urlscan.io logo urlscan.io
SecurityTrails logo

hesgoal-vip.io Open in urlscan Pro
104.21.12.12  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://hesgoal-vip.io/
Effective URL: https://hesgoal-vip.io/
Submission: On June 27 via manual from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 5 countries across 17 domains to perform 35 HTTP transactions. The main IP is 104.21.12.12, located in and belongs to CLOUDFLARENET, US. The main domain is hesgoal-vip.io. The Cisco Umbrella rank of the primary domain is 512342.
TLS certificate: Issued by E1 on May 24th 2024. Valid for: 3 months.
This is the only time hesgoal-vip.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 104.21.12.12 13335 (CLOUDFLAR...)
1 23.109.170.98 7979 (SERVERS-COM)
2 188.114.96.3 13335 (CLOUDFLAR...)
1 172.240.127.234 7979 (SERVERS-COM)
6 139.45.197.242 9002 (RETN-AS)
1 2a04:4e42:200... 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
7 172.67.130.34 13335 (CLOUDFLAR...)
1 172.67.188.110 13335 (CLOUDFLAR...)
1 139.45.195.8 9002 (RETN-AS)
1 2001:4860:480... 15169 (GOOGLE)
1 142.250.185.162 15169 (GOOGLE)
35 15
8    104.21.12.12 (None, )

ASN13335 (CLOUDFLARENET, US)
hesgoal-vip.io
1    23.109.170.98 (Netherlands)

ASN7979 (SERVERS-COM, US)
ql.vinelethoner.com
2    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
acscdn.com
1    172.240.127.234 (United States)

ASN7979 (SERVERS-COM, US)
bountyformseedlings.com
6    139.45.197.242 (United Kingdom)

ASN9002 (RETN-AS, GB)
cegloockoar.com
oapsoulreen.net
sassoujaibu.com
1    2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
1    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700:10::6816:1974 (United States)

ASN13335 (CLOUDFLARENET, US)
clck.littlecdn.com
7    172.67.130.34 (United States)

ASN13335 (CLOUDFLARENET, US)
web-api.scorarab.com
1    172.67.188.110 (United States)

ASN13335 (CLOUDFLARENET, US)
pubtrky.com
1    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
pagead2.googlesyndication.com
Apex Domain
Subdomains		 Transfer
8 hesgoal-vip.io
hesgoal-vip.io — Cisco Umbrella Rank: 512342
665 KB
7 scorarab.com
web-api.scorarab.com — Cisco Umbrella Rank: 437405
24 KB
4 sassoujaibu.com
sassoujaibu.com
75 KB
2 littlecdn.com
clck.littlecdn.com — Cisco Umbrella Rank: 102526
92 KB
2 acscdn.com
acscdn.com — Cisco Umbrella Rank: 47163
62 KB
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 137
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2355
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 8833
543 B
1 pubtrky.com
pubtrky.com — Cisco Umbrella Rank: 30626
419 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 83
835 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 81
102 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 816
30 KB
1 oapsoulreen.net
oapsoulreen.net — Cisco Umbrella Rank: 534521
3 KB
1 cegloockoar.com
cegloockoar.com — Cisco Umbrella Rank: 426259
3 KB
1 bountyformseedlings.com
bountyformseedlings.com
1 vinelethoner.com
ql.vinelethoner.com
1 KB
0 shoot-yalla.tv Failed
live.shoot-yalla.tv Failed
35 17
Domain Requested by
8 hesgoal-vip.io hesgoal-vip.io
7 web-api.scorarab.com hesgoal-vip.io
4 sassoujaibu.com cegloockoar.com
oapsoulreen.net
sassoujaibu.com
2 clck.littlecdn.com hesgoal-vip.io
2 acscdn.com hesgoal-vip.io
acscdn.com
1 pagead2.googlesyndication.com hesgoal-vip.io
1 region1.google-analytics.com www.googletagmanager.com
1 my.rtmark.net sassoujaibu.com
1 pubtrky.com acscdn.com
1 fonts.googleapis.com hesgoal-vip.io
1 www.googletagmanager.com hesgoal-vip.io
1 code.jquery.com hesgoal-vip.io
1 oapsoulreen.net hesgoal-vip.io
1 cegloockoar.com hesgoal-vip.io
1 bountyformseedlings.com hesgoal-vip.io
1 ql.vinelethoner.com hesgoal-vip.io
0 live.shoot-yalla.tv Failed hesgoal-vip.io
35 17

This site contains links to these domains. Also see Links.

Domain
sassoujaibu.com
t.me
youradexchange.com
Subject Issuer Validity Valid
hesgoal-vip.io
E1		 2024-05-24 -
2024-08-22		 3 months crt.sh
ql.vinelethoner.com
R11		 2024-06-21 -
2024-09-19		 3 months crt.sh
acscdn.com
WE1		 2024-06-25 -
2024-09-23		 3 months crt.sh
bountyformseedlings.com
R11		 2024-06-17 -
2024-09-15		 3 months crt.sh
cegloockoar.com
R3		 2024-05-01 -
2024-07-30		 3 months crt.sh
oapsoulreen.net
R3		 2024-04-28 -
2024-07-27		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.google-analytics.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
upload.video.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
sassoujaibu.com
R10		 2024-06-27 -
2024-09-25		 3 months crt.sh
littlecdn.com
E1		 2024-05-09 -
2024-08-07		 3 months crt.sh
scorarab.com
GTS CA 1P5		 2024-05-17 -
2024-08-15		 3 months crt.sh
pubtrky.com
GTS CA 1P5		 2024-05-16 -
2024-08-14		 3 months crt.sh
rtmark.net
R3		 2024-05-11 -
2024-08-09		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://hesgoal-vip.io/
Frame ID: C5C0F5B945736966346DCF664589B517
Requests: 30 HTTP requests in this frame

