layout/scripts/ 799 B
791 B 145ms
48ms Script
application/javascript 52.49.148.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://donnael.com/layout/scripts/jquery.mobilemenu.js

Requested by

Host: donnael.com
URL: https://donnael.com/Hockey.php/Sparta-Warriors/Stavanger-Oilers/179935/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.49.148.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-148-87.eu-west-1.compute.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

88192749e57dd3f87196fdc680f3f826fa7f967ffae4dfc8fe0f6718dab1531c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donnael.com/Hockey.php/Sparta-Warriors/Stavanger-Oilers/179935/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 17:22:49 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Sat, 09 Dec 2023 18:42:15 GMT
Server: nginx/1.18.0
Content-Encoding: gzip
ETag: "31f-60c180f420fc0-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 286

GET
H/1.1 200
OK jquery.placeholder.min.js Show response
donnael.com/layout/scripts/ 3 KB
2 KB 142ms
45ms Script
application/javascript 52.49.148.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://donnael.com/layout/scripts/jquery.placeholder.min.js

Requested by

Host: donnael.com
URL: https://donnael.com/Hockey.php/Sparta-Warriors/Stavanger-Oilers/179935/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.49.148.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-148-87.eu-west-1.compute.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

a880fda88ec3f82476ad854651df1ce32bad3f75f780d8cbb6b312e5c8e27cac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donnael.com/Hockey.php/Sparta-Warriors/Stavanger-Oilers/179935/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 17:22:49 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Mon, 16 Jan 2023 22:00:53 GMT
Server: nginx/1.18.0
Content-Encoding: gzip
ETag: "a97-5f268b788a66e-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1149

GET
H/1.1 200
OK dateFormat.js Show response
donnael.com/main-page-posts/js/ 4 KB
2 KB 173ms
42ms Script
application/javascript 52.49.148.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://donnael.com/main-page-posts/js/dateFormat.js

Requested by

Host: donnael.com
URL: https://donnael.com/Hockey.php/Sparta-Warriors/Stavanger-Oilers/179935/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.49.148.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-148-87.eu-west-1.compute.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

e865915d8528d6d2be8ce6c2afbfe14bcf2e14077ff0c8ec394724eed0914b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donnael.com/Hockey.php/Sparta-Warriors/Stavanger-Oilers/179935/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 17:22:49 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Mon, 16 Jan 2023 22:00:56 GMT
Server: nginx/1.18.0
Content-Encoding: gzip
ETag: "f2c-5f268b7b728b6-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1804

GET
H/1.1 200
OK jquery.backtotop.js Show response
donnael.com/layout/scripts/ 329 B
696 B 174ms
43ms Script
application/javascript 52.49.148.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://donnael.com/layout/scripts/jquery.backtotop.js

Requested by

Host: donnael.com
URL: https://donnael.com/Hockey.php/Sparta-Warriors/Stavanger-Oilers/179935/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.49.148.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-148-87.eu-west-1.compute.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

4b34b1bbcc15dfdb80741dada8e243ec4d21a4dd3588d189e73927ec4182440a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donnael.com/Hockey.php/Sparta-Warriors/Stavanger-Oilers/179935/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 17:22:49 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Sat, 09 Dec 2023 18:42:12 GMT
Server: nginx/1.18.0
Content-Encoding: gzip
ETag: "149-60c180f144900-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 191

GET
H/1.1 200
OK layout.css
donnael.com/layout/styles/ 23 KB
5 KB 128ms
45ms Stylesheet
text/css 52.49.148.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://donnael.com/layout/styles/layout.css

Requested by

Host: donnael.com
URL: https://donnael.com/Hockey.php/Sparta-Warriors/Stavanger-Oilers/179935/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.49.148.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-148-87.eu-west-1.compute.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

7809f038ce7734054ce121dc414cac781a1217ee6b58f9c8eb5f10fc16ba0c02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donnael.com/Hockey.php/Sparta-Warriors/Stavanger-Oilers/179935/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 17:22:49 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Sun, 07 Jan 2024 15:04:58 GMT
Server: nginx/1.18.0
Content-Encoding: gzip
ETag: "5c42-60e5c67971a80-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4883

GET
H/1.1 200
OK jquery-ui.min.css
donnael.com/css/ 30 KB
8 KB 129ms
44ms Stylesheet
text/css 52.49.148.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://donnael.com/css/jquery-ui.min.css

Requested by

Host: donnael.com
URL: https://donnael.com/Hockey.php/Sparta-Warriors/Stavanger-Oilers/179935/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.49.148.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-148-87.eu-west-1.compute.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

0948e45357a36f6a9cb173ffa0d40de7f2442399f7a6c8c9dbec1c138543370f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donnael.com/Hockey.php/Sparta-Warriors/Stavanger-Oilers/179935/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 17:22:49 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Mon, 16 Jan 2023 21:59:43 GMT
Server: nginx/1.18.0
Content-Encoding: gzip
ETag: "781b-5f268b3636dd5-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7604

GET
H/1.1 200
OK fontawesome-webfont.woff2
donnael.com/layout/styles/fonts/ 65 KB
65 KB 262ms
87ms Font
font/woff2 52.49.148.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://donnael.com/layout/styles/fonts/fontawesome-webfont.woff2?v=4.5.0

Requested by

Host: donnael.com
URL: https://donnael.com/Hockey.php/Sparta-Warriors/Stavanger-Oilers/179935/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.49.148.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-148-87.eu-west-1.compute.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://donnael.com/Hockey.php/Sparta-Warriors/Stavanger-Oilers/179935/
Origin: https://donnael.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 17:22:50 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Mon, 16 Jan 2023 22:00:54 GMT
Server: nginx/1.18.0
ETag: "10440-5f268b7947db0"
X-Frame-Options: SAMEORIGIN
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66624

GET
H/1.1 200
OK index.js Show response
donnael.com/ 275 B
678 B 46ms
45ms Script
application/javascript 52.49.148.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://donnael.com/index.js

Requested by

Host: donnael.com
URL: https://donnael.com/Hockey.php/Sparta-Warriors/Stavanger-Oilers/179935/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.49.148.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-148-87.eu-west-1.compute.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

9da96df665bfd5a5f47360b9e611f9b1e748bcb40f40aef989847f994e5cb218

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donnael.com/Hockey.php/Sparta-Warriors/Stavanger-Oilers/179935/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 17:22:50 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Mon, 16 Jan 2023 22:01:05 GMT
Server: nginx/1.18.0
Content-Encoding: gzip
ETag: "113-5f268b83f254e-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 173

GET
H2 200 en_badge_web_generic.png
play.google.com/intl/en_us/badges/static/images/badges/ 5 KB
5 KB 80ms
29ms Image
image/png 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play.google.com/intl/en_us/badges/static/images/badges/en_badge_web_generic.png

Requested by

Host: donnael.com
URL: https://donnael.com/Hockey.php/Sparta-Warriors/Stavanger-Oilers/179935/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f72611e2df8e88204009fd896d05d5e8e83c77009c63943bbffa169559934849

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donnael.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:22:49 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Aug 2022 06:08:00 GMT
server: sffe
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/uxe-owners-acl/play_google
report-to: {"group":"uxe-owners-acl/play_google","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/uxe-owners-acl/play_google"}]}
content-type: image/png
cache-control: private, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4904
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="uxe-owners-acl/play_google"
expires: Mon, 08 Jan 2024 17:22:49 GMT

GET
H/1.1 200
OK ajax_script.js Show response
donnael.com/main-page-posts/ 1 KB
1 KB 44ms
43ms Script
application/javascript 52.49.148.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://donnael.com/main-page-posts/ajax_script.js

