urlscan.io logo urlscan.io
SecurityTrails logo

www.haxball.com Open in urlscan Pro
104.21.32.203  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.haxball.com/play?c=KwAMdEfR6us
Submission: On December 13 via manual from GT — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 27 IPs in 4 countries across 18 domains to perform 87 HTTP transactions. The main IP is 104.21.32.203, located in and belongs to CLOUDFLARENET, US. The main domain is www.haxball.com. The Cisco Umbrella rank of the primary domain is 490020.
TLS certificate: Issued by WE1 on December 6th 2024. Valid for: 3 months.
This is the only time www.haxball.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
16 104.21.32.203 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
8 198.24.167.210 19437 (SS-ASH)
2 2607:f8b0:400... 15169 (GOOGLE)
4 152.199.24.162 15133 (EDGECAST)
7 2607:f8b0:400... 15169 (GOOGLE)
2 198.24.170.27 19437 (SS-ASH)
1 64.31.34.110 46475 (LIMESTONE...)
1 68.67.181.231 29990 (ASN-APPNEX)
2 212.102.45.225 60068 (CDN77 Dat...)
1 2 18.238.49.74 16509 (AMAZON-02)
3 116.202.160.46 24940 (HETZNER-A...)
2 38.99.107.11 174 (COGENT-174)
1 34.96.70.202 396982 (GOOGLE-CL...)
3 65.108.231.149 24940 (HETZNER-A...)
2 2607:f8b0:400... 15169 (GOOGLE)
4 2600:141b:1c0... 20940 (AKAMAI-AS...)
3 142.251.40.230 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 38.98.69.171 174 (COGENT-174)
1 2 34.98.64.218 396982 (GOOGLE-CL...)
2 34.117.228.201 396982 (GOOGLE-CL...)
7 23.196.3.205 20940 (AKAMAI-AS...)
1 1 34.117.208.66 396982 (GOOGLE-CL...)
1 34.128.139.172 396982 (GOOGLE-CL...)
1 52.7.27.64 14618 (AMAZON-AES)
87 27
16    104.21.32.203 (None, )

ASN13335 (CLOUDFLARENET, US)
www.haxball.com
2    2607:f8b0:4006:80c::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
8    198.24.167.210 (Ashburn, United States)

ASN19437 (SS-ASH, US)
PTR: node155.mcprohosting.com
server.cpmstar.com
2    2607:f8b0:4006:81e::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    152.199.24.162 (United States)

ASN15133 (EDGECAST, US)
ssl.cdne.cpmstar.com
7    2607:f8b0:4006:817::2002 (United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    198.24.170.27 (Ashburn, United States)

ASN19437 (SS-ASH, US)
saproxy.cpmstar.com
1    64.31.34.110 (Los Angeles, United States)

ASN46475 (LIMESTONENETWORKS, US)
PTR: 110-34-31-64.static.reverse.lstn.net
shb.richaudience.com
1    68.67.181.231 (North Bergen, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 1044.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
2    212.102.45.225 (Denver, United States)

ASN60068 (CDN77 Datacamp Limited, GB)
PTR: unn-212-102-45-225.cdn77.com
static.sunmedia.tv
2    18.238.49.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-49-74.jfk52.r.cloudfront.net
sb.scorecardresearch.com
3    116.202.160.46 (Nuremberg, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.46.160.202.116.clients.your-server.de
t.richaudience.com
2    38.99.107.11 (Santa Clara, United States)

ASN174 (COGENT-174, US)
mpd.mxptint.net
1    34.96.70.202 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 202.70.96.34.bc.googleusercontent.com
ox-rtb-us-west1.openx.net
3    65.108.231.149 (Helsinki, Finland)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.149.231.108.65.clients.your-server.de
t2.richaudience.com
2    2607:f8b0:4006:81c::2002 (United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    2600:141b:1c00:f::172c:c9cc (Secaucus, United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
cdn.doubleverify.com
3    142.251.40.230 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f6.1e100.net
ad.doubleclick.net
2    2607:f8b0:4006:80f::2006 (United States)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    2607:f8b0:4006:80a::2001 (United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    38.98.69.171 (North Bergen, United States)

ASN174 (COGENT-174, US)
mpc.mxptint.net
2    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
2    34.117.228.201 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 201.228.117.34.bc.googleusercontent.com
tps.doubleverify.com
7    23.196.3.205 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-196-3-205.deploy.static.akamaitechnologies.com
c.evidon.com
1    34.117.208.66 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 66.208.117.34.bc.googleusercontent.com
sync.graph.bluecava.com
1    34.128.139.172 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 172.139.128.34.bc.googleusercontent.com
p.alcmpn.com
1    52.7.27.64 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-27-64.compute-1.amazonaws.com
l.evidon.com
Apex Domain
Subdomains		 Transfer
16 haxball.com
www.haxball.com — Cisco Umbrella Rank: 490020
316 KB
14 cpmstar.com
server.cpmstar.com — Cisco Umbrella Rank: 3384
ssl.cdne.cpmstar.com — Cisco Umbrella Rank: 46230
saproxy.cpmstar.com — Cisco Umbrella Rank: 115533
228 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
tpc.googlesyndication.com — Cisco Umbrella Rank: 173
138 KB
8 evidon.com
c.evidon.com — Cisco Umbrella Rank: 1794
l.evidon.com — Cisco Umbrella Rank: 1959
18 KB
7 richaudience.com
shb.richaudience.com — Cisco Umbrella Rank: 4166
t.richaudience.com — Cisco Umbrella Rank: 15366
t2.richaudience.com — Cisco Umbrella Rank: 22067
9 KB
6 doubleverify.com
cdn.doubleverify.com — Cisco Umbrella Rank: 481
tps.doubleverify.com — Cisco Umbrella Rank: 516
92 KB
3 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 145
33 KB
3 openx.net
ox-rtb-us-west1.openx.net — Cisco Umbrella Rank: 5317
us-u.openx.net — Cisco Umbrella Rank: 525
616 B
3 mxptint.net
mpd.mxptint.net — Cisco Umbrella Rank: 18877
mpc.mxptint.net — Cisco Umbrella Rank: 21577
8 KB
2 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 373
41 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 332
33 KB
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 186
778 B
2 sunmedia.tv
static.sunmedia.tv — Cisco Umbrella Rank: 23747
7 KB
2 gstatic.com
fonts.gstatic.com
47 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
1 alcmpn.com
p.alcmpn.com — Cisco Umbrella Rank: 3304
282 B
1 bluecava.com
sync.graph.bluecava.com — Cisco Umbrella Rank: 2390
769 B
1 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 281
828 B
87 18
Domain Requested by
16 www.haxball.com www.haxball.com
8 server.cpmstar.com www.haxball.com
server.cpmstar.com
ssl.cdne.cpmstar.com
7 c.evidon.com s0.2mdn.net
c.evidon.com
www.haxball.com
7 pagead2.googlesyndication.com ssl.cdne.cpmstar.com
ad.doubleclick.net
www.haxball.com
s0.2mdn.net
pagead2.googlesyndication.com
4 cdn.doubleverify.com mpd.mxptint.net
www.haxball.com
s0.2mdn.net
cdn.doubleverify.com
4 ssl.cdne.cpmstar.com server.cpmstar.com
ssl.cdne.cpmstar.com
3 ad.doubleclick.net www.googletagservices.com
www.haxball.com
3 t2.richaudience.com www.haxball.com
3 t.richaudience.com www.haxball.com
2 tps.doubleverify.com cdn.doubleverify.com
2 us-u.openx.net 1 redirects www.haxball.com
2 tpc.googlesyndication.com www.haxball.com
tpc.googlesyndication.com
2 s0.2mdn.net www.haxball.com
s0.2mdn.net
2 www.googletagservices.com mpd.mxptint.net
www.googletagservices.com
2 mpd.mxptint.net static.sunmedia.tv
mpd.mxptint.net
2 sb.scorecardresearch.com 1 redirects www.haxball.com
2 static.sunmedia.tv www.haxball.com
2 saproxy.cpmstar.com ssl.cdne.cpmstar.com
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com www.haxball.com
1 l.evidon.com www.haxball.com
1 p.alcmpn.com www.haxball.com
1 sync.graph.bluecava.com 1 redirects
1 mpc.mxptint.net www.haxball.com
1 ox-rtb-us-west1.openx.net static.sunmedia.tv
1 ib.adnxs.com ssl.cdne.cpmstar.com
1 shb.richaudience.com ssl.cdne.cpmstar.com
87 27

This site contains links to these domains. Also see Links.

Domain
blog.haxball.com
Subject Issuer Validity Valid
haxball.com
WE1		 2024-12-06 -
2025-03-06		 3 months crt.sh
upload.video.google.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
server.cpmstar.com
Go Daddy Secure Certificate Authority - G2		 2024-07-20 -
2025-08-21		 a year crt.sh
*.gstatic.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
ssl.cdne.cpmstar.com
Go Daddy Secure Certificate Authority - G2		 2024-02-25 -
2025-03-28		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
saproxy.cpmstar.com
R11		 2024-11-18 -
2025-02-16		 3 months crt.sh
*.richaudience.com
RapidSSL TLS RSA CA G1		 2024-02-14 -
2025-02-25		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2024-02-14 -
2025-03-16		 a year crt.sh
sunmedia.tv
E6		 2024-10-13 -
2025-01-11		 3 months crt.sh
*.mxptint.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-06-26 -
2025-07-10		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2024-08-14 -
2025-08-18		 a year crt.sh
*.doubleverify.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-03-11 -
2025-03-14		 a year crt.sh
*.doubleclick.net
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
tpc.googlesyndication.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
*.tps.doubleverify.com
Go Daddy Secure Certificate Authority - G2		 2024-07-30 -
2025-08-31		 a year crt.sh
betrad.com
R10		 2024-11-05 -
2025-02-03		 3 months crt.sh
*.evidon.com
Amazon RSA 2048 M02		 2024-08-08 -
2025-09-06		 a year crt.sh

This page contains 9 frames:

Primary Page: https://www.haxball.com/play?c=KwAMdEfR6us
Frame ID: 1D0ED32452D25363841E01BF6456EF36
Requests: 22 HTTP requests in this frame

Frame: https://www.haxball.com/30xIZB1N/__cache_static__/g/game.html
Frame ID: 49917F53E832C86FD6EC764F728094B5
Requests: 18 HTTP requests in this frame

Frame: https://static.sunmedia.tv/sdks/ssp-display/0.1.0/ssp-display.js
Frame ID: 957C1FA458E5B9BB726D47F5482976C8
Requests: 9 HTTP requests in this frame

Frame: https://mpd.mxptint.net/1/S1/G1/T4806/js?siz=160x600&cpd=315623&ssl=1&mid=B4E6EC_1207EF8E0_4825239&bp=0.596913&dm=CE16F919505D2D5CCEF73833754385B5&ri=0&adid=1&uuid=BC0H_98U5wnEZomve49cv-8&gve=B2D1E0914D684F09EB68F9C6E145DD81&ghc=65CB7D1A0023&pub=539625136&dt=2&spox=AAABk8H-IR5109n4ouICU29EuT1iAqXXQh3J5g
Frame ID: F43079718AB4699FA4F1E2EAEC9679AB
Requests: 28 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements7000.js
Frame ID: 1F13EF9668A9E1342BC5E5497F6F96D4
Requests: 3 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=2eba3060-f578-4886-93a0-d9a2346966ea
Frame ID: 18FECC71625F9315A0849673D35A98F8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 5BF26A937D963D324B9BE7A097834507
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/1693508555456514535/index.html?ev=01_253
Frame ID: 94F04B3D3C1016A8C01897352E7B3E0F
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements7000.js
Frame ID: D1F2B37B2D16A7D2F5C0F4005050F49D
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Haxball Play

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • c\.evidon\.com
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Page Statistics

87
Requests

91 %
HTTPS

26 %
IPv6

18
Domains

27
Subdomains

27
IPs

4
Countries

975 kB
Transfer

3054 kB
Size

20
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42
  • https://sb.scorecardresearch.com/p?c1=8&c2=21892462&c3=1001000630&c15=&cv=3.6.0&cj=1 HTTP 302
  • https://sb.scorecardresearch.com/p2?c1=8&c2=21892462&c3=1001000630&c15=&cv=3.6.0&cj=1
Request Chain 59
  • https://us-u.openx.net/w/1.0/pd?plm=6&ph=2eba3060-f578-4886-93a0-d9a2346966ea HTTP 302
  • https://us-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=2eba3060-f578-4886-93a0-d9a2346966ea
Request Chain 68
  • https://sync.graph.bluecava.com/ds.png?p=5d240b6c-d95e-11ed-8f0e-4201ac10000e&CID=CX320635&Site=N1277702.711084VALASSISCOMMUNICA&PID=382526821&CreativeID=225020658&Tagtype=Event&DeviceID=1&Key7=1&Key8=&Key9=&Key10= HTTP 302
  • https://p.alcmpn.com/idr/ven/1042/idr.gif?fpid=541ff24c-1c3e-41fb-b505-22a59b0e8724&chained=true

87 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request play
www.haxball.com/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.haxball.com/play?c=KwAMdEfR6us
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.32.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f16a77491c7ec1f48b0bc9139fa411fb71067823a2ebfa4d4aee1080d793351
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8f1927cd6bd4c360-EWR
content-encoding
zstd
content-type
text/html
date
Fri, 13 Dec 2024 21:47:56 GMT
expires
Fri, 13 Dec 2024 21:47:55 GMT
last-modified
Tue, 17 Sep 2024 11:17:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rKgMkc85TSEC%2Bnl7d6ZSWdnY1lOsPOeMOeyx99%2BGQH8ccxwQyRzhQ6z%2FJ%2BSPygYCjgZpz7qUz3vj%2B1%2Bl5zpKUqbvVe%2FbWDxwARzyKeYwsw9UogHE%2F1zCqSboV1NHYt0SAt0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=26357&min_rtt=26261&rtt_var=9917&sent=10&recv=7&lost=0&retrans=0&sent_bytes=4096&recv_bytes=4368&delivery_rate=107512&cwnd=12000&unsent_bytes=0&cid=14e877625f54824f&ts=52&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
style.css
www.haxball.com/30xIZB1N/s/ 		5 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.haxball.com/30xIZB1N/s/style.css
Requested by
Host: www.haxball.com
URL: https://www.haxball.com/play?c=KwAMdEfR6us
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.32.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8476eb0332838ea9448ce888c5f5c031731d1fb9368b408ff506bfb73bef50de

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.haxball.com/play?c=KwAMdEfR6us