Frame: https://sassoujaibu.com/5/7596108
Frame ID: 458B1A9C97D10CCC28C462D7EB46F63C
Requests: 3 HTTP requests in this frame

Frame: https://sassoujaibu.com/5/7596149
Frame ID: D9FF03077C96303652511241AD78DCD6
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Hesgoal TV - Free Live Sports Stream

Page URL History Show full URLs

  1. http://hesgoal-vip.io/ HTTP 307
    https://hesgoal-vip.io/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

35
Requests

97 %
HTTPS

36 %
IPv6

17
Domains

17
Subdomains

15
IPs

5
Countries

1058 kB
Transfer

1649 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://hesgoal-vip.io/ HTTP 307
    https://hesgoal-vip.io/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
hesgoal-vip.io/
Redirect Chain
  • http://hesgoal-vip.io/
  • https://hesgoal-vip.io/
69 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hesgoal-vip.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.12.12 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a997e7e60a4c48af500e43c6aa8708bf621ec2590efe12b462aab2c0bbb2876a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
age
4
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
89a3a80f9e74942a-LHR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 27 Jun 2024 07:17:17 GMT
expires
Thu, 27 Jun 2024 07:30:42 GMT
last-modified
Thu, 27 Jun 2024 07:29:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
public
referrer-policy
strict-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IKkTWw3r0iV2mtW47LKyjWoudW3U15ExBv%2B1mdbJv6pQ4YB%2BWrChoQc25QLi7UUHpLkr9qf7ET4pizChpwH9W0AyWMWYh%2Baz66MwobqAA4pL%2BC09NujoN9VEVHvsU8WjSg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

