Submitted URL: https://www.hesgoal.com/
Effective URL: https://www.hesgoal.com/
Submission: On September 29 via manual from CA — Scanned from DE

Summary

This website contacted 44 IPs in 9 countries across 48 domains to perform 157 HTTP transactions. The main IP is 5.182.209.23, located in Amsterdam, Netherlands and belongs to SPECTRAIP SpectraIP B.V., NL. The main domain is www.hesgoal.com.
TLS certificate: Issued by localhost on November 16th 2020. Valid for: 27 years.
This is the only time www.hesgoal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5.182.209.23 62068 (SPECTRAIP...)
1 104.26.0.100 13335 (CLOUDFLAR...)
3 104.16.19.94 13335 (CLOUDFLAR...)
29 142.250.185.225 15169 (GOOGLE)
4 93.184.220.66 15133 (EDGECAST)
22 208.93.230.22 29893 (CHATANGO)
10 104.18.16.65 13335 (CLOUDFLAR...)
8 91.198.174.208 14907 (WIKIMEDIA)
2 185.156.202.211 56388 (AMBER-AS ...)
1 46.105.201.240 16276 (OVH)
1 198.27.80.143 16276 (OVH)
2 104.244.42.200 13414 (TWITTER)
1 104.19.134.80 13335 (CLOUDFLAR...)
3 167.114.209.61 16276 (OVH)
4 104.18.17.65 13335 (CLOUDFLAR...)
1 13.225.87.81 16509 (AMAZON-02)
1 18.195.98.10 16509 (AMAZON-02)
1 104.18.28.199 13335 (CLOUDFLAR...)
1 13.225.87.75 16509 (AMAZON-02)
7 208.100.17.190 32748 (STEADFAST)
1 13.225.87.108 16509 (AMAZON-02)
3 13.225.87.101 16509 (AMAZON-02)
1 45.55.96.63 14061 (DIGITALOC...)
1 3 104.111.215.191 16625 (AKAMAI-AS)
1 1 51.222.80.231 16276 (OVH)
1 2 172.67.13.182 13335 (CLOUDFLAR...)
3 5 142.250.181.226 15169 (GOOGLE)
1 208.100.17.183 32748 (STEADFAST)
13 151.101.193.44 54113 (FASTLY)
1 3 13.225.87.63 16509 (AMAZON-02)
1 142.250.185.78 15169 (GOOGLE)
2 14 52.30.140.199 16509 (AMAZON-02)
1 172.67.220.51 13335 (CLOUDFLAR...)
4 4 141.95.34.104 16276 (OVH)
2 2 46.228.164.13 56396 (AMOBEE)
1 13.248.242.197 16509 (AMAZON-02)
2 2 35.227.248.159 15169 (GOOGLE)
1 104.16.92.60 13335 (CLOUDFLAR...)
1 2 18.198.69.109 16509 (AMAZON-02)
3 3 52.214.235.66 16509 (AMAZON-02)
2 2 52.214.44.171 16509 (AMAZON-02)
1 51.144.7.192 8075 (MICROSOFT...)
1 52.211.234.106 16509 (AMAZON-02)
1 1 216.46.185.182 13649 (ASN-VINS)
1 216.46.185.184 13649 (ASN-VINS)
1 52.208.138.90 16509 (AMAZON-02)
1 1 3.228.133.61 14618 (AMAZON-AES)
2 2 34.253.137.48 16509 (AMAZON-02)
2 3 3.122.214.165 16509 (AMAZON-02)
1 1 185.29.132.241 30419 (MEDIAMATH...)
2 2 66.155.71.25 13768 (COGECO-PEER1)
1 69.173.144.165 26667 (RUBICONPR...)
2 2 151.101.130.49 54113 (FASTLY)
2 2 37.252.172.38 29990 (ASN-APPNEX)
1 151.101.65.44 54113 (FASTLY)
1 141.226.224.32 ()
157 44
Apex Domain
Subdomains
Transfer
29 blogspot.com
1.bp.blogspot.com
3.bp.blogspot.com
4.bp.blogspot.com
2.bp.blogspot.com
668 KB
22 chatango.com
st.chatango.com
ust.chatango.com
281 KB
17 crwdcntrl.net
tags.crwdcntrl.net
bcp.crwdcntrl.net
sync.crwdcntrl.net
23 KB
15 taboola.com
cdn.taboola.com
trc.taboola.com
images.taboola.com
pips.taboola.com
cds.taboola.com
175 KB
14 adskeeper.com
jsc.adskeeper.com
c.adskeeper.com
servicer.adskeeper.com
s-img.adskeeper.com
cm.adskeeper.com
134 KB
9 tynt.com
cdn.tynt.com
ic.tynt.com
de.tynt.com
6 KB
8 wikimedia.org
upload.wikimedia.org
356 KB
6 twitter.com
platform.twitter.com
syndication.twitter.com
150 KB
5 doubleclick.net
cm.g.doubleclick.net
1 KB
4 id5-sync.com
id5-sync.com
6 KB
3 eyeota.net
ps.eyeota.net
2 KB
3 scorecardresearch.com
sb.scorecardresearch.com
2 KB
3 bluekai.com
tags.bluekai.com
928 B
3 s-onetag.com
get.s-onetag.com
onetag-geo.s-onetag.com
onetag-geo-grouping.s-onetag.com
12 KB
3 dtscout.com
e.dtscout.com
t.dtscout.com
10 KB
3 cloudflare.com
cdnjs.cloudflare.com
7 KB
2 adnxs.com
secure.adnxs.com
2 KB
2 everesttech.net
sync-tm.everesttech.net
615 B
2 sitescout.com
pixel-sync.sitescout.com
941 B
2 tidaltv.com
sync.tidaltv.com
686 B
2 demdex.net
dpm.demdex.net
2 KB
2 avct.cloud
ads.avct.cloud
896 B
2 exelator.com
loadm.exelator.com
2 KB
2 tapad.com
pixel.tapad.com
920 B
2 turn.com
d.turn.com
855 B
2 zeotap.com
spl.zeotap.com
mwzeom.zeotap.com
886 B
2 histats.com
s10.histats.com
s4.histats.com
5 KB
2 huerty.live
m.huerty.live
56 KB
1 rubiconproject.com
token.rubiconproject.com
214 B
1 mathtag.com
sync.mathtag.com
615 B
1 stackadapt.com
sync.srv.stackadapt.com
628 B
1 ml314.com
ml314.com
422 B
1 mookie1.com
ib.mookie1.com
991 B
1 ib-ibi.com
global.ib-ibi.com
511 B
1 krxd.net
beacon.krxd.net
338 B
1 cintnetworks.com
c.cintnetworks.com
328 B
1 avocet.io
ads.avocet.io
204 B
1 truoptik.com
dmp.truoptik.com
1 adsrvr.org
match.adsrvr.org
265 B
1 dtssrv.com
a.dtssrv.com
560 B
1 google-analytics.com
www.google-analytics.com
20 KB
1 onaudience.com
pixel.onaudience.com
400 B
1 dtscdn.com
t.dtscdn.com
407 B
1 sharethis.com
pd.sharethis.com
88 B
1 adskeeper.co.uk
cdn.adskeeper.co.uk
2 KB
1 geojs.io
get.geojs.io
1011 B
1 hesgoal.com
www.hesgoal.com
13 KB
0 jquery.com Failed
code.jquery.com Failed
157 48
Domain Requested by
16 ust.chatango.com st.chatango.com
9 sync.crwdcntrl.net 1 redirects bcp.crwdcntrl.net
9 1.bp.blogspot.com www.hesgoal.com
8 3.bp.blogspot.com www.hesgoal.com
8 upload.wikimedia.org www.hesgoal.com
7 cdn.taboola.com st.chatango.com
cdn.taboola.com
7 ic.tynt.com www.hesgoal.com
7 4.bp.blogspot.com www.hesgoal.com
6 st.chatango.com www.hesgoal.com
st.chatango.com
5 bcp.crwdcntrl.net 1 redirects tags.crwdcntrl.net
bcp.crwdcntrl.net
5 cm.g.doubleclick.net 3 redirects bcp.crwdcntrl.net
5 c.adskeeper.com jsc.adskeeper.com
www.hesgoal.com
5 2.bp.blogspot.com www.hesgoal.com
4 trc.taboola.com bcp.crwdcntrl.net
cdn.taboola.com
4 id5-sync.com 4 redirects
4 s-img.adskeeper.com www.hesgoal.com
4 platform.twitter.com www.hesgoal.com
platform.twitter.com
3 ps.eyeota.net 2 redirects bcp.crwdcntrl.net
3 sb.scorecardresearch.com 1 redirects cdn.taboola.com
st.chatango.com
3 tags.bluekai.com 1 redirects www.hesgoal.com
bcp.crwdcntrl.net
3 tags.crwdcntrl.net e.dtscout.com
tags.crwdcntrl.net
3 cdnjs.cloudflare.com www.hesgoal.com
cdnjs.cloudflare.com
2 images.taboola.com
2 secure.adnxs.com 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 sync.tidaltv.com 2 redirects
2 dpm.demdex.net 2 redirects
2 ads.avct.cloud 2 redirects
2 loadm.exelator.com 1 redirects bcp.crwdcntrl.net
2 pixel.tapad.com 2 redirects
2 d.turn.com 2 redirects
2 cm.adskeeper.com jsc.adskeeper.com
2 t.dtscout.com e.dtscout.com
2 syndication.twitter.com platform.twitter.com
www.hesgoal.com
2 m.huerty.live www.hesgoal.com
2 jsc.adskeeper.com www.hesgoal.com
jsc.adskeeper.com
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 token.rubiconproject.com bcp.crwdcntrl.net
1 sync.mathtag.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 ml314.com bcp.crwdcntrl.net
1 ib.mookie1.com bcp.crwdcntrl.net
1 global.ib-ibi.com 1 redirects
1 beacon.krxd.net bcp.crwdcntrl.net
1 c.cintnetworks.com bcp.crwdcntrl.net
1 ads.avocet.io 1 redirects
1 dmp.truoptik.com bcp.crwdcntrl.net
1 match.adsrvr.org bcp.crwdcntrl.net
1 a.dtssrv.com e.dtscout.com
1 www.google-analytics.com st.chatango.com
1 de.tynt.com cdn.tynt.com
1 mwzeom.zeotap.com www.hesgoal.com
1 spl.zeotap.com 1 redirects
1 pixel.onaudience.com 1 redirects
1 t.dtscdn.com e.dtscout.com
1 onetag-geo-grouping.s-onetag.com get.s-onetag.com
1 onetag-geo.s-onetag.com get.s-onetag.com
1 cdn.tynt.com e.dtscout.com
1 pd.sharethis.com e.dtscout.com
1 get.s-onetag.com e.dtscout.com
1 servicer.adskeeper.com jsc.adskeeper.com
1 e.dtscout.com s4.histats.com
1 cdn.adskeeper.co.uk www.hesgoal.com
1 s4.histats.com s10.histats.com
1 s10.histats.com www.hesgoal.com
1 get.geojs.io www.hesgoal.com
1 www.hesgoal.com www.hesgoal.com
0 code.jquery.com Failed www.hesgoal.com
157 70

This site contains links to these domains. Also see Links.

Domain
silktide.com
twitter.com
widgets.adskeeper.com
www.adskeeper.com
Subject Issuer Validity Valid
localhost
localhost
2020-11-16 -
2048-04-02
27 years crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-06-11 -
2022-06-10
a year crt.sh
misc-sni.blogspot.com
GTS CA 1C3
2021-08-30 -
2021-11-22
3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1
2020-11-05 -
2021-11-09
a year crt.sh
*.chatango.com
Sectigo RSA Domain Validation Secure Server CA
2020-05-07 -
2022-07-06
2 years crt.sh
*.wikipedia.org
DigiCert SHA2 High Assurance Server CA
2020-11-09 -
2021-11-16
a year crt.sh
huerty.live
R3
2021-09-21 -
2021-12-20
3 months crt.sh
histats.com
R3
2021-08-02 -
2021-10-31
3 months crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1
2021-02-05 -
2022-02-04
a year crt.sh
*.dtscout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1
2020-11-03 -
2021-11-03
a year crt.sh
*.s-onetag.com
Amazon
2021-02-03 -
2022-03-04
a year crt.sh
sharethis.com
Amazon
2021-09-01 -
2022-09-30
a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA
2021-09-23 -
2022-09-30
a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2
2021-04-29 -
2022-05-31
a year crt.sh
t.dtscdn.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1
2020-11-03 -
2021-11-15
a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA
2021-04-25 -
2022-04-26
a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1
2020-11-25 -
2021-12-26
a year crt.sh
*.scorecardresearch.com
Amazon
2021-02-28 -
2022-03-29
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2021-09-13 -
2021-11-20
2 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-08-30 -
2021-11-22
3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2021-03-18 -
2022-04-19
a year crt.sh
*.truoptik.com
Go Daddy Secure Certificate Authority - G2
2020-10-19 -
2021-11-20
a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1
2021-06-02 -
2022-06-07
a year crt.sh
*.cintnetworks.com
DigiCert SHA2 Secure Server CA
2020-09-21 -
2021-10-23
a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1
2021-01-13 -
2022-01-07
a year crt.sh
ib.mookie1.com
DigiCert SHA2 High Assurance Server CA
2019-10-07 -
2021-11-12
2 years crt.sh
*.ml314.com
Amazon
2021-01-17 -
2022-02-14
a year crt.sh
*.eyeota.net
R3
2021-08-27 -
2021-11-25
3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2021-03-30 -
2022-04-04
a year crt.sh

This page contains 10 frames:

Primary Page: https://www.hesgoal.com/
Frame ID: 7B11E8B9D89500A737DA67757BC7CC3B
Requests: 88 HTTP requests in this frame

Frame: https://m.huerty.live/
Frame ID: 5CBF8C79E88224DCDB0CD865CE180CBC
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fwww.hesgoal.com
Frame ID: 62F2EDEA9C8C43F9D0F30B520764EA04
Requests: 2 HTTP requests in this frame

Frame: https://m.huerty.live/
Frame ID: 79115958631F31E8DC8E8B46748DEF87
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.f88235f49a156f8b4cab34c7bc1a0acc.en.html
Frame ID: 5E21F6EE2B5DF1C55FE80C57EC215647
Requests: 2 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=6D001632939402D0DE01155F7B2FCA6B
Frame ID: 719074236C37A5F1B82DBACF5FE19267
Requests: 1 HTTP requests in this frame

Frame: https://cm.adskeeper.com/i-noref.js?cbuster=1632939402696771501076
Frame ID: 9228CD14D644911AD7E97B177C191A90
Requests: 1 HTTP requests in this frame

Frame: https://st.chatango.com/h5/gz/r0817211056/id.html
Frame ID: E7CEEABCF7286DA3C1821F74BAF1AE3F
Requests: 37 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Frame ID: A36BC750E3B9CE3D4E4C825C32CEE4C7
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C54%2C50%2C49%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Frame ID: 139F691DA4218DEBD8986D1F9CCED723
Requests: 24 HTTP requests in this frame

Screenshot

Page Title

HesGoal.Com Sports News

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • cookieconsent\.min\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js

Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

157
Requests

97 %
HTTPS

0 %
IPv6

48
Domains

70
Subdomains

44
IPs

9
Countries

1923 kB
Transfer

3554 kB
Size

70
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 79
  • https://pixel.onaudience.com/?partner=137085098&mapped=6D001632939402D0DE01155F7B2FCA6B HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=25bc434ffda60366 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=edad4164-976c-4c64-5a9c-6d0b98402f13&reqId=f4a68b40-c750-461a-69ea-864cbeb07f62&zcluid=25bc434ffda60366&zdid=1332 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=edad4164-976c-4c64-5a9c-6d0b98402f13&reqId=f4a68b40-c750-461a-69ea-864cbeb07f62&zcluid=25bc434ffda60366&zdid=1332&google_tc= HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=&google_cver=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=edad4164-976c-4c64-5a9c-6d0b98402f13&reqId=f4a68b40-c750-461a-69ea-864cbeb07f62&zcluid=25bc434ffda60366&zdid=1332&google_error=15
Request Chain 91
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1632939403498&ns_c=windows-1252&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fst.chatango.com%2Fh5%2Fgz%2Fr0817211056%2Fid.html&c9=https%3A%2F%2Fwww.hesgoal.com%2F HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1632939403498&ns_c=windows-1252&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fst.chatango.com%2Fh5%2Fgz%2Fr0817211056%2Fid.html&c9=https%3A%2F%2Fwww.hesgoal.com%2F
Request Chain 103
  • https://id5-sync.com/s/19/9.gif?puid=d397f98759b469b5ac68e9b79e5ac48&gdpr=1 HTTP 302
  • https://id5-sync.com/c/19/19/9/1.gif?puid=d397f98759b469b5ac68e9b79e5ac48&gdpr=1&gdpr_consent= HTTP 302
  • https://bcp.crwdcntrl.net/map/c=1882/tp=BKAI/gdpr=1/gdpr_consent=?https://tags.bluekai.com/site/5907?limit=0&id=${masked_profileid}&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F321%2F8%2F2.gif%3Fpuid%3D%24_BK_UUID%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://tags.bluekai.com/site/5907?limit=0&id=5af92ea1d32a61379fcaa97c07337278&redir=https://id5-sync.com/c/19/321/8/2.gif?puid=$_BK_UUID&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/19/321/8/2.gif?puid=$_BK_UUID HTTP 302
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODM4ODY2Ni90LzI/dpuid/ID5-ZHMO1MmJghyEihheHDKFT16e-5DLWoBP8cCIc8lHqA/url/https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F224%2F7%2F3.gif%3Fpuid%3D%24%21%7BTURN_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/19/224/7/3.gif?puid=3959275450501156904&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=2831/tp=GDMP?https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&google_redir={xENCODEDURL}&id5id=ID5-ZHMO1MmJghyEihheHDKFT16e-5DLWoBP8cCIc8lHqA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=ZDM5N2Y5ODc1OWI0NjliNWFjNjhlOWI3OWU1YWM0OA&google_redir={xENCODEDURL}&id5id=ID5-ZHMO1MmJghyEihheHDKFT16e-5DLWoBP8cCIc8lHqA
Request Chain 106
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=d397f98759b469b5ac68e9b79e5ac48&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=d397f98759b469b5ac68e9b79e5ac48&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=0fae4663-9701-4758-be3b-7a70469e530c
Request Chain 108
  • https://loadm.exelator.com/load/?p=204&g=260&buid=d397f98759b469b5ac68e9b79e5ac48&j=0 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=260&buid=d397f98759b469b5ac68e9b79e5ac48&j=0&xl8blockcheck=1
Request Chain 109
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10492%2Ftp%3DAVCT%2Ftpid%3D%7B%7BUUID%7D%7D HTTP 301
  • https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10492%2Ftp%3DAVCT%2Ftpid%3D%7B%7BUUID%7D%7D HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10492%2Ftp%3DAVCT%2Ftpid%3D%7B%7BUUID%7D%7D HTTP 302
  • https://sync.crwdcntrl.net/map/c=10492/tp=AVCT/tpid=26063f5f-5840-4fd1-8dce-134c9657d121
Request Chain 110
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=d397f98759b469b5ac68e9b79e5ac48&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=d397f98759b469b5ac68e9b79e5ac48&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D HTTP 302
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=69554753551921484420374101805203095274
Request Chain 113
  • https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=d397f98759b469b5ac68e9b79e5ac48 HTTP 302
  • https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=d397f98759b469b5ac68e9b79e5ac48
Request Chain 115
  • https://sync.srv.stackadapt.com/sync?nid=lotame HTTP 302
  • https://bcp.crwdcntrl.net/map/c=6569/tp=STKA/tpid=0-e63043a3-5fc2-4c94-7fcc-5025cdf7351a$ip$216.131.114.18
Request Chain 116
  • https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1695 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1695&s_h=1 HTTP 302
  • https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=9be4ef42-102e-490b-b89c-c8edd8146faf?gdpr=1&gdpr_consent=
Request Chain 117
  • https://ps.eyeota.net/match?bid=51mdg9u&uid=d397f98759b469b5ac68e9b79e5ac48 HTTP 302
  • https://ps.eyeota.net/match/bounce/?bid=51mdg9u&uid=d397f98759b469b5ac68e9b79e5ac48 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MlFxaWhwSjZJNWtpdEFPZVRtWS1EODNObjJNR2pWVDlZNzJPSjc2d3ByMHc&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=51mdg9u& HTTP 302
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=51mdg9u&google_error=15
Request Chain 118
  • https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=bdca6154-ad8c-4f00-bfe0-dbb257c72a08
Request Chain 119
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID HTTP 302
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID HTTP 302
  • https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=1f2dc50e-bb1b-4802-99f7-dc59d80cbfd7-6154ad8c-5553
Request Chain 121
  • https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D&_test=YVStjAAFUzV3CAA6 HTTP 302
  • https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YVStjAAFUzV3CAA6&_test=YVStjAAFUzV3CAA6
Request Chain 124
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/d397f98759b469b5ac68e9b79e5ac48/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D HTTP 302
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=3887217856463228968
Request Chain 125
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc=281%2Frand=39441056%2Ftpid%3D%24UID%2Ftp%3DANXS HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%3D281%252Frand%3D39441056%252Ftpid%253D%2524UID%252Ftp%253DANXS HTTP 302
  • https://sync.crwdcntrl.net/map/c=281/rand=39441056/tpid=3867230706839292309/tp=ANXS

157 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.hesgoal.com/
54 KB
13 KB
Document
General
Full URL
https://www.hesgoal.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.182.209.23 Amsterdam, Netherlands, ASN62068 (SPECTRAIP SpectraIP B.V., NL),
Reverse DNS
server2786.web11.nl
Software
Apache/2 / PHP/5.6.40
Resource Hash
d008867b9024617b5233a0aab38ec158a60400b60afcfbb1a2d793557f955296

Request headers

:method
GET
:authority
www.hesgoal.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 29 Sep 2021 18:16:41 GMT
server
Apache/2
x-powered-by
PHP/5.6.40
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
set-cookie
PHPSESSID=pct2m1gjmtqnl0q0n73hfu34a1; path=/
vary
Accept-Encoding,User-Agent
content-encoding
gzip
content-length
12756
content-type
text/html; charset=UTF-8
geo.js
get.geojs.io/v1/ip/
342 B
1011 B
Script
General
Full URL
https://get.geojs.io/v1/ip/geo.js
Requested by
Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.100 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5a4397698a3fa51e1dded6959e1b16e6bc1e89b28c949f3f0313ace1a3b5a97
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 18:16:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-request-id
1dcf79f423834c4256dcb9277df3056e-AMS
x-geojs-location
AMS
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yIrqQYOQ2B2jIC31c4x547s9f6g1WPuhw4WlVXHYpI9SPB1TEMOT4zBCo1%2B4bSCQWUsjkKNvl8XH1iwuOdqKgLENM53ZRo72u%2FA6g%2BcTtdrSUb2PZMs3hbmwottM8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
no-store, no-cache, must-revalidate, private, max-age=0
cf-ray
6967343e4d772788-PRG
cookieconsent.min.js
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/
4 KB
2 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/cookieconsent.min.js
Requested by
Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
190fc02d8e8f1dd5acc40f48d0d6203e6115eb31e3f47f55db0c3f07797d68f0
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 18:16:41 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1439658
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1618
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:17 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e2d-11d8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3536tBLmw8tRCQdxPwI%2BxzBcDiONKXUvBBSmh33LPPG8BKsT652TkVZA02DXSSBFoPBItn0XioKKFjpJM33HE6oQCOfhc41r1EthGrEIMg6g%2FRl4jIYBfTbI8%2FzbdR2dhMRpjGDr"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6967343e0fe15b7a-FRA
expires
Mon, 19 Sep 2022 18:16:41 GMT
HOME_m.jpg
1.bp.blogspot.com/-edGffEd258I/YJ-zGOCY-yI/AAAAAAAABgQ/i4RwrvaavtwL2JAd93kbOTIX3yTPBma3wCLcBGAsYHQ/s0/
2 KB
3 KB
Image
General
Full URL
https://1.bp.blogspot.com/-edGffEd258I/YJ-zGOCY-yI/AAAAAAAABgQ/i4RwrvaavtwL2JAd93kbOTIX3yTPBma3wCLcBGAsYHQ/s0/HOME_m.jpg
Requested by
Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
fife /
Resource Hash
a8558243788f0dc91ae04cfbfcb192804bb5c08a247e6707053944046c0936c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 16:50:07 GMT
x-content-type-options
nosniff
age
5194
content-disposition
inline;filename="HOME_m.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2350
x-xss-protection
0
server
fife
etag
"v60a"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 18 Sep 2021 12:20:08 GMT
BALL_m.jpg
1.bp.blogspot.com/-jqLVfmI_j3E/YJ-zF_yj9tI/AAAAAAAABgI/DVz_DVq_DewdWi3JmAw_0WHo_pNztym8gCLcBGAsYHQ/s0/
2 KB
2 KB
Image
General
Full URL
https://1.bp.blogspot.com/-jqLVfmI_j3E/YJ-zF_yj9tI/AAAAAAAABgI/DVz_DVq_DewdWi3JmAw_0WHo_pNztym8gCLcBGAsYHQ/s0/BALL_m.jpg
Requested by
Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
fife /
Resource Hash
1f1cbc94de77db002ad23121c7baf05a826b7233c7432753a1fc696d5782d2d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 15:16:12 GMT
x-content-type-options
nosniff
age
10829
content-disposition
inline;filename="BALL_m.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2122
x-xss-protection
0
server
fife
etag
"v608"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 06 Sep 2021 17:35:38 GMT
RACEFLAG2.jpg
1.bp.blogspot.com/-8_Bz70I9EHs/YJ-zGF7_G7I/AAAAAAAABgM/ULWODzthBC0grofs-lD4df2OPcBexRIYgCLcBGAsYHQ/s0/
5 KB
5 KB
Image
General
Full URL
https://1.bp.blogspot.com/-8_Bz70I9EHs/YJ-zGF7_G7I/AAAAAAAABgM/ULWODzthBC0grofs-lD4df2OPcBexRIYgCLcBGAsYHQ/s0/RACEFLAG2.jpg
Requested by
Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
fife /
Resource Hash
3e2c9ee8c65fe5cba61424da8a143be0e4c50d80d2758a1464e1cc9255df97b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:58:05 GMT
x-content-type-options
nosniff
age
11916
content-disposition
inline;filename="RACEFLAG2.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5356
x-xss-protection
0
server
fife
etag
"v60a"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 16 Sep 2021 22:12:24 GMT
widgets.js
platform.twitter.com/
96 KB
29 KB
Script
General
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67C1) /
Resource Hash
8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 18:16:41 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Age
98
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Content-Length
28872
x-tw-cdn
VZ
Last-Modified
Mon, 02 Aug 2021 20:34:57 GMT
Server
ECS (frb/67C1)
Etag
"d405b816322f9770c70cbd10cfa87be4+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
emb.js
st.chatango.com/js/gz/
68 KB
24 KB
Script
General
Full URL
https://st.chatango.com/js/gz/emb.js
Requested by
Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.93.230.22 , United States, ASN29893 (CHATANGO, US),
Reverse DNS
Software
nginx /
Resource Hash
29837203efe096a89bbaf504ee7ba517fbde6567fd80cc90a257e42886d7d54f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 18:16:42 GMT
Content-Encoding
gzip
Last-Modified
Tue, 17 Aug 2021 18:00:48 GMT
Server
nginx
Content-Type
application/x-javascript
Cache-Control
max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23775
Expires
Wed, 29 Sep 2021 18:16:42 GMT
hesgoal.com.994688.js
jsc.adskeeper.com/h/e/
2 KB
1 KB
Script
General
Full URL
https://jsc.adskeeper.com/h/e/hesgoal.com.994688.js
Requested by
Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ebfe7bf8564d707f3ce257dfa899381e29627e5e2a941b606546cf1e3787c10