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"644e6e9f-14ec"
age
2370226
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DQeT6a5DZVahoXZngljyNuk%2BicQc%2BPdkTLZIBZgYZqlLrM7%2BSTxDt3Sr4BXcPsr04itj1x%2FtINVy%2B3cvC59lqnf1D3pEG9ggN%2BYpJEEM4aFchjEyMoBA55aNo7qlCFH3nFA%3D"}],"group":"cf-nel","max_age":604800}
expires
Mon, 16 Dec 2024 11:24:10 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=27158&min_rtt=22057&rtt_var=6879&sent=14&recv=11&lost=0&retrans=0&sent_bytes=5611&recv_bytes=4834&delivery_rate=53205&cwnd=12000&unsent_bytes=0&cid=14e877625f54824f&ts=101&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 13 Dec 2024 21:47:56 GMT
content-type
text/css
last-modified
Sun, 30 Apr 2023 13:35:27 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=2592000, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f1927cdcc31c360-EWR
server
cloudflare
css
fonts.googleapis.com/ 		17 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700
Requested by
Host: www.haxball.com
URL: https://www.haxball.com/play?c=KwAMdEfR6us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab1dc4bdcd239cd0d211870064f9481caea7191febf67aa4301671d64ec6e8d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.haxball.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 13 Dec 2024 21:47:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 13 Dec 2024 21:47:56 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 13 Dec 2024 19:56:04 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
game.html
www.haxball.com/30xIZB1N/__cache_static__/g/ Frame 4991 		984 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.haxball.com/30xIZB1N/__cache_static__/g/game.html
Requested by
Host: www.haxball.com
URL: https://www.haxball.com/play?c=KwAMdEfR6us
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.32.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5250d21b41b504df3f934916a7b359fe545a5d20eceb62b4bd0d7bc11836ff69
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.haxball.com/play?c=KwAMdEfR6us
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
3841
alt-svc
h3=":443"; ma=86400
cache-control
max-age=3600
cf-cache-status
HIT
cf-ray
8f1927cdec70c360-EWR
content-encoding
zstd
content-type
text/html
date
Fri, 13 Dec 2024 21:47:56 GMT
expires
Fri, 13 Dec 2024 20:43:54 GMT
last-modified
Fri, 21 Apr 2023 15:47:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gypLRaqwJjPyMxbh4fMqtZmbAwMHP7SOo7q%2BnwpKUcfPZS7Mdi9JJ0wyuvdFQoeNHbEcXTHKt5FxZ95q%2BxPsnC0Zh5ZSbjeho8d9BHJJ%2Ftn%2Bxp41LD%2FDEbYkRByDiJ2ltcM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=28234&min_rtt=22057&rtt_var=7311&sent=18&recv=13&lost=0&retrans=0&sent_bytes=8403&recv_bytes=5313&delivery_rate=67099&cwnd=12000&unsent_bytes=0&cid=14e877625f54824f&ts=128&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
fontello.css
www.haxball.com/30xIZB1N/__cache_static__/g/icons/css/ Frame 4991 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.haxball.com/30xIZB1N/__cache_static__/g/icons/css/fontello.css
Requested by
Host: www.haxball.com
URL: https://www.haxball.com/30xIZB1N/__cache_static__/g/game.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.32.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85cae05e8108f18d094b4eed3c7e3ecb1dc6516f16d25445a1a78f064b75ab2a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.haxball.com/30xIZB1N/__cache_static__/g/game.html

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"644cbe0a-dcf"
age
2153
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qQON11a0Audw8CGKMaK%2BBHzN3QBHv3E%2B1yEkvlO4NnKLHK4LOLwkkSOxw1W%2FQr8UDl2cRBRSAmay6fq1mCnmIADQXL109OXDpuW8gffP3XgPgtyTrpKW8L9mCPnrV83EbGU%3D"}],"group":"cf-nel","max_age":604800}
expires
Sun, 12 Jan 2025 21:12:03 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=32810&min_rtt=22057&rtt_var=5221&sent=52&recv=27&lost=0&retrans=0&sent_bytes=43718&recv_bytes=7922&delivery_rate=318519&cwnd=22800&unsent_bytes=0&cid=14e877625f54824f&ts=216&x=1", cfExtPri, cfHdrFlush;dur=14
date
Fri, 13 Dec 2024 21:47:56 GMT
content-type
text/css
last-modified
Sat, 29 Apr 2023 06:49:46 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f1927ce4cd8c360-EWR
server
cloudflare
game.css
www.haxball.com/30xIZB1N/__cache_static__/g/ Frame 4991 		46 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.haxball.com/30xIZB1N/__cache_static__/g/game.css
Requested by
Host: www.haxball.com
URL: https://www.haxball.com/30xIZB1N/__cache_static__/g/game.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.32.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3ec8d5cae103c9fddf86a62cb7c2213fba05392e9b21e358f763937b4f56e94

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.haxball.com/30xIZB1N/__cache_static__/g/game.html

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"65d804f9-b883"
age
3570
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l0iNPSAd5TqxftTdmQOzwVEGW4H2ROm9burr3cUotVitbWa6RPZHUArbLXUCeyo3sxkRGy%2B%2BVIyX9Mru1o1Qirv0HGM%2B7pNARSP3tLwtS2WvbiKT2B%2B4AVzxoLAkjRegv4Q%3D"}],"group":"cf-nel","max_age":604800}
expires
Sun, 12 Jan 2025 20:48:26 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=29775&min_rtt=22057&rtt_var=6852&sent=22&recv=22&lost=0&retrans=0&sent_bytes=9658&recv_bytes=7707&delivery_rate=56216&cwnd=12000&unsent_bytes=0&cid=14e877625f54824f&ts=189&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 13 Dec 2024 21:47:56 GMT
content-type
text/css
last-modified
Fri, 23 Feb 2024 02:37:45 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f1927ce4cdec360-EWR
server
cloudflare
css
fonts.googleapis.com/ Frame 4991 		17 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700
Requested by
Host: www.haxball.com
URL: https://www.haxball.com/30xIZB1N/__cache_static__/g/game.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab1dc4bdcd239cd0d211870064f9481caea7191febf67aa4301671d64ec6e8d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.haxball.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 13 Dec 2024 21:47:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 13 Dec 2024 21:47:56 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 13 Dec 2024 19:56:04 GMT
x-frame-options
SAMEORIGIN
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
pako-jszip.min.js
www.haxball.com/30xIZB1N/__cache_static__/g/vendor/ Frame 4991 		73 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.haxball.com/30xIZB1N/__cache_static__/g/vendor/pako-jszip.min.js
Requested by
Host: www.haxball.com
URL: https://www.haxball.com/30xIZB1N/__cache_static__/g/game.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.32.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20284e99a96bdfd2d1549b7cbf69388b5fd1dab300bb39d83bdfd8cb6efa3ef7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.haxball.com/30xIZB1N/__cache_static__/g/game.html

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"6442b006-122e4"
age
9237
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3ou5oB6UTZQP2SBrgylxwdRCcS3xXIKTRfhDrSmsu6m1dI3kZDYXV6p4xNwqQdoO3i%2Fx8bY6%2BeY%2F2lqGQBY9OYrsDrgRCPdXseJ0UZiLJhHSQt7IOvXKzR6YmwOdn1oMcYM%3D"}],"group":"cf-nel","max_age":604800}
expires
Sun, 12 Jan 2025 19:13:59 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=29775&min_rtt=22057&rtt_var=6852&sent=33&recv=22&lost=0&retrans=0&sent_bytes=21658&recv_bytes=7707&delivery_rate=56216&cwnd=12000&unsent_bytes=0&cid=14e877625f54824f&ts=200&x=1", cfExtPri, cfHdrFlush;dur=11
date
Fri, 13 Dec 2024 21:47:56 GMT
content-type
application/javascript
last-modified
Fri, 21 Apr 2023 15:47:18 GMT
vary
Accept-Encoding
priority
u=3,i=?0
cache-control
public, max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f1927ce5ce2c360-EWR
server
cloudflare
perfect-scrollbar.min.js
www.haxball.com/30xIZB1N/__cache_static__/g/vendor/ Frame 4991 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.haxball.com/30xIZB1N/__cache_static__/g/vendor/perfect-scrollbar.min.js
Requested by
Host: www.haxball.com
URL: https://www.haxball.com/30xIZB1N/__cache_static__/g/game.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.32.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff9c685f18f1a3434609a0765ccfbc5901fa704637906dd1753931197df4a854

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.haxball.com/30xIZB1N/__cache_static__/g/game.html

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"6442b006-4662"
age
3570
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ed%2BYOXtyLyjmEuqQu3gYq7W3msoSZHkI6tYNu1JiUipIDkPa1pgiFWVon%2BbuGyjKOlGm8WpigdUR1GswD7pIAPtJylNLxP%2FvMSp2nUlEqlsjrV%2BcGWILkvSfRA%2FXDt6hYg8%3D"}],"group":"cf-nel","max_age":604800}
expires
Sun, 12 Jan 2025 20:48:26 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=32810&min_rtt=22057&rtt_var=5221&sent=52&recv=27&lost=0&retrans=0&sent_bytes=43718&recv_bytes=7922&delivery_rate=318519&cwnd=22800&unsent_bytes=0&cid=14e877625f54824f&ts=214&x=1", cfExtPri, cfHdrFlush;dur=20
date
Fri, 13 Dec 2024 21:47:56 GMT
content-type
application/javascript
last-modified
Fri, 21 Apr 2023 15:47:18 GMT
vary
Accept-Encoding
priority
u=3,i=?0
cache-control
public, max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f1927ce5ce5c360-EWR
server
cloudflare
json5.min.js
www.haxball.com/30xIZB1N/__cache_static__/g/vendor/ Frame 4991 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.haxball.com/30xIZB1N/__cache_static__/g/vendor/json5.min.js
Requested by
Host: www.haxball.com
URL: https://www.haxball.com/30xIZB1N/__cache_static__/g/game.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.32.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9504adee5f48fa0a97ee4e0ea82d31ac13d6d776b540a01d17761e17dfb6653

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.haxball.com/30xIZB1N/__cache_static__/g/game.html

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"6442b006-cf6"
age
2153
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qUp2ChN6EmAj2ABY2MPO0hz%2Bbdz9KoNyCQJ3%2ByPc76TksKshcHHw2cloJhwhRfz3NrpzRFxuICkPFBZz6EaLwnDFAT7%2FOctVQT8Ca4BAdsNGCwiOsz3ghew7jDpOPYO3BE8%3D"}],"group":"cf-nel","max_age":604800}
expires
Sun, 12 Jan 2025 21:12:03 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=32810&min_rtt=22057&rtt_var=5221&sent=52&recv=27&lost=0&retrans=0&sent_bytes=43718&recv_bytes=7922&delivery_rate=318519&cwnd=22800&unsent_bytes=0&cid=14e877625f54824f&ts=220&x=1", cfExtPri, cfHdrFlush;dur=14
date
Fri, 13 Dec 2024 21:47:56 GMT
content-type
application/javascript
last-modified
Fri, 21 Apr 2023 15:47:18 GMT
vary
Accept-Encoding
priority
u=3,i=?0
cache-control
public, max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f1927ce5ce6c360-EWR
server
cloudflare
modernizr-custom.js
www.haxball.com/30xIZB1N/__cache_static__/g/ Frame 4991 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.haxball.com/30xIZB1N/__cache_static__/g/modernizr-custom.js
Requested by
Host: www.haxball.com
URL: https://www.haxball.com/30xIZB1N/__cache_static__/g/game.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.32.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a374791cc6a5d9082b6df772a3eda50c8f00b848a60fce9d8ba8ab35392fd22

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.haxball.com/30xIZB1N/__cache_static__/g/game.html

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"6442b006-17d3"
age
2153
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4p2ca6ARFij20PZLqUcqYbYsl9KXiHQvQDSyEZi7YPSRB1G9IdMw%2Fk5LbPNHkUK6T7smAgdK7IjgETjQvJgkqDlDCGgxKWXAXDOifUYcaeIp1n%2F4GU5qcWnXw0d8dn6Y5bY%3D"}],"group":"cf-nel","max_age":604800}
expires
Sun, 12 Jan 2025 21:12:03 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=32810&min_rtt=22057&rtt_var=5221&sent=52&recv=27&lost=0&retrans=0&sent_bytes=43718&recv_bytes=7922&delivery_rate=318519&cwnd=22800&unsent_bytes=0&cid=14e877625f54824f&ts=225&x=1", cfExtPri, cfHdrFlush;dur=9
date
Fri, 13 Dec 2024 21:47:56 GMT
content-type
application/javascript
last-modified
Fri, 21 Apr 2023 15:47:18 GMT
vary
Accept-Encoding
priority
u=3,i=?0
cache-control
public, max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f1927ce5ce7c360-EWR
server
cloudflare
game-min.js
www.haxball.com/30xIZB1N/__cache_static__/g/ Frame 4991 		168 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.haxball.com/30xIZB1N/__cache_static__/g/game-min.js
Requested by
Host: www.haxball.com
URL: https://www.haxball.com/30xIZB1N/__cache_static__/g/game.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.32.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82e0d185f8e994c0843d481c9a9830168e1a65630795504908f1450e83c39dc0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.haxball.com/30xIZB1N/__cache_static__/g/game.html

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"66e96095-2a177"
age
9237
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3aw05Ch1L8q9vfFN1js3atlViYcoE2QB51ZGM56657ZeIVKY7t1MdmKmyYlQVrI9xo3qOCCbODpXzZsgYECl957KGVilvqzakj9jvDmhuZtSJLD3uqfNKNzH9IiEYAsyO6M%3D"}],"group":"cf-nel","max_age":604800}
expires
Sun, 12 Jan 2025 19:13:59 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=29775&min_rtt=22057&rtt_var=6852&sent=31&recv=22&lost=0&retrans=0&sent_bytes=19718&recv_bytes=7707&delivery_rate=56216&cwnd=12000&unsent_bytes=0&cid=14e877625f54824f&ts=189&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 13 Dec 2024 21:47:56 GMT
content-type
application/javascript
last-modified
Tue, 17 Sep 2024 10:57:25 GMT
vary
Accept-Encoding
priority
u=3,i=?0
cache-control
public, max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f1927ce5ce8c360-EWR
server
cloudflare
view.aspx
server.cpmstar.com/ 		744 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://server.cpmstar.com/view.aspx?poolid=26640&script=1&rnd=405380
Requested by
Host: www.haxball.com
URL: https://www.haxball.com/play?c=KwAMdEfR6us
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.24.167.210 Ashburn, United States, ASN19437 (SS-ASH, US),
Reverse DNS
node155.mcprohosting.com
Software
Microsoft-IIS/10.0 /
Resource Hash
fac2311cb65f2a9ed84c0fdca5bf406b03bbbec5d8aa150be72f744cf7ba65d5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer
https://www.haxball.com/

Response headers

Transfer-Encoding
chunked
Cache-Control
private,no-store, no-cache, must-revalidate
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
Date
Fri, 13 Dec 2024 21:47:55 GMT
Content-Type
text/html; charset=utf-8
Server
Microsoft-IIS/10.0
bg.png
www.haxball.com/30xIZB1N/s/ 		617 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.haxball.com/30xIZB1N/s/bg.png
Requested by
Host: www.haxball.com
URL: https://www.haxball.com/30xIZB1N/s/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.32.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
140f1f0884823d2e627c9ab6e3587327f3c6e729cf1aba5a8da1ea6b5883b368

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.haxball.com/30xIZB1N/s/style.css

Response headers

cf-cache-status
HIT
etag
"59ebbbea-269"
age
1498720
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=whc7P%2Bvm5MsPYzjHD4M6Pzna3YnMw2ud0Tn%2BvwfAqizzCGt%2BUAWvRarbKiCYWZh1RyC1Mv%2FiAUW6XoYRNFhGcjYnO%2FmaVhQypfc7SMe%2BJ%2BzBUs84YlOtpEvMpgo%2FtonAxg8%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 26 Dec 2024 13:29:16 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=26539&min_rtt=22057&rtt_var=4507&sent=88&recv=37&lost=0&retrans=0&sent_bytes=81658&recv_bytes=8672&delivery_rate=627401&cwnd=38400&unsent_bytes=0&cid=14e877625f54824f&ts=242&x=1", cfExtPri, cfHdrFlush;dur=11
date
Fri, 13 Dec 2024 21:47:56 GMT
content-type
image/png
last-modified
Sat, 21 Oct 2017 21:28:10 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=2592000, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f1927cead40c360-EWR
accept-ranges
bytes
content-length
617
server
cloudflare
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.haxball.com
Referer
https://fonts.googleapis.com/

Response headers

age
31579
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 13 Dec 2025 13:01:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 13 Dec 2024 13:01:37 GMT
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48236
x-xss-protection
0
server
sffe
bg.png
www.haxball.com/30xIZB1N/__cache_static__/g/images/ Frame 4991 		617 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.haxball.com/30xIZB1N/__cache_static__/g/images/bg.png
Requested by
Host: www.haxball.com
URL: https://www.haxball.com/30xIZB1N/__cache_static__/g/game.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.32.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
140f1f0884823d2e627c9ab6e3587327f3c6e729cf1aba5a8da1ea6b5883b368

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.haxball.com/30xIZB1N/__cache_static__/g/game.css