Location
https://hesgoal-vip.io/
Non-Authoritative-Reason
HttpsUpgrades
app.css
hesgoal-vip.io/assets/css/ 		72 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hesgoal-vip.io/assets/css/app.css?t=1719473371
Requested by
Host: hesgoal-vip.io
URL: https://hesgoal-vip.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.12.12 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
251e698350d71b2099fca45f78c5400fa102df568973b193d25e7f79aea7e922
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hesgoal-vip.io/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 07:17:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 27 Oct 2022 09:08:24 GMT
server
cloudflare
etag
W/"635a4a88-120a5"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uwUUTNCbFqOkWRTZ9eeGS%2FDpdkeHWCTP0hXRP3msrkpEFgI3c318o4ShgRU%2BZt7h26JPMEddBLgxAPhZZyaOrCQJUixvRSMog0FS3JYqJ1HEoDrceS3RPTC%2BNLrgmVB90g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
cf-ray
89a3a8100efe942a-LHR
expires
Sat, 27 Jul 2024 07:29:42 GMT
home.css
hesgoal-vip.io/assets/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hesgoal-vip.io/assets/css/home.css?t=1719473371
Requested by
Host: hesgoal-vip.io
URL: https://hesgoal-vip.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.12.12 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eeff21a699dabd0291e0f9677c7cdd5e198f2c70abcea9afe1329c4f9e528e8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hesgoal-vip.io/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 07:17:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Mon, 28 Mar 2022 20:50:35 GMT
server
cloudflare
etag
W/"62421f9b-b86"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pXhnGDDVZdNzELriF4afFdWA92bbrRsUBPBIiEuSF16vBLIrc0TZBsQPeEbZNJEMgHHdN8ye4T%2BV%2FPUfOOiKfqwyCqOn6kQ2JaGJgecZmw7sEQRT1ge6HJAOBWYPMCQLXw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
cf-ray
89a3a8100f01942a-LHR
expires
Sat, 27 Jul 2024 07:29:42 GMT
matche.css
hesgoal-vip.io/assets/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hesgoal-vip.io/assets/css/matche.css?t=1719473371
Requested by
Host: hesgoal-vip.io
URL: https://hesgoal-vip.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.12.12 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d93b2ad3f1c0e8b5a43c517d409b28d015eb3ccd5f11beed827d6ecfbf16cf4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hesgoal-vip.io/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 07:17:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Mon, 06 Jun 2022 13:42:39 GMT
server
cloudflare
etag
W/"629e044f-cd3"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DVB0YiO00YfYYtW0LnIcB4cUgfu9g5PoiH8mQbfKenryMcxZahuIWRHNQBunhMIDHKxjmx%2FSAJLl4NTRTqKFyYEiaMrnkRKPOzFn5NBc4HRXUW1PbDW2VHFelGWyHhEwMA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
cf-ray
89a3a8100f05942a-LHR
expires
Sat, 27 Jul 2024 07:29:42 GMT
83292
ql.vinelethoner.com/gaGLLSj9CaaVb9Nq/ 		6 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ql.vinelethoner.com/gaGLLSj9CaaVb9Nq/83292
Requested by
Host: hesgoal-vip.io
URL: https://hesgoal-vip.io/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
23.109.170.98 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
74c1971a5c7f3f1cfb81b7a0a8717cee5a45841844104566e00bbfca271943ce
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hesgoal-vip.io/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 27 Jun 2024 07:17:17 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=1
Transfer-Encoding
chunked
Connection
keep-alive
Server
nginx
Accept-ch
sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
https://hesgoal-vip.io
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Credentials
true
Vary
Accept-Encoding
Keep-Alive
timeout=20
Access-Control-Allow-Headers
content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
aclib.js
acscdn.com/script/ 		123 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acscdn.com/script/aclib.js
Requested by
Host: hesgoal-vip.io
URL: https://hesgoal-vip.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f06aff84fa7552f0b523af49f7cc10f9d3ae0e6bb31fcb315a08d7890e8e1af7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hesgoal-vip.io/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 07:17:17 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1198
x-guploader-uploadid