Requested by

Host: donnael.com
URL: https://donnael.com/Hockey.php/Sparta-Warriors/Stavanger-Oilers/179935/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.49.148.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-148-87.eu-west-1.compute.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

d43d34bd072fefe8cc28ac399acb9b60beb8cb79a1e34955f239c2ab2b40c67e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donnael.com/Hockey.php/Sparta-Warriors/Stavanger-Oilers/179935/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 17:22:50 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Sat, 30 Dec 2023 17:10:53 GMT
Server: nginx/1.18.0
Content-Encoding: gzip
ETag: "549-60dbd3b2c4140-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 551

GET
H/1.1 200
OK telegram.png
donnael.com/images/ 8 KB
9 KB 46ms
45ms Image
image/png 52.49.148.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://donnael.com/images/telegram.png

Requested by

Host: donnael.com
URL: https://donnael.com/Hockey.php/Sparta-Warriors/Stavanger-Oilers/179935/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.49.148.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-148-87.eu-west-1.compute.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

d294e9f135178625096e835a473b8b028c8b6a13cd21d89f9a96cf68ea80b7c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donnael.com/Hockey.php/Sparta-Warriors/Stavanger-Oilers/179935/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 17:22:50 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Wed, 16 Aug 2023 14:05:03 GMT
Server: nginx/1.18.0
ETag: "2140-6030ac829c1c0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8512

GET
H/1.1 200
OK play-responsible-18.png
donnael.com/images/ 2 KB
3 KB 52ms
51ms Image
image/png 52.49.148.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://donnael.com/images/play-responsible-18.png

Requested by

Host: donnael.com
URL: https://donnael.com/Hockey.php/Sparta-Warriors/Stavanger-Oilers/179935/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.49.148.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-148-87.eu-west-1.compute.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

d3f912a825544184b6573c674a050d6e93231d6fb521ba4f5f4db4f3ad07fcec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donnael.com/Hockey.php/Sparta-Warriors/Stavanger-Oilers/179935/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 17:22:50 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Mon, 16 Jan 2023 22:00:42 GMT
Server: nginx/1.18.0
ETag: "944-5f268b6e63c32"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2372

GET
H/1.1 200
OK gamstop.png
donnael.com/images/ 5 KB
5 KB 51ms
50ms Image
image/png 52.49.148.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://donnael.com/images/gamstop.png

Requested by

Host: donnael.com
URL: https://donnael.com/Hockey.php/Sparta-Warriors/Stavanger-Oilers/179935/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.49.148.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-148-87.eu-west-1.compute.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

4f32cc1faca9487d039fd2a4ffe0a4def1c65017d69ba1eb11b72aa5d8c33eb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donnael.com/Hockey.php/Sparta-Warriors/Stavanger-Oilers/179935/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 17:22:50 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Mon, 16 Jan 2023 22:00:47 GMT
Server: nginx/1.18.0
ETag: "135e-5f268b729ec5e"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4958

GET
H/1.1 200
OK begambleawareorg_black_png-300x39.png
donnael.com/images/ 5 KB
6 KB 43ms
43ms Image
image/png 52.49.148.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://donnael.com/images/begambleawareorg_black_png-300x39.png

Requested by

Host: donnael.com
URL: https://donnael.com/Hockey.php/Sparta-Warriors/Stavanger-Oilers/179935/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.49.148.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-148-87.eu-west-1.compute.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

40dd8d5ca80f5a3e068465e99fd98c0303e8b237293ecae7910ed1b4f4172ae8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donnael.com/Hockey.php/Sparta-Warriors/Stavanger-Oilers/179935/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 17:22:50 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Mon, 16 Jan 2023 22:00:47 GMT
Server: nginx/1.18.0
ETag: "14ff-5f268b72b635e"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5375

GET
H2 200 counter.js Show response
www.statcounter.com/counter/ 41 KB
15 KB 108ms
54ms Script
application/javascript 104.20.95.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.statcounter.com/counter/counter.js
Requested by: Host: donnael.com
URL: https://donnael.com/Hockey.php/Sparta-Warriors/Stavanger-Oilers/179935/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.95.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca02d1a91f43d6b8c5d8d127d04e95afb736ae1779577bde0a6f0641cc4f4893

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donnael.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:22:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 08 Jan 2024 10:17:13 GMT
server: cloudflare
age: 3079
etag: W/"659bcba9-a313"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 84261ff6ffb92c62-FRA
expires: Tue, 09 Jan 2024 04:31:31 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 227 KB
80 KB 91ms
38ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-67J3FCCWQR

Requested by

Host: donnael.com
URL: https://donnael.com/Hockey.php/Sparta-Warriors/Stavanger-Oilers/179935/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

837cd33ab9189c174210a69a54282df86faffe2c6c42bb36fbeed32ba0c2e8cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donnael.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:22:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81965
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 08 Jan 2024 17:22:50 GMT

GET
H/1.1 200
OK fontawesome-4.5.0.min.css
donnael.com/layout/styles/ 27 KB
6 KB 59ms
47ms Stylesheet
text/css 52.49.148.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://donnael.com/layout/styles/fontawesome-4.5.0.min.css

Requested by

Host: donnael.com
URL: https://donnael.com/layout/styles/layout.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.49.148.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-148-87.eu-west-1.compute.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

4e41e944029d1409dc9a9a01d356e2cdaeeed33d44fad3b06a7a74a138ae9edc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donnael.com/layout/styles/layout.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 17:22:49 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Sat, 09 Dec 2023 18:31:04 GMT
Server: nginx/1.18.0
Content-Encoding: gzip
ETag: "6aa7-60c17e7436a00-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6153

GET
H/1.1 200
OK framework.css
donnael.com/layout/styles/ 7 KB
2 KB 63ms
48ms Stylesheet
text/css 52.49.148.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://donnael.com/layout/styles/framework.css

Requested by

Host: donnael.com
URL: https://donnael.com/layout/styles/layout.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.49.148.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-148-87.eu-west-1.compute.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

f077b38fb83002ec1e1a36bb2c5a37dac063dc8b7b058f863389b7c1187e0733

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donnael.com/layout/styles/layout.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 17:22:49 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Sat, 09 Dec 2023 18:28:58 GMT
Server: nginx/1.18.0
Content-Encoding: gzip
ETag: "1a11-60c17dfc0ce80-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1880

GET
H2 200 9s9mq1dz9o Show response
www.clarity.ms/tag/ 1018 B
1 KB 194ms
119ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/9s9mq1dz9o
Requested by: Host: donnael.com
URL: https://donnael.com/Hockey.php/Sparta-Warriors/Stavanger-Oilers/179935/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: caa3fccdd9ca7cb42f1316e5df673eec4c5552e9ff1254862ceb4e79d87e24d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donnael.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: -1
date: Mon, 08 Jan 2024 17:22:50 GMT
x-azure-ref: 20240108T172250Z-7cq1qu2zpx5bpe4wgnugyyfuqg00000000f000000000wfpz
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 1018
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H/1.1 200
OK schedule.php Show response
donnael.com/ 2 KB
1 KB 270ms
259ms XHR
text/html 52.49.148.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://donnael.com/schedule.php?date=2023-12-30%2007:00:00&one_link_team_to_team=1&site_url=donnael.com&dating=0&sport=3&league=&event_id=2918842&team_for_list=&empty_league=0&channel=&callback=jQuery22007984558958019023_1704734570017&method=GET&gzip=true&_=1704734570018

Requested by

Host: donnael.com
URL: https://donnael.com/layout/scripts/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.49.148.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-148-87.eu-west-1.compute.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

10ad2eb28481eaee61455d905f74265f2160495459d47b7c0cb39263d42a30fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://donnael.com/Hockey.php/Sparta-Warriors/Stavanger-Oilers/179935/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 17:22:50 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: nginx/1.18.0
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 858

GET
H/1.1 200
OK I.ashx Show response
campaigns.williamhill.com/ Frame 420D 1 KB
2 KB 176ms
61ms Document
text/html 20.93.81.72
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://campaigns.williamhill.com/I.ashx?btag=a_1272b_328c_&affid=1564776&siteid=1272&adid=328&c=