Response headers

cf-cache-status
HIT
etag
"6442b006-269"
age
3570
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DJz8Qo597rBNhZ3YTaR63iBv0qdK4%2BhqVB0dWbqUGIPUeyMdcVmY8fRiOZrSFEXW9A%2BBToByOtK6C0bIEAGalYJILMO4ek6HemMRfDoiVCevZiOyGDYjw1nn80AWCBkKrQo%3D"}],"group":"cf-nel","max_age":604800}
expires
Sun, 12 Jan 2025 20:48:26 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=27730&min_rtt=21627&rtt_var=2424&sent=129&recv=57&lost=0&retrans=0&sent_bytes=124724&recv_bytes=9896&delivery_rate=1580876&cwnd=63600&unsent_bytes=0&cid=14e877625f54824f&ts=280&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 13 Dec 2024 21:47:56 GMT
content-type
image/png
last-modified
Fri, 21 Apr 2023 15:47:18 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f1927ceed70c360-EWR
accept-ranges
bytes
content-length
617
server
cloudflare
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ Frame 4991 		47 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.haxball.com
Referer
https://fonts.googleapis.com/

Response headers

age
31579
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 13 Dec 2025 13:01:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 13 Dec 2024 13:01:37 GMT
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48236
x-xss-protection
0
server
sffe
geo
www.haxball.com/rs/api/ Frame 4991 		52 B
724 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.haxball.com/rs/api/geo
Requested by
Host: www.haxball.com
URL: https://www.haxball.com/30xIZB1N/__cache_static__/g/game-min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.32.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93699fc2643957c593352e8cac19e9ce95c7829b977519235fa3063b32f9de52
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.haxball.com/30xIZB1N/__cache_static__/g/game.html

Response headers

cache-control
no-cache
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rggpibxNSbq0FwhhrpwFlklxKBwQXe6yKYaZbjHYU35P%2FQgxieOwuC%2BNsxpKJHlMSUa50MeeWmMyF4qSbQ0pp4G%2BEPKtXZMIRgnp2qq0SVCy0b6fQAsDJKNd%2BebK7fVh%2BNI%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f1927cf1daac360-EWR
expires
Fri, 13 Dec 2024 21:47:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=27266&min_rtt=21627&rtt_var=1496&sent=185&recv=71&lost=0&retrans=0&sent_bytes=189724&recv_bytes=11088&delivery_rate=1256844&cwnd=63600&unsent_bytes=0&cid=14e877625f54824f&ts=318&x=1", cfExtPri, cfHdrFlush;dur=27
date
Fri, 13 Dec 2024 21:47:56 GMT
content-type
application/json
server
cloudflare
priority
u=1,i
x-frame-options
SAMEORIGIN
res.dat
www.haxball.com/30xIZB1N/__cache_static__/g/ Frame 4991 		182 KB
183 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.haxball.com/30xIZB1N/__cache_static__/g/res.dat
Requested by
Host: www.haxball.com
URL: https://www.haxball.com/30xIZB1N/__cache_static__/g/game-min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.32.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
080e94d92a34365d9f523cf53762fb88bb72befd57096c82edf07b93d39ff5cf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.haxball.com/30xIZB1N/__cache_static__/g/game.html

Response headers

cf-cache-status
HIT
etag
"65d805af-2d91f"
age
9237
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XSe29mRfxVr0TwCYIAnk4lEwHMKZn3r9GpkMjP04Tsxh%2BsVm91Exb1b%2BMb130NF0SMyWQGU%2BqEfV4xv0jOXw40JVZh78uc4oHPxkLDZxqnU6TwxAiT%2FX7DxwPESWgnANKl4%3D"}],"group":"cf-nel","max_age":604800}
expires
Sun, 12 Jan 2025 19:13:59 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=27266&min_rtt=21627&rtt_var=1496&sent=132&recv=71&lost=0&retrans=0&sent_bytes=126124&recv_bytes=11088&delivery_rate=1256844&cwnd=63600&unsent_bytes=0&cid=14e877625f54824f&ts=316&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 13 Dec 2024 21:47:56 GMT
content-type
application/octet-stream
last-modified
Fri, 23 Feb 2024 02:40:47 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
public, max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f1927cf1dacc360-EWR
accept-ranges
bytes
content-length
186655
server
cloudflare
lib.js
server.cpmstar.com/cached/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://server.cpmstar.com/cached/js/lib.js
Requested by
Host: server.cpmstar.com
URL: https://server.cpmstar.com/view.aspx?poolid=26640&script=1&rnd=405380
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.24.167.210 Ashburn, United States, ASN19437 (SS-ASH, US),
Reverse DNS
node155.mcprohosting.com
Software
Microsoft-IIS/10.0 /
Resource Hash
35f808834cfb012b89e04de8be8e367b48678a3d2eaf22fec539b7f0152fbc72

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.haxball.com/

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Content-Encoding
gzip
Pragma
no-cache
ETag
"804a87aedf7dd71:0"
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
Content-Length
2069
Date
Fri, 13 Dec 2024 21:47:55 GMT
Content-Type
application/javascript
Last-Modified
Wed, 21 Jul 2021 03:22:49 GMT
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
51702520-b10a-4117-aa23-740b93350bfe
https://www.haxball.com/ Frame 4991 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
blob:https://www.haxball.com/51702520-b10a-4117-aa23-740b93350bfe
Requested by
Host: www.haxball.com
URL: https://www.haxball.com/play?c=KwAMdEfR6us
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
59f9c01587a9ba2b036c7f87c0fe9152f128b61a7093c448a21b4bbade571c85

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
Content-Length
5250
62161bc2-f153-4582-9434-9676c527847e
https://www.haxball.com/ Frame 4991 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
blob:https://www.haxball.com/62161bc2-f153-4582-9434-9676c527847e
Requested by
Host: www.haxball.com
URL: https://www.haxball.com/play?c=KwAMdEfR6us
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e4ab7602bb71cbdf59c61a907aae983b57f173603f1c2bbb9894f3ae53a2f4a8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
Content-Length
1630
0f27c10b-db03-438e-8384-90c1246756cd
https://www.haxball.com/ Frame 4991 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
blob:https://www.haxball.com/0f27c10b-db03-438e-8384-90c1246756cd
Requested by
Host: www.haxball.com
URL: https://www.haxball.com/play?c=KwAMdEfR6us
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
10dab25945cda55bb4eee68f5ec1a4134c7c3a96a7f1b9a30a2156cdcd75b803

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
Content-Length
1413
84c476fc-5457-48e2-9ef7-8c43c47faa44
https://www.haxball.com/ Frame 4991 		154 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
blob:https://www.haxball.com/84c476fc-5457-48e2-9ef7-8c43c47faa44
Requested by
Host: www.haxball.com
URL: https://www.haxball.com/play?c=KwAMdEfR6us
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1297e2d3b1f11bc48ea21b62d4ae0616489d8d000ec731a9f382b155f7e1d528

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
Content-Length
154
449_12959_banners.js
server.cpmstar.com/cached/zonefiles/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://server.cpmstar.com/cached/zonefiles/449_12959_banners.js?v=728404
Requested by
Host: server.cpmstar.com
URL: https://server.cpmstar.com/cached/js/lib.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.24.167.210 Ashburn, United States, ASN19437 (SS-ASH, US),
Reverse DNS
node155.mcprohosting.com
Software
Microsoft-IIS/10.0 /
Resource Hash
b0c43b1baa2979dec6efa05ff75b2d08f7cca33c71c73d5e9638a088a9ea247b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.haxball.com/

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Content-Encoding
gzip
Pragma
no-cache
ETag
"808f6960ce80da1:0"
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
Content-Length
2160
Date
Fri, 13 Dec 2024 21:47:55 GMT
Content-Type
application/javascript
Last-Modified
Thu, 28 Mar 2024 05:11:23 GMT
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
haxball.png
www.haxball.com/30xIZB1N/__cache_static__/g/images/ Frame 4991 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.haxball.com/30xIZB1N/__cache_static__/g/images/haxball.png
Requested by
Host: www.haxball.com
URL: https://www.haxball.com/play?c=KwAMdEfR6us
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.32.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c2480a0c3773f0711bfca8282814e21d3ee61cbc16308f6ef94aebcd5c91d5d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.haxball.com/30xIZB1N/__cache_static__/g/game.html

Response headers

cf-cache-status
HIT
etag
"6442b006-3a69"
age
2153
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E%2BS39PNN%2B0vP631mBvX9MDWzY4um6BSeLGXPNUWph%2BtcAZS1kdwU81cirEsW3RE1DQyNZw5oev%2FKjZfSHrBXJsxWPfJ4hU7hh9ZFhC9XxVyZfYSq2XfNuvqa8z3TQk0oUfg%3D"}],"group":"cf-nel","max_age":604800}
expires
Sun, 12 Jan 2025 21:12:03 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=26156&min_rtt=21627&rtt_var=3464&sent=296&recv=90&lost=0&retrans=0&sent_bytes=318506&recv_bytes=12284&delivery_rate=3879507&cwnd=135600&unsent_bytes=0&cid=14e877625f54824f&ts=482&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 13 Dec 2024 21:47:56 GMT
content-type
image/png
last-modified
Fri, 21 Apr 2023 15:47:18 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f1927d01edcc360-EWR
accept-ranges
bytes
content-length
14953
server
cloudflare
mobilemodules.js
ssl.cdne.cpmstar.com/cached/zonemasters/ 		248 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.cdne.cpmstar.com/cached/zonemasters/mobilemodules.js?ver=1291
Requested by
Host: server.cpmstar.com
URL: https://server.cpmstar.com/cached/zonefiles/449_12959_banners.js?v=728404
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.24.162 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyd/D121) /
Resource Hash
11325db60e71bf0f15d39b0f0bc935379975de5ee5c8a9ea66c568b0addc2ef4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.haxball.com/

Response headers

cache-control
max-age=259200
content-encoding
gzip
etag
"323d7dc82745db1:0+gzip"
age
196123
access-control-allow-origin
*
x-cache
HIT
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
content-length
69471
date
Fri, 13 Dec 2024 21:47:56 GMT
content-type
application/javascript
last-modified
Tue, 03 Dec 2024 02:05:10 GMT
server
ECAcc (nyd/D121)
vary
Accept-Encoding
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		155 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: ssl.cdne.cpmstar.com
URL: https://ssl.cdne.cpmstar.com/cached/zonemasters/mobilemodules.js?ver=1291
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58a425061a3f2d1a10b8c8e65efab017a132cbc3aa0f271a3b468e52be44c869
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.haxball.com/

Response headers

content-encoding
br
etag
14198292907221711754
x-content-type-options
nosniff
expires
Fri, 13 Dec 2024 21:47:57 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 13 Dec 2024 21:47:57 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53236
x-xss-protection
0
server
cafe
country.aspx
server.cpmstar.com/ 		168 B
550 B 		Script
General
Check archive.org
Download Go to
Full URL
https://server.cpmstar.com/country.aspx?cache=true&referer=www.haxball.com&callback=o1eca4v
Requested by
Host: ssl.cdne.cpmstar.com
URL: https://ssl.cdne.cpmstar.com/cached/zonemasters/mobilemodules.js?ver=1291
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.24.167.210 Ashburn, United States, ASN19437 (SS-ASH, US),
Reverse DNS
node155.mcprohosting.com
Software
Microsoft-IIS/10.0 /
Resource Hash
66f3b5e1ba8d56ec379ce8b88e4f53dad34e9a480459ad862d419a731fb3a623

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.haxball.com/

Response headers

Cache-Control
no-cache,no-store, no-cache, must-revalidate
Pragma
no-cache,no-cache
Expires
-1,Thu, 01 Jan 1970 00:00:00 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
Content-Length
168
Date
Fri, 13 Dec 2024 21:47:56 GMT
Content-Type
application/javascript; charset=utf-8
Server
Microsoft-IIS/10.0
d-intel.json
ssl.cdne.cpmstar.com/cached/zonemasters/marks/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ssl.cdne.cpmstar.com/cached/zonemasters/marks/d-intel.json
Requested by
Host: ssl.cdne.cpmstar.com
URL: https://ssl.cdne.cpmstar.com/cached/zonemasters/mobilemodules.js?ver=1291
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.24.162 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyd/D156) /
Resource Hash
b2a466a2428d6edabd3ff287746d4568111c344b016364ce1e56214985f94f9e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.haxball.com/

Response headers

cache-control
max-age=259200
content-encoding
gzip
etag
"155e2d3ce80da1:0+gzip"
age
220431
access-control-allow-origin
*
x-cache
HIT
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
content-length
2709
date
Fri, 13 Dec 2024 21:47:57 GMT
content-type
application/json
last-modified
Thu, 28 Mar 2024 05:14:36 GMT
server
ECAcc (nyd/D156)
vary
Accept-Encoding
lib.js
ssl.cdne.cpmstar.com/cached/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.cdne.cpmstar.com/cached/js/lib.js
Requested by
Host: ssl.cdne.cpmstar.com
URL: https://ssl.cdne.cpmstar.com/cached/zonemasters/mobilemodules.js?ver=1291
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.24.162 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyd/D14A) /
Resource Hash
35f808834cfb012b89e04de8be8e367b48678a3d2eaf22fec539b7f0152fbc72

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.haxball.com/

Response headers

cache-control
max-age=14400
content-encoding
gzip
etag
"80f2376a92a5d91:0"
age
4742
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
content-length
2069
date
Fri, 13 Dec 2024 21:47:57 GMT
content-type
application/javascript
last-modified
Fri, 23 Jun 2023 05:20:25 GMT
server
ECAcc (nyd/D14A)
vary
Accept-Encoding
starprebid.js
ssl.cdne.cpmstar.com/cached/zonemasters/lib/prebid/ 		457 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.cdne.cpmstar.com/cached/zonemasters/lib/prebid/starprebid.js?ver=1291
Requested by
Host: ssl.cdne.cpmstar.com
URL: https://ssl.cdne.cpmstar.com/cached/zonemasters/mobilemodules.js?ver=1291
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.24.162 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyd/D131) /
Resource Hash
368e4e80ab2f7c14edc9eee4fcd8740d902eb0a4425ecd2317f667499a547dba

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.haxball.com/

Response headers

cache-control
max-age=259200
content-encoding
gzip
etag
"77863c2e391da1:0+gzip"
age
191321
access-control-allow-origin
*
x-cache
HIT
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
content-length
148080
date
Fri, 13 Dec 2024 21:47:57 GMT
content-type
application/javascript
last-modified
Wed, 17 Apr 2024 20:09:40 GMT
server
ECAcc (nyd/D131)
vary
Accept-Encoding
exchange
saproxy.cpmstar.com/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://saproxy.cpmstar.com/v2/exchange
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.24.170.27 Ashburn, United States, ASN19437 (SS-ASH, US),
Reverse DNS
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.haxball.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://www.haxball.com
Allow
POST
Cache-Control
private, no-cache, no-store, must-revalidate
Content-Length
4
Content-Type
text/html; charset=utf-8
Date
Fri, 13 Dec 2024 21:47:57 GMT
ETag
W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
Expires
-1
Pragma
no-cache
Vary
Accept-Encoding
X-Powered-By
Express
x-request-id
26cf9e3d-f7a9-441c-b6a7-4ec4ac4d4775
/
shb.richaudience.com/hb/ 		13 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: ssl.cdne.cpmstar.com
URL: https://ssl.cdne.cpmstar.com/cached/zonemasters/lib/prebid/starprebid.js?ver=1291
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.31.34.110 Los Angeles, United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS
110-34-31-64.static.reverse.lstn.net
Software
nginx/1.14.1 /
Resource Hash
1288671ddf912be12afafb29082a3634a208799f923f828311b17d0d7c38e335

