hofoo22.fooroomtyv.com Open in urlscan Pro
104.21.31.24  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request GDSQBqCMaHZAW Show response hofoo22.fooroomtyv.com/embed/	16 KB 5 KB	242ms 166ms	Document text/html	104.21.31.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hofoo22.fooroomtyv.com/embed/GDSQBqCMaHZAW Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.31.24 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash be2cc65ec38582c91f11b6bdcebdc96cabf323fc406a48e380535e2d79e4d902 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers access-control-allow-credentials false access-control-allow-headers content-type, accept access-control-allow-methods GET, PUT, POST, DELETE, HEAD, OPTIONS access-control-allow-origin * * alt-svc h3=":443"; ma=86400 cache-control private cf-cache-status DYNAMIC cf-ray 8ead966a0fb439fc-YYZ content-encoding zstd content-type text/html; charset=utf-8 date Sat, 30 Nov 2024 20:29:05 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0x6k%2BXLfQOcSri56fJj61f%2FeGzlstTjm8bDTjEvMGF2iUGN1fP4ZR7X3D4aRGd0G8JgAao7aJdz0wVBgQYNshr%2BI2Y0cba0w9DOGff1Jk58HMvOKa9l6PkoXqwqL%2B7ARjDl5lH1YY9b2"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=TCP&rtt=27241&min_rtt=26497&rtt_var=5043&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3992&recv_bytes=2379&delivery_rate=137345&cwnd=150&unsent_bytes=0&cid=2f829476acf85c06&ts=176&x=0" x-aspnet-version 4.0.30319 x-aspnetmvc-version 5.3
GET H2	200	styles.css hofoo22.fooroomtyv.com/Content/	3 KB 2 KB	815ms 814ms	Stylesheet text/css	104.21.31.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hofoo22.fooroomtyv.com/Content/styles.css Requested by Host: hofoo22.fooroomtyv.com URL: https://hofoo22.fooroomtyv.com/embed/GDSQBqCMaHZAW Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.31.24 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2aaba1c6309575a7724d03abcee9213657f9e2eb1c54f605e9061192b2b9bfc7 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://hofoo22.fooroomtyv.com/embed/GDSQBqCMaHZAW Response headers content-encoding zstd cf-cache-status HIT etag W/"df86f19f434fd41:0" age 1402039 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FKS%2F%2FYRCaRZ8WfbkNWUsWqV5GXBjoSWDzmyLkljfxvLa5yg56yXzY41M1tpkdhiXWUq3kHCchg1nOR7yC%2Bf4GtvhZN99ymDBhYBcG27peCuDx5NzSFqoKGNqltCnTKbQwkxg3MSN05VL"}],"group":"cf-nel","max_age":604800} access-control-allow-methods GET, PUT, POST, DELETE, HEAD, OPTIONS alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=27348&min_rtt=26497&rtt_var=3031&sent=19&recv=16&lost=0&retrans=0&sent_bytes=9544&recv_bytes=2621&delivery_rate=377401&cwnd=153&unsent_bytes=0&cid=2f829476acf85c06&ts=1006&x=0" date Sat, 30 Nov 2024 20:29:05 GMT content-type text/css last-modified Tue, 18 Sep 2018 11:34:56 GMT vary Accept-Encoding access-control-allow-headers content-type, accept cache-control public, max-age=25920000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} access-control-allow-credentials false cf-ray 8ead96700eb339fc-YYZ access-control-allow-origin * server cloudflare
GET H2	200	crmv-vast511.min.js Show response hofoo22.fooroomtyv.com/Scripts/rmvmp511/	2 MB 328 KB	817ms 816ms	Script application/javascript	104.21.31.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hofoo22.fooroomtyv.com/Scripts/rmvmp511/crmv-vast511.min.js?v=6 Requested by Host: hofoo22.fooroomtyv.com URL: https://hofoo22.fooroomtyv.com/embed/GDSQBqCMaHZAW Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.31.24 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 81a156e37622cc61287598efb40f5cf7008d0f6866e6983c8dd409f436ec588b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://hofoo22.fooroomtyv.com/embed/GDSQBqCMaHZAW Response headers content-encoding zstd cf-cache-status HIT etag W/"ba2e187f5bdd61:0" age 1402039 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=su1k368YATx7sVspGuY9sSrsut%2Bir1ly9pxwTwVRmF%2FyWdA7qhWqefb32T8EX%2BPdNhnfI4aXZ9BiWD76iGlzEs%2Bd9qqTaVvrxkZ%2BEQ6TIcM0iU57ssRcopn%2FVOzwux5LBbLvTy2cTh%2Br"}],"group":"cf-nel","max_age":604800} access-control-allow-methods GET, PUT, POST, DELETE, HEAD, OPTIONS alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=27348&min_rtt=26497&rtt_var=3031&sent=22&recv=16&lost=0&retrans=0&sent_bytes=11262&recv_bytes=2621&delivery_rate=377401&cwnd=153&unsent_bytes=0&cid=2f829476acf85c06&ts=1008&x=0" date Sat, 30 Nov 2024 20:29:05 GMT content-type application/javascript last-modified Wed, 18 Nov 2020 21:55:29 GMT vary Accept-Encoding access-control-allow-headers content-type, accept cache-control public, max-age=25920000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} access-control-allow-credentials false cf-ray 8ead96700eb639fc-YYZ access-control-allow-origin * server cloudflare