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 18:16:41 GMT
content-encoding
gzip
cf-cache-status
HIT
age
4989
cf-ray
6967343e2b2f4eaa-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
740
x-amz-id-2
DvyQ9ItscSG4CCqERzKchs/ZDc//F/YHcy/j5GevRQsMPw1jQwS2RAx2SNwJAozDhSw0kacZutQ=
last-modified
Wed, 08 Sep 2021 05:45:35 GMT
server
cloudflare
etag
"2f5fc0217833fcc27fc63319b5cf9f5e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
47A7TDJWT3P2ZCKA
cache-control
public, max-age=14400
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 29 Sep 2021 22:16:41 GMT
UEFA_Champions_League_Logo_2021.png
upload.wikimedia.org/wikipedia/fr/9/9b/
28 KB
30 KB
Image
General
Full URL
https://upload.wikimedia.org/wikipedia/fr/9/9b/UEFA_Champions_League_Logo_2021.png
Requested by
Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.198.174.208 , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
upload-lb.esams.wikimedia.org
Software
ATS/8.0.8 /
Resource Hash
dbd7750c69d1dda28b5a18ac3d2b66324ef8e35ed8150f79d5b617afaa64cdb6
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 06:35:48 GMT
x-content-security-policy-report-only
default-src 'none'; style-src 'unsafe-inline' data:; font-src data:; img-src data: https://upload.wikimedia.org/favicon.ico; media-src data:; sandbox; report-uri https://commons.wikimedia.org/w/api.php?reportonly=1&source=image&action=cspreport&format=json&
nel
{ "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age
42053
x-cache-status
hit-front
content-security-policy-report-only
default-src 'none'; style-src 'unsafe-inline' data:; font-src data:; img-src data: https://upload.wikimedia.org/favicon.ico; media-src data:; sandbox; report-uri https://commons.wikimedia.org/w/api.php?reportonly=1&source=image&action=cspreport&format=json&
x-cache
cp3061 hit, cp3057 hit/16167
server-timing
cache;desc="hit-front", host;desc="cp3057"
content-length
29108
x-client-ip
216.131.114.18
x-object-meta-sha1base36
o9hrxe4z9vyina5zcd3t7uki2a0lm5t
last-modified
Wed, 19 May 2021 10:08:53 GMT
server
ATS/8.0.8
etag
415d0ab5edfa2e246662431727e2d811
x-webkit-csp-report-only
default-src 'none'; style-src 'unsafe-inline' data:; font-src data:; img-src data: https://upload.wikimedia.org/favicon.ico; media-src data:; sandbox; report-uri https://commons.wikimedia.org/w/api.php?reportonly=1&source=image&action=cspreport&format=json&
strict-transport-security
max-age=106384710; includeSubDomains; preload
report-to
{ "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/png
access-control-allow-origin
*
x-timestamp
1621418932.46040
permissions-policy
interest-cohort=()
accept-ranges
bytes
timing-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
20170618020317%21UAE_Arabian_Gulf_League_Logo.png
upload.wikimedia.org/wikipedia/ar/archive/8/8c/
25 KB
25 KB
Image
General
Full URL
https://upload.wikimedia.org/wikipedia/ar/archive/8/8c/20170618020317%21UAE_Arabian_Gulf_League_Logo.png
Requested by
Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.198.174.208 , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
upload-lb.esams.wikimedia.org
Software
ATS/8.0.8 /
Resource Hash
c7ad40b7c0215a36e2adbecc2c9813b1eeae285a314724a5b540efe0f785cf54
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 10:59:40 GMT
nel
{ "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age
26221
x-cache-status
hit-front
x-cache
cp3063 hit, cp3057 hit/16861
server-timing
cache;desc="hit-front", host;desc="cp3057"
content-length
25348
x-client-ip
216.131.114.18
x-object-meta-sha1base36
la1ndpwdh5ovmam3mpqn2bt2lesbhlj
last-modified
Sun, 18 Jun 2017 02:03:19 GMT
server
ATS/8.0.8
etag
18ebb4b0a2a246bcd6e16d6934997038
strict-transport-security
max-age=106384710; includeSubDomains; preload
report-to
{ "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/png
access-control-allow-origin
*
x-timestamp
1497751398.55202
permissions-policy
interest-cohort=()
accept-ranges
bytes
timing-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
1200px-Superettan_logo.svg.png
upload.wikimedia.org/wikipedia/en/thumb/b/bc/Superettan_logo.svg/
164 KB
164 KB
Image
General
Full URL
https://upload.wikimedia.org/wikipedia/en/thumb/b/bc/Superettan_logo.svg/1200px-Superettan_logo.svg.png
Requested by
Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.198.174.208 , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
upload-lb.esams.wikimedia.org
Software
ATS/8.0.8 /
Resource Hash
d9d29be0489fcf2b400b25f7a16ba7bae84b4a3ce7c2ccf6a31cce4f5e64235c
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 16:05:03 GMT
nel
{ "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age
7898
x-cache-status
hit-front
x-cache
cp3065 hit, cp3057 hit/12193
content-disposition
inline;filename*=UTF-8''Superettan_logo.svg.webp
server-timing
cache;desc="hit-front", host;desc="cp3057"
content-length
167886
x-client-ip
216.131.114.18
last-modified
Thu, 16 Sep 2021 16:24:31 GMT
server
ATS/8.0.8
etag
b35f3a857fbdc2b7642637811af66032
strict-transport-security
max-age=106384710; includeSubDomains; preload
report-to
{ "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/webp
access-control-allow-origin
*
x-timestamp
1631809470.57702
permissions-policy
interest-cohort=()
accept-ranges
bytes
timing-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
1200px-Eliteserien_logo.svg.png
upload.wikimedia.org/wikipedia/en/thumb/5/50/Eliteserien_logo.svg/
34 KB
34 KB
Image
General
Full URL
https://upload.wikimedia.org/wikipedia/en/thumb/5/50/Eliteserien_logo.svg/1200px-Eliteserien_logo.svg.png
Requested by
Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.198.174.208 , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
upload-lb.esams.wikimedia.org
Software
ATS/8.0.8 /
Resource Hash
9c5681c33c41690b895e5bb0b7d7e748fa3252852f94c1112ff03b837f3ee36f
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 16:05:13 GMT
nel
{ "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age
7888
x-cache-status
hit-front
x-cache
cp3053 hit, cp3057 hit/10597
server-timing
cache;desc="hit-front", host;desc="cp3057"
content-length
34910
x-client-ip
216.131.114.18
last-modified
Sat, 07 Dec 2019 16:20:02 GMT
server
ATS/8.0.8
etag
612f95a5697ee07704b30ef233d71580
strict-transport-security
max-age=106384710; includeSubDomains; preload
report-to
{ "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/webp
access-control-allow-origin
*
x-timestamp
1575735601.86089
permissions-policy
interest-cohort=()
accept-ranges
bytes
timing-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
1200px-Scottish_Championship.svg.png
upload.wikimedia.org/wikipedia/en/thumb/1/17/Scottish_Championship.svg/
32 KB
32 KB
Image
General
Full URL
https://upload.wikimedia.org/wikipedia/en/thumb/1/17/Scottish_Championship.svg/1200px-Scottish_Championship.svg.png
Requested by
Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.198.174.208 , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
upload-lb.esams.wikimedia.org
Software
ATS/8.0.8 /
Resource Hash
c48220cc9ef4604a3d8f7484a5c7c35a55d06f34f898f52de85d64fff9f8282c
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 05:04:23 GMT
nel
{ "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age
47538
x-cache-status
hit-front
x-cache
cp3055 hit, cp3057 hit/2300
server-timing
cache;desc="hit-front", host;desc="cp3057"
content-length
32304
x-client-ip
216.131.114.18
last-modified
Fri, 20 Nov 2020 19:22:42 GMT
server
ATS/8.0.8
etag
0c7b45b940bc082c9324e9b1118b7681
strict-transport-security
max-age=106384710; includeSubDomains; preload
report-to
{ "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/webp
access-control-allow-origin
*
x-timestamp
1605900161.92259
permissions-policy
interest-cohort=()
accept-ranges
bytes
timing-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
250px-Turkishsupercup.jpg
upload.wikimedia.org/wikipedia/en/thumb/1/1a/Turkishsupercup.jpg/
7 KB
7 KB
Image
General
Full URL
https://upload.wikimedia.org/wikipedia/en/thumb/1/1a/Turkishsupercup.jpg/250px-Turkishsupercup.jpg
Requested by
Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.198.174.208 , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
upload-lb.esams.wikimedia.org
Software
ATS/8.0.8 /
Resource Hash
f2d6214b8f28883772525a47935d20435da481d26e99abbcddfe3766f49601a0
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 10:02:12 GMT
nel
{ "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age
29669
x-cache-status
hit-front
x-cache
cp3061 hit, cp3057 hit/14624
server-timing
cache;desc="hit-front", host;desc="cp3057"
content-length
7428
x-client-ip
216.131.114.18
last-modified
Wed, 07 Aug 2019 17:30:06 GMT
server
ATS/8.0.8
etag
1f158642a786a9824d9c26f505b555af
strict-transport-security
max-age=106384710; includeSubDomains; preload
report-to
{ "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/webp
access-control-allow-origin
*
x-timestamp
1565199005.36028
permissions-policy
interest-cohort=()
accept-ranges
bytes
timing-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
1280px-WTA_logo_2010.svg.png
upload.wikimedia.org/wikipedia/commons/thumb/b/bf/WTA_logo_2010.svg/
33 KB
33 KB
Image
General
Full URL
https://upload.wikimedia.org/wikipedia/commons/thumb/b/bf/WTA_logo_2010.svg/1280px-WTA_logo_2010.svg.png
Requested by
Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.198.174.208 , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
upload-lb.esams.wikimedia.org
Software
ATS/8.0.8 /
Resource Hash
03504b510d0a289c3cf9aa389bf60edb1b19785eed0f8d41dbd19355c55ad6f7
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 11:30:28 GMT
nel
{ "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age
24373
x-cache-status
hit-front
x-cache
cp3063 hit, cp3057 hit/9685
server-timing
cache;desc="hit-front", host;desc="cp3057"
content-length
33358
x-client-ip
216.131.114.18
last-modified
Thu, 07 Jan 2021 09:51:19 GMT
server
ATS/8.0.8
etag
374a9bab5b102003384594b6d0ef9dab
strict-transport-security
max-age=106384710; includeSubDomains; preload
report-to
{ "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/webp
access-control-allow-origin
*
x-timestamp
1610013078.89806
permissions-policy
interest-cohort=()
accept-ranges
bytes
timing-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
langfr-800px-Nitto_ATP_Finals_Logo.svg.png
upload.wikimedia.org/wikipedia/fr/thumb/3/33/Nitto_ATP_Finals_Logo.svg/
31 KB
31 KB
Image
General
Full URL
https://upload.wikimedia.org/wikipedia/fr/thumb/3/33/Nitto_ATP_Finals_Logo.svg/langfr-800px-Nitto_ATP_Finals_Logo.svg.png
Requested by
Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.198.174.208 , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
upload-lb.esams.wikimedia.org
Software
ATS/8.0.8 /
Resource Hash
3dd384ba5379d14c2803ff711a3f4869d29ef29566cdd5141c41f9e4dbd509ee
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 05:15:44 GMT
x-content-security-policy-report-only
default-src 'none'; style-src 'unsafe-inline' data:; font-src data:; img-src data: https://upload.wikimedia.org/favicon.ico; media-src data:; sandbox; report-uri https://commons.wikimedia.org/w/api.php?reportonly=1&source=image&action=cspreport&format=json&
nel
{ "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age
46857
x-cache-status
hit-front
content-security-policy-report-only
default-src 'none'; style-src 'unsafe-inline' data:; font-src data:; img-src data: https://upload.wikimedia.org/favicon.ico; media-src data:; sandbox; report-uri https://commons.wikimedia.org/w/api.php?reportonly=1&source=image&action=cspreport&format=json&
x-cache
cp3061 hit, cp3057 hit/18552
content-disposition
inline;filename*=UTF-8''Nitto_ATP_Finals_Logo.svg.webp
server-timing
cache;desc="hit-front", host;desc="cp3057"
content-length
31400
x-client-ip
216.131.114.18
last-modified
Tue, 21 Sep 2021 09:28:42 GMT
server
ATS/8.0.8
etag
01165c6aa7ddd39b11dbec96b84e8b5c
x-webkit-csp-report-only
default-src 'none'; style-src 'unsafe-inline' data:; font-src data:; img-src data: https://upload.wikimedia.org/favicon.ico; media-src data:; sandbox; report-uri https://commons.wikimedia.org/w/api.php?reportonly=1&source=image&action=cspreport&format=json&
strict-transport-security
max-age=106384710; includeSubDomains; preload
report-to
{ "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/webp
access-control-allow-origin
*
x-timestamp
1632216521.32123
permissions-policy
interest-cohort=()
accept-ranges
bytes
timing-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
J%25C3%25A9r%25C3%25A9my-Mathieu-au-FC-Barcelone%2B%2528320%2Bx%2B180%2529.jpg
3.bp.blogspot.com/-dIvRPhEjBVk/Vh0xh4poWxI/AAAAAAAAAkQ/pQ4LwjACdms/s1600/
13 KB
13 KB
Image
General
Full URL
https://3.bp.blogspot.com/-dIvRPhEjBVk/Vh0xh4poWxI/AAAAAAAAAkQ/pQ4LwjACdms/s1600/J%25C3%25A9r%25C3%25A9my-Mathieu-au-FC-Barcelone%2B%2528320%2Bx%2B180%2529.jpg
Requested by
Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
fife /
Resource Hash
dbc8af2a2b9ce5900394f7b3cc31975e54cbedd7e83e8a654ccaf62aaa79edb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:55:03 GMT
x-content-type-options
nosniff
age
12098
content-disposition
inline;filename="J_r_my-Mathieu-au-FC-Barcelone (320 x 180).jpg";filename*=UTF-8''J%C3%A9r%C3%A9my-Mathieu-au-FC-Barcelone%20(320%20x%20180).jpg
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12876
x-xss-protection
0
server
fife
etag
"v245"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 16 Sep 2021 17:47:52 GMT
soccer-Colombia-Falcao%2B%2528465%2Bx%2B261%2529.jpg
4.bp.blogspot.com/-6PmeR4KYHCg/Vh0xu8fOe9I/AAAAAAAAAkY/ooWCQ4HPxBc/s1600/
30 KB
30 KB
Image
General
Full URL
https://4.bp.blogspot.com/-6PmeR4KYHCg/Vh0xu8fOe9I/AAAAAAAAAkY/ooWCQ4HPxBc/s1600/soccer-Colombia-Falcao%2B%2528465%2Bx%2B261%2529.jpg
Requested by
Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
fife /
Resource Hash
a12e522508f84829d98353fbca78badae6da34aa5cdcb387bdffe5679de6317f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 17:22:13 GMT
x-content-type-options
nosniff
age
3268
content-disposition
inline;filename="soccer-Colombia-Falcao (465 x 261).jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30865
x-xss-protection
0
server
fife
etag
"v247"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 08 Sep 2021 07:02:13 GMT
Nice-vs-Monaco-team%2B%2528330%2Bx%2B160%2529.jpg
1.bp.blogspot.com/-ceC9vs4yQ30/Vh0x_sMDIuI/AAAAAAAAAkg/w5pBuY8zB4s/s1600/
22 KB
22 KB
Image
General
Full URL
https://1.bp.blogspot.com/-ceC9vs4yQ30/Vh0x_sMDIuI/AAAAAAAAAkg/w5pBuY8zB4s/s1600/Nice-vs-Monaco-team%2B%2528330%2Bx%2B160%2529.jpg
Requested by
Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
fife /
Resource Hash
c61a68b4338345f13141b316e626d72cc2327b091b34c5b44b412abe45de7561
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 17:44:45 GMT
x-content-type-options
nosniff
age
1916
content-disposition
inline;filename="Nice-vs-Monaco-team (330 x 160).jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22775
x-xss-protection
0
server
fife
etag
"v249"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 17 Sep 2021 07:30:53 GMT
Kaboul.jpg
4.bp.blogspot.com/-Ddt-dDXho6s/Vh0yKjBXGCI/AAAAAAAAAko/HGFMszpBJ8M/s1600/
30 KB
30 KB
Image
General
Full URL
https://4.bp.blogspot.com/-Ddt-dDXho6s/Vh0yKjBXGCI/AAAAAAAAAko/HGFMszpBJ8M/s1600/Kaboul.jpg
Requested by
Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
fife /
Resource Hash
d6002ac80e0b2185318aec97b4cc5a53e63eb72af9de04251817458f07a1599c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 17:22:13 GMT
x-content-type-options
nosniff
age
3268
content-disposition
inline;filename="Kaboul.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30829
x-xss-protection
0
server
fife
etag
"v24b"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 06 Sep 2021 18:04:31 GMT
bayyr%2B%2528305%2Bx%2B171%2529.jpg
1.bp.blogspot.com/-H27asjimQ94/Vh0yg_MPaoI/AAAAAAAAAk4/XosrwwcGfKE/s1600/
18 KB
18 KB
Image
General
Full URL
https://1.bp.blogspot.com/-H27asjimQ94/Vh0yg_MPaoI/AAAAAAAAAk4/XosrwwcGfKE/s1600/bayyr%2B%2528305%2Bx%2B171%2529.jpg
Requested by
Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
fife /
Resource Hash
11e47e3f46e571aaf1ac77329cbd60847f6c8057068fb0f97bfd1ca5ef59bb79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 17:44:45 GMT
x-content-type-options
nosniff
age
1916
content-disposition
inline;filename="bayyr (305 x 171).jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18147
x-xss-protection
0
server
fife
etag
"v24f"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 17 Sep 2021 07:30:53 GMT
arssd.jpg
2.bp.blogspot.com/-V6RT9Vezcsg/Vh0ytsQc1oI/AAAAAAAAAlA/aoRhlMRPBnU/s1600/
23 KB
23 KB
Image
General
Full URL
https://2.bp.blogspot.com/-V6RT9Vezcsg/Vh0ytsQc1oI/AAAAAAAAAlA/aoRhlMRPBnU/s1600/arssd.jpg
Requested by
Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
fife /
Resource Hash
c7ee651e00a56adb1e06aca0aab62e0aeb66cc4594592c7ac1344f81b3fea1b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:55:04 GMT
x-content-type-options
nosniff
age
12097
content-disposition
inline;filename="arssd.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23133
x-xss-protection
0
server
fife
etag
"v251"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 06 Sep 2021 18:04:31 GMT
shai%2B%2528310%2Bx%2B215%2529.jpg
3.bp.blogspot.com/-Eps1ylN-vys/Vh0zBlSyOwI/AAAAAAAAAlI/f2WCaN4SztE/s1600/
18 KB
18 KB
Image
General
Full URL
https://3.bp.blogspot.com/-Eps1ylN-vys/Vh0zBlSyOwI/AAAAAAAAAlI/f2WCaN4SztE/s1600/shai%2B%2528310%2Bx%2B215%2529.jpg
Requested by
Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
fife /
Resource Hash
b04d3cfa9b28e61adce17e6779f4b7f3dcfca34000d7b88bb85734a465c4100f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:55:03 GMT
x-content-type-options
nosniff
age
12098
content-disposition
inline;filename="shai (310 x 215).jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18628
x-xss-protection
0
server
fife
etag
"v253"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 08 Sep 2021 07:02:14 GMT
DHiOS%2B%2528426%2Bx%2B240%2529.jpg
1.bp.blogspot.com/-cgLilAUBe14/Vh0zWz7QKvI/AAAAAAAAAlY/09Q2LcdN0GE/s1600/
30 KB
30 KB
Image
General
Full URL
https://1.bp.blogspot.com/-cgLilAUBe14/Vh0zWz7QKvI/AAAAAAAAAlY/09Q2LcdN0GE/s1600/DHiOS%2B%2528426%2Bx%2B240%2529.jpg
Requested by
Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
fife /
Resource Hash
7bbd228ebb7a313c02f48fee3f8398ddaf2df196477f3e245abef62c6c0dd6a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 17:44:45 GMT
x-content-type-options
nosniff
age
1916
content-disposition
inline;filename="DHiOS (426 x 240).jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30400
x-xss-protection
0
server
fife
etag
"v257"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 16 Sep 2021 05:24:42 GMT
dim%2B%2528309%2Bx%2B157%2529.jpg
1.bp.blogspot.com/-RBFwLfIMCPs/Vh0zicH1cXI/AAAAAAAAAlg/wkFuVQOooEE/s1600/
17 KB
17 KB
Image
General
Full URL
https://1.bp.blogspot.com/-RBFwLfIMCPs/Vh0zicH1cXI/AAAAAAAAAlg/wkFuVQOooEE/s1600/dim%2B%2528309%2Bx%2B157%2529.jpg
Requested by
Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
fife /
Resource Hash
738819381485d1be56e646985b53c057ad49e45e310ad0fda6f22434f77402d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 17:44:45 GMT
x-content-type-options
nosniff
age
1916
content-disposition
inline;filename="dim (309 x 157).jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17403
x-xss-protection
0
server
fife
etag
"v259"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 16 Sep 2021 05:24:42 GMT
Marcelo-Modric_1872047c%2B%2528230%2Bx%2B143%2529.jpg
2.bp.blogspot.com/-q4xPw_Rdydw/Vh0zs--afqI/AAAAAAAAAlo/tcFnI2iJnjw/s1600/
14 KB
15 KB
Image
General
Full URL
https://2.bp.blogspot.com/-q4xPw_Rdydw/Vh0zs--afqI/AAAAAAAAAlo/tcFnI2iJnjw/s1600/Marcelo-Modric_1872047c%2B%2528230%2Bx%2B143%2529.jpg
Requested by
Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
fife /
Resource Hash
d27f53bbfc004b239b92ee8d8e8493293f5790ade1237ca74a82d76bb74e44de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:55:04 GMT
x-content-type-options
nosniff
age
12097
content-disposition
inline;filename="Marcelo-Modric_1872047c (230 x 143).jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14712
x-xss-protection
0
server
fife
etag
"v25b"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 17 Sep 2021 07:26:05 GMT
Olympique-Lyonnais-Naples%2B%2528297%2Bx%2B185%2529.jpg
3.bp.blogspot.com/-EV746E9dtDo/Vh0z297Av6I/AAAAAAAAAlw/uspUTJ3uK3o/s1600/
16 KB
16 KB
Image
General
Full URL
https://3.bp.blogspot.com/-EV746E9dtDo/Vh0z297Av6I/AAAAAAAAAlw/uspUTJ3uK3o/s1600/Olympique-Lyonnais-Naples%2B%2528297%2Bx%2B185%2529.jpg
Requested by
Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
fife /
Resource Hash
2c91b0e6f34ac9ba15363622392e08daed9ae565ff18d92ceac3eb94edb0f1cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:55:03 GMT
x-content-type-options
nosniff
age
12098
content-disposition
inline;filename="Olympique-Lyonnais-Naples (297 x 185).jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16641
x-xss-protection
0
server
fife
etag
"v25d"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 06 Sep 2021 21:04:34 GMT
shic%2B%2528360%2Bx%2B270%2529.jpg
2.bp.blogspot.com/-07G0LmocPB4/Vh00NrOK-vI/AAAAAAAAAl4/rnx8r_gc9F8/s1600/
24 KB
24 KB
Image
General
Full URL
https://2.bp.blogspot.com/-07G0LmocPB4/Vh00NrOK-vI/AAAAAAAAAl4/rnx8r_gc9F8/s1600/shic%2B%2528360%2Bx%2B270%2529.jpg
Requested by
Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
fife /
Resource Hash
8d876054904ddf1100888777d73a57cd36f3b51a83fbd75774bfdf7339fe2209
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:55:03 GMT
x-content-type-options
nosniff
age
12098
content-disposition
inline;filename="shic (360 x 270).jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24946
x-xss-protection
0
server
fife
etag
"v25f"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 18 Sep 2021 14:10:00 GMT
saint%2B%2528348%2Bx%2B217%2529.jpg
4.bp.blogspot.com/-qp60VT61rWc/Vh00YbvtLYI/AAAAAAAAAmA/qMSbSsXYpzI/s1600/
26 KB
26 KB
Image
General
Full URL
https://4.bp.blogspot.com/-qp60VT61rWc/Vh00YbvtLYI/AAAAAAAAAmA/qMSbSsXYpzI/s1600/saint%2B%2528348%2Bx%2B217%2529.jpg
Requested by
Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
fife /
Resource Hash
718e169411e938c6ccca40681574efaf03da136dfef6332174652485368e78bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 17:22:13 GMT
x-content-type-options
nosniff
age
3268
content-disposition
inline;filename="saint (348 x 217).jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26355
x-xss-protection
0
server
fife
etag
"v261"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 07 Sep 2021 09:12:00 GMT
mascheranopa_450x250%2B%2528337%2Bx%2B187%2529.jpg
2.bp.blogspot.com/-3VKlWr_OKDI/Vh00iHasFvI/AAAAAAAAAmI/gHRa6roZPkI/s1600/
17 KB
17 KB
Image
General
Full URL
https://2.bp.blogspot.com/-3VKlWr_OKDI/Vh00iHasFvI/AAAAAAAAAmI/gHRa6roZPkI/s1600/mascheranopa_450x250%2B%2528337%2Bx%2B187%2529.jpg
Requested by
Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
fife /
Resource Hash
702f1e6aca82f2b576d881b27d7f6d230aba208e4209e2edaaf4c4d2f94ded40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:55:03 GMT
x-content-type-options
nosniff
age
12098
content-disposition
inline;filename="mascheranopa_450x250 (337 x 187).jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17417
x-xss-protection
0
server
fife
etag
"v263"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 08 Sep 2021 09:20:33 GMT
marr%2B%2528235%2Bx%2B156%2529.jpg
4.bp.blogspot.com/-QfVoWLsz05M/Vh00uifNM1I/AAAAAAAAAmQ/lhjn32auqdc/s1600/
12 KB
12 KB
Image
General
Full URL
https://4.bp.blogspot.com/-QfVoWLsz05M/Vh00uifNM1I/AAAAAAAAAmQ/lhjn32auqdc/s1600/marr%2B%2528235%2Bx%2B156%2529.jpg
Requested by
Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
fife /
Resource Hash
5d1129f473527dce92086e246848c28a08b5b182042a533ae717bb8d5358a254
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 17:22:13 GMT
x-content-type-options
nosniff
age
3268
content-disposition
inline;filename="marr (235 x 156).jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12567
x-xss-protection
0
server
fife
etag
"v265"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 06 Sep 2021 08:29:39 GMT
fernando-alonso-budapest-%2B%2528403%2Bx%2B302%2529.jpg
1.bp.blogspot.com/--kC9H4FjLcM/Vh0rPwsgKSI/AAAAAAAAAh0/aZagbphWh8w/s1600/
22 KB
22 KB
Image
General
Full URL
https://1.bp.blogspot.com/--kC9H4FjLcM/Vh0rPwsgKSI/AAAAAAAAAh0/aZagbphWh8w/s1600/fernando-alonso-budapest-%2B%2528403%2Bx%2B302%2529.jpg
Requested by
Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
fife /
Resource Hash
11048c3be88262e2cf43c9144ea5272dde3369f954f705d4eea26aa4b33d96e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 17:44:45 GMT
x-content-type-options
nosniff
age
1916
content-disposition
inline;filename="fernando-alonso-budapest- (403 x 302).jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22862
x-xss-protection
0
server
fife
etag
"v21e"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 16 Sep 2021 05:24:42 GMT
Jari%252BMatti%252BLatvala%252BFIA%252BWorld%252BRally%252BChampionship%252BYqf_yBl0Wg-l%2B%2528445%2Bx%2B297%2529.jpg
1.bp.blogspot.com/-dW3KvDqGfmg/Vh0rfy8azlI/AAAAAAAAAh8/OrfkDWgPqHY/s1600/
36 KB
36 KB
Image
General
Full URL
https://1.bp.blogspot.com/-dW3KvDqGfmg/Vh0rfy8azlI/AAAAAAAAAh8/OrfkDWgPqHY/s1600/Jari%252BMatti%252BLatvala%252BFIA%252BWorld%252BRally%252BChampionship%252BYqf_yBl0Wg-l%2B%2528445%2Bx%2B297%2529.jpg
Requested by
Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
fife /
Resource Hash
6b387b1ce511eb9e24efb3cbb349a11db51da1e3828b065a4f7954893a0fc680
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 17:44:45 GMT
x-content-type-options
nosniff
age
1916
content-disposition
inline;filename="Jari+Matti+Latvala+FIA+World+Rally+Championship+Yqf_yBl0Wg-l (445 x 297).jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37022
x-xss-protection
0
server
fife
etag
"v220"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 18 Sep 2021 09:39:40 GMT
PHENO%2B%2528475%2Bx%2B324%2529.jpg
3.bp.blogspot.com/-zutjz__Fnuc/Vh0so6W6w4I/AAAAAAAAAiU/Z2rrpXzDeZg/s1600/
41 KB
41 KB
Image
General
Full URL
https://3.bp.blogspot.com/-zutjz__Fnuc/Vh0so6W6w4I/AAAAAAAAAiU/Z2rrpXzDeZg/s1600/PHENO%2B%2528475%2Bx%2B324%2529.jpg
Requested by
Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
fife /
Resource Hash
a73a2f96c9c3c66bad7f0974859a398b16d81c2023e797eec43e537bfc9a9670
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:55:03 GMT
x-content-type-options
nosniff
age
12098
content-disposition
inline;filename="PHENO (475 x 324).jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41552
x-xss-protection
0
server
fife
etag
"v226"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 07 Sep 2021 06:49:31 GMT
WRC_222%2B%2528471%2Bx%2B264%2529.jpg
4.bp.blogspot.com/-Bt7BlUW-o20/Vh0s17MbYPI/AAAAAAAAAic/j89fLwbIPE0/s1600/
23 KB
23 KB
Image
General
Full URL
https://4.bp.blogspot.com/-Bt7BlUW-o20/Vh0s17MbYPI/AAAAAAAAAic/j89fLwbIPE0/s1600/WRC_222%2B%2528471%2Bx%2B264%2529.jpg
Requested by
Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
fife /
Resource Hash
7cd0e977de74caad61054e8991c774c3bfc8342704ba9b80c9fa1035d946f4db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 17:22:13 GMT
x-content-type-options
nosniff
age
3268
content-disposition
inline;filename="WRC_222 (471 x 264).jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24005
x-xss-protection
0
server
fife
etag
"v228"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 18 Sep 2021 14:10:00 GMT
alonso%2B%2528495%2Bx%2B262%2529.jpg
3.bp.blogspot.com/-aZulEqqldn8/Vh0tbybVBmI/AAAAAAAAAi0/O9BEUJtJzYA/s1600/
20 KB
20 KB
Image
General
Full URL
https://3.bp.blogspot.com/-aZulEqqldn8/Vh0tbybVBmI/AAAAAAAAAi0/O9BEUJtJzYA/s1600/alonso%2B%2528495%2Bx%2B262%2529.jpg
Requested by
Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
fife /
Resource Hash
cd5269f06e0db0b8c23c34a32815e4ef9e6349d93fd6943b60542d2e24a411f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:55:03 GMT
x-content-type-options
nosniff
age
12098
content-disposition
inline;filename="alonso (495 x 262).jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20258
x-xss-protection
0
server
fife
etag
"v22e"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 08 Sep 2021 07:02:14 GMT
REDBB%2B%2528480%2Bx%2B270%2529.jpg
3.bp.blogspot.com/-U6K5vyAOznY/Vh0to4OAbGI/AAAAAAAAAi8/aXsGdvr-LAs/s1600/
32 KB
32 KB
Image
General
Full URL
https://3.bp.blogspot.com/-U6K5vyAOznY/Vh0to4OAbGI/AAAAAAAAAi8/aXsGdvr-LAs/s1600/REDBB%2B%2528480%2Bx%2B270%2529.jpg
Requested by
Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
fife /
Resource Hash
eb7fc01edc455bd8c043bdf74dd4395c08a6f4465023ef2d54214914c055f4f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:55:04 GMT
x-content-type-options
nosniff
age
12097
content-disposition
inline;filename="REDBB (480 x 270).jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33138
x-xss-protection
0
server
fife
etag
"v230"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 06 Sep 2021 08:24:16 GMT
van-der-garde%2B%2528472%2Bx%2B315%2529.jpg
3.bp.blogspot.com/-2ZRgdn0h1PQ/Vh0t0JmTj0I/AAAAAAAAAjE/RYHrOQ-KZfQ/s1600/
32 KB
32 KB
Image
General
Full URL
https://3.bp.blogspot.com/-2ZRgdn0h1PQ/Vh0t0JmTj0I/AAAAAAAAAjE/RYHrOQ-KZfQ/s1600/van-der-garde%2B%2528472%2Bx%2B315%2529.jpg
Requested by
Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
fife /
Resource Hash
3d2f50274e7b3aec5963f044253b2e5ec72f77c307610362dd94b266aabe11ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:55:04 GMT
x-content-type-options
nosniff
age
12097
content-disposition
inline;filename="van-der-garde (472 x 315).jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33124
x-xss-protection
0
server
fife
etag
"v232"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 08 Sep 2021 09:20:34 GMT
winner_lewis_hamilton_getty%2B%2528468%2Bx%2B263%2529.jpg
2.bp.blogspot.com/-droslkcAUmA/Vh0uYF6QAzI/AAAAAAAAAjc/Y3t5W-6h2jg/s1600/
37 KB
37 KB
Image
General
Full URL
https://2.bp.blogspot.com/-droslkcAUmA/Vh0uYF6QAzI/AAAAAAAAAjc/Y3t5W-6h2jg/s1600/winner_lewis_hamilton_getty%2B%2528468%2Bx%2B263%2529.jpg
Requested by
Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
fife /
Resource Hash
8ba0b29fd70cf1a0f96de43957319df4d6490c9d796d560f0fb60504dadf2158
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:55:04 GMT
x-content-type-options
nosniff
age
12097
content-disposition
inline;filename="winner_lewis_hamilton_getty (468 x 263).jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38209
x-xss-protection
0
server
fife
etag
"v238"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 08 Sep 2021 07:02:14 GMT
MotoGp%252Bof%252BGermany%2B%2528445%2Bx%2B296%2529.jpg
4.bp.blogspot.com/-vkmA3_ST_e4/Vh0ujAsTcFI/AAAAAAAAAjk/iQl_b7j0-tM/s1600/
45 KB
45 KB
Image
General
Full URL
https://4.bp.blogspot.com/-vkmA3_ST_e4/Vh0ujAsTcFI/AAAAAAAAAjk/iQl_b7j0-tM/s1600/MotoGp%252Bof%252BGermany%2B%2528445%2Bx%2B296%2529.jpg
Requested by
Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
fife /
Resource Hash
b87d0c1195e80246d9b4386e8b60bd43862497c45099baf093d23f86b96a5452
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 17:22:13 GMT
x-content-type-options
nosniff
age
3268
content-disposition
inline;filename="MotoGp+of+Germany (445 x 296).jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45863
x-xss-protection
0
server
fife
etag
"v23a"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 07 Sep 2021 09:12:00 GMT
depuniet%2B%2528315%2Bx%2B210%2529.jpg
3.bp.blogspot.com/-ltxoRMYHgkw/Vh0utkpIfyI/AAAAAAAAAjs/vipaMuMFvQo/s1600/
15 KB
15 KB
Image
General
Full URL
https://3.bp.blogspot.com/-ltxoRMYHgkw/Vh0utkpIfyI/AAAAAAAAAjs/vipaMuMFvQo/s1600/depuniet%2B%2528315%2Bx%2B210%2529.jpg
Requested by
Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
fife /
Resource Hash
77db8e3a0c1157eb4946f816fee2f1bccd44fd03a8098618b15b470cb610e0c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 14:55:04 GMT
x-content-type-options
nosniff
age
12097
content-disposition
inline;filename="depuniet (315 x 210).jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
server
fife
etag
"v23c"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 08 Sep 2021 09:20:34 GMT
vedel%2B%2528465%2Bx%2B291%2529.jpg
4.bp.blogspot.com/-qFd__8GuOmc/Vh0u4NEm2BI/AAAAAAAAAj0/sCopngmhQVo/s1600/
42 KB
42 KB
Image
General
Full URL
https://4.bp.blogspot.com/-qFd__8GuOmc/Vh0u4NEm2BI/AAAAAAAAAj0/sCopngmhQVo/s1600/vedel%2B%2528465%2Bx%2B291%2529.jpg
Requested by
Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
fife /
Resource Hash
c8164a629b41019e218dc4afdb572fdb310e3e85ea1215b3fbdda1d2e56d81b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 17:22:13 GMT
x-content-type-options
nosniff
age
3268
content-disposition
inline;filename="vedel (465 x 291).jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42662
x-xss-protection
0
server
fife
etag
"v23e"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 18 Sep 2021 09:38:26 GMT
style3.css
www.hesgoal.com/templates/lol/
0
0