Requested by

Host: donnael.com
URL: https://donnael.com/Hockey.php/Sparta-Warriors/Stavanger-Oilers/179935/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.93.81.72 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

6b0e3324e429daca69f10b20ca426ca3d8988004230bff195b5e4e55f1792df7

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://donnael.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: private
Connection: keep-alive
Content-Length: 1367
Content-Type: text/html; charset=utf-8
Date: Mon, 08 Jan 2024 17:22:50 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-XSS-Protection: 1; mode=block
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 loader.svg
news.google.com/swg/js/v1/ 0
1 KB 20ms
20ms Other
image/svg+xml 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/loader.svg

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg-basic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donnael.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:13:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 589
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1049
x-xss-protection: 0
last-modified: Mon, 16 Mar 2020 18:14:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: image/svg+xml
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Mon, 08 Jan 2024 18:03:01 GMT

GET
H2 200 swg-mini-prompt.css
news.google.com/swg/js/v1/ 3 KB
947 B 25ms
25ms Stylesheet
text/css 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-mini-prompt.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg-basic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c28dcb52ba694c0b6bced69ed130c0d67a1a2238b41ac036f5264037eb99414

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donnael.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:54:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1729
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 855
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 21:19:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Mon, 08 Jan 2024 17:44:01 GMT

GET
H2 200 swg-button.css
news.google.com/swg/js/v1/ 18 KB
5 KB 24ms
24ms Stylesheet
text/css 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg-basic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2935e77ba4a31d658633687964df779e6a6acd911252186240c22eafeba8bc36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donnael.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:04:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1075
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5195
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 21:19:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Mon, 08 Jan 2024 17:54:55 GMT

GET
H2 200 article Show response
news.google.com/swg/_/api/v1/publication/CAowip2fDA/ 1002 B
1 KB 237ms
236ms Fetch
application/json 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/api/v1/publication/CAowip2fDA/article

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg-basic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e07be80e60bedb545dbff5206e147243fcd63a485c33ab367f679d61e1d36846

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/plain, application/json
Referer: https://donnael.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:22:50 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
content-encoding: gzip
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-methods: GET, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://donnael.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 t.php Show response
c.statcounter.com/ 192 B
464 B 156ms
155ms XHR
application/json 104.20.95.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.statcounter.com/t.php?sc_project=7414147&u1=E4E4BC04A5214F09840BD88E1A91E2C1&java=1&security=abe9206e&sc_snum=1&sess=75b702&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//donnael.com/Hockey.php/Sparta-Warriors/Stavanger-Oilers/179935/&t=Sparta%20Warriors%20vs%20Stavanger%20Oilers%20scores%2C%20tips%20%26%20h2h%20results&invisible=1&sc_rum_e_s=687&sc_rum_e_e=700&sc_rum_f_s=0&sc_rum_f_e=684&get_config=true
Requested by: Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.95.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donnael.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:22:50 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/json
access-control-allow-origin: https://donnael.com
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials: true
cf-ray: 84261ff768332c62-FRA
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
251 B 75ms
29ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-67J3FCCWQR&gtm=45je4130v9119058872&_p=1704734570032&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=652491964.1704734570&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1704734570&sct=1&seg=0&dl=https%3A%2F%2Fdonnael.com%2FHockey.php%2FSparta-Warriors%2FStavanger-Oilers%2F179935%2F&dt=Sparta%20Warriors%20vs%20Stavanger%20Oilers%20scores%2C%20tips%20%26%20h2h%20results&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=725
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-67J3FCCWQR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donnael.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 17:22:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://donnael.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
251 B 80ms
27ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-67J3FCCWQR&cid=652491964.1704734570&gtm=45je4130v9119058872&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-67J3FCCWQR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donnael.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 17:22:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://donnael.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 95ms
46ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-67J3FCCWQR&cid=652491964.1704734570&gtm=45je4130v9119058872&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1723235623

Requested by

Host: donnael.com
URL: https://donnael.com/Hockey.php/Sparta-Warriors/Stavanger-Oilers/179935/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donnael.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 17:22:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 s.5.6.min.js Show response
wlwilliamhill.eacdn.com/TrafficOpt/ Frame 420D 7 KB
3 KB 69ms
24ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://wlwilliamhill.eacdn.com/TrafficOpt/s.5.6.min.js?t=1
Requested by: Host: campaigns.williamhill.com
URL: https://campaigns.williamhill.com/I.ashx?btag=a_1272b_328c_&affid=1564776&siteid=1272&adid=328&c=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f86bef16c190006cbf5b68c68ceab38d5360d9fd6b2c47010265bd023fd4e939

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://campaigns.williamhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:22:50 GMT
content-encoding: br
last-modified: Wed, 30 Mar 2016 16:08:31 GMT
etag: W/"56fbf9ff-1a7b"
vary: Accept-Encoding
x-cache: TCP_HIT
content-type: application/javascript
x-azure-ref: 20240108T172250Z-py7yvqsd6106besa8qrgxxwkh400000000c000000000pt6q
cache-control: max-age=0, no-cache

GET
H2 200 Ad_328.js Show response
wlwilliamhill.eacdn.com/wlwilliamhill/img/js/ Frame 420D 1 KB
1 KB 68ms
23ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://wlwilliamhill.eacdn.com/wlwilliamhill/img/js/Ad_328.js?t=2024010817
Requested by: Host: campaigns.williamhill.com
URL: https://campaigns.williamhill.com/I.ashx?btag=a_1272b_328c_&affid=1564776&siteid=1272&adid=328&c=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d35061382f7fe798bfdc81dd5837f6ebe1896bdb5c1cb1edbf960911821bcdd4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://campaigns.williamhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:22:50 GMT
content-encoding: br
last-modified: Mon, 20 Nov 2023 08:35:33 GMT
etag: W/"655b1a55-58a"
vary: Accept-Encoding
x-cache: TCP_HIT
content-type: application/javascript
x-azure-ref: 20240108T172250Z-py7yvqsd6106besa8qrgxxwkh400000000c000000000pt6r
cache-control: max-age=0, no-cache

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.20/ 60 KB
25 KB 43ms
43ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.20/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/9s9mq1dz9o
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donnael.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:22:50 GMT
content-encoding: br
last-modified: Wed, 03 Jan 2024 15:51:12 GMT
etag: W/"0x8DC0C73CFCC02AC"
vary: Accept-Encoding
x-azure-ref: 20240108T172250Z-7cq1qu2zpx5bpe4wgnugyyfuqg00000000f000000000wfq7
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 8a35a586-e01e-0013-28fb-410ad7000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

GET
H3 200 serviceiframe Show response
news.google.com/swg/ui/v1/ Frame 1A95 17 KB
7 KB 78ms
78ms Document
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/ui/v1/serviceiframe?_=1704734570281&sut=Ab9pFDY8wQEWO7ecl2F%2FNTNIgYGMMqepzkOLUsgF9Qb7AiyVhlceM68X9wdiRJ9ggJuRyFYKwZRqs%2Ff7JE5yoH%2F%2BIN3qhUfg1uyrtOwXWSVrZKA%3D&publicationId=CAowip2fDA

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg-basic.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5ec8f2a3466f26fda9fee8e4a7521de11113b36faedee8d6a337ec0afcfca0fe

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OCY03ZbzVc42GSF5egIwCw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://donnael.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-OCY03ZbzVc42GSF5egIwCw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-resource-policy: same-site
date: Mon, 08 Jan 2024 17:22:50 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H2 200 C.ashx Show response
ad.doubleclick.net/ddm/adi/N189204.277573INCOMEACCESS/B23701631.265235729;sz=160x600;kw=[url_encoded_publisher_data];click=https://campaigns.williamhill.com/ Frame 3782 65 KB
30 KB 134ms
58ms Document
text/html 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adi/N189204.277573INCOMEACCESS/B23701631.265235729;sz=160x600;kw=[url_encoded_publisher_data];click=https://campaigns.williamhill.com/C.ashx?btag=a_1272b_328c_&affid=1564776&siteid=1272&adid=328&c=&MediaID=386&IsAd=1&IAref=https%3A%2F%2Fdonnael.com%2F&asclurl=;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?