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.1.1/	85 KB 30 KB	692ms 45ms	Script text/javascript	142.251.163.95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js Requested by Host: hofoo22.fooroomtyv.com URL: https://hofoo22.fooroomtyv.com/embed/GDSQBqCMaHZAW Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.163.95 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f95.1e100.net Software sffe / Resource Hash 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://hofoo22.fooroomtyv.com/ Response headers content-encoding gzip age 145839 report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} x-content-type-options nosniff expires Sat, 29 Nov 2025 03:58:26 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 29 Nov 2024 03:58:26 GMT last-modified Tue, 03 Mar 2020 19:15:00 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, max-age=31536000, stale-while-revalidate=2592000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers accept-ranges bytes access-control-allow-origin * content-length 30244 x-xss-protection 0 server sffe
GET		1 arsnivyr.com/	0 0
GET H2	200	js Show response www.googletagmanager.com/gtag/	318 KB 107 KB	407ms 57ms	Script application/javascript	142.251.167.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-6T0W0C33T6 Requested by Host: hofoo22.fooroomtyv.com URL: https://hofoo22.fooroomtyv.com/embed/GDSQBqCMaHZAW Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.167.97 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS ww-in-f97.1e100.net Software Google Tag Manager / Resource Hash 4fc78f1f1c29b287457b250f90e1f3abd4a5b4a704209edad0ba228cd174fd8d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://hofoo22.fooroomtyv.com/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Sat, 30 Nov 2024 20:29:06 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sat, 30 Nov 2024 20:29:06 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 109015 x-xss-protection 0 server Google Tag Manager
GET H2	200	ga.js Show response ssl.google-analytics.com/	45 KB 17 KB	146ms 46ms	Script text/javascript	142.250.31.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ssl.google-analytics.com/ga.js Requested by Host: hofoo22.fooroomtyv.com URL: https://hofoo22.fooroomtyv.com/embed/GDSQBqCMaHZAW Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.31.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS bj-in-f97.1e100.net Software Golfe2 / Resource Hash 1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://hofoo22.fooroomtyv.com/ Response headers content-encoding gzip age 1993 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:215:0"}],} x-content-type-options nosniff expires Sat, 30 Nov 2024 21:55:53 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sat, 30 Nov 2024 19:55:53 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT content-type text/javascript vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=7200 cross-origin-resource-policy cross-origin content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:215:0 cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 17168 server Golfe2