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.haxball.com/

Response headers

access-control-max-age
86400
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-origin
https://www.haxball.com
date
Fri, 13 Dec 2024 21:47:57 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding, Origin
server
nginx/1.14.1
exchange
saproxy.cpmstar.com/v2/ 		0
536 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://saproxy.cpmstar.com/v2/exchange
Requested by
Host: ssl.cdne.cpmstar.com
URL: https://ssl.cdne.cpmstar.com/cached/zonemasters/lib/prebid/starprebid.js?ver=1291
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.24.170.27 Ashburn, United States, ASN19437 (SS-ASH, US),
Reverse DNS
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.haxball.com/

Response headers

x-request-id
cd28af8d-a7e7-494a-8183-faebab699c77
Cache-Control
private, no-cache, no-store, must-revalidate
Pragma
no-cache
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
Expires
-1
Access-Control-Allow-Origin
https://www.haxball.com
Date
Fri, 13 Dec 2024 21:47:57 GMT
X-Powered-By
Express
Access-Control-Allow-Headers
Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
prebid
ib.adnxs.com/ut/v3/ 		138 B
828 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ssl.cdne.cpmstar.com
URL: https://ssl.cdne.cpmstar.com/cached/zonemasters/lib/prebid/starprebid.js?ver=1291
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.181.231 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1044.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
302f49d9857fb89701fc88dd94de0975bc9e84add732727bdff3963ace502cf0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.haxball.com/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
208.252.80.29; 208.252.80.29; 1044.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
https://www.haxball.com
an-x-request-uuid
60549d8a-cfc1-4f71-a039-2366cd9acb73
content-length
138
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Fri, 13 Dec 2024 21:47:57 GMT
x-xss-protection
0
content-type
application/json; charset=utf-8
server
nginx/1.23.4
view.aspx
server.cpmstar.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://server.cpmstar.com/view.aspx?poolid=26640&json=c_mp&mv=1&gampb=1&callback=ohty44&referer=https%3A%2F%2Fwww.haxball.com%2Fplay
Requested by
Host: ssl.cdne.cpmstar.com
URL: https://ssl.cdne.cpmstar.com/cached/zonemasters/mobilemodules.js?ver=1291
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.24.167.210 Ashburn, United States, ASN19437 (SS-ASH, US),
Reverse DNS
node155.mcprohosting.com
Software
Microsoft-IIS/10.0 /
Resource Hash
8dc33ff11fd500594d4c965836856f5ba8bc8dfcde523508f33f60d91f8d64a6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.haxball.com/

Response headers

Transfer-Encoding
chunked
Cache-Control
private,no-store, no-cache, must-revalidate
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
Date
Fri, 13 Dec 2024 21:47:57 GMT
Content-Type
application/javascript; charset=utf-8
Server
Microsoft-IIS/10.0
tag.aspx
server.cpmstar.com/ 		0
339 B 		Script
General
Check archive.org
Download Go to
Full URL
https://server.cpmstar.com/tag.aspx?a=0_0176D4A8&group=58
Requested by
Host: ssl.cdne.cpmstar.com
URL: https://ssl.cdne.cpmstar.com/cached/zonemasters/mobilemodules.js?ver=1291
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.24.167.210 Ashburn, United States, ASN19437 (SS-ASH, US),
Reverse DNS
node155.mcprohosting.com
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.haxball.com/

Response headers

Cache-Control
private,no-store, no-cache, must-revalidate
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
Content-Length
0
Date
Fri, 13 Dec 2024 21:47:57 GMT
Content-Type
text/html
Server
Microsoft-IIS/10.0
favicon.ico
www.haxball.com/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.haxball.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.32.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a995e924da4bd74eef6414c391d2e8f4b98e2f845a6b2e7f6350a8a4011e0236

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.haxball.com/play?c=KwAMdEfR6us

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"59ea4724-57e"
age
635512
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SckPCniz3RR6ZgEHqIGCK6iS3xmGPcMI3ySc9Mu%2Ba%2BkO0DJwZqCOwSkOGM87y5%2BoR0RFJLtBZY9m64oGUNP%2BPN1iI15TgpChX2IG5i%2BnWlDHZbtVVYgrtVLIznfmZvmLLEM%3D"}],"group":"cf-nel","max_age":604800}
expires
Sun, 05 Jan 2025 13:16:05 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=25498&min_rtt=21627&rtt_var=3068&sent=311&recv=93&lost=0&retrans=0&sent_bytes=334537&recv_bytes=12734&delivery_rate=359924&cwnd=135600&unsent_bytes=0&cid=14e877625f54824f&ts=893&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 13 Dec 2024 21:47:57 GMT
content-type
image/x-icon
last-modified
Fri, 20 Oct 2017 18:57:40 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
max-age=2592000, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f1927d2b948c360-EWR
server
cloudflare
view.aspx
server.cpmstar.com/ 		0
339 B 		Script
General
Check archive.org
Download Go to
Full URL
https://server.cpmstar.com/view.aspx?poolid=0&script=1&json=nc&callback=qwhl3q&rnd=412126&tfcd=0&
Requested by
Host: ssl.cdne.cpmstar.com
URL: https://ssl.cdne.cpmstar.com/cached/zonemasters/mobilemodules.js?ver=1291
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.24.167.210 Ashburn, United States, ASN19437 (SS-ASH, US),
Reverse DNS
node155.mcprohosting.com
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.haxball.com/

Response headers

Cache-Control
private,no-store, no-cache, must-revalidate
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
Content-Length
0
Date
Fri, 13 Dec 2024 21:47:57 GMT
Content-Type
text/html
Server
Microsoft-IIS/10.0
ssp-display.js
static.sunmedia.tv/sdks/ssp-display/0.1.0/ Frame 957C 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.sunmedia.tv/sdks/ssp-display/0.1.0/ssp-display.js
Requested by
Host: www.haxball.com
URL: https://www.haxball.com/play?c=KwAMdEfR6us
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.102.45.225 Denver, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
unn-212-102-45-225.cdn77.com
Software
nginx /
Resource Hash
79ab73ad39e96c766099ab44348c51c6888d8e36c8799ff880976fea3c6923b2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.haxball.com/

Response headers

Cache-control
max-age=31536000
TP-Cache
HIT
Content-Encoding
gzip
Age
135126
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3019
X-Device
desktop
Date
Fri, 13 Dec 2024 21:47:58 GMT
Content-Type
application/javascript
Last-Modified
Tue, 29 Oct 2024 10:31:04 GMT
Server
nginx
Vary
Accept-Encoding
ra-viewability.js
static.sunmedia.tv/vision/ra-viewability/0.1.18/ Frame 957C 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.sunmedia.tv/vision/ra-viewability/0.1.18/ra-viewability.js
Requested by
Host: www.haxball.com
URL: https://www.haxball.com/play?c=KwAMdEfR6us
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.102.45.225 Denver, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
unn-212-102-45-225.cdn77.com
Software
nginx /
Resource Hash
19d0865dd50125d5ffbdf8a23b466b75dd1b642a1b1cdf0a49c08fcd96094964

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.haxball.com/

Response headers

Cache-Control
max-age=2592000
TP-Cache
HIT
X-Backend
one02
Content-Encoding
gzip
ETag
"67446079-2944"
Age
135126
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3732
X-Device
desktop
Date
Fri, 13 Dec 2024 21:47:58 GMT
Content-Type
application/javascript
Last-Modified
Mon, 25 Nov 2024 11:33:13 GMT
Server
nginx
Vary
Accept-Encoding
nc.aspx
server.cpmstar.com/ 		0
339 B 		Script
General
Check archive.org
Download Go to
Full URL
https://server.cpmstar.com/nc.aspx?poolid=26640&campaignid=459435&sp=110.75597971710701
Requested by
Host: ssl.cdne.cpmstar.com
URL: https://ssl.cdne.cpmstar.com/cached/zonemasters/mobilemodules.js?ver=1291
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.24.167.210 Ashburn, United States, ASN19437 (SS-ASH, US),
Reverse DNS
node155.mcprohosting.com
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.haxball.com/

Response headers

Cache-Control
private,no-store, no-cache, must-revalidate
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
Content-Length
0
Date
Fri, 13 Dec 2024 21:47:56 GMT
Content-Type
text/html
Server
Microsoft-IIS/10.0
p2
sb.scorecardresearch.com/ Frame 957C
Redirect Chain
  • https://sb.scorecardresearch.com/p?c1=8&c2=21892462&c3=1001000630&c15=&cv=3.6.0&cj=1
  • https://sb.scorecardresearch.com/p2?c1=8&c2=21892462&c3=1001000630&c15=&cv=3.6.0&cj=1
43 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p2?c1=8&c2=21892462&c3=1001000630&c15=&cv=3.6.0&cj=1
Requested by
Host: www.haxball.com
URL: https://www.haxball.com/play?c=KwAMdEfR6us
Protocol
H2
Server
18.238.49.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-74.jfk52.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.haxball.com/

Response headers

accept-ch
UA, Platform, Arch, Model, Mobile
via
1.1 6ca3dc9afd6f12cee41f6246e0c4aa8e.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
content-length
43
x-amz-cf-id
hf8Ll-PQmUCaYv2Y3O6wF55tXxeSKtMbX8K-uWXlpjAqbssBwhY87A==
date
Fri, 13 Dec 2024 21:47:58 GMT
content-type
image/gif
x-amz-cf-pop
JFK52-P3

Redirect headers

location
/p2?c1=8&c2=21892462&c3=1001000630&c15=&cv=3.6.0&cj=1
accept-ch
UA, Platform, Arch, Model, Mobile
via
1.1 6ca3dc9afd6f12cee41f6246e0c4aa8e.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
-sbKsLvi_3mCHUWxkByBrWbLDgDodHTqLVcUFL7tX75jJOXNwx3xqg==
date
Fri, 13 Dec 2024 21:47:58 GMT
x-amz-cf-pop
JFK52-P3
/
t.richaudience.com/ Frame 957C 		43 B
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.richaudience.com/?advd=epclusa.com&pe=SEx6Ui95UHlyaktmcjlBTUhtaExGYVhLaFh0Um1RRm9PeEw3VlBPeTRRMHZPY0ZIekw2QXEvL3p4SytZNnRHOVI2YisrcHlxOU9iY1U2UTRLcGhGUnVMa1Z1UmwrZnp0dlBjYitEdEpSZXRFcVVzc3pCMFQvR1Bzc09FblNkZlVQVzFCRklwejhCT0ZmUU5WMjhrNVRpYWkzbUVYMkNIVjJrb2c4Rzkvb2J3K0J6dUYzQUhIam1lZTlJQUlOMVduL0dmMzNTYjJmVE9VZU5IVzVDZ3gvMFBaTWI4RUxkaDRUVmNDOHhodkVUK0lvUEtMdUs3UkJsblRMZllKNDBUczhlR2x5VDFlRnU2RlltN2M1NkRwcWNNUXZ6OWVVdWhTZG9zN1JhQjJWMk44QWl5WWpaVzAxR3VEYnJXU1dGWTI2cnMxcER3Q0lKaDZFNVNEVktIdi9yVHcra3M4S2xMR09RRnl1QVlKWmVXVGtXQ0pmZzhDRFNXcllwUGNmK091Umo5OWNXZzA2QjNqNHFIanZpTmpCeldxeU90WllGSVRGVFY5TDhzZGEzR2lFeEt0Y3l3ZkVsT2prNDZHZVl5bHJmTkRJUFVieGlsK283SWI2QUhyS0VQM2p1eXJsQm9wMmZlbVhtWXhRRk92dmttUGF5SWpzSHZMS0Z5cjVhNWdmc0ExSFp0dTkzRml4NnRQMHY2bVdCdW5qQlFtbXRWcEJpTkdqUURUcW5DbXlxUExNb0c4eUkyY1ZUbFVkMXI0OUlQTHlYSGxEN0Z1c1BIUTdzRWxvRWJhWmlEc3A5OWVZeUVETVJQWkZaQ1VheUp2TkVpazUzUjJWZU5nWFdRZWY1bURyNkR5blRVd3NWeWdPbjh3ZUdITnByNDR6b3RDMnlYM1p1bHhJbE1Fd1U0TGZrNFZMRG5zdUZPVEpZVG0zUWp2TkwvYzNhODRZRERzYklYT0tUZFVnM3ZKSkI2TlpRVkM1RSsvdDJYdUt6aUlqSkZCSUJUYXBDMngzVk9WTXBQWTY4bjdGVFExVFdBc09ZeVBtTnZyNUg5NDdKU0NxSEc0MjVCWk9hd1djeHRSR0JHZzhXSXphL2tHajdNamhXeWRmcndsMDRqUWNwdWo0ZndEYUZaazMzbWp3OW9NeStkMll6OE9oWE1ocE9oMWZ3SDROYlpRZnZXcGFMVEhSclhVV0V2QVZRdmo5UXVIeUF2OU9OdkRMMHNYSHlqSE5ockh0dklOWTNTbGVMRm5RZUNudXJ6NzZCNHY5THlVL1c0V2w1bUJSdE1mZHBFdkNtVENUb0h2WHM4UXdhc3ovNERkdkJwSXJqUkJwVE14VTBXdjZFWE8wRklIVEdaU2UwRm5iNk9oZXdOVFNrT1BTNjdXRjlVb3drbi8rMUNsODJBeFBNN2JqWS9CdE5VZTRkcmU5bUZoV3hoQmxIaElNTCtQTnV4Q2g0NjBPMno0dVZuTHVLSG5UWllGUVp2dm9URjJHYVl4QkNWeFM5cHY0blZ2ZmNXUGJucTJxMzVON3hlSDlqSEpyN2QzWHNMLytwYm9VWW9hSkJZTVROMFdCNGhCaHNXWkVXaTdIMVhHZ3BDaFRWcThGODhBZHdNaEVud090bHJ0WHA3WExxSk5JNnUzVFN2RXo1dG5zaWxCN0pIc3V5OW1JQmRmUEt4Q0szTTdMYUl1MG9KcXhKdFBhQjdCVFYvbFhGdnRqY3duWVNDZFhHd04wOENaZGlQQXI1ZEFlSXVZL2w0bjA0dDNQNVFyUldGSFRGSHJ0NGhuK1FTQ09wSk91ZUlqM2lKcTY2T1pLdXQ5T1lUTGJJVk1qK3J5UlF0OGkwbVRtUDMxQlZLT0VWYVBzS2xaWUdrYnYzQ2FNWFVVS1ZtRGtHeUVZL2V3cC8xOWFxQythbjZkeWg0cGlRbWM3OWIrMzNwRUVrMXBlNHBISHJxNGtiMlRiejcxS3FSYlc1NVVabmEvbkhIa2NEMmV1MGR2R3BBL2xJTlVqcUFCSERmUzBCNTUxUCtReXZ6Qjg1VFdZV3FWRUJLOTJLY0tYQTFZYXhpQkl4Q0N5Wkw4bUhxWXpic29Gb3lDMXNqNm9WY25oZUxNd3paRWtOVWNQZ0RIRTVSTldtUXFlR2pGOVZXSUM5akZsUkpja0E9PSMjDFmZH4bDFgDOc2DIGWGq1A%3D%3D
Requested by
Host: www.haxball.com
URL: https://www.haxball.com/play?c=KwAMdEfR6us
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.202.160.46 Nuremberg, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.46.160.202.116.clients.your-server.de
Software
nginx/1.14.1 /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.haxball.com/

Response headers

access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
date
Fri, 13 Dec 2024 21:47:58 GMT
content-type
image/gif
last-modified
Friday, 13-Dec-2024 21:47:58 GMT
server
nginx/1.14.1
js
mpd.mxptint.net/1/S1/G1/T4806/ Frame F430 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mpd.mxptint.net/1/S1/G1/T4806/js?siz=160x600&cpd=315623&ssl=1&mid=B4E6EC_1207EF8E0_4825239&bp=0.596913&dm=CE16F919505D2D5CCEF73833754385B5&ri=0&adid=1&uuid=BC0H_98U5wnEZomve49cv-8&gve=B2D1E0914D684F09EB68F9C6E145DD81&ghc=65CB7D1A0023&pub=539625136&dt=2&spox=AAABk8H-IR5109n4ouICU29EuT1iAqXXQh3J5g
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/sdks/ssp-display/0.1.0/ssp-display.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
38.99.107.11 Santa Clara, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
79cedfdd4ca7463728eff7f43bd3265ed9f865843cd3ce3cfe2599a95ff0b558
Security Headers
Name Value
Strict-Transport-Security max-age=-417131278; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.haxball.com/