jquery-1.6.2.js
code.jquery.com/
0
0

jquery-latest.min.js
code.jquery.com/
0
0

/
m.huerty.live/ Frame 5CBF
97 KB
55 KB
XHR
General
Full URL
https://m.huerty.live/
Requested by
Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.156.202.211 , Belize, ASN56388 (AMBER-AS ---CLIENTS---, BZ),
Reverse DNS
Software
openresty /
Resource Hash
0222608801301cf9e7a5e78a9e6645318b98156857f0fdd3666c6ed46036f3c2

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 29 Sep 2021 18:16:42 GMT
content-encoding
gzip
server
openresty
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Meta-Request-Id, X-Location, X-Meta-Status, X-Check, X-Cookie
x-cache-date
Wed, 29 Sep 2021 18:16:36 GMT
x-cache
HIT
access-control-allow-headers
X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
js15_as.js
s10.histats.com/
11 KB
5 KB
Script
General
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 18:08:58 GMT
content-encoding
br
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"-375139978"
x-cacheable
Matched cache
content-type
application/javascript; charset=UTF-8
x-cdn-pop
sbg
accept-ranges
bytes
content-length
4364
x-request-id
354191094
widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html
platform.twitter.com/widgets/ Frame 62F2
319 KB
103 KB
Document
General
Full URL
https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fwww.hesgoal.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67F3) /
Resource Hash
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.hesgoal.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
1344876
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Wed, 29 Sep 2021 18:16:42 GMT
Etag
"8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified
Mon, 02 Aug 2021 20:33:53 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/67F3)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105433
hesgoal.com.994688.es6.js
jsc.adskeeper.com/h/e/
224 KB
65 KB
Script
General
Full URL
https://jsc.adskeeper.com/h/e/hesgoal.com.994688.es6.js
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/h/e/hesgoal.com.994688.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ba080cb87210455600d30f6cbb946d407474b06b89d3a50f297ff1747e2c37c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 18:16:42 GMT
content-encoding
gzip
cf-cache-status
HIT
age
4823
cf-ray
6967343eaa472b41-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
65622
x-amz-id-2
WYaKMvR/G6jTCp2GlXtzJCv1fwq54OzSbZGkhUHJoZwyhORzFmBqaohc75DFI2NEct3wWHwC7YM=
last-modified
Wed, 08 Sep 2021 05:45:35 GMT
server
cloudflare
etag
"fe7a78297f1c5999c722226925b90ebb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
KCT8FS3NXPGASX91
cache-control
public, max-age=14400
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 29 Sep 2021 22:16:42 GMT
0.php
s4.histats.com/stats/
382 B
517 B
Script
General
Full URL
https://s4.histats.com/stats/0.php?3907345&@f16&@g1&@h1&@i1&@j1632939402035&@k0&@l1&@mHesGoal.Com%20Sports%20News&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-154850252&@b3:1632939402&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fwww.hesgoal.com%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.27.80.143 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns558056.ip-198-27-80.net
Software
/
Resource Hash
7c2dbcb92e66fe8b66c124b8f21dcc8a1d67d7d573e38cd2e86e2ecd6fddb599

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 18:16:42 GMT
Connection
close
Content-Length
382
Content-Type
text/html;charset=UTF-8
settings
syndication.twitter.com/ Frame 62F2
232 B
431 B
Fetch
General
Full URL
https://syndication.twitter.com/settings?session_id=2bf300e45b365574cb649d203a07b72c8ad19dcb
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fwww.hesgoal.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 18:16:41 GMT
content-encoding
gzip
last-modified
Wed, 29 Sep 2021 18:16:42 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
f1e2356bc2c3ab1362e4ff58e5d2c7e884ddbb0a707a96e7d6cfcb1765d6e157
content-length
166
/
m.huerty.live/ Frame 7911
102 B
449 B
XHR
General
Full URL
https://m.huerty.live/
Requested by
Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.156.202.211 , Belize, ASN56388 (AMBER-AS ---CLIENTS---, BZ),
Reverse DNS
Software
openresty /
Resource Hash
3fe7f4a2d9e68e6d3ea3665ffa83df459dbb4bc64562c510fa7324301b2447b0

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-language
eyJ4LXBvc3QiOiIxIn0=
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 29 Sep 2021 18:16:42 GMT
content-encoding
server
openresty
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Meta-Request-Id, X-Location, X-Meta-Status, X-Check, X-Cookie
access-control-allow-headers
X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length
102
button.5d16ecc02fbaf599a24dfb57ab239320.js
platform.twitter.com/js/
7 KB
3 KB
Script
General
Full URL
https://platform.twitter.com/js/button.5d16ecc02fbaf599a24dfb57ab239320.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67C1) /
Resource Hash
3ee8351e156e2e80d99018a585c18c0dbd9098e3bea84a131d8cbad1ec72c81e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 18:16:42 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Aug 2021 20:33:39 GMT
Server
ECS (frb/67C1)
Age
1369028
Etag
"6b95f5a9a2ff4b885e2eafdf446d70d0+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
2296
follow_button.f88235f49a156f8b4cab34c7bc1a0acc.en.html
platform.twitter.com/widgets/ Frame 5E21
36 KB
14 KB
Document
General
Full URL
https://platform.twitter.com/widgets/follow_button.f88235f49a156f8b4cab34c7bc1a0acc.en.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67C1) /
Resource Hash
8ade4559ba0159fe586121f621bed885f04755e81a8d02e58eb7d0f9771afe2b