GET H3	200	rmp-s1.min.css hofoo22.fooroomtyv.com/Scripts/rmvmp511/css/	83 KB 14 KB	39ms 38ms	Stylesheet text/css	104.21.31.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hofoo22.fooroomtyv.com/Scripts/rmvmp511/css/rmp-s1.min.css Requested by Host: hofoo22.fooroomtyv.com URL: https://hofoo22.fooroomtyv.com/Scripts/rmvmp511/crmv-vast511.min.js?v=6 Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.31.24 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f7ca66138172ef4bde41b0cb74053f628ece0e9e6e31a35d1cbb830b558c1a91 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://hofoo22.fooroomtyv.com/embed/GDSQBqCMaHZAW Response headers content-encoding zstd cf-cache-status HIT etag W/"d5d1abf3bdd61:0" age 1404033 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=stOAF6ejJHxBDdrdxGmczKnahCKb9cZudRLmIfD8M2c2rtSErgAN9bGhhSTFbDTPMuKl2n8Zl0j87x18FFFWr2MDSpnSW8EZa6I1N9dbwzD6BybWsGbh2IdRHWWkEYH9FrsmNDTJazHc"}],"group":"cf-nel","max_age":604800} access-control-allow-methods GET, PUT, POST, DELETE, HEAD, OPTIONS alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=28080&min_rtt=24250&rtt_var=14332&sent=14&recv=8&lost=2&retrans=3&sent_bytes=4315&recv_bytes=3147&delivery_rate=926&cwnd=8400&unsent_bytes=0&cid=6bbc46be7f3b7099&ts=1101&x=1", cfHdrFlush;dur=0 date Sat, 30 Nov 2024 20:29:06 GMT content-type text/css last-modified Wed, 18 Nov 2020 21:42:09 GMT vary Accept-Encoding access-control-allow-headers content-type, accept cache-control public, max-age=25920000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} access-control-allow-credentials false cf-ray 8ead9671fce336bc-YYZ access-control-allow-origin * server cloudflare
GET H2	200	ima3.js Show response imasdk.googleapis.com/js/sdkloader/	424 KB 145 KB	171ms 47ms	Script text/javascript	142.251.111.95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/js/sdkloader/ima3.js Requested by Host: hofoo22.fooroomtyv.com URL: https://hofoo22.fooroomtyv.com/Scripts/rmvmp511/crmv-vast511.min.js?v=6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.111.95 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS bk-in-f95.1e100.net Software sffe / Resource Hash 977bd6573db0c146bae702f95e3af7a1f5d00899c3c9fb1afff078a71a893149 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://hofoo22.fooroomtyv.com/ Response headers cache-control private, max-age=900, stale-while-revalidate=3600 content-encoding gzip cross-origin-opener-policy same-origin; report-to="ads-doubleclick-instream-static" cross-origin-resource-policy cross-origin report-to {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} x-content-type-options nosniff expires Sat, 30 Nov 2024 20:29:06 GMT accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 148132 date Sat, 30 Nov 2024 20:29:06 GMT x-xss-protection 0 content-type text/javascript vary Accept-Encoding server sffe
GET H2	200	0.png bnj6.upfootvid.com/UpFiles/2024/11/30/51/292817/	68 KB 69 KB	355ms 272ms	Image image/png	104.21.13.23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bnj6.upfootvid.com/UpFiles/2024/11/30/51/292817/0.png?token=30112024222905 Requested by Host: hofoo22.fooroomtyv.com URL: https://hofoo22.fooroomtyv.com/embed/GDSQBqCMaHZAW Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.13.23 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eb2752d2aaa7588d4a464ea9f798c795c56ad4a7a677ff0a1cdb2d6a0d97f119 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://hofoo22.fooroomtyv.com/ Response headers cf-cache-status MISS etag "6e225beb6343db1:0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uytfkH55Mjkjlz8kRMX5yzpGAbRYHNq58hbEhOlHTni5SzU5AxGtDIKCWkUc3BO2WBDMjwWyPqu0KtOCKdVM6jwHliKTatDKXSASVX8Q072G%2FW0ndtovizi72uiqinabIGNG3C4%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-methods GET, PUT, POST, DELETE, HEAD, OPTIONS expires 604800 alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=32350&min_rtt=26699&rtt_var=14721&sent=9&recv=11&lost=0&retrans=1&sent_bytes=3839&recv_bytes=2296&delivery_rate=145747&cwnd=201&unsent_bytes=0&cid=d9f3e2e0ace5be2a&ts=282&x=0" date Sat, 30 Nov 2024 20:29:06 GMT content-type image/png last-modified Sat, 30 Nov 2024 20:10:36 GMT vary Accept-Encoding access-control-allow-headers X-Requested-With, origin, content-type, accept cache-control public, max-age=25920000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma public access-control-allow-credentials true cf-ray 8ead9672fb17ac5e-YYZ accept-ranges bytes access-control-allow-origin * content-length 69371 server cloudflare