Response headers

Strict-Transport-Security
max-age=-417131278; includeSubDomains
Cache-Control
no-cache
Pragma
no-cache
Expires
-1
P3P
CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length
1974
Date
Fri, 13 Dec 2024 21:47:57 GMT
Content-Type
text/javascript; charset=utf-8
Vary
Origin
prebid
ox-rtb-us-west1.openx.net/win/ Frame F430 		43 B
290 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ox-rtb-us-west1.openx.net/win/prebid?p=FIRST&t=2DAABBgABAAECAAIBAAsAAgAAAvgcGApTRWNoQzVEUW9uHBaV0o24kbGQmY8BFsmZiM-W2qfWqgEAHBbN1IXo8qHV66kBFuXszZjF_u6QrAEAFpqu5fUMFQZMFQQYFERJU0FCTEVfU0VMRl9DT01QRVRFGAdjb250cm9sADkMACwcFQIAHBUCABwVAgAcFQIAABwm5oj0ggQVBDbkiPSCBBbgmtCCBCUCFQKmnAMWnAMWnAMWSBZIFkgWSBaoCRacAxacAwAcHCwWgLGKpLvsg60qFuuytdnn4oDnpQEAABam-p2ABBaopLKABBb-g7mXBBaC1NKABBUYHBSwCRTAAgAVBCaoCRaoCRa4BhE1Dia4BjQCACwsFs_6tYXZ7YzLbRbjqNTnus_81tMBABaaruX1DAYopvqdgAQWqKSygAQWgtTSgAQW_oO5lwQYDjMxNTYyM18xNjB4NjAwFqjNAha4BiUEFpgDJQKhKAJPWAx6FAEUAQAoA3J0YgAcNQYYDU9YLWJlZi00WXgycnEWFFwsFoCxiqS77IOtKhbrsrXZ5-KA56UBAAAW9oH0hgQW9IH0hgQAzBsBiB5NTF9GRUVfT1BUSU1JWkVSX0lOU1RBTkNFX1RZUEUFb3RoZXIArBiZAmh0dHBzOi8vbXBkLm14cHRpbnQubmV0LzEvUzEvRzEvVDQ4MDYvd2Q_c2l6PTE2MHg2MDAmY3BkPTMxNTYyMyZzc2w9MSZtaWQ9QjRFNkVDXzEyMDdFRjhFMF80ODI1MjM5JmJwPTAuNTk2OTEzJmRtPUNFMTZGOTE5NTA1RDJENUNDRUY3MzgzMzc1NDM4NUI1JnJpPTAmYWRpZD0xJnV1aWQ9QkMwSF85OFU1d25FWm9tdmU0OWN2LTgmZ3ZlPUIyRDFFMDkxNEQ2ODRGMDlFQjY4RjlDNkUxNDVERDgxJmdoYz02NUNCN0QxQTAwMjMmcHViPTUzOTYyNTEzNiZkdD0yJm9wcj0ke0FVQ1RJT05fUFJJQ0V9KAtlcGNsdXNhLmNvbQAAAA&ph=2eba3060-f578-4886-93a0-d9a2346966ea
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/sdks/ssp-display/0.1.0/ssp-display.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.202 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
202.70.96.34.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.haxball.com/

Response headers

cache-control
private, max-age=0, no-cache, must-revalidate
pragma
no-cache
x-forwarded-for
208.252.80.29
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 13 Dec 2024 21:47:58 GMT
content-type
image/gif
vary
Origin
/
t2.richaudience.com/ Frame 957C 		43 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.richaudience.com/?e=1&p=pj4NaUtjYE&s=15464&type=3&subtype=6&wscs=1600&hscs=1200&ua=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F131.0.0.0+Safari%2F537.36&tscs=&inw=&inh=&wou=&hou=&sgn=f5Ls3jqijeL7gihFGr6K2mTs8D2i%2Fzpt2RNw91pdS5MHyUdvSXwqv5odN76faTPmcaouSYHBV2pHz%2BnYvtoBwsH23Z5n6iEHcqVC2dAAG671LHuUDs9oHm%2BtnO5xyVfH0SLfnPX7FUnL15FbOG6FD23CJGPVTxlseU2k%2B8EsT3eV5wPlkvYkey%2BVpwNAa%2B62OsYktIde%2BMvMPmqzsnVkLhk5RVtM1meF63tWRGFsDpWoFVS05R2WPw0Jzg%3D%3D&v=9388db3c-1caa-4648-9758-6664225cb12e&dt=3&did=OX-bef-4Yx2rq&intgr=1
Requested by
Host: www.haxball.com
URL: https://www.haxball.com/play?c=KwAMdEfR6us
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
65.108.231.149 Helsinki, Finland, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.149.231.108.65.clients.your-server.de
Software
nginx/1.14.1 /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.haxball.com/

Response headers

access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
date
Fri, 13 Dec 2024 21:47:58 GMT
content-type
image/gif
last-modified
Friday, 13-Dec-2024 21:47:58 GMT
server
nginx/1.14.1
/
t.richaudience.com/ Frame 957C 		43 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.richaudience.com/?advd=epclusa.com&pe=Vmo3MDhHcWZTQVFKZDZJSmlyZ3pOS1RneXEyMzhzTEFhWWFpK0pMZjExUURrVkNFWmJBRzJ2VldhejFEYjU4WG1uMlhuOEVUYytQRnRsUXRhS0VHbVJZblVQY01ZL2hkcW9iVlJVM2Rwc3pXYnVBVHRidGpYYnJ3bVoxL2U0MC90MlhwS1poSkF3MzN4QmdYM3lYdHBjNXpYZjUzMFdmNFRlUjdUTlM1QktLTXllNzhkZUxzK2lkelgybHB5bm90OFA4dWVZSDY5Y0xrcEY4Uk0rR1lxcXRKd200K1VzUVJTWEdRT3ViR3dIWnM1aWY0Q3dLRFNJSCtoNTNkWUFKRUhzNlNtWS9rZWRDTis0YkZGelpzeTVEeEQ1YVl0OHRKYW44VlhraG9tZjNyQk1wRmNHTkhjZklXWFY2Uk9Sb28xQkNsQWVhbTZ1ZXB0REpWTllpdjU3bTFpTzRVZ3BlMVYxSlRDVzVpMHZDWXJ3aDVYd1h5Mjk3TVFtR3NGd21UYXkxMDdWdFppUFRIKzFJSFZhaTlRY1grYWNxQ2xxZkZ3azVaalF5b3ZvKzFCVXVsa0pwU2NybGh0ZjJ6VkJGYS9NVHBDR3ZlZTByMEpuVG44RTBzWVluRjJpMDBpYXV5WEZhQlhiWGlnNTFpZGNjdkwwSVlmWnM4aVlVelV4L0RaWU1vYWt3SzRYdlVnSzJ0Q1FwTHIzZWhZQWErY0hDVjlSaHNKb3l2RWVQeDdqTVQyVVlkbnhXekhMdG5pRG5mN2FaWE03Y0hHODZYVXhXZ0h0VVVnb3J3cVdlVnM5UDcrUDN0d0tCZEFSdnNERG1sVjhTSmkxUGNXTm0wV2RneHZnV053S280ekZOQnpoV2ZRalNlYVFjbXBIdEM2RVhnL1NXSzNmaDFFc2Vzb0IwakpQRmlDWHRlYTZjZ0VPNEpRUUQ1YUFhM2dBaFAyQU9CT0pCdDh4TVRBc1d0QmE0aFlDL25POURveVVIVEhzUjI0VW1MdEF0MVpQcmtMdzEwazFyb1pyVko5NDB1d3lWaGFKVHlFTEdDamdxZjMyeFMyRDZPKzFBenAwbzJZYWJ3Q1VObkpyelJuZExVdmRhTXRCSmV4NU8zYmI4aHQ0d3JGWTQwMkp0VDV1cGQwNHBGNVJwVFBKYy94cFdIOS9oMWo3MUY4Q0hKbndwMjUrVG9wRitVVnIwSHhTb3NmOGdneEdTanNIZlJZSG05Q2JJRjM2bDZCYnk0blBNUGtOa3BDTVhBdzRIZFVMZlNUWEpRUkpIZjJ4NG45MGNRbWxQR2o2Sm1wb0VINWFXVDdUYjBmVEp3eWMrN21vOGJTVndOSmxLQlNwY3ZXTjQzUkNSRFFnaG1jRVNWWjcrNXpYRFZQdnorRERTamlqa1B1bFBZdE56dm9iWW5SOFdGbkdWbWplNnBEM1RTV1ZQWXJHbUducUxIaWVERjNWdjF4RURrWmR0cXBMNDRFdjBCdzhNREFsWjB2elhMNk5FemE1RGRpeElxZSt2bmNBUGpSZVV0NVQ2S2N2d3pWL2c1aU1jTnY4UjkwOWF3bENuOE0zcnY4Slg1M05uOWxLeUhUNGxtRXV6M1RHbEFPR3pyeXRYWU9LN2JPN2J4d0FkMHpyOEdWeUx5UzU2SWJhREFrS202dTJVZ1JBUk4wMStISnhwUnpFMmVCMi9zLzBobnFCV1NOemVTQnppQ3ZwNlNQQ0VoZ09ORlduekNkZjdlbE1haFRYaGhyUmVEcmkrakR3VGFXbVFNMGF5Z0FCbVpNSUM1ejl4aVRVZWxwc1NwZzNtWlhxdFBzeHM4WVpuS2Y3QWZCVFJKSVdGL2xCeFpmcDVaT3pjdE1tLythN0pKUGlZQTNRZm1RR05sck9UZy9hUkQrcXFkS2pGdXdtS1Zqemx6TGlEUEZWdWN0Y05EV3FQTUN3aW1QOWJvbHdoeDcxWG14dXpkbjdUakw1UktwTjZuaS9pclpsU0JCdldubHAzUkdPeVZ3R2tjNEZhcUxnYW11VzFEcUt2TmpEeE51U25VQ3NHNHRiOEtVZjJSalNuU2xTQ0FTN0xzTnpxS1RBeXphbjZxNDFYWEtZRVdsQ0Jodmp5T3JUNUFEQlpxQUtLTGRlQWZKVGJQWjBqbkM1TFJlaTBNWWc9PSMjV6xAsMnreiK4526xePZF4A%3D%3D
Requested by
Host: www.haxball.com
URL: https://www.haxball.com/play?c=KwAMdEfR6us
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.202.160.46 Nuremberg, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.46.160.202.116.clients.your-server.de
Software
nginx/1.14.1 /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.haxball.com/

Response headers

access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
date
Fri, 13 Dec 2024 21:47:58 GMT
content-type
image/gif
last-modified
Friday, 13-Dec-2024 21:47:58 GMT
server
nginx/1.14.1
/
t.richaudience.com/ Frame 957C 		43 B
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.richaudience.com/?advd=epclusa.com&pe=dGljVDBPdXY3MEZFN3FNOU5ES2ptZlBidmsvRE0vWGRzTE1pWmlhWXVGclEzczJUNzE5QmlxWlNJaEdsRGcwSUlvVnFSejk5Qk55bHVKZFBpVWU3c2p0a2llcGkzR3I0dW1yV2ZxQm9IMDYvTXBaNG1LRVB3bU9La295eWFtU1BGZHdOZ3JIdXFsTThmbFhZQlBzYlhSdllIelFZZWRXRU9lWGhOUXdTMUJJVVJjNktxS0hCdlFTczBmRmI2b2E1ZUpMYm5BRnFLMlBuZWM5YWhrY0dnWFVJcjV6L3RSR0JUazdQRnZWNjVhSHhIdlBNRVkvWkNlZXhWYXZTZGxvV3BrMEhSTnVBOTZ2ZnFURW0vVGU0UGZTTUhNVlAya2UrNVZXYk51RlcyZ045dWdHaENVaTNyU3NsTlhXczRkUzNoMFlCcS9IUjZaamlTR1lLYnl3Z2owNU83RmIyWlQ0R0lWeGk0TlM1cDJ3cHA4WTRIQ2tXQUZtdHN5ams3S0NwbGM2WDRvbERRU29mUlhRS0lVMy9GTTdsK3ZPZlBnd3lySEtYT0R1bS9vU1BkN2tCMkVyMFRFTXRRYWRTSmF0ckpLNm1WbGFuL0kxNUV6YXRLdDVMZXpLTzFuckVRVndZNEh2SUt5ekhmT29BN1BubVIycnppUnRLWWZ3SWtrNDlCTGFEbTI0MnBoWWxJN3hVdk81dStNWVZpVkh0bSt0bkxQMERDd1hzaTE0ZlRHcWxxOElZYTJwdnJjM1ZVdG1neU53VXdha1hEMTJtVGVOWW0vVGg5ZDdrWUhHenMzaEtxMW45T2lMVVA3M1Z1aFFBY2VTYVZqZzZDUmcwejFPbXowWEZLYnB4Wm9HdGdtZGhQVis2UGRwSnJzVkZUZUJTb1Z2QWpPdk9GZnRUMVZFQy9rOGhxbVVFZlNNOUJCWHN4RU5mZUVIQWk0QUFiZEk3dU1aTkpJeUxzamkyUTNpbFZUWnZYb2dEYUpUMkVvaG5TaktlZ0JuZ2hqYWppZFZ3Uzc3aXVzSFpTUjRIYnRGK0N0cEt1eGZrUVdaemE5aDNVaVlFL3J1dzE3K1FZVE5GeVdiMTBuOEhxVzk2bmR2MWtHUnZIdWx2S3dxRENoZG1obkhRb1poMUFCYkdPc3hleUhLOGU5THpJdWFKQUJVT3YzcHgzTWk3UmR3d3RMeXJETWx0dXNhTkFZWnZUbXBRZ05lOTlKcGxQVW1DMUtuNnN3VnJpTnRnekQ3SUdKeDlEbzVrZGtrNHJQa3ppSzFtbGxoOTloMmFkNitDcXg3L0gvbW1yTGJjQndaZnJrZjhpUUhKT0pvQmNKWlo0dTV5N25penRaSytOYmw5RFBra2ZGcURqdTJOYkdabzFYYjIrTGZodUpWNGQrSmtqTFV3NkFxZ1BicXdvNmdpOWZmSUhJQThITmUvb2hMaVgraEZuR0dJdmg0dXZOVmhPNGZ5WlFmZG81aG9JekpWbUJTQm55SmgwZjlBQVdGYWtuYjFsNGJWSnhiVFlZRGtDMktRUGE3UXZHK3hxV3hnTHRpalR3Y0JyTEhOVjMrY0lscno5MWZ2S3hVRk05T0xCdW9JUlRHa05EODIrZmFJNG03TFVJazd5NHFrMHFmVTZ6VnFSWGNCM1VQYnVzVVNFbCt0OTZwWG1BT0pwSUE1aGc0eTRZN0IwSzU2RUxaM21kMTVGV2hUQ1o1NUtCd2lPRUJjMGZVWTFHZHFkd0JHWllWSjBXTXdwWExYODNJaDhRakI5cm5jUnpRUWt5NWNjV1ZLVzh0Ukx2bHNLOW1saCtPU1dLa09Yd0c4SVN0Y3hGdjMreUQrRmJkeDh4Q2o1M1l5bjcyeDVyNzVPYmpDVnJPQytQbmljQjlicUJlTnlOUmpYMS85RjhvVCtRZUpFa1NvMVNkVmNNOEVxbVdScWVNQmZpb3IvNFZZdHkxdFRnUEprbzBWY2M4WVltV1BpVlc3MVFXUE16cmFyVkwrbndGdWFLeDB6VjM1MXpQRGkzQm9xSTN3TnN1VE55dDJtbXlWUVltZmZEM09JR0Vld29LbUwyUUlFUlozUCtCcUR2UTVCQzlPTFE1ZVVmREU3djZSTnkyUXJqMUVyRnYxZ2l3V3g3YWhIM3oyR0xoSVN5NXpGVW5rVVE9PSMjOYGujKwO9Kr1XKwm7MuNzg%3D%3D
Requested by
Host: www.haxball.com
URL: https://www.haxball.com/play?c=KwAMdEfR6us
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.202.160.46 Nuremberg, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.46.160.202.116.clients.your-server.de
Software
nginx/1.14.1 /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.haxball.com/