Requested by

Host: wlwilliamhill.eacdn.com
URL: https://wlwilliamhill.eacdn.com/TrafficOpt/s.5.6.min.js?t=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

1891877d38db13f2058d9b178ef8190b0aeebafbdbd9ad102ab964f88ecc6f74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://campaigns.williamhill.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 30047
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 17:22:50 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK T.ashx Show response
campaigns.williamhill.com/ Frame B476 0
765 B 73ms
72ms Document
text/plain 20.93.81.72
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://campaigns.williamhill.com/T.ashx?btag=a_1272b_328c_&affid=1564776&siteid=1272&adid=328&c=&t=638403313702880000&MediaID=386&MediaIndex=0&XYZ=120%2610%26148%26%26%26%260%260%26%26

Requested by

Host: wlwilliamhill.eacdn.com
URL: https://wlwilliamhill.eacdn.com/TrafficOpt/s.5.6.min.js?t=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.93.81.72 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://campaigns.williamhill.com/I.ashx?btag=a_1272b_328c_&affid=1564776&siteid=1272&adid=328&c=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: private
Connection: keep-alive
Content-Length: 0
Date: Mon, 08 Jan 2024 17:22:50 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.2
X-Powered-By: ASP.NET
X-XSS-Protection: 1; mode=block
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

POST
H/1.1 200
OK ajax.php Show response
donnael.com/main-page-posts/ 30 KB
4 KB 535ms
535ms XHR
text/html 52.49.148.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://donnael.com/main-page-posts/ajax.php

Requested by

Host: donnael.com
URL: https://donnael.com/layout/scripts/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.49.148.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-148-87.eu-west-1.compute.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

de4a8c341c29b7696b8c6b85f3d249550518881dafd0b332d907b0d95e0018c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://donnael.com/Hockey.php/Sparta-Warriors/Stavanger-Oilers/179935/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Mon, 08 Jan 2024 17:22:50 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: nginx/1.18.0
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 4145

GET
H/1.1 200
OK norway.png
donnael.com/images/flags/ 611 B
1 KB 45ms
45ms Image
image/png 52.49.148.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://donnael.com/images/flags/norway.png

Requested by

Host: donnael.com
URL: https://donnael.com/Hockey.php/Sparta-Warriors/Stavanger-Oilers/179935/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.49.148.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-148-87.eu-west-1.compute.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

9a4473862ea2b9bd1c5e1543900416e693b33516cae53fde32e1c3a83d3382e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donnael.com/Hockey.php/Sparta-Warriors/Stavanger-Oilers/179935/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 17:22:50 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Mon, 16 Jan 2023 22:00:07 GMT
Server: nginx/1.18.0
ETag: "263-5f268b4ce67f4"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 611

GET
H2 200 Hockey_Norway_Sparta_Warriors.png
img.donnael.com/image/ 18 KB
18 KB 344ms
100ms Image
image/png 194.247.12.182
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.donnael.com/image/Hockey_Norway_Sparta_Warriors.png
Requested by: Host: donnael.com
URL: https://donnael.com/Hockey.php/Sparta-Warriors/Stavanger-Oilers/179935/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.247.12.182 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS: web113.default-host.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: ae28dc9daf469163b65245d2cf73d8984dd925091b0a6c0b6458b45ce40f9a60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donnael.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:22:50 GMT
last-modified: Tue, 11 Aug 2015 14:33:49 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "4863-51d09fd9499af"
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 18531
expires: Mon, 22 Jan 2024 17:22:50 GMT

GET
H2 200 Hockey_Norway_Stavanger_Oilers.png
img.donnael.com/image/ 13 KB
13 KB 345ms
101ms Image
image/png 194.247.12.182
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.donnael.com/image/Hockey_Norway_Stavanger_Oilers.png
Requested by: Host: donnael.com
URL: https://donnael.com/Hockey.php/Sparta-Warriors/Stavanger-Oilers/179935/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.247.12.182 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS: web113.default-host.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 1d1a67504ef7581180b4baa4324d7c888d11c5ffa8cf1f289d0b820e672d9977

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donnael.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:22:50 GMT
last-modified: Tue, 11 Aug 2015 14:33:49 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "3517-51d09fd9005cf"
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 13591
expires: Mon, 22 Jan 2024 17:22:50 GMT

GET
H/1.1 200
OK tenor.gif
donnael.com/images/ 9 KB
10 KB 44ms
44ms Image
image/gif 52.49.148.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://donnael.com/images/tenor.gif

Requested by

Host: donnael.com
URL: https://donnael.com/Hockey.php/Sparta-Warriors/Stavanger-Oilers/179935/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.49.148.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-148-87.eu-west-1.compute.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

8c2eb6a48bdaf70d84b6856aafc35a9cfa880ec5486b70d55ced577327a60fba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donnael.com/Hockey.php/Sparta-Warriors/Stavanger-Oilers/179935/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 17:22:50 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Thu, 12 Oct 2017 15:55:38 GMT
Server: nginx/1.18.0
ETag: "24d3-55b5b92499280"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9427

POST
H3 204 cspreport
news.google.com/swg/_/SubscribewithgoogleClientUi/ Frame 1A95 0
25 B 75ms
75ms Other
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/SubscribewithgoogleClientUi/cspreport

Requested by

Host: donnael.com
URL: https://donnael.com/Hockey.php/Sparta-Warriors/Stavanger-Oilers/179935/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport, script-src 'report-sample' 'nonce-pog7slywq8Q6I8jp8UmAmg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/swg/ui/v1/serviceiframe?_=1704734570281&sut=Ab9pFDY8wQEWO7ecl2F%2FNTNIgYGMMqepzkOLUsgF9Qb7AiyVhlceM68X9wdiRJ9ggJuRyFYKwZRqs%2Ff7JE5yoH%2F%2BIN3qhUfg1uyrtOwXWSVrZKA%3D&publicationId=CAowip2fDA
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 08 Jan 2024 17:22:50 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport, script-src 'report-sample' 'nonce-pog7slywq8Q6I8jp8UmAmg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 m=serviceiframeview,_b,_tp
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/ss/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.90_T0yP2Xdc.L.B1.O/am=gEEy/d=1/ed=1/rs=ABXTjI4oVLu2K_TnemnhZ31Wjpr9lwQ58A/ Frame 1A95 745 B
1 KB 68ms
21ms Stylesheet
text/css 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/ss/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.90_T0yP2Xdc.L.B1.O/am=gEEy/d=1/ed=1/rs=ABXTjI4oVLu2K_TnemnhZ31Wjpr9lwQ58A/m=serviceiframeview,_b,_tp

Requested by

Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=1704734570281&sut=Ab9pFDY8wQEWO7ecl2F%2FNTNIgYGMMqepzkOLUsgF9Qb7AiyVhlceM68X9wdiRJ9ggJuRyFYKwZRqs%2Ff7JE5yoH%2F%2BIN3qhUfg1uyrtOwXWSVrZKA%3D&publicationId=CAowip2fDA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1132ef1a0e1e66eb253ec8a331ae9b3607499da22a7ed9e4f4a95d07835fd60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 18:40:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 513725
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 400
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 04:47:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/css; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 01 Jan 2025 18:40:45 GMT

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.JtVuo8_pQVI.es5.O/am=gEEy/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTj... Frame 1A95 198 KB
70 KB 69ms
22ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.JtVuo8_pQVI.es5.O/am=gEEy/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI7d4drH3EWHZAh7cFE-k3z1ZLrIhg/m=_b,_tp