GET H3	200	rmp-font.woff2 hofoo22.fooroomtyv.com/Scripts/rmvmp511/css/fonts/	9 KB 10 KB	38ms 37ms	Font font/x-woff2	104.21.31.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hofoo22.fooroomtyv.com/Scripts/rmvmp511/css/fonts/rmp-font.woff2?s73jsd Requested by Host: hofoo22.fooroomtyv.com URL: https://hofoo22.fooroomtyv.com/Scripts/rmvmp511/css/rmp-s1.min.css Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.31.24 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0f61c0b0df63d46075f6c7b82cfdcf833dcee642cfa41b55bbdec201c893359c Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://hofoo22.fooroomtyv.com Referer https://hofoo22.fooroomtyv.com/Scripts/rmvmp511/css/rmp-s1.min.css Response headers cf-cache-status HIT etag "cf3f81bff3bdd61:0" age 1401260 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PoysnlGNV9VkC%2FHATZ%2FLF4BVXzetsT144ifGVaZIUWUeOX1iLHmSYP3MFEzpfVToiMFf6GYXrhNS5BWTFixsDVWyrsgX6SzZ1maf15pN1AQ1ConFNkrscUASfF13p53dodHpwtNNNIgp"}],"group":"cf-nel","max_age":604800} access-control-allow-methods GET, PUT, POST, DELETE, HEAD, OPTIONS alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=30927&min_rtt=24250&rtt_var=6932&sent=29&recv=17&lost=2&retrans=3&sent_bytes=18990&recv_bytes=3862&delivery_rate=175384&cwnd=8400&unsent_bytes=0&cid=6bbc46be7f3b7099&ts=1195&x=1", cfHdrFlush;dur=0 date Sat, 30 Nov 2024 20:29:06 GMT content-type font/x-woff2 last-modified Wed, 18 Nov 2020 21:42:44 GMT vary Accept-Encoding access-control-allow-headers content-type, accept cache-control public, max-age=25920000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} access-control-allow-credentials false cf-ray 8ead96729d8736bc-YYZ accept-ranges bytes access-control-allow-origin * content-length 9204 server cloudflare
GET H2	200	__utm.gif ssl.google-analytics.com/r/	35 B 410 B	56ms 55ms	Image image/gif	142.250.31.97 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1531735380&utmhn=hofoo22.fooroomtyv.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-ca&utmje=0&utmfl=-&utmdt=West%20Ham%20v%20Arsenal&utmhid=1306135013&utmr=-&utmp=%2Fembed%2FGDSQBqCMaHZAW&utmht=1732998546382&utmac=UA-79429268-4&utmcc=__utma%3D94166148.1463724681.1732998546.1732998546.1732998546.1%3B%2B__utmz%3D94166148.1732998546.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1006679380&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ Requested by Host: hofoo22.fooroomtyv.com URL: https://hofoo22.fooroomtyv.com/embed/GDSQBqCMaHZAW Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.31.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS bj-in-f97.1e100.net Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://hofoo22.fooroomtyv.com/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:169:0"}],} x-content-type-options nosniff content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:169:0 expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 35 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sat, 30 Nov 2024 20:29:06 GMT last-modified Sun, 17 May 1998 03:00:00 GMT content-type image/gif server Golfe2
GET H3	200	ima_ppub_config Show response securepubads.g.doubleclick.net/pagead/	18 B 40 B	234ms 54ms	XHR application/json	172.253.122.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ima_ppub_config?ippd=https%3A%2F%2Fhofoo22.fooroomtyv.com%2Fembed%2FGDSQBqCMaHZAW Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.122.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bh-in-f156.1e100.net Software cafe / Resource Hash fb4ce9bca5bdc15e76e3f7ad190a83bca6a0b499257acc7281c31231697da075 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://hofoo22.fooroomtyv.com/ Response headers cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * content-encoding br cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Sat, 30 Nov 2024 20:29:06 GMT access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-length 16 date Sat, 30 Nov 2024 20:29:06 GMT x-xss-protection 0 content-type application/json; charset=UTF-8 content-disposition attachment; filename="f.txt" server cafe