Response headers

access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
date
Fri, 13 Dec 2024 21:47:58 GMT
content-type
image/gif
last-modified
Friday, 13-Dec-2024 21:47:58 GMT
server
nginx/1.14.1
dcmads.js
www.googletagservices.com/dcm/ Frame F430 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: mpd.mxptint.net
URL: https://mpd.mxptint.net/1/S1/G1/T4806/js?siz=160x600&cpd=315623&ssl=1&mid=B4E6EC_1207EF8E0_4825239&bp=0.596913&dm=CE16F919505D2D5CCEF73833754385B5&ri=0&adid=1&uuid=BC0H_98U5wnEZomve49cv-8&gve=B2D1E0914D684F09EB68F9C6E145DD81&ghc=65CB7D1A0023&pub=539625136&dt=2&spox=AAABk8H-IR5109n4ouICU29EuT1iAqXXQh3J5g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e1a6f26221e90102580decc85453993721815ee35ef417600af01cc219a0d871
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.haxball.com/

Response headers

content-encoding
gzip
age
304
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
x-content-type-options
nosniff
expires
Fri, 13 Dec 2024 22:42:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 13 Dec 2024 21:42:54 GMT
last-modified
Thu, 05 Dec 2024 18:26:02 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=3600
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
accept-ranges
bytes
content-length
7835
x-xss-protection
0
server
sffe
dvtp_src.js
cdn.doubleverify.com/ Frame F430 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=3891363&cmp=DV100620&sid=valassis&plc=dv_mxpt_js_disp&adsrv=0&advid=3891363&btreg=D4E331_1207EF8EA_518E75&btadsrv=D4E331_1207EF8EA_518E75&autt=1&dvtagver=6.1.src&ppid=224&auevent=D4E331_1207EF8EA_518E75&aufilter2=IQMFV&c1=41423&c2=315623&c3=160x600
Requested by
Host: mpd.mxptint.net
URL: https://mpd.mxptint.net/1/S1/G1/T4806/js?siz=160x600&cpd=315623&ssl=1&mid=B4E6EC_1207EF8E0_4825239&bp=0.596913&dm=CE16F919505D2D5CCEF73833754385B5&ri=0&adid=1&uuid=BC0H_98U5wnEZomve49cv-8&gve=B2D1E0914D684F09EB68F9C6E145DD81&ghc=65CB7D1A0023&pub=539625136&dt=2&spox=AAABk8H-IR5109n4ouICU29EuT1iAqXXQh3J5g
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:f::172c:c9cc Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
22eb3e724fcf7b19a3c300ade3341128065d821614dead10cc5464c3d282a952

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.haxball.com/

Response headers

Access-Control-Expose-Headers
*
Cache-Control
max-age=900
Content-Encoding
br
ETag
"b36eea18dc27581a216cf1401fae1084"
Connection
keep-alive
Expires
Fri, 13 Dec 2024 22:02:58 GMT
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
3232
Date
Fri, 13 Dec 2024 21:47:58 GMT
Last-Modified
Mon, 09 Dec 2024 15:05:48 GMT
Content-Type
text/javascript
mpiv.js
mpd.mxptint.net/js/ Frame F430 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mpd.mxptint.net/js/mpiv.js
Requested by
Host: mpd.mxptint.net
URL: https://mpd.mxptint.net/1/S1/G1/T4806/js?siz=160x600&cpd=315623&ssl=1&mid=B4E6EC_1207EF8E0_4825239&bp=0.596913&dm=CE16F919505D2D5CCEF73833754385B5&ri=0&adid=1&uuid=BC0H_98U5wnEZomve49cv-8&gve=B2D1E0914D684F09EB68F9C6E145DD81&ghc=65CB7D1A0023&pub=539625136&dt=2&spox=AAABk8H-IR5109n4ouICU29EuT1iAqXXQh3J5g
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
38.99.107.11 Santa Clara, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
1f43b59d58023fde8b5196755ae0c80b53bbccc1a361f4d2cef00f86f3ef9a9a
Security Headers
Name Value
Strict-Transport-Security max-age=-417131278; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.haxball.com/

Response headers

Strict-Transport-Security
max-age=-417131278; includeSubDomains
Cache-Control
public
ETag
"1DB2B2A25C74A00"
Expires
Sat, 14 Dec 2024 21:47:54 GMT
Accept-Ranges
bytes
Content-Length
5483
Date
Fri, 13 Dec 2024 21:47:57 GMT
Content-Type
application/javascript
Last-Modified
Thu, 31 Oct 2024 00:16:36 GMT
impl_v103.js
www.googletagservices.com/dcm/ Frame F430 		63 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v103.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d47bfd53d3d2837ba190280e71a213c8d13be2d8ac6ee1b5b3d933dd3b7c86dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.haxball.com/

Response headers

content-encoding
gzip
age
31970
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
x-content-type-options
nosniff
expires
Sat, 13 Dec 2025 12:55:08 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 13 Dec 2024 12:55:08 GMT
last-modified
Tue, 03 Dec 2024 14:12:10 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
accept-ranges
bytes
content-length
25070
x-xss-protection
0
server
sffe
B31049024.382526821;dc_ver=103.302;sz=160x600;u_sd=1;nel=1;dc_adk=2551933457;ord=b1rglh;click=http%3A%2F%2Fmpc.mxptint.net%2F9S1S97663581SA1CFS4D0E7SA0S258S12C6SB4E6EC_1207EF8E0_4825239SD4E331_1207...
ad.doubleclick.net/ddm/adj/N1277702.711084VALASSISCOMMUNICA/ Frame F430 		78 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N1277702.711084VALASSISCOMMUNICA/B31049024.382526821;dc_ver=103.302;sz=160x600;u_sd=1;nel=1;dc_adk=2551933457;ord=b1rglh;click=http%3A%2F%2Fmpc.mxptint.net%2F9S1S97663581SA1CFS4D0E7SA0S258S12C6SB4E6EC_1207EF8E0_4825239SD4E331_1207EF8EA_518E75%253fhttps%3A%2F%2Fr.mxptint.net%253f;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fwww.haxball.com%2Fplay%3Fc%3DKwAMdEfR6us$0;xdt=0;crlt=OBXUC2')1K;stc=1;chaa=1;sttr=50;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v103.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.230 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f6.1e100.net
Software
cafe /
Resource Hash
9fa537e5088dd041f9949359a8c834293d2e54af0861030ce0ac2b4ca90509d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.haxball.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
33868
date
Fri, 13 Dec 2024 21:47:58 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
express_html_inpage_rendering_lib_200_281.js
s0.2mdn.net/879366/ Frame F430 		117 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_281.js
Requested by
Host: www.haxball.com
URL: https://www.haxball.com/play?c=KwAMdEfR6us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0d116b21c9ac496c162f9074c75ce227719d025422a1794a57f497718f87cee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.haxball.com
Referer
https://www.haxball.com/

Response headers

content-encoding
gzip
age
41984
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options
nosniff
expires
Sat, 14 Dec 2024 10:08:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 13 Dec 2024 10:08:15 GMT
last-modified
Tue, 29 Oct 2024 21:00:00 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=86400
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
content-length
41319
x-xss-protection
0
server
sffe
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20241212/r20110914/elements/html/ Frame F430 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20241212/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1277702.711084VALASSISCOMMUNICA/B31049024.382526821;dc_ver=103.302;sz=160x600;u_sd=1;nel=1;dc_adk=2551933457;ord=b1rglh;click=http%3A%2F%2Fmpc.mxptint.net%2F9S1S97663581SA1CFS4D0E7SA0S258S12C6SB4E6EC_1207EF8E0_4825239SD4E331_1207EF8EA_518E75%253fhttps%3A%2F%2Fr.mxptint.net%253f;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fwww.haxball.com%2Fplay%3Fc%3DKwAMdEfR6us$0;xdt=0;crlt=OBXUC2')1K;stc=1;chaa=1;sttr=50;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
39761e2a7cb0e42a8b09fbbf0d2c4cd9fb0c1568c045b1c5e387177dda8ff064
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.haxball.com/

Response headers

content-encoding
br
etag
5098607549323971572
age
33124
x-content-type-options
nosniff
expires
Fri, 27 Dec 2024 12:35:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 13 Dec 2024 12:35:54 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
4393
x-xss-protection
0
server
cafe
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame F430 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.haxball.com
URL: https://www.haxball.com/play?c=KwAMdEfR6us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.haxball.com/

Response headers

content-encoding
br
age
826
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Fri, 13 Dec 2024 22:24:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 13 Dec 2024 21:34:13 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=3000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
13937
x-xss-protection
0
server
sffe
dv-measurements7000.js
cdn.doubleverify.com/ Frame 1F13 		419 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements7000.js
Requested by
Host: www.haxball.com
URL: https://www.haxball.com/play?c=KwAMdEfR6us
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:f::172c:c9cc Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
6e96a55af0ca34c8bf0362034344f8706514f5bcd7e425cb82064070e9a2abea

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.haxball.com/

Response headers

Access-Control-Expose-Headers
*
Cache-Control
max-age=31536000
Content-Encoding
br
ETag
"522a7e4d1c856a447ae18ab134f00bb6"
Connection
keep-alive
Expires
Sat, 13 Dec 2025 21:47:59 GMT
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
84430
Date
Fri, 13 Dec 2024 21:47:59 GMT
Last-Modified
Mon, 09 Dec 2024 14:30:40 GMT
Content-Type
text/javascript
misc=v:3.0.0,rand:30303,ao:eydodHRwczovL3d3dy5oYXhiYWxsLmNvbScsJ2h0dHBzOi8vd3d3LmhheGJhbGwuY29tJ30
mpc.mxptint.net/1S29S97663581SA1CFS4D0E7SA0S258S12C6SB4E6EC_1207EF8E0_4825239SD4E331_1207EF8EA_518E75S0%3fhttps://noredir.mxptint.net/ Frame F430 		0
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mpc.mxptint.net/1S29S97663581SA1CFS4D0E7SA0S258S12C6SB4E6EC_1207EF8E0_4825239SD4E331_1207EF8EA_518E75S0%3fhttps://noredir.mxptint.net/misc=v:3.0.0,rand:30303,ao:eydodHRwczovL3d3dy5oYXhiYWxsLmNvbScsJ2h0dHBzOi8vd3d3LmhheGJhbGwuY29tJ30
Requested by
Host: www.haxball.com
URL: https://www.haxball.com/play?c=KwAMdEfR6us
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
38.98.69.171 North Bergen, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=-417131279; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.haxball.com/

Response headers

Strict-Transport-Security
max-age=-417131279; includeSubDomains
Expires
-1
Cache-Control
no-cache
Pragma
no-cache
Date
Fri, 13 Dec 2024 21:47:58 GMT
pd
us-u.openx.net/w/1.0/ Frame 18FE
Redirect Chain
  • https://us-u.openx.net/w/1.0/pd?plm=6&ph=2eba3060-f578-4886-93a0-d9a2346966ea
  • https://us-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=2eba3060-f578-4886-93a0-d9a2346966ea
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=2eba3060-f578-4886-93a0-d9a2346966ea
Requested by
Host: www.haxball.com
URL: https://www.haxball.com/play?c=KwAMdEfR6us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash

Request headers

Referer
https://www.haxball.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
550
content-type
text/html
date
Fri, 13 Dec 2024 21:47:59 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Fri, 13 Dec 2024 21:47:58 GMT
location
https://us-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=2eba3060-f578-4886-93a0-d9a2346966ea
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
visit.js
tps.doubleverify.com/ Frame 1F13 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=65&ttfrms=29&brid=96&bridua=3&bds=1&tstype=2&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D92I32%3D%3D%5D4%40%3ETauA%3D2JTbu4TbszHp%7C5t7%23eFDU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D92I32%3D%3D%5D4%40%3ETar9EEADTbpTauTauHHH%5D92I32%3D%3D%5D4%40%3ETar9EEADTbpTauTauHHH%5D92I32%3D%3D%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=378&ddur=134&uid=1734126479066396&jsCallback=dvCallback_1734126479066391&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F131.0.0.0%20Safari%2F537.36&htmlmsging=1&chro=1&hist=1&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=7000&tgjsver=7000&lvvn=28&m1=96&refD=2&referrer=https%3A%2F%2Fwww.haxball.com%2Fplay%3Fc%3DKwAMdEfR6us&fwc=0&flt=14&fec=32&fcifrms=2&brh=1&dvp_epl=226&noc=16&nav_pltfrm=Linux%20x86_64&ctx=3891363&cmp=DV100620&sid=valassis&plc=dv_mxpt_js_disp&btreg=D4E331_1207EF8EA_518E75&btadsrv=D4E331_1207EF8EA_518E75&adsrv=0&advid=3891363&c1=41423&c2=315623&c3=160x600&errorURL=https://tps.doubleverify.com/visit.jpg&ppid=224&auevent=D4E331_1207EF8EA_518E75&aufilter2=IQMFV&autt=1&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=522949123400.8706&ee_dp_sukv=522949123400.8706&dvp_tukv=737426678010.7489&ee_dp_tukv=737426678010.7489&dvp_tuid=1587508415569&jurtd=3498477636
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements7000.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
c46166ca3629fce9a1079878e0c82246895ea7d75adce2358031cb82adff2c1e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.haxball.com/

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=0
Timing-Allow-Origin
*
Content-Encoding
br
Pragma
no-cache
Connection
keep-alive
Expires
12/12/2024 21:47:59
Date
Fri, 13 Dec 2024 21:47:59 GMT
Content-Type
text/javascript
Vary
Accept-Encoding
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 5BF2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.haxball.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
647
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 13 Dec 2024 21:37:12 GMT
expires
Fri, 13 Dec 2024 22:27:12 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame F430 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodarir&v=44&d=1&s=1&f=0.01&bgai=BXG0TjqtcZ4b4N-THnboPuO76oAsAAAAAOAHgBAI
Requested by
Host: www.haxball.com
URL: https://www.haxball.com/play?c=KwAMdEfR6us
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.haxball.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Fri, 13 Dec 2024 21:47:59 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
dvtp_src.js
cdn.doubleverify.com/ Frame F430 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=18845511&cmp=31049024&sid=6188800&plc=382526821&num=&adid=&advid=10087275&adsrv=1&btreg=575145876&btadsrv=doubleclick&crt=225020658&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_281.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:f::172c:c9cc Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
22eb3e724fcf7b19a3c300ade3341128065d821614dead10cc5464c3d282a952

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.haxball.com/

Response headers

Access-Control-Expose-Headers
*
Cache-Control
max-age=900
Content-Encoding
br
ETag
"b36eea18dc27581a216cf1401fae1084"
Connection
keep-alive
Expires
Fri, 13 Dec 2024 22:02:59 GMT
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
3232
Date
Fri, 13 Dec 2024 21:47:59 GMT
Last-Modified
Mon, 09 Dec 2024 15:05:48 GMT
Content-Type
text/javascript
durly.js
c.evidon.com/ Frame F430 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/durly.js?;coid=930;nid=154890;ad_wxh=160x600;
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_281.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.205 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-196-3-205.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
fbcacda475ed69433f5f60034f72c38bf7dfa6d4c89f7ee7a2c2f88945f813b5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.haxball.com/