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.hesgoal.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
1369020
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Wed, 29 Sep 2021 18:16:42 GMT
Etag
"a237d70af6aab8c30f8fef9c8de02f69+gzip"
Last-Modified
Mon, 02 Aug 2021 20:33:41 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/67C1)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
13651
truncated
/ Frame 5E21
822 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
c.adskeeper.com/pv/
0
307 B
Script
General
Full URL
https://c.adskeeper.com/pv/?pv=5&cbuster=1632939402278207949714&uniqId=13433&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fwww.hesgoal.com%2F&lu=https%3A%2F%2Fwww.hesgoal.com%2F&sessionId=6154ad8a-128fe&pageView=1&pvid=17c32c5e427b8224c5c&site=288223&implVersion=11&dpr=1
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/h/e/hesgoal.com.994688.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 18:16:42 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6967344058c74eaa-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
adskeeper_svg.svg
cdn.adskeeper.co.uk/images/
4 KB
2 KB
Image
General
Full URL
https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Requested by
Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 18:16:42 GMT
content-encoding
br
cf-cache-status
HIT
age
1333
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
XXQX9JBSCH0N5JS5
x-amz-id-2
CWQcblvkNgl841zhni5fxo9UtrMY0Uhwn5zh1oLPU16Poqdim6PAdvDXGiizTIG8dmF0P9kScEk=
last-modified
Tue, 08 Dec 2020 08:34:59 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag
W/"93f6d1136fb77e38a0a2c72108588f09"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
696734409b6e1f2d-FRA
expires
Wed, 29 Sep 2021 22:16:42 GMT
/
e.dtscout.com/e/
8 KB
9 KB
Script
General
Full URL
https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fwww.hesgoal.com%2F&j=
Requested by
Host: s4.histats.com
URL: https://s4.histats.com/stats/0.php?3907345&@f16&@g1&@h1&@i1&@j1632939402035&@k0&@l1&@mHesGoal.Com%20Sports%20News&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-154850252&@b3:1632939402&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fwww.hesgoal.com%2F&@w
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.114.209.61 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns515688.ip-167-114-209.net
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
c051f20e397bda903dda0cdd3e3af421ea67923f737697b50868b0f7f2627378

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 18:16:42 GMT
X-T
8.489
Server
nginx/1.10.3 (Ubuntu)
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
no-cache
Connection
close
X-S
mtl1
Expires
Wed, 29 Sep 2021 18:16:41 GMT
widget-ssp-performance
c.adskeeper.com/
43 B
399 B
Image
General
Full URL
https://c.adskeeper.com/widget-ssp-performance?time=69
Requested by
Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 18:16:42 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
69673440be2c2b41-FRA
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
jot
syndication.twitter.com/i/
43 B
352 B
Image
General
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fwww.hesgoal.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Awithcount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1632939402359%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%221890d59c%3A1627936082797%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D
Requested by
Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 18:16:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
pragma
no-cache
last-modified
Wed, 29 Sep 2021 18:16:42 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
f1e2356bc2c3ab1362e4ff58e5d2c7e884ddbb0a707a96e7d6cfcb1765d6e157
x-transaction
e3bebdc3d77b5a10
expires
Tue, 31 Mar 1981 05:00:00 GMT
1
servicer.adskeeper.com/994688/
3 KB
1 KB
Script
General
Full URL
https://servicer.adskeeper.com/994688/1?pv=5&cbuster=1632939402553319263147&uniqId=13433&niet=4g&nisd=false&jsv=es6&w=1584&h=1290&cols=1&ref=&cxurl=https%3A%2F%2Fwww.hesgoal.com%2F&lu=https%3A%2F%2Fwww.hesgoal.com%2F&sessionId=6154ad8a-128fe&pageView=1&pvid=17c32c5e427b8224c5c&implVersion=11&dpr=1
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/h/e/hesgoal.com.994688.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b3e048ef33a432b755395dbf54f027723c7624aa5ea1eec18b8b778e62c3520

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 18:16:42 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
696734420c084eaa-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
widget-ssp-performance
c.adskeeper.com/
43 B
399 B
Image
General
Full URL
https://c.adskeeper.com/widget-ssp-performance?time=83
Requested by
Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 18:16:42 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
696734427b122b41-FRA
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDgvMTAxOTI0LzcxNDkzMDc4YjMzMzRmYjk1MzRjOGEwMmYxMzQ5OThkLmpwZw.webp
s-img.adskeeper.com/g/8193502/492x277/0x299x1080x720/
16 KB
16 KB
Image
General
Full URL
https://s-img.adskeeper.com/g/8193502/492x277/0x299x1080x720/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDgvMTAxOTI0LzcxNDkzMDc4YjMzMzRmYjk1MzRjOGEwMmYxMzQ5OThkLmpwZw.webp?v=1632939402-cXNJh_diUR3V7gfK9OcLwuhuGS4nn9gBoB2z507czfA
Requested by
Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83147d4b02fdda83728e35c64a246133da2171d543343efbbc10a0717639074c

Request headers

Referer
https://www.hesgoal.com/
Origin
https://www.hesgoal.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 18:16:42 GMT
cf-cache-status
HIT
last-modified
Tue, 11 May 2021 11:23:17 GMT
x-mg-request-uuid
260042c6-8a1f-43ac-8bf4-798a99ec9184
age
367921
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
69673442c87b05b3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
16032
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDUvMTAxOTI0LzA2ZWM0NWZkMzdjZmYxNTI4MzVjNjEzMDMxMmE5NjYxLmpwZWc.webp
s-img.adskeeper.com/g/8164884/492x277/0x0x1001x667/
19 KB
19 KB
Image
General
Full URL
https://s-img.adskeeper.com/g/8164884/492x277/0x0x1001x667/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDUvMTAxOTI0LzA2ZWM0NWZkMzdjZmYxNTI4MzVjNjEzMDMxMmE5NjYxLmpwZWc.webp?v=1632939402-CmYVey51eajO9wHenxGQ0F1VkFUce5lrsDe6W8YjLSs
Requested by
Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c49c82f3f670e16ab6ad5231d4dba5ccea94142649a946a69d5d7f64a9cfe4cd

Request headers

Referer
https://www.hesgoal.com/
Origin
https://www.hesgoal.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 18:16:42 GMT
cf-cache-status
HIT
last-modified
Tue, 11 May 2021 10:38:40 GMT
x-mg-request-uuid
78e084c8-2987-49df-835a-d395015c9003
age
453368
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
69673442c88205b3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
18944
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzcyYTQ1NjNjYzFmY2Y5MjAwOWYzMGZkYThiZjFiMGFhLmpwZWc.webp
s-img.adskeeper.com/g/8164865/492x277/0x0x900x600/
19 KB
19 KB
Image
General
Full URL
https://s-img.adskeeper.com/g/8164865/492x277/0x0x900x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzcyYTQ1NjNjYzFmY2Y5MjAwOWYzMGZkYThiZjFiMGFhLmpwZWc.webp?v=1632939402-HrNz51Hz6M3NyUXDAICZUeRsdx-PXAoy9bNI75GyGEY
Requested by
Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d50c76f222ed812d0aef55d3b7fe52f4ea68565e14496a8d8e52fb290be7bc3e

Request headers

Referer
https://www.hesgoal.com/
Origin
https://www.hesgoal.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 18:16:42 GMT
cf-cache-status
HIT
last-modified
Tue, 11 May 2021 10:37:29 GMT
x-mg-request-uuid
8cf00a1d-d2d0-445c-80fa-b1221795b1b5
age
453378
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
69673442c88405b3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
19190
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzIwOWY0ODAyNmU2NjY1ZjAzMWRlZDMyNzE5ZWI1ZmEwLmpwZw.webp
s-img.adskeeper.com/g/8164883/492x277/0x0x492x328/
11 KB
11 KB
Image
General
Full URL
https://s-img.adskeeper.com/g/8164883/492x277/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzIwOWY0ODAyNmU2NjY1ZjAzMWRlZDMyNzE5ZWI1ZmEwLmpwZw.webp?v=1632939402-CZkhLg9TLI_WjlB5sxhhOahq8-D-k7sA2e92pBrW_sQ
Requested by
Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a4439966cf3114fcfbe92d56d21b21810b5f3a0f138032a7e665113f2c754a7

Request headers

Referer
https://www.hesgoal.com/
Origin
https://www.hesgoal.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 18:16:42 GMT
cf-cache-status
HIT
last-modified
Tue, 11 May 2021 10:36:41 GMT
x-mg-request-uuid
06996ae9-1438-4398-a255-311c115cc868
age
100865
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
69673442c88505b3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
10766
server
cloudflare
/
t.dtscout.com/idg/ Frame 7190
1 KB
752 B
Document
General
Full URL
https://t.dtscout.com/idg/?su=6D001632939402D0DE01155F7B2FCA6B
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fwww.hesgoal.com%2F&j=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.114.209.61 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns515688.ip-167-114-209.net
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
9cdac6ebed7b54bbee2bcdd18f9aec4ee761e0bf4b6c2d87a8ff31d45c67f6cd

Request headers

Host
t.dtscout.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.hesgoal.com/
Accept-Encoding
gzip, deflate, br
Cookie
m=1; b=1; st=1; oa=1; df=1632939402; l=6D001632939402D0DE01155F7B2FCA6B
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/

Response headers

Server
nginx/1.10.3 (Ubuntu)
Date
Wed, 29 Sep 2021 18:16:42 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
Expires
Wed, 29 Sep 2021 18:16:41 GMT
Cache-Control
no-cache
Content-Encoding
gzip
tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/
30 KB
10 KB
Script
General
Full URL
https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fwww.hesgoal.com%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-81.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d9262f833e999fddfae1cb297ae5f9e260529ca0ca737ed805a11fbf3ab92bcd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
BC1z2ASq_5A8fCLvu30SOKeIK4SZ9jqY
content-encoding
gzip
last-modified
Thu, 03 Jun 2021 13:27:46 GMT
server
AmazonS3
age
1715
etag
W/"a1c6ef0f57fd5dc66dd46feb78238adf"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
text/javascript
via
1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Wed, 29 Sep 2021 17:48:08 GMT
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
2ZhTIgJ9lJvC9OrIVqsFCOS8dtOzz3NYvfpxtdW50LNz4051bm2rMg==
dtscout
pd.sharethis.com/pd/
0
88 B
Script
General
Full URL
https://pd.sharethis.com/pd/dtscout
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fwww.hesgoal.com%2F&j=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.98.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-98-10.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 29 Sep 2021 18:16:42 GMT
afwu.js
cdn.tynt.com/
10 KB
4 KB
Script
General
Full URL
https://cdn.tynt.com/afwu.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fwww.hesgoal.com%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.28.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ee04154662e67cdd4a6694f6afacb682bb184617b5e81948524637dde2f31d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 18:16:42 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 27 Aug 2021 20:58:51 GMT
server
cloudflare
age
249434
etag
W/"6129520b-288b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
69673442fffc4ac2-FRA
expires
Sat, 02 Oct 2021 18:16:42 GMT
/
t.dtscout.com/pv/
50 B
318 B
Script
General
Full URL
https://t.dtscout.com/pv/?_a=v&_h=hesgoal.com&_ss=6mknsgk9n7&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=om52&_cb=_dtspv.c
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fwww.hesgoal.com%2F&j=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.114.209.61 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns515688.ip-167-114-209.net
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
826a820fd1c9ee09e48db0ca5ec0b54cdf311786c9e6a23783b9968a506b7111

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 18:16:42 GMT
X-T
0.299
Server
nginx/1.10.3 (Ubuntu)
Transfer-Encoding
chunked
X-C
0
Content-Type
application/javascript
Cache-Control
no-cache
Connection
close
Expires
Wed, 29 Sep 2021 18:16:41 GMT
i.js
cm.adskeeper.com/
19 B
197 B
Script
General
Full URL
https://cm.adskeeper.com/i.js?&cbuster=1632939402681792922169
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/h/e/hesgoal.com.994688.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 18:16:42 GMT
content-encoding
gzip
cf-cache-status
MISS
x-mg-request-uuid
74aaf643-1e76-40b0-aaa4-95c46cc7b8d3
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
69673442edde4eaa-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
i-noref.js
cm.adskeeper.com/ Frame 9228
19 B
127 B
Script
General
Full URL
https://cm.adskeeper.com/i-noref.js?cbuster=1632939402696771501076
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/h/e/hesgoal.com.994688.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 18:16:42 GMT
content-encoding
gzip
cf-cache-status
MISS
x-mg-request-uuid
a367cf50-15ed-4afa-b58d-d63f06e08a16
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
69673442ede14eaa-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
/
onetag-geo.s-onetag.com/
555 B
985 B
Fetch
General
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-75.fra2.r.cloudfront.net
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 18:16:42 GMT
via
1.1 910a343c3141ba3fe805e18bded62491.cloudfront.net (CloudFront), 1.1 e56e6732f380db727425bac2d6158761.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3, FRA2-C2
x-amzn-requestid
bbe3bc16-7615-4b20-aa4d-2e81c3d1d6b5
x-edge-origin-shield-skipped
0
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-cache
Miss from cloudfront
x-amz-apigw-id
GcANtEAqiYcFoLQ=
content-length
555
x-amz-cf-id
wRzvT1_TiqLXS_6RMA6-QQUorMNBnhni18KgEGwMhlT6J2DvdpG7VQ==
p
ic.tynt.com/b/
0
227 B
Image
General
Full URL
https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1632939402729&dn=AFWU&iso=0&t=HesGoal.Com%20Sports%20News
Requested by
Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.190 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip190.208-100-17.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 18:16:43 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
EU
onetag-geo-grouping.s-onetag.com/regionalbloc/
1 KB
852 B
Fetch
General
Full URL
https://onetag-geo-grouping.s-onetag.com/regionalbloc/EU
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-108.fra2.r.cloudfront.net
Software
restify /
Resource Hash
6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 18:16:43 GMT
content-encoding
gzip
server
restify
x-edge-origin-shield-skipped
0
vary
Accept-Encoding,origin
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://www.hesgoal.com
access-control-expose-headers
api-version, content-length, content-md5, content-type, date, request-id, response-time
cache-control
max-age=86400
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
qG2FYvAG8n38uh0fvoQCyOYVbkv7YIqdQYEzSitrLx-kpnoMG-pkgw==
via
1.1 edfd22ec6695cdc9d7ac634220af1315.cloudfront.net (CloudFront)
lt.min.js
tags.crwdcntrl.net/lt/c/3825/
38 KB
13 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fwww.hesgoal.com%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-101.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dc9dc5abccf3e062029d71dcdc0e04b7cc9a9be96103d07f98b4ff4a5459c668

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 29 Sep 2021 09:40:12 GMT
content-encoding
gzip
last-modified
Tue, 16 Mar 2021 13:30:17 GMT
server
AmazonS3
age
30992
etag
W/"f321a7442b8087eba0d1817aa7dbb5f7"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
text/javascript
via
1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
j8tD2U85hpt8kcvkvqXeFYCOXmPYS0h1P6XZUV8lhy62ulVInwsP7w==
/
t.dtscdn.com/widget/
0
407 B
Script
General
Full URL
https://t.dtscdn.com/widget/?d=6D001632939402D0DE01155F7B2FCA6B&nid=300&p=836148727&t=0&s=1600x1200x24&u=https%3A%2F%2Fwww.hesgoal.com%2F&r=
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fwww.hesgoal.com%2F&j=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.55.96.63 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 17:40:30 GMT
X-T
1.56
x-server
web12.ny1.dtscdn.com
Cache-Control
no-cache
Content-Type
application/javascript; charset=UTF-8
Transfer-Encoding
chunked
Expires
Wed, 29 Sep 2021 17:40:29 GMT
27675
tags.bluekai.com/site/
62 B
329 B
Image
General
Full URL
https://tags.bluekai.com/site/27675?id=6D001632939402D0DE01155F7B2FCA6B&ret=html&phint=__bk_t%3DHesGoal.Com%20Sports%20News&phint=__bk_k%3Deredivisie%2Cjupiler%20pro%20league%2Cserie%20a%2Cepl%2Cenglish%20premier%20league%2Cligue%201%2Cdanish%20league%2Cformule%201%2Cf1%2Cformula%201%2Cmoto%20gp%2Cralley%2Cligue%201%2Callsvenskan%2CSuperligaen%2CTippeligaen%2CBundesliga%2Cscottish%20premier%20league%2C&phint=__bk_l%3Dhttps%3A%2F%2Fwww.hesgoal.com%2F&r=65023235
Requested by
Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-191.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 18:16:43 GMT
X-N
S
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
BK-Server
57cb
Content-Type
image/gif
mw
mwzeom.zeotap.com/
Redirect Chain
  • https://pixel.onaudience.com/?partner=137085098&mapped=6D001632939402D0DE01155F7B2FCA6B
  • https://spl.zeotap.com/?zdid=1332&zcluid=25bc434ffda60366
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=edad4164-976c-4c64-5a9c-6d0b98402f13&reqId=f4a68b40-c750-461a-69ea-864cbeb07f62&zclui...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=edad4164-976c-4c64-5a9c-6d0b98402f13&reqId=f4a68b40-c750-461a-69ea-864cbeb07f62&zclu...
  • https://mwzeom.zeotap.com/mw?google_gid=&google_cver=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=edad4164-976c-4c64-5a9c-6d0b98402f13&reqId=f4a68b40-c750-461a-69ea-864cbeb07f62&zcluid=25bc434ffda...
95 B
164 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?google_gid=&google_cver=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=edad4164-976c-4c64-5a9c-6d0b98402f13&reqId=f4a68b40-c750-461a-69ea-864cbeb07f62&zcluid=25bc434ffda60366&zdid=1332&google_error=15
Requested by
Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.13.182 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 18:16:43 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://www.hesgoal.com
access-control-allow-credentials
true
cf-ray
69673447ea62c2e5-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 29 Sep 2021 18:16:43 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://mwzeom.zeotap.com/mw?google_gid=&google_cver=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=edad4164-976c-4c64-5a9c-6d0b98402f13&reqId=f4a68b40-c750-461a-69ea-864cbeb07f62&zcluid=25bc434ffda60366&zdid=1332&google_error=15
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
461
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v2
de.tynt.com/deb/
4 B
202 B
Script
General
Full URL
https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=1&r=
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/afwu.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.183 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip183.208-100-17.static.steadfastdns.net
Software
/
Resource Hash
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 18:16:42 GMT
cache-control
max-age=86400
content-type
application/javascript
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length
4
expires
Thu, 30 Sep 2021 18:16:43 GMT
p
ic.tynt.com/b/
0
227 B
Image
General
Full URL
https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1632939402729&dn=AFWU&iso=0&t=HesGoal.Com%20Sports%20News
Requested by
Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.190 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip190.208-100-17.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 18:16:43 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
p
ic.tynt.com/b/
0
227 B
Image
General
Full URL
https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1632939402729&dn=AFWU&iso=0&t=HesGoal.Com%20Sports%20News
Requested by
Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.190 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip190.208-100-17.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 18:16:43 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
id.html
st.chatango.com/h5/gz/r0817211056/ Frame E7CE
681 KB
219 KB
Document
General
Full URL
https://st.chatango.com/h5/gz/r0817211056/id.html
Requested by
Host: st.chatango.com
URL: https://st.chatango.com/js/gz/emb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.93.230.22 , United States, ASN29893 (CHATANGO, US),
Reverse DNS
Software
nginx /
Resource Hash
e23f3a6e99524b4a3c64675a721185d366fb02194726b75cc0c9ed896fef81df