GET H2	200	bridge3.677.0_en.html imasdk.googleapis.com/js/core/ Frame 4F34	0 0	1449ms 95ms	Document text/html	142.251.111.95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/js/core/bridge3.677.0_en.html Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.111.95 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS bk-in-f95.1e100.net Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://hofoo22.fooroomtyv.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers accept-ranges bytes age 108495 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 257602 content-type text/html cross-origin-opener-policy same-origin; report-to="ads-doubleclick-instream-static" cross-origin-resource-policy cross-origin date Fri, 29 Nov 2024 14:20:53 GMT expires Sat, 29 Nov 2025 14:20:53 GMT last-modified Wed, 20 Nov 2024 19:20:36 GMT report-to {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	client.js Show response s0.2mdn.net/instream/video/	44 KB 17 KB	248ms 92ms	Script text/javascript	172.253.122.149 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/instream/video/client.js Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.122.149 , United States, ASN15169 (GOOGLE, US), Reverse DNS bh-in-f149.1e100.net Software sffe / Resource Hash d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://hofoo22.fooroomtyv.com/ Response headers cache-control private, max-age=900 content-encoding gzip cross-origin-resource-policy cross-origin report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} x-content-type-options nosniff expires Sat, 30 Nov 2024 20:29:06 GMT accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" content-length 16746 date Sat, 30 Nov 2024 20:29:06 GMT x-xss-protection 0 content-type text/javascript vary Accept-Encoding server sffe
POST H3	200	292817 Show response hofoo22.fooroomtyv.com/PlayerAnalytics/TrackVideoHostStatus/	109 B 825 B	222ms 222ms	Fetch application/json	104.21.31.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hofoo22.fooroomtyv.com/PlayerAnalytics/TrackVideoHostStatus/292817 Requested by Host: hofoo22.fooroomtyv.com URL: https://hofoo22.fooroomtyv.com/Scripts/rmvmp511/crmv-vast511.min.js?v=6 Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.31.24 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cdc13e2c17fc0c67b652da5aa72d39167fb1bb8fa500813d4b2110e90568a749 Request headers Referer https://hofoo22.fooroomtyv.com/embed/GDSQBqCMaHZAW User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Accept application/json Content-Type application/json Response headers content-encoding zstd cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lM30qzCegYxLo3xIBIS7r3uK3AfmlxWkz1KpmqLHjgCoSxJA5ud6cpp2lKpwO6dj21lOSvT62RkfcJCj0oJNWzRiD1%2Fi4EEX%2Fe6JUzGxTJ5k8tcIH6qkZQmXwNBAzahFyYZDafyenBAW"}],"group":"cf-nel","max_age":604800} access-control-allow-methods GET, PUT, POST, DELETE, HEAD, OPTIONS alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=32565&min_rtt=24250&rtt_var=5846&sent=40&recv=24&lost=2&retrans=3&sent_bytes=29189&recv_bytes=4684&delivery_rate=211275&cwnd=8400&unsent_bytes=0&cid=6bbc46be7f3b7099&ts=1797&x=1", cfHdrFlush;dur=0 date Sat, 30 Nov 2024 20:29:06 GMT content-type application/json; charset=utf-8 access-control-allow-headers content-type, accept cache-control private x-aspnet-version 4.0.30319 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} access-control-allow-credentials false cf-ray 8ead967538a936bc-YYZ access-control-allow-origin same, * x-aspnetmvc-version 5.3 server cloudflare
GET H3	200	cast_sender.js Show response www.gstatic.com/cv/js/sender/v1/	4 KB 2 KB	96ms 47ms	Script text/javascript	172.253.63.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1 Requested by Host: hofoo22.fooroomtyv.com URL: https://hofoo22.fooroomtyv.com/Scripts/rmvmp511/crmv-vast511.min.js?v=6 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.63.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f94.1e100.net Software sffe / Resource Hash ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://hofoo22.fooroomtyv.com/ Response headers content-encoding gzip report-to {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]} x-content-type-options nosniff expires Sat, 30 Nov 2024 20:29:06 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sat, 30 Nov 2024 20:29:06 GMT content-type text/javascript vary Accept-Encoding last-modified Tue, 16 Feb 2021 23:57:06 GMT cache-control private, max-age=3000 cross-origin-opener-policy same-origin; report-to="cloudview" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview accept-ranges bytes content-length 2007 x-xss-protection 0 server sffe