ACJd0Npbs_YQJ-52NTFJj1MnkmljQzAvW2M9inigt04gSzWuWE25N9BR8j0C7L3dbN0yoUY4-wjfcZcOVw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 21 Jun 2024 08:03:26 GMT
server
cloudflare
etag
W/"151f0ed1d03de31014f51556140c492d"
vary
Accept-Encoding
x-goog-hash
crc32c=F6hZQg==, md5=FR8O0dA94xAU9RVWFAxJLQ==
x-goog-generation
1718957005943174
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lD0uProzYVT7B9eKjZ3G%2FJsiCSfqBSwEk5ALOc0LwdfDfd7gYroKmruCy1L1FsgM4KIq8%2FOG4uV2sWyhQJbCRzWTCQXxOWC4OoCTJFl2%2FEZ92mRfKWocbv2hTQNn"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
125983
cf-ray
89a3a810688c77a0-LHR
expires
Thu, 27 Jun 2024 07:39:04 GMT
7cdee121cec3460941807a332080c42f.js
bountyformseedlings.com/7c/de/e1/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://bountyformseedlings.com/7c/de/e1/7cdee121cec3460941807a332080c42f.js
Requested by
Host: hesgoal-vip.io
URL: https://hesgoal-vip.io/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.127.234 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hesgoal-vip.io/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 27 Jun 2024 07:17:18 GMT
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
btag.min.js
cegloockoar.com/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cegloockoar.com/btag.min.js
Requested by
Host: hesgoal-vip.io
URL: https://hesgoal-vip.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
081e6ac33c6b12488b0de66d706ce441f163af63354d3881e7946e73827b434a
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hesgoal-vip.io/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 07:17:18 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
gzip
x-trace-id
7cf04fbb960628e7dd8b007e1ebe9a07
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
expires
Tue, 11 Jan 1994 10:00:00 GMT
btag.min.js
oapsoulreen.net/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oapsoulreen.net/btag.min.js
Requested by
Host: hesgoal-vip.io
URL: https://hesgoal-vip.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
081e6ac33c6b12488b0de66d706ce441f163af63354d3881e7946e73827b434a
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hesgoal-vip.io/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 07:17:18 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
gzip
x-trace-id
62a4c2a454a26e9576286b91501ae79b
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
expires
Tue, 11 Jan 1994 10:00:00 GMT
jquery-3.7.1.min.js
code.jquery.com/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.7.1.min.js
Requested by
Host: hesgoal-vip.io
URL: https://hesgoal-vip.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hesgoal-vip.io/
Origin
https://hesgoal-vip.io
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 07:17:17 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
5330433
x-cache
HIT, HIT
content-length
30336
x-served-by
cache-lga21978-LGA, cache-man4129-MAN
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1719472638.509610,VS0,VE0
etag
W/"28feccc0-155ed"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
52, 98863
js
www.googletagmanager.com/gtag/ 		306 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-J005H456G7
Requested by
Host: hesgoal-vip.io
URL: https://hesgoal-vip.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d1f6aaccd1b08c067f0175c4ce1d59e51e9d9732584e702a0821014ad9c546c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hesgoal-vip.io/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 07:17:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
103633
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 27 Jun 2024 07:17:18 GMT
css2
fonts.googleapis.com/ 		2 KB
835 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@400;600&display=swap
Requested by
Host: hesgoal-vip.io
URL: https://hesgoal-vip.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3dcb09e9990df1da1e26f5982c8830e9435ac25fe2d4e23a42ca9aedf62b71fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hesgoal-vip.io/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 27 Jun 2024 07:17:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 27 Jun 2024 06:32:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 27 Jun 2024 07:17:17 GMT
truncated
/ 		401 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c5a8cec60b5774c8e0ea5d3feed60f15820528d3cf18a4634cd29c6b23baa2b4