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5089c937da3e67adac3cf3db2568b9f19520ebb1761bf3661269665ffc7a7b71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 09:07:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 116107
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71487
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 18:01:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Mon, 06 Jan 2025 09:07:43 GMT

POST
H/1.1 204
No Content collect Show response
o.clarity.ms/ 0
291 B 790ms
336ms XHR
text/plain 52.152.143.207
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://o.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.152.143.207 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://donnael.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://donnael.com
Date: Mon, 08 Jan 2024 17:22:51 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H2 200 2013865845907017244
s0.2mdn.net/simgad/ Frame 3782 193 KB
193 KB 67ms
21ms Image
image/gif 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/2013865845907017244

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N189204.277573INCOMEACCESS/B23701631.265235729;sz=160x600;kw=[url_encoded_publisher_data];click=https://campaigns.williamhill.com/C.ashx?btag=a_1272b_328c_&affid=1564776&siteid=1272&adid=328&c=&MediaID=386&IsAd=1&IAref=https%3A%2F%2Fdonnael.com%2F&asclurl=;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ef78664b248487c0ef262cab2e051c35305af75f2c9bef4fa63f7e0995f9461

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Tue, 07 Jan 2025 09:40:12 GMT
date: Mon, 08 Jan 2024 09:40:12 GMT
x-content-type-options: nosniff
age: 27758
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 197290
x-xss-protection: 0
last-modified: Fri, 15 Dec 2023 10:39:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 sodar_loader.js Show response
pagead2.googlesyndication.com/pagead/js/r20240103/r20110914/xfa/ Frame 3782 11 KB
4 KB 68ms
21ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240103/r20110914/xfa/sodar_loader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3bd02027a83e7d07ff234f64d1e9e2bfd8fc70159cdc112d32602649b2d2ee05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:21:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7264
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4295
x-xss-protection: 0
server: cafe
etag: 1646794555727767260
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 15:21:46 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20240103/r20110914/elements/html/ Frame 3782 11 KB
5 KB 67ms
20ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240103/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:45:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9421
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 14415875674906819925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 14:45:49 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3782 204 KB
65 KB 82ms
33ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:22:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65775
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704286440049996"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 08 Jan 2024 17:22:50 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3782 0
0 113ms
60ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssPkB_7Wuqp3SC8uGGjZ-Xw0xzTc26XyLTRPdlAw5CK-_YbGgjPX5JbaK6Re5eJ_ME9-2oQy2qdCYYUxxNZsjxvOm-wq-fjuwJ2KH0Vh2PUxv9W8zfgSyHkfvtKJfojxpgerEq0CtCjqaRT3E0ZLrrjZhmjehYF8gzN&sai=AMfl-YR9QUdPEjNJpSHMoJyZmWMPHNY7h8-qHcE11BRk4Xj1xTu2nfxesTKif6ykFHjrxoANGvaACDMw6E7N5yw&sig=Cg0ArKJSzDoSXCy-yNeQEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20240103.03273&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:22:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 08 Jan 2024 17:22:50 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 3782 41 KB
14 KB 70ms
21ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 256662
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Jan 2025 18:05:08 GMT

GET
H2 200 m=W93Wdc Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.JtVuo8_pQVI.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.90_T0yP2Xdc.L.B1... Frame 1A95 130 KB
44 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.JtVuo8_pQVI.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.90_T0yP2Xdc.L.B1.O/am=gEEy/d=1/exm=_b,_tp/excm=_b,_tp,serviceiframeview/ed=1/wt=2/ujg=1/rs=ABXTjI4gC1Iv6OGRzluGjQPNItxy2tu4og/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=W93Wdc

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.JtVuo8_pQVI.es5.O/am=gEEy/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI7d4drH3EWHZAh7cFE-k3z1ZLrIhg/m=_b,_tp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aefe195dcc9d247fd9d922f6d82e655616dfc44c0e55bfbae670f4d1e9c37383

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 23:13:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 324572
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44795
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 04:47:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Jan 2025 23:13:18 GMT

GET
H2 200 m=Wt6vjf,hhhU8,FCpbqb,ws9Tlc,WhJNk Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.JtVuo8_pQVI.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.90_T0yP2Xdc.L.B1... Frame 1A95 4 KB
2 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.JtVuo8_pQVI.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.90_T0yP2Xdc.L.B1.O/am=gEEy/d=1/exm=W93Wdc,_b,_tp/excm=_b,_tp,serviceiframeview/ed=1/wt=2/ujg=1/rs=ABXTjI4gC1Iv6OGRzluGjQPNItxy2tu4og/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=Wt6vjf,hhhU8,FCpbqb,ws9Tlc,WhJNk

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daa6cec5b5f0aabe5c253f67d0231ae145ede1b00d41c1cb3495c3a85384bfa6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 23:13:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 324572
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1821
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 04:47:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Jan 2025 23:13:18 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 3782 8 KB
6 KB 103ms
63ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=r20100101&st=int

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20240103/r20110914/xfa/sodar_loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

67c8df5675bcf4511704d07628cf16cfe73813a35f6309bf96085105b7d87347

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:22:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6000
x-xss-protection: 0

GET
H2 200 m=LEikZe Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.JtVuo8_pQVI.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.90_T0yP2Xdc.L.B1... Frame 1A95 236 B
224 B 22ms
22ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.JtVuo8_pQVI.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.90_T0yP2Xdc.L.B1.O/am=gEEy/d=1/exm=FCpbqb,W93Wdc,WhJNk,Wt6vjf,_b,_tp,hhhU8,ws9Tlc/excm=_b,_tp,serviceiframeview/ed=1/wt=2/ujg=1/rs=ABXTjI4gC1Iv6OGRzluGjQPNItxy2tu4og/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=LEikZe

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

685ee1f5e122fdc218b11e4589efbbfc2c567087e94b65062b13c290aae43a6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 23:13:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 324572
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 160
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 04:47:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Jan 2025 23:13:18 GMT

GET
H2 200 m=bm51tf Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.JtVuo8_pQVI.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.90_T0yP2Xdc.L.B1... Frame 1A95 1 KB
860 B 19ms
19ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.JtVuo8_pQVI.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.90_T0yP2Xdc.L.B1.O/am=gEEy/d=1/exm=FCpbqb,LEikZe,W93Wdc,WhJNk,Wt6vjf,_b,_tp,hhhU8,ws9Tlc/excm=_b,_tp,serviceiframeview/ed=1/wt=2/ujg=1/rs=ABXTjI4gC1Iv6OGRzluGjQPNItxy2tu4og/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=bm51tf

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

360a0c4e734a2ac9119622c69f9b2472c58d2aa10bff1eb488bd5171fa470e5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 23:13:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 324572
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 04:47:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Jan 2025 23:13:18 GMT

GET
H2 200 m=RqjULd Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.JtVuo8_pQVI.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.90_T0yP2Xdc.L.B1... Frame 1A95 19 KB
6 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.JtVuo8_pQVI.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.90_T0yP2Xdc.L.B1.O/am=gEEy/d=1/exm=FCpbqb,LEikZe,W93Wdc,WhJNk,Wt6vjf,_b,_tp,bm51tf,hhhU8,ws9Tlc/excm=_b,_tp,serviceiframeview/ed=1/wt=2/ujg=1/rs=ABXTjI4gC1Iv6OGRzluGjQPNItxy2tu4og/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=RqjULd

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c9d05d33d85643fe4f99429796587fa62189731cfd4e094f63d4f115191148f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 23:13:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 324572
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6488
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 04:47:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Jan 2025 23:13:18 GMT

POST
H3 200 batchexecute Show response
news.google.com/swg/_/SubscribewithgoogleClientUi/data/ Frame 1A95 157 B
191 B 94ms
93ms XHR
application/json 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&source-path=%2Fswg%2Fui%2Fv1%2Fserviceiframe&f.sid=1740278833306415544&bl=boq_subscribewithgoogleclientserver_20240103.05_p0&hl=de&soc-app=673&soc-platform=1&soc-device=1&_reqid=66171&rt=c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