GET H3	200	omweb-v1.js Show response pagead2.googlesyndication.com/omsdk/releases/live/ Frame 57C5	45 KB 16 KB	214ms 46ms	Script text/javascript	64.233.180.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js Protocol H3 Security QUIC, , AES_128_GCM Server 64.233.180.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS pe-in-f156.1e100.net Software sffe / Resource Hash 52d26e14225a6ca8e783f4b2115863bd90470e2b43e739865c309cd0d91c22a1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer Response headers content-encoding gzip age 1149 report-to {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]} x-content-type-options nosniff expires Sat, 30 Nov 2024 21:09:57 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sat, 30 Nov 2024 20:09:57 GMT last-modified Tue, 19 Nov 2024 15:43:57 GMT content-type text/javascript vary Accept-Encoding cache-control public, max-age=3600 cross-origin-opener-policy same-origin; report-to="omsdk-team-release-policy" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy accept-ranges bytes content-length 15725 x-xss-protection 0 server sffe
POST H2	204	collect www.google-analytics.com/g/	0 0	148ms 52ms	Fetch text/plain	142.251.167.139 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-6T0W0C33T6&gtm=45je4bk0v891005601za200&_p=1732998546215&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1875758014.1732998547&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1732998546&sct=1&seg=0&dl=https%3A%2F%2Fhofoo22.fooroomtyv.com%2Fembed%2FGDSQBqCMaHZAW&dt=West%20Ham%20v%20Arsenal&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1907 Requested by Host: hofoo22.fooroomtyv.com URL: https://hofoo22.fooroomtyv.com/Scripts/rmvmp511/crmv-vast511.min.js?v=6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.167.139 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS ww-in-f139.1e100.net Software Golfe2 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://hofoo22.fooroomtyv.com/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://hofoo22.fooroomtyv.com cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sat, 30 Nov 2024 20:29:06 GMT content-type text/plain server Golfe2
GET H2	200	js Show response www.googletagmanager.com/gtag/	210 KB 76 KB	56ms 55ms	Script application/javascript	142.251.167.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-79429268-4&l=dataLayer&cx=c&gtm=45je4bk0v891005601za200 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-6T0W0C33T6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.167.97 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS ww-in-f97.1e100.net Software Google Tag Manager / Resource Hash 0a0daa3f2d4aa7eb5b9fbabac5b007ee620fce52fcf5c26682644c08cf4d3e4f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://hofoo22.fooroomtyv.com/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Sat, 30 Nov 2024 20:29:06 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sat, 30 Nov 2024 20:29:06 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Sat, 30 Nov 2024 18:00:00 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 77337 x-xss-protection 0 server Google Tag Manager
GET H3	200	cast_framework.js Show response www.gstatic.com/cast/sdk/libs/sender/1.0/	35 KB 12 KB	50ms 50ms	Script text/javascript	172.253.63.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js Requested by Host: www.gstatic.com URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.63.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f94.1e100.net Software sffe / Resource Hash a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://hofoo22.fooroomtyv.com/ Response headers content-encoding gzip report-to {"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]} x-content-type-options nosniff expires Sat, 30 Nov 2024 20:29:06 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sat, 30 Nov 2024 20:29:06 GMT content-type text/javascript vary Accept-Encoding last-modified Mon, 14 Nov 2022 23:58:00 GMT cache-control private, max-age=0 cross-origin-opener-policy same-origin; report-to="chrome-dongle" cross-origin-resource-policy cross-origin accept-ranges bytes content-length 12197 x-xss-protection 0 server sffe