Response headers

access-control-allow-headers
*
access-control-max-age
108000
content-encoding
gzip
etag
"b89cae0eeff70e139af64eed93353c19:1700587828.86706"
access-control-allow-methods
GET,OPTIONS,POST
accept-ranges
bytes
access-control-allow-origin
content-length
1605
date
Fri, 13 Dec 2024 21:47:59 GMT
content-type
application/x-javascript
last-modified
Tue, 21 Nov 2023 17:30:28 GMT
server
AkamaiNetStorage
vary
Accept-Encoding, Origin
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame F430 		218 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_281.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
af6b15d8917bd5ab039b73db5f939c17df1aca2acf7d4ac9d8f44a005edaf6d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.haxball.com/

Response headers

content-encoding
br
etag
15965780714114583650
age
3317
x-content-type-options
nosniff
expires
Fri, 13 Dec 2024 21:52:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 13 Dec 2024 20:52:42 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=ISO-8859-1
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
69026
x-xss-protection
0
server
cafe
index.html
s0.2mdn.net/sadbundle/1693508555456514535/ Frame 94F0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1693508555456514535/index.html?ev=01_253
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_281.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.haxball.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
32622
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
25303
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 13 Dec 2024 12:44:17 GMT
expires
Sat, 13 Dec 2025 12:44:17 GMT
last-modified
Thu, 24 Oct 2024 18:00:16 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame F430 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjssXsJDI30qz8q1SneDblHkXlexygaIhet8oV_iyX0IU--0KBIDlNKP2HAd4Gfy1jg3GJ8uohi3HnWXEHE4UAX9rzb2qxsNXMzCwJn_MgH8aT1Wb5VpCFnu9K7PrdXPPKpRDYE2b-Z7HWrSAbzN2ZpgD6Twd173pksKKzP2lk0zurAoPDT4O325-I5Fl&sai=AMfl-YQ76s5TO-KilyZtE21JMhu1bb7O35_IMUZGuyv_q8RqnHK36jSnph2xP_OIX4rZmt2eqQGt9yfB7fnR&sig=Cg0ArKJSzJDtSHdcor8qEAE&uach_m=%5BUACH%5D&crd=aHR0cHM6Ly9lcGNsdXNhLmNvbSxodHRwczovL2ZkYS5nb3Y&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=152&cbvp=1&cstd=149&cisv=r20241212.14635&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=1&ftch=1&adurl=
Requested by
Host: www.haxball.com
URL: https://www.haxball.com/play?c=KwAMdEfR6us
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.230 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.haxball.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 13 Dec 2024 21:47:59 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Fri, 13 Dec 2024 21:47:59 GMT
x-xss-protection
0
content-type
image/png
attribution-reporting-register-source
{"aggregation_keys":{"905521408":"0x66a18cc055ef54240000000000000000","905521409":"0xdfac021ad5a3f4660000000000000000","905521410":"0xee55a5d2bee658080000000000000000","905521411":"0x68b6c2bf5ea519c0000000000000000"},"debug_key":"5471018800572738178","debug_reporting":true,"destination":["https://epclusa.com","https://hepchope.com","https://debugconversiondomain1.com"],"event_report_windows":{"end_times":[86400,604800,2592000]},"expiry":"1296000","filter_data":{"14":[],"21":[],"23":[],"24":[],"25":[],"26":[],"27":[],"28":[],"29":[],"8":["10087866"]},"max_event_level_reports":2,"priority":"0","source_event_id":"7738855645260541636"}
server
cafe
idr.gif
p.alcmpn.com/idr/ven/1042/ Frame F430
Redirect Chain
  • https://sync.graph.bluecava.com/ds.png?p=5d240b6c-d95e-11ed-8f0e-4201ac10000e&CID=CX320635&Site=N1277702.711084VALASSISCOMMUNICA&PID=382526821&CreativeID=225020658&Tagtype=Event&DeviceID=1&Key7=1&K...
  • https://p.alcmpn.com/idr/ven/1042/idr.gif?fpid=541ff24c-1c3e-41fb-b505-22a59b0e8724&chained=true
0
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.alcmpn.com/idr/ven/1042/idr.gif?fpid=541ff24c-1c3e-41fb-b505-22a59b0e8724&chained=true
Requested by
Host: www.haxball.com
URL: https://www.haxball.com/play?c=KwAMdEfR6us
Protocol
H2
Server
34.128.139.172 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
172.139.128.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.haxball.com/

Response headers

via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-length
0
date
Fri, 13 Dec 2024 21:47:59 GMT
x-powered-by
Express

Redirect headers

cache-control
no-cache, no-store
location
//p.alcmpn.com/idr/ven/1042/idr.gif?fpid=541ff24c-1c3e-41fb-b505-22a59b0e8724&chained=true
pragma
no-cache
access-control-allow-credentials
true
via
1.1 google
expires
-1
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="NON DSP LAW PSAo PSDo IVAo IVDo OTPo OUR SAMo BUS UNI PRE"
content-length
0
date
Fri, 13 Dec 2024 21:47:59 GMT
content-type
image/png
/
t2.richaudience.com/ Frame 957C 		43 B
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.richaudience.com/?e=2&p=pj4NaUtjYE&s=15464&type=3&subtype=6&wscs=1600&hscs=1200&ua=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F131.0.0.0+Safari%2F537.36&tscs=&inw=&inh=&wou=&hou=&sgn=f5Ls3jqijeL7gihFGr6K2mTs8D2i%2Fzpt2RNw91pdS5MHyUdvSXwqv5odN76faTPmcaouSYHBV2pHz%2BnYvtoBwsH23Z5n6iEHcqVC2dAAG671LHuUDs9oHm%2BtnO5xyVfH0SLfnPX7FUnL15FbOG6FD23CJGPVTxlseU2k%2B8EsT3eV5wPlkvYkey%2BVpwNAa%2B62OsYktIde%2BMvMPmqzsnVkLhk5RVtM1meF63tWRGFsDpWoFVS05R2WPw0Jzg%3D%3D&v=9388db3c-1caa-4648-9758-6664225cb12e&dt=3&did=OX-bef-4Yx2rq&intgr=1
Requested by
Host: www.haxball.com
URL: https://www.haxball.com/play?c=KwAMdEfR6us
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
65.108.231.149 Helsinki, Finland, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.149.231.108.65.clients.your-server.de
Software
nginx/1.14.1 /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.haxball.com/

Response headers

access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
date
Fri, 13 Dec 2024 21:47:59 GMT
content-type
image/gif
last-modified
Friday, 13-Dec-2024 21:47:59 GMT
server
nginx/1.14.1
dv-measurements7000.js
cdn.doubleverify.com/ Frame D1F2 		419 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements7000.js
Requested by
Host: www.haxball.com
URL: https://www.haxball.com/play?c=KwAMdEfR6us
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:f::172c:c9cc Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
6e96a55af0ca34c8bf0362034344f8706514f5bcd7e425cb82064070e9a2abea

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.haxball.com/

Response headers

Access-Control-Expose-Headers
*
Cache-Control
max-age=31536000
Content-Encoding
br
ETag
"522a7e4d1c856a447ae18ab134f00bb6"
Connection
keep-alive
Expires
Sat, 13 Dec 2025 21:47:59 GMT
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
84430
Date
Fri, 13 Dec 2024 21:47:59 GMT
Last-Modified
Mon, 09 Dec 2024 14:30:40 GMT
Content-Type
text/javascript
visit.js
tps.doubleverify.com/ Frame D1F2 		1 KB
974 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=18&ttfrms=16&brid=96&bridua=3&bds=1&tstype=2&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D92I32%3D%3D%5D4%40%3ETauA%3D2JTbu4TbszHp%7C5t7%23eFDU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D92I32%3D%3D%5D4%40%3ETar9EEADTbpTauTauHHH%5D92I32%3D%3D%5D4%40%3ETar9EEADTbpTauTauHHH%5D92I32%3D%3D%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=886&ddur=35&uid=1734126479188614&jsCallback=dvCallback_1734126479188183&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F131.0.0.0%20Safari%2F537.36&htmlmsging=1&chro=1&hist=1&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=7000&tgjsver=7000&lvvn=28&m1=96&refD=2&referrer=https%3A%2F%2Fwww.haxball.com%2Fplay%3Fc%3DKwAMdEfR6us&fwc=0&flt=14&fec=32&fcifrms=2&brh=1&dvp_epl=226&noc=16&nav_pltfrm=Linux%20x86_64&ctx=18845511&cmp=31049024&sid=6188800&plc=382526821&crt=225020658&btreg=575145876&btadsrv=doubleclick&adsrv=1&advid=10087275&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=522949123400.8706&ee_dp_sukv=522949123400.8706&dvp_tukv=5621256763.431585&ee_dp_tukv=5621256763.431585&dvp_tuid=1535967718746&jurtd=1848011446
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements7000.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
8be964204db4dddb349115b1053668c6c68d467e44b613fa8e575b92ee298db0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.haxball.com/

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=0
Timing-Allow-Origin
*
Content-Encoding
br
Pragma
no-cache
Connection
keep-alive
Expires
12/12/2024 21:47:59
Date
Fri, 13 Dec 2024 21:47:59 GMT
Content-Type
text/javascript
Vary
Accept-Encoding
gen_204
pagead2.googlesyndication.com/pagead/ Frame F430 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.haxball.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Fri, 13 Dec 2024 21:47:59 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame F430 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.haxball.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Fri, 13 Dec 2024 21:47:59 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
cdn.doubleverify.com/redirect/ Frame 1F13 		0
0
ba.js
c.evidon.com/geo/ Frame F430 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/geo/ba.js?r231121
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/durly.js?;coid=930;nid=154890;ad_wxh=160x600;
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.205 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-196-3-205.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e66ea3d92f57880a1eb8220863a3ddc8e25fb4940e24b9d1b1b5064b41b6cc72

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.haxball.com/

Response headers

access-control-allow-headers
*
access-control-max-age
108000
cache-control
max-age=86400
content-encoding
gzip
etag
"2a89f2588a8c2fb5a1419f6ca61adca6:1700587773.052412"
access-control-allow-methods
GET,OPTIONS,POST
accept-ranges
bytes
access-control-allow-origin
content-length
12681
date
Fri, 13 Dec 2024 21:47:59 GMT
content-type
application/x-javascript
last-modified
Tue, 21 Nov 2023 17:29:33 GMT
server
AkamaiNetStorage
vary
Accept-Encoding, Origin
4.gif
c.evidon.com/a/ Frame F430 		43 B
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.evidon.com/a/4.gif
Requested by
Host: www.haxball.com
URL: https://www.haxball.com/play?c=KwAMdEfR6us
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.205 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-196-3-205.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
de3a7ca2f8ae592aae2652335b755b0d0b65df663dda8776387cae7339b76d64

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.haxball.com/

Response headers

access-control-allow-headers
*
access-control-max-age
108000
cache-control
max-age=432000
content-encoding
gzip
etag
"65786c291a4603aa5150a1884452838d:1271351254"
access-control-allow-methods
GET,OPTIONS,POST
accept-ranges
bytes
access-control-allow-origin
content-length
53
date
Fri, 13 Dec 2024 21:47:59 GMT
content-type
image/gif
last-modified
Thu, 15 Apr 2010 17:07:29 GMT
server
AkamaiNetStorage
vary
Accept-Encoding, Origin
/
cdn.doubleverify.com/redirect/ Frame D1F2 		0
0
154890.js
c.evidon.com/a/n/930/ Frame F430 		2 KB
932 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/a/n/930/154890.js
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/geo/ba.js?r231121
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.205 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-196-3-205.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c45d455c3137a92c0653f125ef46fe79df333411bd766cdb491a3f3b39a48fef

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.haxball.com/

Response headers

access-control-allow-headers
*
access-control-max-age
108000
cache-control
max-age=600
content-encoding
gzip
etag
"baf63e2b746f0f1101df1f4f3827dfc6:1607562667.253862"
access-control-allow-methods
GET,OPTIONS,POST
accept-ranges
bytes
access-control-allow-origin
content-length
644
date
Fri, 13 Dec 2024 21:47:59 GMT
content-type
application/x-javascript
last-modified
Thu, 10 Dec 2020 01:11:07 GMT
server
AkamaiNetStorage
vary
Accept-Encoding, Origin
view
ad.doubleclick.net/pcs/ Frame F430 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjssXsJDI30qz8q1SneDblHkXlexygaIhet8oV_iyX0IU--0KBIDlNKP2HAd4Gfy1jg3GJ8uohi3HnWXEHE4UAX9rzb2qxsNXMzCwJn_MgH8aT1Wb5VpCFnu9K7PrdXPPKpRDYE2b-Z7HWrSAbzN2ZpgD6Twd173pksKKzP2lk0zurAoPDT4O325-I5Fl&sai=AMfl-YQ76s5TO-KilyZtE21JMhu1bb7O35_IMUZGuyv_q8RqnHK36jSnph2xP_OIX4rZmt2eqQGt9yfB7fnR&sig=Cg0ArKJSzJDtSHdcor8qEAE&uach_m=%5BUACH%5D&crd=aHR0cHM6Ly9lcGNsdXNhLmNvbSxodHRwczovL2ZkYS5nb3Y&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=594&vt=11&dtpt=442&dett=3&cstd=149&cisv=r20241212.14635&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=1&ftch=1&adurl=
Requested by
Host: www.haxball.com
URL: https://www.haxball.com/play?c=KwAMdEfR6us
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.230 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.haxball.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 13 Dec 2024 21:47:59 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Fri, 13 Dec 2024 21:47:59 GMT
x-xss-protection
0
content-type
image/png
attribution-reporting-register-source
{"aggregation_keys":{"905521408":"0x66a18cc055ef54240000000000000000","905521409":"0xdfac021ad5a3f4660000000000000000","905521410":"0xee55a5d2bee658080000000000000000","905521411":"0x68b6c2bf5ea519c0000000000000000"},"debug_key":"1162573042249439960","debug_reporting":true,"destination":["https://epclusa.com","https://hepchope.com","https://debugconversiondomain1.com"],"event_report_windows":{"end_times":[86400,604800,2592000]},"expiry":"1296000","filter_data":{"14":[],"21":[],"23":[],"24":[],"25":[],"26":[],"27":[],"28":[],"29":[],"8":["10087866"]},"max_event_level_reports":2,"priority":"0","source_event_id":"14939475500317204644"}
server
cafe
COMMON.css
c.evidon.com/a/ Frame F430 		2 KB
975 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/a/COMMON.css?r=0.16846982069930827
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/geo/ba.js?r231121
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.205 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-196-3-205.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a3c92e8d35e4e636238e577da8cd44aaf8dd699b719e4125ba0029330edf6907

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.haxball.com/

Response headers

access-control-allow-headers
*
access-control-max-age
108000
content-encoding
gzip
etag
"c3cc19ce8230df99c7835decc2d79ee8:1486052770"
access-control-allow-methods
GET,OPTIONS,POST
accept-ranges
bytes
access-control-allow-origin
content-length
715
date
Fri, 13 Dec 2024 21:47:59 GMT
content-type
text/css
last-modified
Thu, 02 Feb 2017 16:26:10 GMT
server
AkamaiNetStorage
vary
Accept-Encoding, Origin
box_19_top-right.png
c.evidon.com/icon/ Frame F430 		109 B
391 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.evidon.com/icon/box_19_top-right.png
Requested by
Host: www.haxball.com
URL: https://www.haxball.com/play?c=KwAMdEfR6us
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.205 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-196-3-205.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
5c99dc27d465b2f8425daee704098e7335a880b4c757bfdded09721b9054d64d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.haxball.com/