138b72395cab8ac91fc057234d66e1bb7d47a2610cff0a9a87317f1290574c7f

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Same-Domain: 1
Referer: https://news.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 08 Jan 2024 17:22:50 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
content-encoding: gzip
cross-origin-resource-policy: same-site
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 33E8 38 KB
13 KB 20ms
19ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 545852
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 02 Jan 2024 09:45:18 GMT
expires: Wed, 01 Jan 2025 09:45:18 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3782 0
0 60ms
59ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssPkB_7Wuqp3SC8uGGjZ-Xw0xzTc26XyLTRPdlAw5CK-_YbGgjPX5JbaK6Re5eJ_ME9-2oQy2qdCYYUxxNZsjxvOm-wq-fjuwJ2KH0Vh2PUxv9W8zfgSyHkfvtKJfojxpgerEq0CtCjqaRT3E0ZLrrjZhmjehYF8gzN&sai=AMfl-YR9QUdPEjNJpSHMoJyZmWMPHNY7h8-qHcE11BRk4Xj1xTu2nfxesTKif6ykFHjrxoANGvaACDMw6E7N5yw&sig=Cg0ArKJSzDoSXCy-yNeQEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=145&vt=11&dtpt=144&dett=2&cstd=0&cisv=r20240103.03273&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:22:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 m=n73qwf,GkRiKb,e5qFLc,IZT63,UUJqVe,O1Gjze,O6y8ed,PrPYRd,MpJwZc,XVMNvd,L1AAkb,KUM7Z,s39S4,SdcwHb,aW3pY,pw70Gc,wmnU7d,xQtZb,QIhFr,hc6Ubd,SpsfSb,Z5uLle,MdUzUe,zbML3c Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.JtVuo8_pQVI.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.90_T0yP2Xdc.L.B1... Frame 1A95 109 KB
36 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.JtVuo8_pQVI.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.90_T0yP2Xdc.L.B1.O/am=gEEy/d=1/exm=FCpbqb,LEikZe,RqjULd,W93Wdc,WhJNk,Wt6vjf,_b,_tp,bm51tf,hhhU8,ws9Tlc/excm=_b,_tp,serviceiframeview/ed=1/wt=2/ujg=1/rs=ABXTjI4gC1Iv6OGRzluGjQPNItxy2tu4og/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=n73qwf,GkRiKb,e5qFLc,IZT63,UUJqVe,O1Gjze,O6y8ed,PrPYRd,MpJwZc,XVMNvd,L1AAkb,KUM7Z,s39S4,SdcwHb,aW3pY,pw70Gc,wmnU7d,xQtZb,QIhFr,hc6Ubd,SpsfSb,Z5uLle,MdUzUe,zbML3c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff7eafadb82f284e91db870a49431c08af54cd90672e8f6146dbafff61837426

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 23:13:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 324572
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37245
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 04:47:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Jan 2025 23:13:18 GMT

GET
H2 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 33E8 39 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:55:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1613
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Jan 2025 16:55:57 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 3782 17 KB
6 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20240103/r20110914/xfa/sodar_loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:22:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 08 Jan 2024 17:22:50 GMT

POST
H2 200 log Show response
play.google.com/ Frame 1A95 131 B
273 B 33ms
33ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 08 Jan 2024 17:22:50 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://news.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 08 Jan 2024 17:22:50 GMT

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 69ms
27ms Preflight
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 08 Jan 2024 17:22:50 GMT
expires: Mon, 08 Jan 2024 17:22:50 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame 1A95 131 B
273 B 32ms
32ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 08 Jan 2024 17:22:50 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://news.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 08 Jan 2024 17:22:50 GMT

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 69ms
27ms Preflight
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 08 Jan 2024 17:22:50 GMT
expires: Mon, 08 Jan 2024 17:22:50 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 67ms
26ms Preflight
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 08 Jan 2024 17:22:50 GMT
expires: Mon, 08 Jan 2024 17:22:50 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame 1A95 131 B
487 B 32ms
31ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 08 Jan 2024 17:22:50 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://news.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 08 Jan 2024 17:22:50 GMT

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=362D836C139F4CDCB14EE9B87D14ED26&RedC=c.clarity.ms&MXFR=0C6928E9FB116C4F354A3CE9FF116280
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=362D836C139F4CDCB14EE9B87D14ED26&MUID=216054423E0560F31D6840423F8E6161

42 B
440 B

54ms
54ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=362D836C139F4CDCB14EE9B87D14ED26&MUID=216054423E0560F31D6840423F8E6161
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donnael.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 17:22:50 GMT
last-modified: Tue, 12 Dec 2023 19:03:29 GMT
server: Microsoft-IIS/10.0
etag: "e8d91e42d2dda1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 08 Jan 2024 17:22:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D345E7FFE2C64000825AD2BD7EE5C745 Ref B: FRA31EDGE0619 Ref C: 2024-01-08T17:22:50Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=362D836C139F4CDCB14EE9B87D14ED26&MUID=216054423E0560F31D6840423F8E6161
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame D267 39 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:55:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1613
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Jan 2025 16:55:57 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 33E8 0
20 B 57ms
57ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BlhLJai-cZZe0F6Sl9u8P_e-swAcAAAAAOAHgBAI&bg=!o6CloO_NAAY3kmNgF5I7ADQBe5WfOEaw7HKQAZABtd1RcxnndpQfhz8djiinZN81TCbEw3WF5gSBT6uIr5vWNihtGe_SAgAAADRSAAAAAmgBBwoAKWlYYHi69UBrCtzHxtRl3DNkYyQ2Ysz3WNtBK2C1hqOydL3lP-uILKC9mQMChAB6uEMOP8DyMLVVaPMv6NS-Y20fhoQ3eVgEyjSVn7L1FH8X1wKZo-E1XIdjRt4T-yyVMpGEAx8thxG7zODjkj6M4D-8c1nzq8Zf2Air0VB30v_r5bGgRH1yjtK0lwIYgvkDLYRa-igcSdm9wRFhUJN9aJF2lSd9jiHrufDaCA7h1Rsz3nfDh8R90aKkedkf5o232wRPg1atphwlepSJXI1HOAWFKYT3vxqCOCUnMW75-f8xcKrQHuKyXDsjaX8hRZTfpAGzWdaMkTw24iXio5GjWJ7oggDYcG37FLL0SqBOb_Rgo8xcgVDJBrKwiCTlgSNTBzG4kqW0O8cRMQ5u6M1XIJ55H40XeIPElCia9_w546pvUWPD8dQTvC9u-BKeFkj0h_71AwywuP0ne59r08qpqjym-Q-7uxmAZPKZg9Qlx1QaiSfzxwshbo8KGn1QS2kGHvApFZBnIgNGDBQ4qDvOz97dYaP2nZgxHXuyHnkJ5rN2BNd-qCrVultyBBNL5IHlBbC9PhtlepQ8L1eiGrZK3FldprQk3PAHgkbaugVqDhVe30bIL9PMKSDTwWCiZS-dbVWwsK-0I7ENaVY-pNGY1I4ecGxVEyatkRdbSnfGTWWAxS6bXrYV_5POLIn_YDeDgdzH_Uv7ym9-n34CQ2ZNrlrhleM-TTkU1FEgtG-bs9seR2dfgGTKxvS_5dUcGfh80BL324v2XYYFEi6Rygf_f7GyEM7wj_8DI94uVfSJKGYN7k-xggKRlmLg_6fAsbEBqSDGH9i9hUmasS1JnFon8iau0YT5jgoKLmbwfi1ZyWi2BjfsxsbwUWSPz2mNyba55nGaidnpAXjR6KLV_QmKX0Fh-6Pv5w3-bKyM__LwbL39aH6617d_rb4nsIOf-mGL9XzK8MftJdBLX-HzkXA2H4qYKSxu73JH-4jeLrklUWIXnp9qRPnSsR_E_XzDTNwQBZGcr-7tCE1kNHCEOCo4ZEBO6Fm74F0mf15NKQOBHlawm_ATIUAQ48ckCWmETlo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 17:22:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK hockey.jpg
donnael.com/images/banners/ 17 KB
17 KB 86ms
85ms Image
image/jpeg 52.49.148.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://donnael.com/images/banners/hockey.jpg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.49.148.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-148-87.eu-west-1.compute.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