Request headers

Host
st.chatango.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.hesgoal.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/

Response headers

Server
nginx
Date
Wed, 29 Sep 2021 18:16:43 GMT
Content-Type
text/html
Content-Length
224126
Last-Modified
Tue, 17 Aug 2021 18:00:48 GMT
Connection
keep-alive
Expires
Thu, 29 Sep 2022 18:16:43 GMT
Cache-Control
max-age=31536000
Content-Encoding
gzip
P3P
CP="Chatango does not have a P3P policy. Please see our privacy policy: http://chatango.com/page?full_privacy"
Accept-Ranges
bytes
r.json
st.chatango.com/cfg/nc/
20 B
338 B
XHR
General
Full URL
https://st.chatango.com/cfg/nc/r.json?8b32230020000289915587905
Requested by
Host: st.chatango.com
URL: https://st.chatango.com/js/gz/emb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.93.230.22 , United States, ASN29893 (CHATANGO, US),
Reverse DNS
Software
nginx /
Resource Hash
f6943106e4ec38d43fcb1b7616e34417aceb78763846c1c32e11589649c437f5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 18:16:44 GMT
Last-Modified
Tue, 17 Aug 2021 18:00:48 GMT
Server
nginx
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20
p
ic.tynt.com/b/
0
227 B
Image
General
Full URL
https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1632939402729&dn=AFWU&iso=0
Requested by
Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.190 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip190.208-100-17.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 18:16:43 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
c
c.adskeeper.com/
43 B
441 B
Image
General
Full URL
https://c.adskeeper.com/c?f=1&pv=3&v=1566|302|8|o6TJbXlb0rW4BK4xgEYYMaRw76mHjAF_AsTDqgR87EmC9eIi23Vzc8eVLogz3w0y&fw=1&extjs=66044&cid=994688&h2=CBvd3SiXK6CDlaashqQY2P1flr7oH3XRjeqGg-aXiiU*&rid=65d39f6d-2151-11ec-9658-d0946675f626&tt=Direct&iv=11&pageImp=1&pvid=17c32c5e427b8224c5c&muid=l8tGFdzdUggb&cbuster=1632939403343561729381&tpl=0
Requested by
Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 18:16:43 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
c21e0203-5179-4701-a700-59b8863638f7
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
69673446ec352b41-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
loader.js
cdn.taboola.com/libtrc/chatango-network/ Frame E7CE
73 KB
20 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/chatango-network/loader.js
Requested by
Host: st.chatango.com
URL: https://st.chatango.com/h5/gz/r0817211056/id.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ef71ad0e3206edc6bf524507d43c65f6f68a1cb02638fb074849af78fd500d70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://st.chatango.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
FDBn7gz9ecwGukb4zvc9crpIN2Okt3IP
content-encoding
gzip
etag
"8f88a258e49ce6aefbd6a980dd522a57"
age
84
x-cache
HIT
content-length
19749
x-amz-id-2
zpM04K0jwkI3P9dzQlBOu7FrdK9BJI3BWNRVsefQFoiowvvByluxQRinB9GQGqS3EyxILlhbLAI=
x-served-by
cache-hhn4038-HHN
last-modified
Thu, 23 Sep 2021 09:11:44 GMT
server
AmazonS3
x-timer
S1632939403.435193,VS0,VE0
date
Wed, 29 Sep 2021 18:16:43 GMT
vary
Accept-Encoding
x-amz-request-id
J52N1WPT1TWC7XCB
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
91
x-cache-hits
4
p
ic.tynt.com/b/
0
227 B
Image
General
Full URL
https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1632939402729&dn=AFWU&iso=0
Requested by
Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.190 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip190.208-100-17.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 18:16:43 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
impl.20210923-4-RELEASE.js
cdn.taboola.com/libtrc/ Frame E7CE
528 KB
117 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/impl.20210923-4-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/chatango-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
9ef2fa6d02bd3595685a4fa73762bb189deac1d05605ff00a2bb58b879b75557

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://st.chatango.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
nwL3Iwz5OuKqoxSKveF130DQoW3dPflo
content-encoding
br
etag
"f30da82f08687af7c0344b8258fb7906"
age
4973
x-cache
HIT
content-length
119564
x-amz-id-2
dK57JIgF8uuifsYuM4y6sAijDMGwf/ZfuCo3kh2iJAa2DwLo/sz6UblCQ+G6GGBc5E9jbfhQHhg=
x-served-by
cache-hhn4038-HHN
last-modified
Thu, 23 Sep 2021 08:53:48 GMT
server
AmazonS3-br
x-timer
S1632939403.448488,VS0,VE0
date
Wed, 29 Sep 2021 18:16:43 GMT
vary
Accept-Encoding
x-amz-request-id
W1KK0T44X58BQDDH
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
84
x-cache-hits
2439
beacon.js
sb.scorecardresearch.com/ Frame E7CE
1 KB
1 KB
Script
General
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/chatango-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-63.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://st.chatango.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 05:46:43 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
131400
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/javascript
via
1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
7w0wQxumcY0t_PKaebaXkNyixMaQZx28hP6xnV2eoTKvFe9nZtJaRg==
b2
sb.scorecardresearch.com/ Frame E7CE
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1632939403498&ns_c=windows-1252&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fst.chatango.com%2Fh5%2Fgz%2Fr0817211056%2Fid.html&c9=https%3A%2F%2...
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1632939403498&ns_c=windows-1252&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fst.chatango.com%2Fh5%2Fgz%2Fr0817211056%2Fid.html&c9=https%3A%2F%...
64 B
328 B
Image
General
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1632939403498&ns_c=windows-1252&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fst.chatango.com%2Fh5%2Fgz%2Fr0817211056%2Fid.html&c9=https%3A%2F%2Fwww.hesgoal.com%2F
Requested by
Host: st.chatango.com
URL: https://st.chatango.com/h5/gz/r0817211056/id.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-63.fra2.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://st.chatango.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 18:16:43 GMT
via
1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
wfahzrCWujkeiiItsb1oMqp8A7Wwrr97u6wblZJ3yljM3JdO5bnahw==

Redirect headers

date
Wed, 29 Sep 2021 18:16:43 GMT
via
1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1632939403498&ns_c=windows-1252&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fst.chatango.com%2Fh5%2Fgz%2Fr0817211056%2Fid.html&c9=https%3A%2F%2Fwww.hesgoal.com%2F
content-length
239
x-amz-cf-id
UspON6C8W3v6fnI2L-lsFPMEeuwc3IRfQ3io_ZErrvxh4aKZXuxwDg==
p
ic.tynt.com/b/
0
227 B
Image
General
Full URL
https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1632939402729&dn=AFWU&iso=0
Requested by
Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.190 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip190.208-100-17.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 18:16:43 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
p
ic.tynt.com/b/
0
227 B
Image
General
Full URL
https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1632939402729&dn=AFWU&iso=0
Requested by
Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.190 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip190.208-100-17.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 18:16:43 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
c
c.adskeeper.com/
43 B
441 B
Image
General
Full URL
https://c.adskeeper.com/c?pv=3&v=1566|302|8|o6TJbXlb0rW4BK4xgEYYMeOQB9-TiaeqjwVQJznLr_pcpmTSoGvdzG8vpUB746v4&extjs=66044&cid=994688&h2=CBvd3SiXK6CDlaashqQY2P1flr7oH3XRjeqGg-aXiiU*&rid=65d39f6d-2151-11ec-9658-d0946675f626&tt=Direct&iv=11&pageImp=0&pvid=17c32c5e427b8224c5c&muid=l8tGFdzdUggb&cbuster=1632939403842927213301&tpl=0
Requested by
Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 18:16:43 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
35ed295c-1e4a-48d7-ad54-c9b1cb795623
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6967344a09da2b41-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
analytics.js
www.google-analytics.com/ Frame E7CE
48 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: st.chatango.com
URL: https://st.chatango.com/h5/gz/r0817211056/id.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://st.chatango.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
5386
date
Wed, 29 Sep 2021 16:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Wed, 29 Sep 2021 18:46:57 GMT
gprofile.xml
ust.chatango.com/groupinfo/h/e/hesgoalchat3/ Frame E7CE
337 B
643 B
XHR
General
Full URL
https://ust.chatango.com/groupinfo/h/e/hesgoalchat3/gprofile.xml
Requested by
Host: st.chatango.com
URL: https://st.chatango.com/h5/gz/r0817211056/id.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.93.230.22 , United States, ASN29893 (CHATANGO, US),
Reverse DNS
Software
nginx /
Resource Hash
f369c41399a02489b8db3d2712c86082949847a670b059367b9deb6d1f87a1d4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://st.chatango.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 18:16:44 GMT
Last-Modified
Sat, 14 Aug 2021 06:58:44 GMT
Server
nginx
Content-Type
text/xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
337
Expires
Wed, 29 Sep 2021 18:16:44 GMT
dark-top.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/
3 KB
1 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/dark-top.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/cookieconsent.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
242a75ba54f0b62ab4e7f78a503df8b6f1d475bc7a246ffa5dc7981a315bad04
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 18:16:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
520266
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
676
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:17 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e2d-b6f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GdIDunZewgjpbDE3%2BI1th5MSABpNbXvMPnLsw1WKEq3tDL3%2BLIqDq2cGysHXLHw2DjPTxYXNcUuEhBXJFKUPqVwWyPZJwT4DOrrqiCnMW8Bg%2FaSgUqc4bGJ%2BP4%2FZb53lR57kGWeO"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6967344addcc2bdd-FRA
expires
Mon, 19 Sep 2022 18:16:43 GMT
optimus_rules.json
tags.crwdcntrl.net/lt/c/3825/
4 KB
1 KB
XHR
General
Full URL
https://tags.crwdcntrl.net/lt/c/3825/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-101.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9933d7066a22669cd5d48d0051aa5f2d7ea91bad0a9223f3d7884e93c3ca8a28

Request headers

Referer
https://www.hesgoal.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 29 Sep 2021 18:10:05 GMT
content-encoding
gzip
age
399
x-amz-server-side-encryption
AES256
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Tue, 16 Mar 2021 13:30:17 GMT
server
AmazonS3
etag
W/"6db43f44304c37d76768275ee4f01ba4"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
Y8PTebm2VmYvrYSGWkBtSi4ZYUomyq4kOFoHf-FVvtf4uKB9h5QNoA==
data
bcp.crwdcntrl.net/6/
611 B
1 KB
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
695cb99e9e3942a92d95f65aa792db534ac5594e20bafad3137fd332fe26af9d

Request headers

Referer
https://www.hesgoal.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 18:16:44 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.hesgoal.com
cache-control
no-cache
x-server
10.45.4.176
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
611
expires
0
a
a.dtssrv.com/
0
560 B
Ping
General
Full URL
https://a.dtssrv.com/a?i=6D001632939402D0DE01155F7B2FCA6B&k=lotpano&v=14efb0d68e4ee9556b8971790e7d4945a702f499e0a749190b48ccdf3b478fc0
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fwww.hesgoal.com%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.220.51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hesgoal.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 29 Sep 2021 18:16:44 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4H%2B%2BguJXQ3JzZfE1BLBHeq%2BHQGFt9UBHbL06qhxHJoqi9x5%2F1mh2cTbuhH9kTV0yHicqYoptFpPYCdj6oi%2B3AeLoxHTe3yDNp4pV6%2BOS1PjN4baRcxBX62EEih1mS0E%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
6967344c7e79f9ce-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
lt.iframe.html
tags.crwdcntrl.net/lt/shared/2/ Frame A36B
2 KB
1 KB
Document
General
Full URL
https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-101.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372

Request headers

:method
GET
:authority
tags.crwdcntrl.net
:scheme
https
:path
/lt/shared/2/lt.iframe.html?c=3825
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.hesgoal.com/
accept-encoding
gzip, deflate, br
cookie
_cc_dc=1; _cc_id=d397f98759b469b5ac68e9b79e5ac48; _cc_cc="ACZ4XmOQTzG2NE%2BztDA3tUwyMbNMMk1MNrNItUwyt0wFMk0sGIAgMWRtD4iGAN6t77tEGD%2FKMvxnZGQ4vmkKC4z98bMljPls8Ry48PI%2FhXDVRw8xw9i7910WgLE%2FNNyHsw8jaZ1%2BQh2m5N0ShIlrNjzlholP%2FDhBG8YGAJttQXY%3D"; _cc_aud="ABR4XmNgYGBIDFnbA6QggJmBgWsGmLmoFUQyPqwHkgBfxQUc"
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hesgoal.com/

Response headers

content-type
text/html
last-modified
Mon, 01 Feb 2021 20:35:17 GMT
x-amz-server-side-encryption
AES256
server
AmazonS3
x-edge-origin-shield-skipped
0
content-encoding
gzip
date
Tue, 28 Sep 2021 18:23:34 GMT
cache-control
max-age: 86400
etag
W/"6fcf4f5197ab24c92d090f6ac8d87e01"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
S7zZlWJwzS8WMe6N80A3QMBkvkY0AwVLLV9U3q4oqWsScUYIEqoYTw==
age
85991
pixels
bcp.crwdcntrl.net/ Frame 139F
3 KB
3 KB
Document
General
Full URL
https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C54%2C50%2C49%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
919f0d5d2f1a61109be1d457ec197149f7fa4ce56ae130732a9877509575bba9

Request headers

:method
GET
:authority
bcp.crwdcntrl.net
:scheme
https
:path
/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C54%2C50%2C49%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tags.crwdcntrl.net/
accept-encoding
gzip, deflate, br
cookie
_cc_dc=1; _cc_id=d397f98759b469b5ac68e9b79e5ac48; _cc_cc="ACZ4XmOQTzG2NE%2BztDA3tUwyMbNMMk1MNrNItUwyt0wFMk0sGIAgMWRtD4iGAN6t77tEGD%2FKMvxnZGQ4vmkKC4z98bMljPls8Ry48PI%2FhXDVRw8xw9i7910WgLE%2FNNyHsw8jaZ1%2BQh2m5N0ShIlrNjzlholP%2FDhBG8YGAJttQXY%3D"; _cc_aud="ABR4XmNgYGBIDFnbA6QggJmBgWsGmLmoFUQyPqwHkgBfxQUc"
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tags.crwdcntrl.net/