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
telegram.svg
live.shoot-yalla.tv/uploads/img/ 		0
0
din-regular.woff
hesgoal-vip.io/assets/webfonts/ 		63 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hesgoal-vip.io/assets/webfonts/din-regular.woff
Requested by
Host: hesgoal-vip.io
URL: https://hesgoal-vip.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.12.12 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0fd8366f85ca9b53a88fba4c1a9a2a043d273e1152b923af231ebcd708fbb26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hesgoal-vip.io/
Origin
https://hesgoal-vip.io
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 07:17:18 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2206802
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Sun, 06 Mar 2022 19:55:08 GMT
server
cloudflare
etag
W/"6225119c-fbc4"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
font/woff
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3gkXYKLPuis0VUggVDMvdZBrEJlUFcs0L2G3QhPWsS8PepRw87brMqc5YVuMZ0eOQTYmj3XEuKOxp7bvK%2FK5uh1mMOB4%2F7HfX2QONKPfD3tsalZkypMkCP1n5XGtLmFsWg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
cf-ray
89a3a816686b942a-LHR
expires
Mon, 01 Jul 2024 18:28:51 GMT
1.png
hesgoal-vip.io/uploads/img/post/ 		565 KB
566 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hesgoal-vip.io/uploads/img/post/1.png
Requested by
Host: hesgoal-vip.io
URL: https://hesgoal-vip.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.12.12 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f18028a8c8f9685c4c8b79a102de82aefe1786bc627d1af57db26834903e1a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hesgoal-vip.io/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 07:17:18 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2206807
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Wed, 13 Dec 2023 11:07:49 GMT
server
cloudflare
etag
W/"65799085-8d3ae"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JT2O0mMkZZXQAsvd%2FJgSxzJA103JcCZDYUKmTMa8IVXTrgGVv0oUpINqHcgfgeIiEsZ8jg4OTjGzp1Fd2jnPePkfguJtxkl%2FqeB9s3grmglFpd%2BO828DozGV1COzGlcFEA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
cf-ray
89a3a816484a942a-LHR
expires
Mon, 01 Jul 2024 18:28:46 GMT
7596108
sassoujaibu.com/5/ Frame 458B 		83 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sassoujaibu.com/5/7596108
Requested by
Host: cegloockoar.com
URL: https://cegloockoar.com/btag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
0ee0b90cc54f0dde39849ddf47bf14e9d4c41368b84127914f76553fc31045e2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 07:17:18 GMT
content-encoding
gzip
x-trace-id
a8638adaaa8483b76d0cccf30fd96cae
pragma
no-cache, no-cache
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
expires
Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
8.png
clck.littlecdn.com/web/static/728x90/ Frame 458B 		82 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://clck.littlecdn.com/web/static/728x90/8.png
Requested by
Host: hesgoal-vip.io
URL: https://hesgoal-vip.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1974 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49ad4cd02783da5c9520ef7871ced5acd61b249b5b2d54c8f5396e732eaeb379

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 07:17:18 GMT
cf-cache-status
HIT
last-modified
Tue, 30 Apr 2024 12:16:06 GMT
server
cloudflare
age
45174
etag
"ce2817436f8d8c0c26164324f9837293"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cf-ray
89a3a8170aa14970-LHR
content-length
83804
expires
Thu, 27 Jun 2024 18:44:24 GMT
hesgoal-vip.io
web-api.scorarab.com/api/all-matches/en/2024-06-27/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://web-api.scorarab.com/api/all-matches/en/2024-06-27/hesgoal-vip.io?t=17
Requested by
Host: hesgoal-vip.io
URL: https://hesgoal-vip.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.130.34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4630527799e0ba6a9b90ed88ab2d7689227e7d1dacd028dae2f638ad294a3808
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hesgoal-vip.io/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 07:17:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ce2dIzno4PiKdZ43%2FiRSLe8mSrQTWdk2cd%2BwAHwBHrrZmJJrAYRKLd9H%2BBscA1bglc%2FoGuSgNT5Y6r7w56GLbykE5vfk9Z7OUQK665WcIGXJUf4QBx6CXQ1OKtqn9GQLjDx6iW5LZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
cf-ray
89a3a816edeb76cf-LHR
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
expires
Thu, 27 Jun 2024 07:18:18 GMT
ut.js
acscdn.com/script/ 		62 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acscdn.com/script/ut.js?cb=1719472638493
Requested by
Host: acscdn.com
URL: https://acscdn.com/script/aclib.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ae5a15774f41cd06010649f11ce3ce26db4eb0738917346822077a44f2ef069

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hesgoal-vip.io/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 07:17:18 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1226
x-guploader-uploadid
ACJd0Nr0pJoOEPd3ysBZqL522xjrEsIuO22Mx16Emg1oagiwNGXhbanNMjVNJU9KGsTzNXi7wm0
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 20 Jun 2024 10:11:57 GMT
server
cloudflare
etag
W/"70ca0f4c5ac0c7649da94fea551e4268"
vary
Accept-Encoding
x-goog-hash
crc32c=A9Z4QA==, md5=cMoPTFrAx2SdqU/qVR5CaA==
x-goog-generation
1718878317787211
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0F47buJNVlRy0zzWVOZDJ3MjUQFNV49bIkLU1HQqIj7cnpVuWAvuP6lL2JrlLBhNCtG83zRVI1UDUkgodaIiAEvKL8XfIkzXU8PZ2gfJyA4B1WwR2xKrcTLhO8WS"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
62995
cf-ray
89a3a816cf2877a0-LHR
expires
Thu, 27 Jun 2024 07:32:07 GMT
7596149
sassoujaibu.com/5/ Frame D9FF 		83 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sassoujaibu.com/5/7596149
Requested by
Host: oapsoulreen.net
URL: https://oapsoulreen.net/btag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
92d794b6e2d9b04b4e917aeab6fcd363d80b8828c8853d8032788492bc6560d1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 07:17:18 GMT
content-encoding
gzip
x-trace-id
25711165d8bf56fb3dfdaa67212fd136
pragma
no-cache, no-cache
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
expires
Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
18.png
clck.littlecdn.com/web/static/300x250/ Frame D9FF 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://clck.littlecdn.com/web/static/300x250/18.png
Requested by
Host: hesgoal-vip.io
URL: https://hesgoal-vip.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1974 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20385e0ca7ed99c8f3e1a6554fd8e7d830dfba5eff959bc82c5bb9bdb96e5c0b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 07:17:18 GMT
cf-cache-status
HIT
last-modified
Thu, 16 May 2024 11:20:14 GMT
server
cloudflare
age
65115
etag
"999dd7d06b10848480fe396a1fc4052a"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cf-ray
89a3a8170aa34970-LHR
content-length
9938
expires
Thu, 27 Jun 2024 13:12:03 GMT
hb.php
pubtrky.com/ut/ 		0
419 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pubtrky.com/ut/hb.php?cb=0.9695898922932806&v=1
Requested by
Host: acscdn.com
URL: https://acscdn.com/script/ut.js?cb=1719472638493
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.188.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://hesgoal-vip.io/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain; charset=utf-8