5771f0744565465b8b7eaeefebfe55ab2e879313cb8cf2bd0b70e7189ecf5187

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donnael.com/Hockey.php/Sparta-Warriors/Stavanger-Oilers/179935/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 17:22:50 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Fri, 24 Feb 2023 15:37:53 GMT
Server: nginx/1.18.0
ETag: "43db-5f573e99d5640"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17371

GET
H2 200 bwin.png
img.donnael.com/image/banners/ 4 KB
4 KB 50ms
50ms Image
image/png 194.247.12.182
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.donnael.com/image/banners/bwin.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.247.12.182 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS: web113.default-host.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: b72b37dd0422111e88316f51899a6716ca785a2e90da0073a590d20bf6b640b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donnael.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:22:50 GMT
last-modified: Mon, 20 Mar 2023 15:23:38 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "ece-5f75682e0b9be"
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 3790
expires: Mon, 22 Jan 2024 17:22:50 GMT

GET
H2 200 bet_at_home.png
img.donnael.com/image/banners/ 4 KB
4 KB 53ms
52ms Image
image/png 194.247.12.182
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.donnael.com/image/banners/bet_at_home.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.247.12.182 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS: web113.default-host.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 6a68b2660f22464675bdfda23405ffc10a9820ca923e484e93f855f853de0a36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donnael.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:22:50 GMT
last-modified: Thu, 19 Oct 2023 16:36:04 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "ec7-608145a1eff5e"
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 3783
expires: Mon, 22 Jan 2024 17:22:50 GMT

GET
H2 200 pinnacle.jpg
img.donnael.com/image/banners/ 3 KB
4 KB 51ms
51ms Image
image/jpeg 194.247.12.182
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.donnael.com/image/banners/pinnacle.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.247.12.182 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS: web113.default-host.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 4f2b96abe4de312cee89d5434d7c9970a8be505d6cf83e386f0ef937f3cb8b73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donnael.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:22:50 GMT
last-modified: Mon, 20 Mar 2023 15:23:35 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "df9-5f75682b2760b"
content-type: image/jpeg
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 3577
expires: Mon, 22 Jan 2024 17:22:50 GMT

GET
H2 200 williamhill.png
img.donnael.com/image/banners/ 10 KB
10 KB 56ms
56ms Image
image/png 194.247.12.182
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.donnael.com/image/banners/williamhill.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.247.12.182 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS: web113.default-host.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c134a8d8d1827807e1c338901ab3f8d7f0ca3edf6450914694b3fba87b2c9f73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donnael.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:22:50 GMT
last-modified: Mon, 20 Mar 2023 15:23:32 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "279f-5f75682849fb7"
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 10143
expires: Mon, 22 Jan 2024 17:22:50 GMT

GET
H2 200 marathon.jpg
img.donnael.com/image/banners/ 2 KB
2 KB 54ms
53ms Image
image/jpeg 194.247.12.182
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.donnael.com/image/banners/marathon.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.247.12.182 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS: web113.default-host.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 969e67d0516c9ddd8f49dbde3689ae00ebefac0a4f9134ec6540e35583281837

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donnael.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:22:50 GMT
last-modified: Sat, 22 Apr 2023 12:33:44 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "788-5f9ebfc0810b4"
content-type: image/jpeg
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 1928
expires: Mon, 22 Jan 2024 17:22:50 GMT

GET
H2 200 bovada.jpg
img.donnael.com/image/banners/ 2 KB
2 KB 55ms
54ms Image
image/jpeg 194.247.12.182
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.donnael.com/image/banners/bovada.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.247.12.182 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS: web113.default-host.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: d134dc7f7f957b34f0f971044f5bf573f99538ceca82fec9edda01bd62bda7d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donnael.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:22:50 GMT
last-modified: Mon, 20 Mar 2023 15:23:39 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "6ba-5f75682e7dddc"
content-type: image/jpeg
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 1722
expires: Mon, 22 Jan 2024 17:22:50 GMT

POST
H/1.1 204
No Content collect Show response
o.clarity.ms/ 0
291 B 205ms
204ms XHR
text/plain 52.152.143.207
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://o.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.152.143.207 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://donnael.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://donnael.com
Date: Mon, 08 Jan 2024 17:22:51 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3782 42 B
64 B 57ms
57ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuwqGxuBjcH1dwy03uFW7eT5t5fx8ItXa_qv1_FO7E_PqKOSLAYPG49u1_2WJvtQepR_wgCPVH5e6Tvfl58C2ikF_If2FJANeAUe9vCMDDR-OHv&sig=Cg0ArKJSzFFvyAWFIM7SEAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240103&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=33&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704734570288&rpt=323&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 17:22:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
donnael.com/Hockey.php/Sparta-Warriors/Stavanger-Oilers/179935	1969-12-31 23:59:59	Name: Value: NaN
donnael.com/Hockey.php/Sparta-Warriors/Stavanger-Oilers/179935	1969-12-31 23:59:59	Name: offset Value: 1
donnael.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: jbuj6dvl06k9ifa1uuu0fpl7tt
.donnael.com/	1970-01-21 03:08:14	Name: sc_is_visitor_unique Value: rx7414147.1704734570.E4E4BC04A5214F09840BD88E1A91E2C1.1.1.1.1.1.1.1.1.1
.donnael.com/	1970-01-21 03:08:14	Name: _ga_67J3FCCWQR Value: GS1.1.1704734570.1.0.1704734570.60.0.0
.donnael.com/	1970-01-21 03:08:14	Name: _ga Value: GA1.1.652491964.1704734570
campaigns.williamhill.com/	1970-01-21 03:08:14	Name: CEK Value: a
www.clarity.ms/	1970-01-21 02:17:50	Name: CLID Value: 8ea69427bce446a88a5c6ceffd05588e.20240108.20250107
.donnael.com/	1970-01-21 02:17:50	Name: _clck Value: 1r69j2p%7C2%7Cfi8%7C0%7C1468
.statcounter.com/	1970-01-21 03:08:14	Name: is_unique Value: sc7414147.1704734570.0
campaigns.williamhill.com/	1970-01-20 19:41:50	Name: XYZ Value: 120&10&148&&&&0&1&&08ccc2ce-62f5-4f4c-9f29-43a5eaeafd87&a_1272b_328&&
campaigns.williamhill.com/	1970-01-20 19:41:50	Name: A_328 Value: a=328&r=0&fv=20240108&lv=20240108052250&vc=1&fc=0&lc=0&cc=0
.doubleclick.net/	1970-01-20 21:51:26	Name: APC Value: AfxxVi5z7bNYqbgAob4zvug34B2kauogevtWxclfQuIq2gBRH0rYRw
.doubleclick.net/	1970-01-21 02:53:50	Name: IDE Value: AHWqTUl8mA9QmhDPS7J8-ftnPXpmhaU9jLpIjH7RtTU1XDpVDXshid3irUqmDGHAKTw
.bing.com/	1970-01-21 02:53:50	Name: MUID Value: 216054423E0560F31D6840423F8E6161
.c.bing.com/	1970-01-20 17:42:19	Name: MR Value: 0
.c.bing.com/	1970-01-21 02:53:50	Name: SRM_B Value: 216054423E0560F31D6840423F8E6161
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 02:53:50	Name: MUID Value: 216054423E0560F31D6840423F8E6161
.c.clarity.ms/	1970-01-20 17:42:19	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 17:32:15	Name: ANONCHK Value: 0
.donnael.com/	1970-01-20 17:33:40	Name: _clsk Value: 15r61ng%7C1704734571159%7C1%7C1%7Co.clarity.ms%2Fcollect