GET H3	200	cast_sender.js Show response www.gstatic.com/eureka/clank/131/	48 KB 14 KB	49ms 48ms	Script text/javascript	172.253.63.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/eureka/clank/131/cast_sender.js Requested by Host: www.gstatic.com URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.63.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f94.1e100.net Software sffe / Resource Hash b9ea7368bdeb874b872c57df21fdad4d93ce2219a6e32cb718ad1a8b9095773a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://hofoo22.fooroomtyv.com/ Response headers content-encoding gzip age 18191 report-to {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]} x-content-type-options nosniff expires Sun, 01 Dec 2024 15:25:55 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sat, 30 Nov 2024 15:25:55 GMT last-modified Mon, 07 Oct 2024 15:05:07 GMT content-type text/javascript vary Accept-Encoding cache-control public, max-age=86400 cross-origin-opener-policy same-origin; report-to="cloudview-release" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release accept-ranges bytes content-length 14212 x-xss-protection 0 server sffe
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	49ms 45ms	Script text/javascript	142.251.167.139 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-79429268-4&l=dataLayer&cx=c&gtm=45je4bk0v891005601za200 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.167.139 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS ww-in-f139.1e100.net Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://hofoo22.fooroomtyv.com/ Response headers content-encoding gzip age 2937 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],} x-content-type-options nosniff expires Sat, 30 Nov 2024 21:40:09 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sat, 30 Nov 2024 19:40:09 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT content-type text/javascript vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=7200 cross-origin-resource-policy cross-origin content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0 cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 20994 server Golfe2
GET H3	200	favicon.ico hofoo22.fooroomtyv.com/	4 KB 4 KB	48ms 47ms	Other image/x-icon	104.21.31.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hofoo22.fooroomtyv.com/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.31.24 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4e1902769489c2aa26a1ad2e5266fb996ef22d48119c51b5da38bd7c3d376535 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://hofoo22.fooroomtyv.com/embed/GDSQBqCMaHZAW Response headers content-encoding zstd cf-cache-status HIT etag W/"afdc395294ed61:0" age 12029980 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vF1rjAdWJ8l1m%2Bohnwub3SdPrlqF7cv%2FBFbMtRZe2550EFXKTnZS6GeSTebbTL1gIK3nyTEB4F9tj1ONY%2FOVNYHgvk%2BOAaruLtCXjoekiiJiQYVitV7FvSP2tg7SqlDCCo1RwgJRSKtw"}],"group":"cf-nel","max_age":604800} access-control-allow-methods GET, PUT, POST, DELETE, HEAD, OPTIONS alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=32065&min_rtt=24250&rtt_var=5384&sent=43&recv=26&lost=2&retrans=4&sent_bytes=30919&recv_bytes=5340&delivery_rate=5180&cwnd=8400&unsent_bytes=0&cid=6bbc46be7f3b7099&ts=3356&x=1", cfHdrFlush;dur=0 date Sat, 30 Nov 2024 20:29:08 GMT content-type image/x-icon last-modified Mon, 29 Jun 2020 15:25:56 GMT vary Accept-Encoding access-control-allow-headers content-type, accept cache-control public, max-age=25920000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} access-control-allow-credentials false cf-ray 8ead96800c1a36bc-YYZ access-control-allow-origin * server cloudflare