Response headers

date
Thu, 27 Jun 2024 07:17:18 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B5Rh0JPtR9BC5k5DiuzsB4SjguzO84xJ2vtq1aUJsOyynXlg%2B7k3JNmybfVTL9JHeT1XDe4iVrNUimirLIhbiTWFPTQBPdEOIpPK8fGASsc0xDqQ9dr25CfxmC5M6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
89a3a817a9999430-LHR
alt-svc
h3=":443"; ma=86400
truncated
/ 		500 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
1664238907.png
web-api.scorarab.com/uploads/team/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web-api.scorarab.com/uploads/team/1664238907.png
Requested by
Host: hesgoal-vip.io
URL: https://hesgoal-vip.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.130.34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
642a0bd8ae906593d947df50fe877f4055de38b225a0c41c42aca1636efa5c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hesgoal-vip.io/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 07:17:18 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
370009
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 27 Sep 2022 00:35:07 GMT
server
cloudflare
etag
W/"6332453b-a9b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q1Flm0jB8QPyZ%2FwsMHnu5y5sPtB0nQkhd9DGSx3QPb%2BYrL1pO%2BKKNSBsUlY8fQT82%2Bnb1d899214zj7hOJFhnzdcicy%2FTvYq%2Fw47ZOnY3pMV8g8Q40%2FCkpWgQHOlBFeHHNaMhCWccg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
89a3a8180bf56406-LHR
expires
Tue, 23 Jul 2024 00:30:29 GMT
1622387312.jpg
web-api.scorarab.com/uploads/team/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web-api.scorarab.com/uploads/team/1622387312.jpg
Requested by
Host: hesgoal-vip.io
URL: https://hesgoal-vip.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.130.34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e3eec785c1a54f5eafd1a43568569258b0721018e6da3efe45317a49b2757e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hesgoal-vip.io/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 07:17:18 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2049220
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 08 Dec 2021 17:06:39 GMT
server
cloudflare
etag
W/"61b0e61f-d50"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VJ4LMS%2FFvoSx5pbVQ%2BQmTdqOe%2BX3%2BwtsZhNWZSuEPH8ZBP5XYjuGreLRjq9zkXAt3yD7O9DLk90Hg%2BBTRuoqdAkrkFhlKdyJcuBu2TW8TedJz8gEdIvcOkeUQtAEHC4aV2sPNWkiVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
89a3a8180bf46406-LHR
expires
Wed, 03 Jul 2024 14:03:38 GMT
1560461855.png
web-api.scorarab.com/uploads/team/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web-api.scorarab.com/uploads/team/1560461855.png
Requested by
Host: hesgoal-vip.io
URL: https://hesgoal-vip.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.130.34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4f472e6b83562a57596cbd4133dfef6345b81a4a3e63a4ce7f97d197957186d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hesgoal-vip.io/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 07:17:18 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
562257
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 08 Dec 2021 17:06:39 GMT
server
cloudflare
etag
W/"61b0e61f-1177"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kW9zNkI%2BceIt8HZkxLi9HvqgMGmNQbjVcs93DYHjnJAvsoDeDlzl5T1Dti21bc5jao1J3wFs%2B9XzxlyG9M7K5tbOTDSj0wdYS4WgG%2Bf13KK9qpPmhp1ILGMPY8FzFLiSeLAt1QEKqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
89a3a8180bf36406-LHR
expires
Sat, 20 Jul 2024 19:06:21 GMT
1559495907.png
web-api.scorarab.com/uploads/team/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web-api.scorarab.com/uploads/team/1559495907.png
Requested by
Host: hesgoal-vip.io
URL: https://hesgoal-vip.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.130.34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3917d4b9a12e7652836a74c2502f34d772f0c9d6741fa5f0a543d216938e279
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hesgoal-vip.io/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 07:17:18 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2366581
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 08 Dec 2021 17:06:39 GMT
server
cloudflare
etag
W/"61b0e61f-dd0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZTkWq7RoJh%2BjHhKr9eZLNjITPd1KMAT3r9YwX9E%2FV5Ce5ranLOCEmK%2BUGTHg7zcPOd0imwiwn3MOG9bSfYSial9kj0ou3sukwO7JaPUaxBRRj548W3FAX90wbSkXS2xMzGXB75p%2B1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
89a3a8180bf26406-LHR
expires
Sat, 29 Jun 2024 21:54:17 GMT
1560461626.png
web-api.scorarab.com/uploads/team/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web-api.scorarab.com/uploads/team/1560461626.png
Requested by
Host: hesgoal-vip.io
URL: https://hesgoal-vip.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.130.34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f1d834fcf79da307a20227205c8a198ef6ac126d8bf58fae91db5a9cbb53b15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hesgoal-vip.io/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 07:17:18 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
456589
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 08 Dec 2021 17:06:39 GMT
server
cloudflare
etag
W/"61b0e61f-a76"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kdsH5na1o3WdKLc7ek9Z2yKuxPkQKaBWk8oGc4Ynu4G4o6pEGO5YS7GE1QSE7tx0KGd5aWFeq4riObOx9c2XxfDGEaVof7ctydTHNHuZbopK61WUlgpPoznX7x97Vc80EJc7GDyXFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
89a3a8180bf16406-LHR
expires
Mon, 22 Jul 2024 00:27:29 GMT
1568151357.png
web-api.scorarab.com/uploads/team/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web-api.scorarab.com/uploads/team/1568151357.png
Requested by
Host: hesgoal-vip.io
URL: https://hesgoal-vip.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.130.34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
459dce7e9eeb1c3dfb39e9de7067f83cbfc936c2a54622bbc7167b41405f93cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hesgoal-vip.io/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 07:17:18 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2366581
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 08 Dec 2021 17:06:39 GMT
server
cloudflare
etag
W/"61b0e61f-e6b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FhQe0RE7GnnGmLqq3ju5q0QirIuq0DjgrnVS%2BeMb%2FI3x5%2BhlYMuKJGQGU%2B8NMD9cLTY7USFSkChzUBBFNyy%2F3oFc9Sp7pWcmCCupTaJxUIiYOsJDLna4pTq581iqayQeScTqPdr4Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