Response headers

access-control-allow-headers
*
access-control-max-age
108000
cache-control
max-age=432000
content-encoding
gzip
etag
"8c7c476ac28727b21040351fa3006c59:1360189518"
access-control-allow-methods
GET,OPTIONS,POST
accept-ranges
bytes
access-control-allow-origin
content-length
118
date
Fri, 13 Dec 2024 21:47:59 GMT
content-type
image/png
last-modified
Wed, 06 Feb 2013 22:25:18 GMT
server
AkamaiNetStorage
vary
Accept-Encoding, Origin
ci.png
c.evidon.com/icon/ Frame F430 		581 B
879 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.evidon.com/icon/ci.png
Requested by
Host: www.haxball.com
URL: https://www.haxball.com/play?c=KwAMdEfR6us
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.205 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-196-3-205.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
528b6b3e8edb272a61e1d3b10f11af0d241680684143fb5339fa2758a3e65187

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.haxball.com/

Response headers

access-control-allow-headers
*
access-control-max-age
108000
cache-control
max-age=432000
content-encoding
gzip
etag
"2697f4b848d2400cd051312585a6bf42:1360189544"
access-control-allow-methods
GET,OPTIONS,POST
accept-ranges
bytes
access-control-allow-origin
content-length
604
date
Fri, 13 Dec 2024 21:47:59 GMT
content-type
image/png
last-modified
Wed, 06 Feb 2013 22:25:44 GMT
server
AkamaiNetStorage
vary
Accept-Encoding, Origin
pixel.gif
l.evidon.com/ct/0_0_0_154890/us/0/1/0/0/0/0/160/600/242/930/0/ Frame F430 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.evidon.com/ct/0_0_0_154890/us/0/1/0/0/0/0/160/600/242/930/0/pixel.gif?v=2_1&ttid=2&d=www.haxball.com&r=0.021291967348643137
Requested by
Host: www.haxball.com
URL: https://www.haxball.com/play?c=KwAMdEfR6us
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.27.64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-27-64.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.haxball.com/

Response headers

content-encoding
gzip
date
Fri, 13 Dec 2024 21:47:59 GMT
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
x-powered-by
Express
vary
Accept-Encoding
/
t2.richaudience.com/ Frame 957C 		43 B
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.richaudience.com/?e=3&p=pj4NaUtjYE&s=15464&type=3&subtype=6&wscs=1600&hscs=1200&ua=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F131.0.0.0+Safari%2F537.36&tscs=&inw=&inh=&wou=&hou=&sgn=f5Ls3jqijeL7gihFGr6K2mTs8D2i%2Fzpt2RNw91pdS5MHyUdvSXwqv5odN76faTPmcaouSYHBV2pHz%2BnYvtoBwsH23Z5n6iEHcqVC2dAAG671LHuUDs9oHm%2BtnO5xyVfH0SLfnPX7FUnL15FbOG6FD23CJGPVTxlseU2k%2B8EsT3eV5wPlkvYkey%2BVpwNAa%2B62OsYktIde%2BMvMPmqzsnVkLhk5RVtM1meF63tWRGFsDpWoFVS05R2WPw0Jzg%3D%3D&v=9388db3c-1caa-4648-9758-6664225cb12e&dt=3&did=OX-bef-4Yx2rq&tm=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
65.108.231.149 Helsinki, Finland, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.149.231.108.65.clients.your-server.de
Software
nginx/1.14.1 /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.haxball.com/

Response headers

access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
date
Fri, 13 Dec 2024 21:48:00 GMT
content-type
image/gif
last-modified
Friday, 13-Dec-2024 21:48:00 GMT
server
nginx/1.14.1
activeview
pagead2.googlesyndication.com/pcs/ Frame F430 		42 B
65 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss7k406ydEvNa-Fs6u_E39zLJrYZppkO-3SDbGgS7b5N9zQmqrGwaiw1Gts0T1dBry4CK4Hh6s2xFpOF5xf_N-BuD4j0ocPW8qABR-Y9igJ9XHyHQnz7_Ii3Ax9BqvF2g8ZaQEmLhc&sig=Cg0ArKJSzJ-QehjwdNDlEAE&id=lidar2&mcvt=1000&p=0,0,600,160&tm=1024.1000003814697&tu=24.100000381469727&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20241204&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=34&adk=2551933457&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=3005927900&rst=1734126478236&rpt=1016&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.haxball.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Fri, 13 Dec 2024 21:48:00 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn.doubleverify.com
URL
https://cdn.doubleverify.com/redirect/?host=tpsc-ue1&param=akipv6&impid=401ec61077b94908b7f16a8978e0d054&dup=&eoid=1000
Domain
cdn.doubleverify.com
URL
https://cdn.doubleverify.com/redirect/?host=tpsc-ue1&param=akipv6&impid=8099a2cfdcaf4b0a938ba452f874735f&dup=&eoid=1000

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 number| cpmstar_rnd number| cpmstar_pid object| ldyav5h object| cpmsx object| cpmstarx object| a5vsyr2 object| $jscomp function| o1eca4v object| /Haxball[IO]/$26640 object| starpbjs function| cpmstarAPI object| starpbjsChunk object| _pbjsGlobals string| nobidVersion object| nobid object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac object| google_persistent_state_async object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle string| google_user_agent_client_hint function| ohty44 function| qwhl3q object| googDdmPs

20 Cookies

Domain/Path Name / Value
.server.cpmstar.com/ Name: USER_ID
Value: %3f%d6%0c%7b%b3%12%7f%fa%96%b3%e79A%0e%7d
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.scorecardresearch.com/ Name: UID
Value: 1C886dcbb4f81e1b90888a81734126478
.scorecardresearch.com/ Name: XID
Value: 1C886dcbb4f81e1b90888a81734126478
.mxptint.net/ Name: mxpim
Value: R4E331_1207EF8EA_465BF0B6.1
.doubleclick.net/ Name: APC
Value: AfxxVi6E2WP_pbRluT_SrHC4_e5qHNtnWzohDETmVcjMm4R3Hj36GQ
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.openx.net/ Name: i
Value: 4452532a-64b5-0393-39e6-504153cbc282|1734126479
.doubleclick.net/ Name: IDE
Value: AHWqTUlrrrNYDVzJOv1wCKfeusEuUFbiOhkUXhMxdU4axp60PBvYcCGbbvgHY0PPdU4
.doubleclick.net/ Name: ar_debug
Value: 1
.openx.net/ Name: pd
Value: v2|1734126479|vMgavPkWgyiK
.bluecava.com/ Name: lv
Value: 2024-12-13 21:47:59Z
.bluecava.com/ Name: acx
Value: dhttx|^0PxQHQ==|vLWiz78b3Qg=|$ipatx|^0PxQHQ==|XLaiz78b3Qg=|$lipx|^2024-12-13 21:47:59Z|$pt|^H4sIAI+rXGcA/w3BwQ2AMAgAwF34kwAtpTiFK2jBxMQBTNTd7d0DGlJpbwPDNZE5A/tBiVWIt8E05bued16wQCu9uUkRc7GqrgTfD/G8nHVDAAAA
.bluecava.com/ Name: idx
Value: dxx|^541ff24c-1c3e-41fb-b505-22a59b0e8724|$mx|^dca83640-1e21-4711-a49e-509b365a8b79
.yahoo.com/ Name: A3
Value: d=AQABBI-rXGcCEO0NvBSZkBsR-hZkBTryOJ8FEgEBAQH9XWdmZwAAAAAA_eMAAA&S=AQAAAiM1-9A39ssQDYhTD2mV2-M
.adsrvr.org/ Name: TDID
Value: 33b34ec0-b028-448d-b6b8-5deb946557f8
.amazon-adsystem.com/ Name: ad-id
Value: AzI_4x-ezU9BqBlEbC-aW_I
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.adsrvr.org/ Name: TDCPM
Value: CAEYBSABKAIyCwjE8LKs0fLNPRAFOAE.
.alcmpn.com/ Name: _3ci
Value: eb99f660-b99b-11ef-af29-9509e465fb06

7 Console Messages

Source Level URL
Text
javascript warning URL: https://www.haxball.com/play?c=KwAMdEfR6us(Line 26)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://server.cpmstar.com/view.aspx?poolid=26640&script=1&rnd=405380, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.haxball.com/play?c=KwAMdEfR6us(Line 26)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://server.cpmstar.com/view.aspx?poolid=26640&script=1&rnd=405380, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
rendering warning URL: https://www.haxball.com/play?c=KwAMdEfR6us
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0301D00841E0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
javascript error URL: https://www.haxball.com/play?c=KwAMdEfR6us
Message:
Access to fetch at 'https://cdn.doubleverify.com/redirect/?host=tpsc-ue1&param=akipv6&impid=401ec61077b94908b7f16a8978e0d054&dup=&eoid=1000' from origin 'https://www.haxball.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://cdn.doubleverify.com/redirect/?host=tpsc-ue1&param=akipv6&impid=401ec61077b94908b7f16a8978e0d054&dup=&eoid=1000
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.haxball.com/play?c=KwAMdEfR6us
Message:
Access to fetch at 'https://cdn.doubleverify.com/redirect/?host=tpsc-ue1&param=akipv6&impid=8099a2cfdcaf4b0a938ba452f874735f&dup=&eoid=1000' from origin 'https://www.haxball.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://cdn.doubleverify.com/redirect/?host=tpsc-ue1&param=akipv6&impid=8099a2cfdcaf4b0a938ba452f874735f&dup=&eoid=1000
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
c.evidon.com
cdn.doubleverify.com
fonts.googleapis.com
fonts.gstatic.com
ib.adnxs.com
l.evidon.com
mpc.mxptint.net
mpd.mxptint.net
ox-rtb-us-west1.openx.net
p.alcmpn.com
pagead2.googlesyndication.com
s0.2mdn.net
saproxy.cpmstar.com
sb.scorecardresearch.com
server.cpmstar.com
shb.richaudience.com
ssl.cdne.cpmstar.com
static.sunmedia.tv
sync.graph.bluecava.com
t.richaudience.com
t2.richaudience.com
tpc.googlesyndication.com
tps.doubleverify.com
us-u.openx.net
www.googletagservices.com
www.haxball.com
cdn.doubleverify.com
104.21.32.203
116.202.160.46
142.251.40.230
152.199.24.162
18.238.49.74
198.24.167.210
198.24.170.27
212.102.45.225
23.196.3.205
2600:141b:1c00:f::172c:c9cc
2607:f8b0:4006:80a::2001
2607:f8b0:4006:80c::200a
2607:f8b0:4006:80f::2006
2607:f8b0:4006:817::2002
2607:f8b0:4006:81c::2002
2607:f8b0:4006:81e::2003
34.117.208.66
34.117.228.201
34.128.139.172
34.96.70.202
34.98.64.218
38.98.69.171
38.99.107.11
52.7.27.64
64.31.34.110
65.108.231.149
68.67.181.231
080e94d92a34365d9f523cf53762fb88bb72befd57096c82edf07b93d39ff5cf
10dab25945cda55bb4eee68f5ec1a4134c7c3a96a7f1b9a30a2156cdcd75b803
11325db60e71bf0f15d39b0f0bc935379975de5ee5c8a9ea66c568b0addc2ef4
1288671ddf912be12afafb29082a3634a208799f923f828311b17d0d7c38e335
1297e2d3b1f11bc48ea21b62d4ae0616489d8d000ec731a9f382b155f7e1d528
140f1f0884823d2e627c9ab6e3587327f3c6e729cf1aba5a8da1ea6b5883b368
19d0865dd50125d5ffbdf8a23b466b75dd1b642a1b1cdf0a49c08fcd96094964
1f43b59d58023fde8b5196755ae0c80b53bbccc1a361f4d2cef00f86f3ef9a9a
20284e99a96bdfd2d1549b7cbf69388b5fd1dab300bb39d83bdfd8cb6efa3ef7
22eb3e724fcf7b19a3c300ade3341128065d821614dead10cc5464c3d282a952
302f49d9857fb89701fc88dd94de0975bc9e84add732727bdff3963ace502cf0
35f808834cfb012b89e04de8be8e367b48678a3d2eaf22fec539b7f0152fbc72
368e4e80ab2f7c14edc9eee4fcd8740d902eb0a4425ecd2317f667499a547dba
39761e2a7cb0e42a8b09fbbf0d2c4cd9fb0c1568c045b1c5e387177dda8ff064
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5250d21b41b504df3f934916a7b359fe545a5d20eceb62b4bd0d7bc11836ff69
528b6b3e8edb272a61e1d3b10f11af0d241680684143fb5339fa2758a3e65187
58a425061a3f2d1a10b8c8e65efab017a132cbc3aa0f271a3b468e52be44c869
59f9c01587a9ba2b036c7f87c0fe9152f128b61a7093c448a21b4bbade571c85
5c2480a0c3773f0711bfca8282814e21d3ee61cbc16308f6ef94aebcd5c91d5d
5c99dc27d465b2f8425daee704098e7335a880b4c757bfdded09721b9054d64d
66f3b5e1ba8d56ec379ce8b88e4f53dad34e9a480459ad862d419a731fb3a623
6e96a55af0ca34c8bf0362034344f8706514f5bcd7e425cb82064070e9a2abea
79ab73ad39e96c766099ab44348c51c6888d8e36c8799ff880976fea3c6923b2
79cedfdd4ca7463728eff7f43bd3265ed9f865843cd3ce3cfe2599a95ff0b558
82e0d185f8e994c0843d481c9a9830168e1a65630795504908f1450e83c39dc0
8476eb0332838ea9448ce888c5f5c031731d1fb9368b408ff506bfb73bef50de
85cae05e8108f18d094b4eed3c7e3ecb1dc6516f16d25445a1a78f064b75ab2a
8be964204db4dddb349115b1053668c6c68d467e44b613fa8e575b92ee298db0
8dc33ff11fd500594d4c965836856f5ba8bc8dfcde523508f33f60d91f8d64a6
8f16a77491c7ec1f48b0bc9139fa411fb71067823a2ebfa4d4aee1080d793351
93699fc2643957c593352e8cac19e9ce95c7829b977519235fa3063b32f9de52
9a374791cc6a5d9082b6df772a3eda50c8f00b848a60fce9d8ba8ab35392fd22
9fa537e5088dd041f9949359a8c834293d2e54af0861030ce0ac2b4ca90509d1
a3c92e8d35e4e636238e577da8cd44aaf8dd699b719e4125ba0029330edf6907
a9504adee5f48fa0a97ee4e0ea82d31ac13d6d776b540a01d17761e17dfb6653
a995e924da4bd74eef6414c391d2e8f4b98e2f845a6b2e7f6350a8a4011e0236
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab1dc4bdcd239cd0d211870064f9481caea7191febf67aa4301671d64ec6e8d4
af6b15d8917bd5ab039b73db5f939c17df1aca2acf7d4ac9d8f44a005edaf6d6
b0c43b1baa2979dec6efa05ff75b2d08f7cca33c71c73d5e9638a088a9ea247b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2a466a2428d6edabd3ff287746d4568111c344b016364ce1e56214985f94f9e
c45d455c3137a92c0653f125ef46fe79df333411bd766cdb491a3f3b39a48fef
c46166ca3629fce9a1079878e0c82246895ea7d75adce2358031cb82adff2c1e
d0d116b21c9ac496c162f9074c75ce227719d025422a1794a57f497718f87cee
d47bfd53d3d2837ba190280e71a213c8d13be2d8ac6ee1b5b3d933dd3b7c86dc
de3a7ca2f8ae592aae2652335b755b0d0b65df663dda8776387cae7339b76d64
e1a6f26221e90102580decc85453993721815ee35ef417600af01cc219a0d871
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ec8d5cae103c9fddf86a62cb7c2213fba05392e9b21e358f763937b4f56e94
e4ab7602bb71cbdf59c61a907aae983b57f173603f1c2bbb9894f3ae53a2f4a8
e66ea3d92f57880a1eb8220863a3ddc8e25fb4940e24b9d1b1b5064b41b6cc72
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fac2311cb65f2a9ed84c0fdca5bf406b03bbbec5d8aa150be72f744cf7ba65d5
fbcacda475ed69433f5f60034f72c38bf7dfa6d4c89f7ee7a2c2f88945f813b5
ff9c685f18f1a3434609a0765ccfbc5901fa704637906dd1753931197df4a854