POST H2	204	collect www.google-analytics.com/g/	0 0	52ms 51ms	Fetch text/plain	142.251.167.139 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-6T0W0C33T6&gtm=45je4bk0v891005601za200&_p=1732998546215&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1875758014.1732998547&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1732998546&sct=1&seg=0&dl=https%3A%2F%2Fhofoo22.fooroomtyv.com%2Fembed%2FGDSQBqCMaHZAW&dt=West%20Ham%20v%20Arsenal&en=scroll&epn.percent_scrolled=90&_et=6&tfd=6914 Requested by Host: hofoo22.fooroomtyv.com URL: https://hofoo22.fooroomtyv.com/Scripts/rmvmp511/crmv-vast511.min.js?v=6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.167.139 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS ww-in-f139.1e100.net Software Golfe2 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://hofoo22.fooroomtyv.com/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://hofoo22.fooroomtyv.com cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sat, 30 Nov 2024 20:29:11 GMT content-type text/plain server Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

arsnivyr.com

URL

https://arsnivyr.com/1?z=5561100

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| Hls function| FuckAdBlock object| rmpGlobals function| RadiantMP function| $ function| jQuery object| _gaq function| gtag object| dataLayer object| settings string| elementID object| rmp object| rmpContainer object| env function| getParentDomainName function| trackVideoAds function| trackVideoHostedOn object| _gat object| gaGlobal object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator object| ggeac object| google_js_reporting_queue function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| google_tag_data object| closure_lm_348733 object| google_tag_manager function| onYouTubeIframeAPIReady object| cast string| GoogleAnalyticsObject function| ga object| closure_lm_47469 object| gaplugins object| gaData

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.hofoo22.fooroomtyv.com/	1970-01-21 10:59:18	Name: __utma Value: 94166148.1463724681.1732998546.1732998546.1732998546.1
			.hofoo22.fooroomtyv.com/	1969-12-31 23:59:59	Name: __utmc Value: 94166148
			.hofoo22.fooroomtyv.com/	1970-01-21 05:46:06	Name: __utmz Value: 94166148.1732998546.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
			.hofoo22.fooroomtyv.com/	1970-01-21 01:23:19	Name: __utmt Value: 1
			.hofoo22.fooroomtyv.com/	1970-01-21 01:23:20	Name: __utmb Value: 94166148.1.10.1732998546
			.fooroomtyv.com/	1970-01-21 10:59:18	Name: _ga_6T0W0C33T6 Value: GS1.1.1732998546.1.0.1732998546.0.0.0
			.fooroomtyv.com/	1970-01-21 10:59:18	Name: _ga Value: GA1.2.1875758014.1732998547
			.fooroomtyv.com/	1970-01-21 01:24:44	Name: _gid Value: GA1.2.206800612.1732998547

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://arsnivyr.com/1?z=5561100 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
rendering	warning	URL: https://hofoo22.fooroomtyv.com/embed/GDSQBqCMaHZAW(Line 14) Message: [GroupMarkerNotSet(crbug.com/242999)!:A0305A09AC0C0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
arsnivyr.com
bnj6.upfootvid.com
hofoo22.fooroomtyv.com
imasdk.googleapis.com
pagead2.googlesyndication.com
s0.2mdn.net
securepubads.g.doubleclick.net
ssl.google-analytics.com
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
arsnivyr.com
104.21.13.23
104.21.31.24
142.250.31.97
142.251.111.95
142.251.163.95
142.251.167.139
142.251.167.97
172.253.122.149
172.253.122.156
172.253.63.94
64.233.180.156
0a0daa3f2d4aa7eb5b9fbabac5b007ee620fce52fcf5c26682644c08cf4d3e4f
0f61c0b0df63d46075f6c7b82cfdcf833dcee642cfa41b55bbdec201c893359c
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
2aaba1c6309575a7724d03abcee9213657f9e2eb1c54f605e9061192b2b9bfc7
4e1902769489c2aa26a1ad2e5266fb996ef22d48119c51b5da38bd7c3d376535
4fc78f1f1c29b287457b250f90e1f3abd4a5b4a704209edad0ba228cd174fd8d
52d26e14225a6ca8e783f4b2115863bd90470e2b43e739865c309cd0d91c22a1
81a156e37622cc61287598efb40f5cf7008d0f6866e6983c8dd409f436ec588b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
977bd6573db0c146bae702f95e3af7a1f5d00899c3c9fb1afff078a71a893149
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
b9ea7368bdeb874b872c57df21fdad4d93ce2219a6e32cb718ad1a8b9095773a
be2cc65ec38582c91f11b6bdcebdc96cabf323fc406a48e380535e2d79e4d902
cdc13e2c17fc0c67b652da5aa72d39167fb1bb8fa500813d4b2110e90568a749
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
eb2752d2aaa7588d4a464ea9f798c795c56ad4a7a677ff0a1cdb2d6a0d97f119
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
f7ca66138172ef4bde41b0cb74053f628ece0e9e6e31a35d1cbb830b558c1a91
fb4ce9bca5bdc15e76e3f7ad190a83bca6a0b499257acc7281c31231697da075