89a3a8180bee6406-LHR
expires
Sat, 29 Jun 2024 21:54:16 GMT
gid.js
my.rtmark.net/ Frame D9FF 		65 B
543 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?userId=008088ff59884aa7ee8d17ede9ce0de3
Requested by
Host: sassoujaibu.com
URL: https://sassoujaibu.com/5/7596149
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
2fbcdb3b3b75a16a1f7e12f9a1d1a14358b0c9d09e428f6d31be138d7c5fa4d6
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 07:17:18 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://hesgoal-vip.io
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-J005H456G7&gtm=45je46q0v9133091940za200&_p=1719472638414&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=670325981.1719472639&ul=en-gb&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1719472638&sct=1&seg=0&dl=https%3A%2F%2Fhesgoal-vip.io%2F&dt=Hesgoal%20TV%20-%20Free%20Live%20Sports%20Stream&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1527&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J005H456G7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hesgoal-vip.io/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 27 Jun 2024 07:17:18 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://hesgoal-vip.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adex.js
hesgoal-vip.io/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hesgoal-vip.io/adex.js
Requested by
Host: hesgoal-vip.io
URL: https://hesgoal-vip.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.12.12 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hesgoal-vip.io/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 07:17:18 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WNAFMn8IOKji5jDr8yZxBFlfatwAjnuaUPHBPWCFpjat8NIKcqem380mJqU5zxJw1dTLwsTuyDmw4CACzTk2v0C%2B%2Bm4D1Q2E%2FhYEiMWSb25YUBYCfAVmbb60sUw5a6XVuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
max-age=14400
cf-ray
89a3a818eb93942a-LHR
alt-svc
h3=":443"; ma=86400
favicon.ico
hesgoal-vip.io/ 		150 B
523 B 		Other
General
Check archive.org
Download Go to
Full URL
https://hesgoal-vip.io/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.12.12 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee1a27178227546d3dcc49e611a6d72e4f1c30080ee4493ae4085b58a49e28e6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hesgoal-vip.io/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 07:17:18 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
39
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rF%2B%2FySP9%2FrV9EJAJoAkynJZPNVBf8%2Bn0UH9p1Rla1dyJpRJVoMVybK8didKm1RaQcWYtefoMvkT%2FhUtwfj9aWEFt%2Fp88vpRK%2B1r5DhR85IUHU8ka4ZmQvNNMxtQkgUmJzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
cf-ray
89a3a8190bbb942a-LHR
alt-svc
h3=":443"; ma=86400
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: hesgoal-vip.io
URL: https://hesgoal-vip.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hesgoal-vip.io/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 07:17:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52890
x-xss-protection
0
server
cafe
etag
11449745310478527318
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Thu, 27 Jun 2024 07:17:19 GMT
/
sassoujaibu.com/ Frame D9FF 		2 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sassoujaibu.com/?rb=FGgyueOkkQMV1mS_FMdqzWKDlMtZKOkC8_ZQ6lEQVECMSfIIyfwTHRL7XV_08-Nvv-WTYopQ4EzrUpQkbBSJuuACew6nxjUCi0yPObG2kkYKgcNKiP87suGbthjCZBmQ37tyPiqkA6IJHv84tkvXmNh02dgvcXGVARSyl6IUeucpR3tdixph4uT_hOAxfRW9_1i_IWZzpVgLIzicXkj8fcjMlwPmMdptgD2eNQsXyF33oonbk2vSAY7-fDZeQ1tBsuAX0r5mnEqiU1SKkXneH6Eled91QHh0nWcWCRccfqU%3D&request_ab2=0&zoneid=7596149&js_build=iclick-v1.829.7-auto&jsp=1&fs=0&cf=0&sw=1600&sh=1200&wih=150&wiw=300&ww=1600&wh=1200&sah=1200&wx=40&wy=40&cw=300&wfc=2&pl=about%3Ablank&drf=https%3A%2F%2Fhesgoal-vip.io%2F&np=1&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false&btz=Europe%2FLondon&bto=-60&wgl=Intel%20Iris%20OpenGL%20Engine&js_build=iclick-v1.829.7-auto&navlng=en-GB&pnt=0&pnrc=0&bs=03d6cf47-50ce-4d70-9a26-b95aafa4751f&wasm=1&userId=008088ff59884aa7ee8d17ede9ce0de3&os=win32&os_version=10.0.0&is_mobile=false&browser_version=126.0.6478.126&m=link
Requested by
Host: sassoujaibu.com
URL: https://sassoujaibu.com/5/7596149
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
37a502e6ab3431cfb530d9f10bad41a01c3f8afed03f86d4f6f7c6dcaddba8dc
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 07:17:18 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
gzip
x-trace-id
69cc7b266c3cd58e06d96605417b5647
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://hesgoal-vip.io
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
expires
Tue, 11 Jan 1994 10:00:00 GMT
/
sassoujaibu.com/ Frame 458B 		2 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sassoujaibu.com/?rb=rFqpJs0FFocRjD1aFlaNJez7xY3v3_y4r5nWG_uDAJR0BMmjTrykENO2Ifpc928w8d9Yn0REJ5nJqPqX9x7qiEwGEGqbRJANbBUD4Knaa-nOFJ8rwV5jRKyfYBtTvR4emL3q_8QL2BxwHqVPexshZu__SeJagyJ81JHQOKwqkbkEmjYJeoM29MwQayTRC61HHvVqwfmKaqK6klgsvM2sxrcFWA6NuohN_1_IASHOS9_WhtXaQuEYxOi_b2by1E_cLwPD_Dav-T4D0u2lxed_Qil3ElhOLkYGgt9lkLqksbY%3D&request_ab2=0&zoneid=7596108&js_build=iclick-v1.829.7-auto&jsp=1&fs=0&cf=0&sw=1600&sh=1200&wih=90&wiw=728&ww=1600&wh=1200&sah=1200&wx=40&wy=40&cw=728&wfc=2&pl=about%3Ablank&drf=https%3A%2F%2Fhesgoal-vip.io%2F&np=1&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false&btz=Europe%2FLondon&bto=-60&wgl=Intel%20Iris%20OpenGL%20Engine&js_build=iclick-v1.829.7-auto&navlng=en-GB&pnt=0&pnrc=0&bs=1e71fadf-43b6-4b4b-84f2-f26083d289d7&wasm=1&userId=008088ff59884aa7ee8d17ede9ce0de3&os=win32&os_version=10.0.0&is_mobile=false&browser_version=126.0.6478.126&m=link
Requested by
Host: sassoujaibu.com
URL: https://sassoujaibu.com/5/7596108
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
55643271edcd606e9448af080de0d3d6ac695254df2f09ff4d7fe59baccf60d1
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 07:17:18 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
gzip
x-trace-id
f8388ac83584437013783a0711047d3c
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://hesgoal-vip.io
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
expires
Tue, 11 Jan 1994 10:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
live.shoot-yalla.tv
URL
https://live.shoot-yalla.tv/uploads/img/telegram.svg