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
c.bing.com
c.clarity.ms
c.statcounter.com
campaigns.williamhill.com
donnael.com
googleads4.g.doubleclick.net
img.donnael.com
news.google.com
o.clarity.ms
pagead2.googlesyndication.com
play.google.com
region1.analytics.google.com
s0.2mdn.net
stats.g.doubleclick.net
tpc.googlesyndication.com
wlwilliamhill.eacdn.com
www.clarity.ms
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.statcounter.com
104.20.95.138
142.250.181.230
194.247.12.182
20.93.81.72
2001:4860:4802:32::36
216.58.206.34
2620:1ec:46::45
2620:1ec:c11::200
2a00:1450:4001:803::2003
2a00:1450:4001:80f::2006
2a00:1450:4001:812::200e
2a00:1450:4001:81c::2001
2a00:1450:4001:827::2002
2a00:1450:4001:827::2008
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2003
2a00:1450:400c:c00::9c
52.152.143.207
52.49.148.87
68.219.88.97
0948e45357a36f6a9cb173ffa0d40de7f2442399f7a6c8c9dbec1c138543370f
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
10ad2eb28481eaee61455d905f74265f2160495459d47b7c0cb39263d42a30fb
11b8d317dbb1c4a558356b812d18a65a83da56d511b245fb3bf7862f214972bc
138b72395cab8ac91fc057234d66e1bb7d47a2610cff0a9a87317f1290574c7f
14fc3cd4e91a066734186c7fdfd8f8365371e89576caa8cf1b4c8283ea4381b9
1891877d38db13f2058d9b178ef8190b0aeebafbdbd9ad102ab964f88ecc6f74
1d1a67504ef7581180b4baa4324d7c888d11c5ffa8cf1f289d0b820e672d9977
2935e77ba4a31d658633687964df779e6a6acd911252186240c22eafeba8bc36
2c4b6ade9aa4548b635ce4babd1f1fd206ca7225a61bb105ad93de3b6834d6b2
360a0c4e734a2ac9119622c69f9b2472c58d2aa10bff1eb488bd5171fa470e5c
3bd02027a83e7d07ff234f64d1e9e2bfd8fc70159cdc112d32602649b2d2ee05
40dd8d5ca80f5a3e068465e99fd98c0303e8b237293ecae7910ed1b4f4172ae8
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4b34b1bbcc15dfdb80741dada8e243ec4d21a4dd3588d189e73927ec4182440a
4c9d05d33d85643fe4f99429796587fa62189731cfd4e094f63d4f115191148f
4e41e944029d1409dc9a9a01d356e2cdaeeed33d44fad3b06a7a74a138ae9edc
4f2b96abe4de312cee89d5434d7c9970a8be505d6cf83e386f0ef937f3cb8b73
4f32cc1faca9487d039fd2a4ffe0a4def1c65017d69ba1eb11b72aa5d8c33eb7
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5089c937da3e67adac3cf3db2568b9f19520ebb1761bf3661269665ffc7a7b71
5771f0744565465b8b7eaeefebfe55ab2e879313cb8cf2bd0b70e7189ecf5187
5ec8f2a3466f26fda9fee8e4a7521de11113b36faedee8d6a337ec0afcfca0fe
6158b4723a0c309007799226d5be7ec179c8c5e20228b344180eb71fbe96715a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
67c8df5675bcf4511704d07628cf16cfe73813a35f6309bf96085105b7d87347
685ee1f5e122fdc218b11e4589efbbfc2c567087e94b65062b13c290aae43a6e
6a68b2660f22464675bdfda23405ffc10a9820ca923e484e93f855f853de0a36
6b0e3324e429daca69f10b20ca426ca3d8988004230bff195b5e4e55f1792df7
6c28dcb52ba694c0b6bced69ed130c0d67a1a2238b41ac036f5264037eb99414
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
7809f038ce7734054ce121dc414cac781a1217ee6b58f9c8eb5f10fc16ba0c02
837cd33ab9189c174210a69a54282df86faffe2c6c42bb36fbeed32ba0c2e8cb
88192749e57dd3f87196fdc680f3f826fa7f967ffae4dfc8fe0f6718dab1531c
8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603
8c2eb6a48bdaf70d84b6856aafc35a9cfa880ec5486b70d55ced577327a60fba
8ef78664b248487c0ef262cab2e051c35305af75f2c9bef4fa63f7e0995f9461
8fa73ad0b9417ac75f861e9e22eeec8b91f0cf67560047162a1b1fdbe5116fe2
969e67d0516c9ddd8f49dbde3689ae00ebefac0a4f9134ec6540e35583281837
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a4473862ea2b9bd1c5e1543900416e693b33516cae53fde32e1c3a83d3382e4
9da96df665bfd5a5f47360b9e611f9b1e748bcb40f40aef989847f994e5cb218
a880fda88ec3f82476ad854651df1ce32bad3f75f780d8cbb6b312e5c8e27cac
ae28dc9daf469163b65245d2cf73d8984dd925091b0a6c0b6458b45ce40f9a60
aefe195dcc9d247fd9d922f6d82e655616dfc44c0e55bfbae670f4d1e9c37383
b72b37dd0422111e88316f51899a6716ca785a2e90da0073a590d20bf6b640b1
c134a8d8d1827807e1c338901ab3f8d7f0ca3edf6450914694b3fba87b2c9f73
ca02d1a91f43d6b8c5d8d127d04e95afb736ae1779577bde0a6f0641cc4f4893
caa3fccdd9ca7cb42f1316e5df673eec4c5552e9ff1254862ceb4e79d87e24d0
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
d134dc7f7f957b34f0f971044f5bf573f99538ceca82fec9edda01bd62bda7d7
d294e9f135178625096e835a473b8b028c8b6a13cd21d89f9a96cf68ea80b7c6
d35061382f7fe798bfdc81dd5837f6ebe1896bdb5c1cb1edbf960911821bcdd4
d3f912a825544184b6573c674a050d6e93231d6fb521ba4f5f4db4f3ad07fcec
d43d34bd072fefe8cc28ac399acb9b60beb8cb79a1e34955f239c2ab2b40c67e
daa6cec5b5f0aabe5c253f67d0231ae145ede1b00d41c1cb3495c3a85384bfa6
de4a8c341c29b7696b8c6b85f3d249550518881dafd0b332d907b0d95e0018c4
e07be80e60bedb545dbff5206e147243fcd63a485c33ab367f679d61e1d36846
e1132ef1a0e1e66eb253ec8a331ae9b3607499da22a7ed9e4f4a95d07835fd60
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e865915d8528d6d2be8ce6c2afbfe14bcf2e14077ff0c8ec394724eed0914b5a
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f077b38fb83002ec1e1a36bb2c5a37dac063dc8b7b058f863389b7c1187e0733
f72611e2df8e88204009fd896d05d5e8e83c77009c63943bbffa169559934849
f86bef16c190006cbf5b68c68ceab38d5360d9fd6b2c47010265bd023fd4e939
ff7eafadb82f284e91db870a49431c08af54cd90672e8f6146dbafff61837426
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

donnael.com Open in urlscan Pro 52.49.148.87 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

85 Requests

99 %HTTPS

62 %IPv6

14 Domains

23 Subdomains

20 IPs

6 Countries

1084 kBTransfer

2526 kBSize

22 Cookies

9 Outgoing links

Redirected requests

85 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

donnael.com Open in urlscan Pro
52.49.148.87 Public Scan

Screenshot
Live screenshot

Full Image

85
Requests

99 %
HTTPS

62 %
IPv6

14
Domains

23
Subdomains

20
IPs

6
Countries

1084 kB
Transfer

2526 kB
Size

22
Cookies

85 HTTP transactions
0 data transactions