Response headers

date
Wed, 29 Sep 2021 18:16:44 GMT
content-type
text/html
content-length
3236
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control
no-cache
pragma
no-cache
expires
0
x-server
10.45.4.251
server
Jetty(9.4.38.v20210224)
pixel
cm.g.doubleclick.net/ Frame 139F
Redirect Chain
  • https://id5-sync.com/s/19/9.gif?puid=d397f98759b469b5ac68e9b79e5ac48&gdpr=1
  • https://id5-sync.com/c/19/19/9/1.gif?puid=d397f98759b469b5ac68e9b79e5ac48&gdpr=1&gdpr_consent=
  • https://bcp.crwdcntrl.net/map/c=1882/tp=BKAI/gdpr=1/gdpr_consent=?https://tags.bluekai.com/site/5907?limit=0&id=${masked_profileid}&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F321%2F8%2F2.gif%3Fpui...
  • https://tags.bluekai.com/site/5907?limit=0&id=5af92ea1d32a61379fcaa97c07337278&redir=https://id5-sync.com/c/19/321/8/2.gif?puid=$_BK_UUID&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/19/321/8/2.gif?puid=$_BK_UUID
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODM4ODY2Ni90LzI/dpuid/ID5-ZHMO1MmJghyEihheHDKFT16e-5DLWoBP8cCIc8lHqA/url/https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F224%2F7%2F3.gif%3Fpuid%3D%24%21%7BTURN_...
  • https://id5-sync.com/c/19/224/7/3.gif?puid=3959275450501156904&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=2831/tp=GDMP?https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&google_redir={xENCODEDURL}&id5id=ID5-ZHMO1MmJghyEihheHDKFT16e-5D...
  • https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=ZDM5N2Y5ODc1OWI0NjliNWFjNjhlOWI3OWU1YWM0OA&google_redir={xENCODEDURL}&id5id=ID5-ZHMO1MmJghyEihheHDKFT16e-5DLWoBP8cCIc8lHqA
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=ZDM5N2Y5ODc1OWI0NjliNWFjNjhlOWI3OWU1YWM0OA&google_redir={xENCODEDURL}&id5id=ID5-ZHMO1MmJghyEihheHDKFT16e-5DLWoBP8cCIc8lHqA
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C54%2C50%2C49%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 18:16:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 29 Sep 2021 18:16:44 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=ZDM5N2Y5ODc1OWI0NjliNWFjNjhlOWI3OWU1YWM0OA&google_redir={xENCODEDURL}&id5id=ID5-ZHMO1MmJghyEihheHDKFT16e-5DLWoBP8cCIc8lHqA
cache-control
no-cache
x-server
10.45.18.1
content-length
0
expires
0
generic
match.adsrvr.org/track/cmf/ Frame 139F
70 B
265 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C54%2C50%2C49%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 18:16:44 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cm
trc.taboola.com/sg/lotame/1/ Frame 139F
43 B
181 B
Image
General
Full URL
https://trc.taboola.com/sg/lotame/1/cm
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C54%2C50%2C49%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Wed, 29 Sep 2021 18:16:44 GMT
via
1.1 varnish
server
nginx
x-timer
S1632939404.271441,VS0,VE9
x-served-by
cache-hhn4038-HHN
x-cache
MISS
cache-control
no-cache, no-store
accept-ranges
bytes
x-cache-hits
0
tpid=0fae4663-9701-4758-be3b-7a70469e530c
sync.crwdcntrl.net/map/c=10158/tp=TPAD/ Frame 139F
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=d397f98759b469b5ac68e9b79e5ac48&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpi...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=d397f98759b469b5ac68e9b79e5ac48&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD...
  • https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=0fae4663-9701-4758-be3b-7a70469e530c
49 B
265 B
Image
General
Full URL
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=0fae4663-9701-4758-be3b-7a70469e530c
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C54%2C50%2C49%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 18:16:44 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.24.175
content-type
image/gif
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=0fae4663-9701-4758-be3b-7a70469e530c
date
Wed, 29 Sep 2021 18:16:44 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
sync.gif
dmp.truoptik.com/f2d2e39fc16bc9cc/ Frame 139F
0
0
Image
General
Full URL
https://dmp.truoptik.com/f2d2e39fc16bc9cc/sync.gif?cbp=tpid&cbk=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10832%2Ftp%3DTRUP
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C54%2C50%2C49%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.92.60 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

/
loadm.exelator.com/load/ Frame 139F
Redirect Chain
  • https://loadm.exelator.com/load/?p=204&g=260&buid=d397f98759b469b5ac68e9b79e5ac48&j=0
  • https://loadm.exelator.com/load/?p=204&g=260&buid=d397f98759b469b5ac68e9b79e5ac48&j=0&xl8blockcheck=1
0
751 B
Image
General
Full URL
https://loadm.exelator.com/load/?p=204&g=260&buid=d397f98759b469b5ac68e9b79e5ac48&j=0&xl8blockcheck=1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C54%2C50%2C49%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 18:16:44 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date
Wed, 29 Sep 2021 18:16:44 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://loadm.exelator.com/load/?p=204&g=260&buid=d397f98759b469b5ac68e9b79e5ac48&j=0&xl8blockcheck=1
cache-control
no-cache
access-control-allow-credentials
true
content-type
image/gif
content-length
0
tpid=26063f5f-5840-4fd1-8dce-134c9657d121
sync.crwdcntrl.net/map/c=10492/tp=AVCT/ Frame 139F
Redirect Chain
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10492%2Ftp%3DAVCT%2Ftpid%3D%7B%7BUUID%7D%7D
  • https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10492%2Ftp%3DAVCT%2Ftpid%3D%7B%7BUUID%7D%7D
  • https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10492%2Ftp%3DAVCT%2Ftpid%3D%7B%7BUUID%7D%7D
  • https://sync.crwdcntrl.net/map/c=10492/tp=AVCT/tpid=26063f5f-5840-4fd1-8dce-134c9657d121
49 B
269 B
Image
General
Full URL
https://sync.crwdcntrl.net/map/c=10492/tp=AVCT/tpid=26063f5f-5840-4fd1-8dce-134c9657d121
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C54%2C50%2C49%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 18:16:44 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.24.150
content-type
image/gif
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=10492/tp=AVCT/tpid=26063f5f-5840-4fd1-8dce-134c9657d121
date
Wed, 29 Sep 2021 18:16:44 GMT
p3p
policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length
111
content-type
text/html; charset=utf-8
tpid=69554753551921484420374101805203095274
sync.crwdcntrl.net/map/c=9828/tp=ADBE/ Frame 139F
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=d397f98759b469b5ac68e9b79e5ac48&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=d397f98759b469b5ac68e9b79e5ac48&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=69554753551921484420374101805203095274
49 B
263 B
Image
General
Full URL
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=69554753551921484420374101805203095274
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C54%2C50%2C49%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 18:16:44 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.2.2
content-type
image/gif
content-length
49
expires
0

Redirect headers

DCS
dcs-prod-irl1-1-v018-012e7a688.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
FdwBoCbWTjc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=69554753551921484420374101805203095274
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
identity
c.cintnetworks.com/ Frame 139F
0
328 B
Image
General
Full URL
https://c.cintnetworks.com/identity?a=5461&id=Lotame:d397f98759b469b5ac68e9b79e5ac48
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C54%2C50%2C49%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.144.7.192 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 18:16:44 GMT
Vary
Origin
P3P
CP="This is not a P3P policy! See https://cint.com/cookie-usage/ for more info."
Arr-Disable-Session-Affinity
true
Cache-Control
max-age=60, private, must-revalidate
Access-Control-Allow-Credentials
true
Keep-Alive
timeout=5
Content-Length
0
usermatch.gif
beacon.krxd.net/ Frame 139F
0
338 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?partner=lotame&partner_uid=d397f98759b469b5ac68e9b79e5ac48
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C54%2C50%2C49%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.234.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-234-106.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 18:16:44 GMT
cache-control
private, no-cache, no-store
x-request-time
D=43 t=1632939404
x-served-by
beacon-n006-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
image.sbxx
ib.mookie1.com/ Frame 139F
Redirect Chain
  • https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=d397f98759b469b5ac68e9b79e5ac48
  • https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=d397f98759b469b5ac68e9b79e5ac48
120 B
991 B
Image
General
Full URL
https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=d397f98759b469b5ac68e9b79e5ac48
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C54%2C50%2C49%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.46.185.184 , United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 29 Sep 2021 18:16:41 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
p3p
CP=\"DSP COR ADM DEV PSA PSD OUR\", CP="DSP COR ADM DEV PSA PSD OUR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
X-Server
COR11
Content-Type
image/png
Content-Length
120
Expires
-1

Redirect headers

Date
Wed, 29 Sep 2021 18:16:42 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Location
https://ib.mookie1.com:443/image.sbxx?go=262106&pid=420&xid=d397f98759b469b5ac68e9b79e5ac48
p3p
CP="DSP COR ADM DEV PSA PSD OUR"
Access-Control-Allow-Origin
*
Cache-Control
private
X-Server
COR01
Content-Type
text/html; charset=utf-8
Content-Length
216
utsync.ashx
ml314.com/ Frame 139F
43 B
422 B
Image
General
Full URL
https://ml314.com/utsync.ashx?eid=50146&et=0&fp=d397f98759b469b5ac68e9b79e5ac48&gdpr=1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C54%2C50%2C49%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.138.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-138-90.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 29 Sep 2021 18:16:43 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
p3P
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0,Thu, 30 Sep 2021 14:16:44 GMT
tpid=0-e63043a3-5fc2-4c94-7fcc-5025cdf7351a$ip$216.131.114.18
bcp.crwdcntrl.net/map/c=6569/tp=STKA/ Frame 139F
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=lotame
  • https://bcp.crwdcntrl.net/map/c=6569/tp=STKA/tpid=0-e63043a3-5fc2-4c94-7fcc-5025cdf7351a$ip$216.131.114.18
49 B
265 B
Image
General
Full URL
https://bcp.crwdcntrl.net/map/c=6569/tp=STKA/tpid=0-e63043a3-5fc2-4c94-7fcc-5025cdf7351a$ip$216.131.114.18
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C54%2C50%2C49%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 18:16:44 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.21.145
content-type
image/gif
content-length
49
expires
0

Redirect headers

Location
https://bcp.crwdcntrl.net/map/c=6569/tp=STKA/tpid=0-e63043a3-5fc2-4c94-7fcc-5025cdf7351a$ip$216.131.114.18
Date
Wed, 29 Sep 2021 18:16:44 GMT
Connection
keep-alive
Content-Length
129
Content-Type
text/html; charset=utf-8
tpid=9be4ef42-102e-490b-b89c-c8edd8146faf
bcp.crwdcntrl.net/map/c=6584/tp=VIDO/ Frame 139F
Redirect Chain
  • https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1695
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1695&s_h=1
  • https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=9be4ef42-102e-490b-b89c-c8edd8146faf?gdpr=1&gdpr_consent=
49 B
264 B
Image
General
Full URL
https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=9be4ef42-102e-490b-b89c-c8edd8146faf?gdpr=1&gdpr_consent=
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C54%2C50%2C49%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 18:16:44 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.13.29
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Wed, 29 Sep 2021 18:16:44 GMT
server
Apache-Coyote/1.1
location
https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=9be4ef42-102e-490b-b89c-c8edd8146faf?gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
match
ps.eyeota.net/ Frame 139F
Redirect Chain
  • https://ps.eyeota.net/match?bid=51mdg9u&uid=d397f98759b469b5ac68e9b79e5ac48
  • https://ps.eyeota.net/match/bounce/?bid=51mdg9u&uid=d397f98759b469b5ac68e9b79e5ac48
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MlFxaWhwSjZJNWtpdEFPZVRtWS1EODNObjJNR2pWVDlZNzJPSjc2d3ByMHc&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&...
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=51mdg9u&google_error=15
0
344 B
Image
General
Full URL
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=51mdg9u&google_error=15
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C54%2C50%2C49%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.122.214.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-214-165.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 18:16:44 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma
no-cache
date
Wed, 29 Sep 2021 18:16:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=51mdg9u&google_error=15
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
353
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 139F
Redirect Chain
  • https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D
  • https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=bdca6154-ad8c-4f00-bfe0-dbb257c72a08
49 B
264 B
Image
General
Full URL
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=bdca6154-ad8c-4f00-bfe0-dbb257c72a08
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C54%2C50%2C49%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 18:16:44 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.12.52
content-type
image/gif
content-length
49
expires
0

Redirect headers

Date
Wed, 29 Sep 2021 18:16:44 GMT
Server
MT3 3984 0e3af3b master zrh-pixel-x30 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=bdca6154-ad8c-4f00-bfe0-dbb257c72a08
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 29 Sep 2021 18:16:43 GMT
tpid=1f2dc50e-bb1b-4802-99f7-dc59d80cbfd7-6154ad8c-5553
sync.crwdcntrl.net/map/c=1389/tp=STSC/ Frame 139F
Redirect Chain
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID
  • https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=1f2dc50e-bb1b-4802-99f7-dc59d80cbfd7-6154ad8c-5553
49 B
264 B
Image
General
Full URL
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=1f2dc50e-bb1b-4802-99f7-dc59d80cbfd7-6154ad8c-5553
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C54%2C50%2C49%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 18:16:44 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.31.83
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Wed, 29 Sep 2021 18:16:44 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=1f2dc50e-bb1b-4802-99f7-dc59d80cbfd7-6154ad8c-5553
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
token
token.rubiconproject.com/ Frame 139F
0
214 B
Image
General
Full URL
https://token.rubiconproject.com/token?pid=7&puid=d397f98759b469b5ac68e9b79e5ac48&gdpr=1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C54%2C50%2C49%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tpid=YVStjAAFUzV3CAA6&_test=YVStjAAFUzV3CAA6
sync.crwdcntrl.net/map/c=1811/tp=TBMG/ Frame 139F
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D&_test=YVStjAAFUzV3CAA6
  • https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YVStjAAFUzV3CAA6&_test=YVStjAAFUzV3CAA6
49 B
264 B
Image
General
Full URL
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YVStjAAFUzV3CAA6&_test=YVStjAAFUzV3CAA6
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C54%2C50%2C49%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 18:16:44 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.26.8
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Wed, 29 Sep 2021 18:16:44 GMT
via
1.1 varnish
server
Varnish
x-timer
S1632939405.615295,VS0,VE0
x-served-by
cache-hhn4073-HHN
x-cache
HIT
location
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YVStjAAFUzV3CAA6&_test=YVStjAAFUzV3CAA6
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 139F
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C54%2C50%2C49%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 18:16:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
5907
tags.bluekai.com/site/ Frame 139F
62 B
304 B
Image
General
Full URL
https://tags.bluekai.com/site/5907?limit=0&id=5af92ea1d32a61379fcaa97c07337278
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C54%2C50%2C49%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-191.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 18:16:44 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
Content-Type
image/gif
tpid=3887217856463228968
sync.crwdcntrl.net/map/c=10915/tp=TRNN/ Frame 139F
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/d397f98759b469b5ac68e9b79e5ac48/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=3887217856463228968
49 B
264 B
Image
General
Full URL
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=3887217856463228968
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C54%2C50%2C49%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 18:16:44 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.4.156
content-type
image/gif
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=3887217856463228968
pragma
no-cache
date
Wed, 29 Sep 2021 18:16:43 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
tp=ANXS
sync.crwdcntrl.net/map/c=281/rand=39441056/tpid=3867230706839292309/ Frame 139F
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc=281%2Frand=39441056%2Ftpid%3D%24UID%2Ftp%3DANXS
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%3D281%252Frand%3D39441056%252Ftpid%253D%2524UID%252Ftp%253DANXS
  • https://sync.crwdcntrl.net/map/c=281/rand=39441056/tpid=3867230706839292309/tp=ANXS
49 B
264 B
Image
General
Full URL
https://sync.crwdcntrl.net/map/c=281/rand=39441056/tpid=3867230706839292309/tp=ANXS
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C54%2C50%2C49%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 18:16:44 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.4.47
content-type
image/gif
content-length
49
expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 29 Sep 2021 18:16:44 GMT
X-Proxy-Origin
216.131.114.18; 216.131.114.18; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
2a53e9df-2be2-47b5-b1a6-03bcc226b5a7
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.crwdcntrl.net/map/c=281/rand=39441056/tpid=3867230706839292309/tp=ANXS
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
logo.png
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/
3 KB
4 KB
Image
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/logo.png
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/dark-top.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9dae62151120e18b465ffc5c8e9e342ecc28a6efe1a0d71c9766d677a5ddc389
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/dark-top.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 18:16:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
610830
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3087
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:17 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e2d-c0b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k6fQ1rQKztOnEC6m2aYWbbevxrFJcs5NphbFV9%2FZmqQ0sVX2CPskDLvgqiF%2F%2FjUC9I5fh4HsyTtNGo%2FaStpDgEyWm0Rs5CIAbiBWUFZ6gdFfHRhSZr%2FMkmgj%2BP2lBeXWUtSl%2B0nX"}],"group":"cf-nel","max_age":604800}
content-type
image/png; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6967344ca98e2bdd-FRA
expires
Mon, 19 Sep 2022 18:16:44 GMT
CommonUIModule.js
st.chatango.com/js/gz/r0817211056/ Frame E7CE
21 KB
8 KB
XHR
General
Full URL
https://st.chatango.com/js/gz/r0817211056/CommonUIModule.js
Requested by
Host: st.chatango.com
URL: https://st.chatango.com/h5/gz/r0817211056/id.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.93.230.22 , United States, ASN29893 (CHATANGO, US),
Reverse DNS
Software
nginx /
Resource Hash
29e28dc9767fd91b19b86e6cf9db100cfd0c0ef8ab36337fe98794fd41d17bcb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://st.chatango.com/h5/gz/r0817211056/id.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 18:16:45 GMT
Content-Encoding
gzip
Last-Modified
Tue, 17 Aug 2021 18:00:48 GMT
Server
nginx
Content-Type
application/x-javascript
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7609
Expires
Thu, 29 Sep 2022 18:16:45 GMT
thumb.jpg
ust.chatango.com/profileimg/t/e/terminator419/ Frame E7CE
2 KB
2 KB
Image
General
Full URL
https://ust.chatango.com/profileimg/t/e/terminator419/thumb.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.93.230.22 , United States, ASN29893 (CHATANGO, US),
Reverse DNS
Software
nginx /
Resource Hash
ac908d1b13e23604cb93d6183b386c4cfc3ae8c07aa6ca77debe9ddf975393cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://st.chatango.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 18:16:45 GMT
Last-Modified
Thu, 26 Nov 2020 19:10:43 GMT
Server
nginx
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1742
Expires
Wed, 29 Sep 2021 18:16:45 GMT
thumb.jpg
ust.chatango.com/profileimg/y/k/ykselistatwn/ Frame E7CE
2 KB
2 KB
Image
General
Full URL
https://ust.chatango.com/profileimg/y/k/ykselistatwn/thumb.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.93.230.22 , United States, ASN29893 (CHATANGO, US),
Reverse DNS
Software
nginx /
Resource Hash
4ea647e1d512a7f4b4e9e72fc9fe7f823836f9c52eb974823a9c16731ec0ed4b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://st.chatango.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 18:16:45 GMT
Last-Modified
Sat, 04 Sep 2021 14:37:21 GMT
Server
nginx
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1809
Expires
Wed, 29 Sep 2021 18:16:45 GMT
thumb.jpg
ust.chatango.com/profileimg/d/u/dufcdavie/ Frame E7CE
2 KB
2 KB
Image
General
Full URL
https://ust.chatango.com/profileimg/d/u/dufcdavie/thumb.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.93.230.22 , United States, ASN29893 (CHATANGO, US),
Reverse DNS
Software
nginx /
Resource Hash
411967072c021b1a4671c42b781142b19ac8e2da9bbb551ca188fc87202df93a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://st.chatango.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 18:16:45 GMT
Last-Modified
Mon, 06 Sep 2021 17:22:47 GMT
Server
nginx
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2129
Expires
Wed, 29 Sep 2021 18:16:45 GMT
thumb.jpg
ust.chatango.com/profileimg/b/o/bossesboysreturn/ Frame E7CE
1 KB
2 KB
Image
General
Full URL
https://ust.chatango.com/profileimg/b/o/bossesboysreturn/thumb.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.93.230.22 , United States, ASN29893 (CHATANGO, US),
Reverse DNS
Software
nginx /
Resource Hash
9d38a00c79a9c87d78d7dfe4dcd21f67fcc933e72db56702f9201e6b6834a391