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 undefined| event object| fence object| sharedStorage string| currentUrl string| mainURL number| p function| Adcash function| AtcshAltNm string| rgxngibqxq object| aclib function| reload_home function| $ function| jQuery string| API_TEAM_URL string| API_LEAGUE_URL number| time string| todayDate string| currentDomain string| API_URL_MATCHES string| API_PRD_URL_MATCHES object| matchTable function| postToNewTab function| go_link function| isMobile function| formatDate function| reverseScore function| addMatchTile function| get_prd_api function| gtag object| dataLayer function| ABDetector boolean| user_engagement627 string| utsid-send object| dsc5x2awm5u object| zfgformats object| syncCallbacks object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

10 Cookies

Domain/Path Name / Value
ql.vinelethoner.com/ Name: GL_UI4
Value: eJw9jU1ugzAYRPknaQPtSBygRzCJoMmy6iG6RB%2B2IW7AjowL6u1rVWpX8zR6owmCIKqeEK7ZHvEXNXgZ6qHtjxdqOa%2BH1wuxQRJr%2BvO5ITqdBMNeLZ2jfpIuwW6ZybrOrQkOo9TSKt5xI2SBZ2%2F9NTdtNp0g7S1pUSCdvTEVyHtrtkXaKkaiaZbI3q%2FW%2BExn%2BjQWcX1sPSvtOWSIzFLF5QPyD6WFH5YHRDUryyzA430iNxg7d0pkIdLRkpAI37Dj5ORo7DdyIZebM3fATKL7939%2F461myIRcFffnxl2l%2FQHDVU7n
ql.vinelethoner.com/ Name: GL_GI10
Value: eJwVxEEKwjAQBdDMCIWqVD72AD1BMVVsXaqIC0l3HqCkoWZhEtLo%2BcW3eEIILtdgG7BpZFvLfVfL07GWuw40ge8XsHYons4mM1YP66bRv0ERC3XuwdFhqQanX2ZOJoJ0kYMsVqo5tNXtE30wYDcjv%2FoYfBySAYWMwMn%2Fn8dSgL7Z9gfb2x6d
sassoujaibu.com/ Name: oaidts
Value: 1719472638
.hesgoal-vip.io/ Name: _ga_J005H456G7
Value: GS1.1.1719472638.1.0.1719472638.0.0.0
.hesgoal-vip.io/ Name: _ga
Value: GA1.1.670325981.1719472639
my.rtmark.net/ Name: ID
Value: 008088ff59884aa7ee8d17ede9ce0de3
hesgoal-vip.io/ Name: prefetchAd_7596149
Value: true
hesgoal-vip.io/ Name: prefetchAd_7596108
Value: true
sassoujaibu.com/ Name: OAID
Value: 008088ff59884aa7ee8d17ede9ce0de3
sassoujaibu.com/ Name: syncedCookie
Value: true

4 Console Messages

Source Level URL
Text
network error URL: https://bountyformseedlings.com/7c/de/e1/7cdee121cec3460941807a332080c42f.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://live.shoot-yalla.tv/uploads/img/telegram.svg
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://hesgoal-vip.io/adex.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://hesgoal-vip.io/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acscdn.com
bountyformseedlings.com
cegloockoar.com
clck.littlecdn.com
code.jquery.com
fonts.googleapis.com
hesgoal-vip.io
live.shoot-yalla.tv
my.rtmark.net
oapsoulreen.net
pagead2.googlesyndication.com
pubtrky.com
ql.vinelethoner.com
region1.google-analytics.com
sassoujaibu.com
web-api.scorarab.com
www.googletagmanager.com
live.shoot-yalla.tv
104.21.12.12
139.45.195.8
139.45.197.242
142.250.185.162
172.240.127.234
172.67.130.34
172.67.188.110
188.114.96.3
2001:4860:4802:34::36
23.109.170.98
2606:4700:10::6816:1974
2a00:1450:4001:80b::200a
2a00:1450:4001:827::2008
2a04:4e42:200::649
081e6ac33c6b12488b0de66d706ce441f163af63354d3881e7946e73827b434a
0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea
0ee0b90cc54f0dde39849ddf47bf14e9d4c41368b84127914f76553fc31045e2
20385e0ca7ed99c8f3e1a6554fd8e7d830dfba5eff959bc82c5bb9bdb96e5c0b
251e698350d71b2099fca45f78c5400fa102df568973b193d25e7f79aea7e922
2fbcdb3b3b75a16a1f7e12f9a1d1a14358b0c9d09e428f6d31be138d7c5fa4d6
37a502e6ab3431cfb530d9f10bad41a01c3f8afed03f86d4f6f7c6dcaddba8dc
3dcb09e9990df1da1e26f5982c8830e9435ac25fe2d4e23a42ca9aedf62b71fc
459dce7e9eeb1c3dfb39e9de7067f83cbfc936c2a54622bbc7167b41405f93cf
4630527799e0ba6a9b90ed88ab2d7689227e7d1dacd028dae2f638ad294a3808
49ad4cd02783da5c9520ef7871ced5acd61b249b5b2d54c8f5396e732eaeb379
55643271edcd606e9448af080de0d3d6ac695254df2f09ff4d7fe59baccf60d1
5f18028a8c8f9685c4c8b79a102de82aefe1786bc627d1af57db26834903e1a9
5f1d834fcf79da307a20227205c8a198ef6ac126d8bf58fae91db5a9cbb53b15
642a0bd8ae906593d947df50fe877f4055de38b225a0c41c42aca1636efa5c2e
6e3eec785c1a54f5eafd1a43568569258b0721018e6da3efe45317a49b2757e4
74c1971a5c7f3f1cfb81b7a0a8717cee5a45841844104566e00bbfca271943ce
92d794b6e2d9b04b4e917aeab6fcd363d80b8828c8853d8032788492bc6560d1
9ae5a15774f41cd06010649f11ce3ce26db4eb0738917346822077a44f2ef069
a0fd8366f85ca9b53a88fba4c1a9a2a043d273e1152b923af231ebcd708fbb26
a997e7e60a4c48af500e43c6aa8708bf621ec2590efe12b462aab2c0bbb2876a
b3917d4b9a12e7652836a74c2502f34d772f0c9d6741fa5f0a543d216938e279
b4f472e6b83562a57596cbd4133dfef6345b81a4a3e63a4ce7f97d197957186d
c5a8cec60b5774c8e0ea5d3feed60f15820528d3cf18a4634cd29c6b23baa2b4
d1f6aaccd1b08c067f0175c4ce1d59e51e9d9732584e702a0821014ad9c546c9
d93b2ad3f1c0e8b5a43c517d409b28d015eb3ccd5f11beed827d6ecfbf16cf4a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee1a27178227546d3dcc49e611a6d72e4f1c30080ee4493ae4085b58a49e28e6
eeff21a699dabd0291e0f9677c7cdd5e198f2c70abcea9afe1329c4f9e528e8c
f06aff84fa7552f0b523af49f7cc10f9d3ae0e6bb31fcb315a08d7890e8e1af7
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a