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://st.chatango.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 18:16:45 GMT
Last-Modified
Sun, 04 Jul 2021 16:50:45 GMT
Server
nginx
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1521
Expires
Wed, 29 Sep 2021 18:16:45 GMT
thumb.jpg
ust.chatango.com/profileimg/d/e/dennisfrennis/ Frame E7CE
2 KB
2 KB
Image
General
Full URL
https://ust.chatango.com/profileimg/d/e/dennisfrennis/thumb.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.93.230.22 , United States, ASN29893 (CHATANGO, US),
Reverse DNS
Software
nginx /
Resource Hash
9654d9b53441b6a76ea9caa18eb89e2f91c9935f306fb4590c8896e8b3efe9ef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://st.chatango.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 18:16:45 GMT
Last-Modified
Thu, 22 Apr 2021 17:14:39 GMT
Server
nginx
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1670
Expires
Wed, 29 Sep 2021 18:16:45 GMT
thumb.jpg
ust.chatango.com/profileimg/b/o/boehserbasler/ Frame E7CE
640 B
948 B
Image
General
Full URL
https://ust.chatango.com/profileimg/b/o/boehserbasler/thumb.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.93.230.22 , United States, ASN29893 (CHATANGO, US),
Reverse DNS
Software
nginx /
Resource Hash
fcfa793d204b4144bf54f59bd9c5c720843af02dd02999d1653c8fafc0ebd8ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://st.chatango.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 18:16:45 GMT
Last-Modified
Tue, 09 Jun 2009 03:36:06 GMT
Server
nginx
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
640
Expires
Wed, 29 Sep 2021 18:16:45 GMT
thumb.jpg
ust.chatango.com/profileimg/o/r/orion2219/ Frame E7CE
640 B
948 B
Image
General
Full URL
https://ust.chatango.com/profileimg/o/r/orion2219/thumb.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.93.230.22 , United States, ASN29893 (CHATANGO, US),
Reverse DNS
Software
nginx /
Resource Hash
fcfa793d204b4144bf54f59bd9c5c720843af02dd02999d1653c8fafc0ebd8ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://st.chatango.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 18:16:45 GMT
Last-Modified
Tue, 09 Jun 2009 03:36:06 GMT
Server
nginx
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
640
Expires
Wed, 29 Sep 2021 18:16:45 GMT
thumb.jpg
ust.chatango.com/profileimg/c/h/chulocity/ Frame E7CE
640 B
948 B
Image
General
Full URL
https://ust.chatango.com/profileimg/c/h/chulocity/thumb.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.93.230.22 , United States, ASN29893 (CHATANGO, US),
Reverse DNS
Software
nginx /
Resource Hash
fcfa793d204b4144bf54f59bd9c5c720843af02dd02999d1653c8fafc0ebd8ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://st.chatango.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 18:16:45 GMT
Last-Modified
Tue, 09 Jun 2009 03:36:06 GMT
Server
nginx
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
640
Expires
Wed, 29 Sep 2021 18:16:45 GMT
thumb.jpg
ust.chatango.com/profileimg/m/a/mangemaker/ Frame E7CE
640 B
948 B
Image
General
Full URL
https://ust.chatango.com/profileimg/m/a/mangemaker/thumb.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.93.230.22 , United States, ASN29893 (CHATANGO, US),
Reverse DNS
Software
nginx /
Resource Hash
fcfa793d204b4144bf54f59bd9c5c720843af02dd02999d1653c8fafc0ebd8ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://st.chatango.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 18:16:45 GMT
Last-Modified
Tue, 09 Jun 2009 03:36:06 GMT
Server
nginx
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
640
Expires
Wed, 29 Sep 2021 18:16:45 GMT
thumb.jpg
ust.chatango.com/profileimg/d/a/dannybhoy85/ Frame E7CE
2 KB
2 KB
Image
General
Full URL
https://ust.chatango.com/profileimg/d/a/dannybhoy85/thumb.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.93.230.22 , United States, ASN29893 (CHATANGO, US),
Reverse DNS
Software
nginx /
Resource Hash
daf5aa10f48006b8b318edc196b852ed356f9a9dadf14447568876ad7bea17e6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://st.chatango.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 18:16:45 GMT
Last-Modified
Fri, 13 Aug 2021 18:16:23 GMT
Server
nginx
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1661
Expires
Wed, 29 Sep 2021 18:16:45 GMT
thumb.jpg
ust.chatango.com/profileimg/f/o/fotbollfotbollfotbol/ Frame E7CE
1 KB
2 KB
Image
General
Full URL
https://ust.chatango.com/profileimg/f/o/fotbollfotbollfotbol/thumb.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.93.230.22 , United States, ASN29893 (CHATANGO, US),
Reverse DNS
Software
nginx /
Resource Hash
7cc009f23b6e5199632a4df96cc8f69c6de6f9eaa4079c83e759516695ef8c82

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://st.chatango.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 18:16:45 GMT
Last-Modified
Wed, 29 Sep 2021 18:03:04 GMT
Server
nginx
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1521
Expires
Wed, 29 Sep 2021 18:16:45 GMT
thumb.jpg
ust.chatango.com/profileimg/t/u/turboville/ Frame E7CE
640 B
948 B
Image
General
Full URL
https://ust.chatango.com/profileimg/t/u/turboville/thumb.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.93.230.22 , United States, ASN29893 (CHATANGO, US),
Reverse DNS
Software
nginx /
Resource Hash
fcfa793d204b4144bf54f59bd9c5c720843af02dd02999d1653c8fafc0ebd8ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://st.chatango.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 18:16:45 GMT
Last-Modified
Tue, 09 Jun 2009 03:36:06 GMT
Server
nginx
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
640
Expires
Wed, 29 Sep 2021 18:16:45 GMT
thumb.jpg
ust.chatango.com/profileimg/u/p/upthecoys1/ Frame E7CE
2 KB
2 KB
Image
General
Full URL
https://ust.chatango.com/profileimg/u/p/upthecoys1/thumb.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.93.230.22 , United States, ASN29893 (CHATANGO, US),
Reverse DNS
Software
nginx /
Resource Hash
0197913b1c33f10c2ceb13c0702bfcd15638b458c3ef26a84f29ff646a8e42d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://st.chatango.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 18:16:45 GMT
Last-Modified
Tue, 19 Jan 2021 13:24:56 GMT
Server
nginx
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1575
Expires
Wed, 29 Sep 2021 18:16:45 GMT
thumb.jpg
ust.chatango.com/profileimg/s/0/s0dervarn/ Frame E7CE
2 KB
2 KB
Image
General
Full URL
https://ust.chatango.com/profileimg/s/0/s0dervarn/thumb.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.93.230.22 , United States, ASN29893 (CHATANGO, US),
Reverse DNS
Software
nginx /
Resource Hash
d6de45b23e6b655fe6074a5217e43ce195490faa5dc458706d3ddf188c3ec6b4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://st.chatango.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 18:16:45 GMT
Last-Modified
Thu, 01 Oct 2020 17:23:42 GMT
Server
nginx
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1742
Expires
Wed, 29 Sep 2021 18:16:45 GMT
thumb.jpg
ust.chatango.com/profileimg/i/v/ivanilyic/ Frame E7CE
1 KB
2 KB
Image
General
Full URL
https://ust.chatango.com/profileimg/i/v/ivanilyic/thumb.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.93.230.22 , United States, ASN29893 (CHATANGO, US),
Reverse DNS
Software
nginx /
Resource Hash
ef92a8dd084f1681d883112395918d6db6cd497318f0c9265bc953f3de0478bc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://st.chatango.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 18:16:46 GMT
Last-Modified
Thu, 01 Apr 2021 21:42:04 GMT
Server
nginx
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1499
Expires
Wed, 29 Sep 2021 18:16:46 GMT
RklModule.js
st.chatango.com/js/gz/r0817211056/ Frame E7CE
2 KB
1 KB
XHR
General
Full URL
https://st.chatango.com/js/gz/r0817211056/RklModule.js
Requested by
Host: st.chatango.com
URL: https://st.chatango.com/h5/gz/r0817211056/id.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.93.230.22 , United States, ASN29893 (CHATANGO, US),
Reverse DNS
Software
nginx /
Resource Hash
9184949092862871ea4a0638f963edc72ade0428d4df177f6597412e3345c68b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://st.chatango.com/h5/gz/r0817211056/id.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 18:16:45 GMT
Content-Encoding
gzip
Last-Modified
Tue, 17 Aug 2021 18:00:48 GMT
Server
nginx
Content-Type
application/x-javascript
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
852
Expires
Thu, 29 Sep 2022 18:16:45 GMT
json
trc.taboola.com/chatango-chatango1/trc/3/ Frame E7CE
4 KB
2 KB
XHR
General
Full URL
https://trc.taboola.com/chatango-chatango1/trc/3/json?tim=18%3A16%3A45.784&lti=deflated&data=%7B%22id%22%3A194%2C%22ii%22%3A%22%2Fh5%2Fgz%2Fr0817211056%2Fid.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1632388258896%2C%22vi%22%3A1632939405783%2C%22cv%22%3A%2220210923-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fst.chatango.com%2Fh5%2Fgz%2Fr0817211056%2Fid.html%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22e%22%3A%22https%3A%2F%2Fst.chatango.com%2Fh5%2Fgz%2Fr0817211056%2Fid.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A305%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A450%2C%22dw%22%3A305%2C%22dh%22%3A450%2C%22nsid%22%3A%22chatango-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-a%3Apub%3Dchatango-network%3Aabp%3D0%22%2C%22uip%22%3A%22Chat%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Chat%20Article%20Thumbnails%22%2C%22cd%22%3A124%2C%22mw%22%3A175%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fh5%2Fgz%2Fr0817211056%2Fid.html%2CChat%20Article%20Thumbnails%3Dthumbnails-a%3Apub%3Dchatango-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210923-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
80b8f8fd882bf4183eed3bb9d74311f820cf16057833a928d09ba1613188b987

Request headers

Referer
https://st.chatango.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
116
date
Wed, 29 Sep 2021 18:16:45 GMT
content-encoding
gzip
server
nginx
x-timer
S1632939406.807557,VS0,VE116
x-served-by
cache-hhn4038-HHN
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://st.chatango.com
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
tfa-eid.20210923-4-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame E7CE
14 KB
5 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/tfa-eid.20210923-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/chatango-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9c22ac6dd3da1db544d1b1974fba41c7994137bfe9f60d954bf18e9bdbda15df

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://st.chatango.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
N6pHNcuS5SkqQtrMiK6m4z7LRld9koQH
content-encoding
gzip
etag
"15c403919facc0c04904410045bddb4d"
age
81
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5062
x-amz-id-2
Ros84iMKWw7xwXhjFdIfKis+dbTwBZqE2agK+6uiVapMcJvtD7RxJrXMJKZ2LGVPsBVGhEbhacs=
x-served-by
cache-hhn4038-HHN
last-modified
Tue, 28 Sep 2021 10:29:37 GMT
server
AmazonS3
x-timer
S1632939406.937570,VS0,VE0
date
Wed, 29 Sep 2021 18:16:45 GMT
vary
Accept-Encoding
x-amz-request-id
H6EG8SZR0723WYT9
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
84
x-cache-hits
54
sha256.20210923-4-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame E7CE
6 KB
3 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/sha256.20210923-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/chatango-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
92f2023a8479cf95c3d98e383e25751c5cadc9b5412266fbf00ea54c3584c330

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://st.chatango.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
R5ZQ5zy82cEtVBBY7_yS_gYVFJZNAqij
content-encoding
gzip
etag
"f40d845720f2b8100f52f2d2f0ee143d"
age
67
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2589
x-amz-id-2
eq/jWdDMUqLmx9mg9vidZbxBHmjcD0QjgSt44Qfv6gZ+Ji64T6qF1vju5Us+jKjDWl/jroe0vWU=
x-served-by
cache-hhn4038-HHN
last-modified
Tue, 28 Sep 2021 10:29:52 GMT
server
AmazonS3
x-timer
S1632939406.937658,VS0,VE0
date
Wed, 29 Sep 2021 18:16:45 GMT
vary
Accept-Encoding
x-amz-request-id
PY0T79DGX1BJAN9C
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
84
x-cache-hits
47
userx.20210923-4-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame E7CE
17 KB
6 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/userx.20210923-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/chatango-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1a34977d38ab954500e2d89c81be2e8a19dee4e30492f33da233283859cc197a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://st.chatango.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
fq8gAyxj6XG1EeKWa3qIBSLZLMrqSqHl
content-encoding
gzip
etag
"e5ed0f5172a4779e9eb854c851710e16"
age
70
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5341
x-amz-id-2
rol+U5XzkdIdGQgselPfEPfWniHYXp5ARmtYRcNiAEAnZBv5rCmf9Cq36IN1N+Xput7Bcd0B5cc=
x-served-by
cache-hhn4038-HHN
last-modified
Tue, 28 Sep 2021 10:29:24 GMT
server
AmazonS3
x-timer
S1632939406.951021,VS0,VE0
date
Wed, 29 Sep 2021 18:16:45 GMT
vary
Accept-Encoding
x-amz-request-id
DZREWDC4PJ0T1J91
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
84
x-cache-hits
16
188fa33a4e6d058ef402dd49fe027f48.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_147%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame E7CE
9 KB
10 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_147%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/188fa33a4e6d058ef402dd49fe027f48.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f93d541d99a48eb26c0a5ff9a419b538b1cc06666f6d4a2925f051cf4c9953c5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://st.chatango.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 29 Sep 2021 18:16:45 GMT
via
1.1 varnish, 1.1 varnish
age
2516192
edge-cache-tag
515138144588733592382270075944674806885,380325472310985793969509634109498380114,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
627
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_147%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/188fa33a4e6d058ef402dd49fe027f48.jpg
content-length
9530
x-request-id
118f959574b263371ea67b7d2e6e3623
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Tue, 31 Aug 2021 13:22:31 GMT
server
nginx
x-timer
S1632939406.963895,VS0,VE1
etag
"604706bccf5b1c09ab138c209d45bba3"
x-served-by
cache-wdc5548-WDC, cache-dca17763-DCA, cache-hhn4038-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
188fa33a4e6d058ef402dd49fe027f48.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_147%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame E7CE
9 KB
9 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_147%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/188fa33a4e6d058ef402dd49fe027f48.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f93d541d99a48eb26c0a5ff9a419b538b1cc06666f6d4a2925f051cf4c9953c5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://st.chatango.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 29 Sep 2021 18:16:45 GMT
via
1.1 varnish, 1.1 varnish
age
2516192
edge-cache-tag
515138144588733592382270075944674806885,380325472310985793969509634109498380114,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
627
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_147%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/188fa33a4e6d058ef402dd49fe027f48.jpg
content-length
9530
x-request-id
118f959574b263371ea67b7d2e6e3623
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Tue, 31 Aug 2021 13:22:31 GMT
server
nginx
x-timer
S1632939406.977658,VS0,VE0
etag
"604706bccf5b1c09ab138c209d45bba3"
x-served-by
cache-wdc5548-WDC, cache-dca17763-DCA, cache-hhn4038-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
bulk
trc.taboola.com/chatango-chatango1/log/3/ Frame E7CE
0
252 B
XHR
General
Full URL
https://trc.taboola.com/chatango-chatango1/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210923-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://st.chatango.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
8
pragma
no-cache
date
Wed, 29 Sep 2021 18:16:46 GMT
via
1.1 varnish
server
nginx
x-timer
S1632939407.957434,VS0,VE8
x-served-by
cache-hhn4038-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://st.chatango.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
visible
trc.taboola.com/chatango-chatango1/log/3/ Frame E7CE
0
64 B
XHR
General
Full URL
https://trc.taboola.com/chatango-chatango1/log/3/visible?route=AM%3AAM%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210923-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://st.chatango.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Wed, 29 Sep 2021 18:16:46 GMT
via
1.1 varnish
server
nginx
x-timer
S1632939407.959351,VS0,VE9
x-served-by
cache-hhn4038-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://st.chatango.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame E7CE
254 B
750 B
Image
General
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://st.chatango.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
9033
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
zqMTRpifsl7n57rrmbauTpy15dj75+/Yr9THvoBu2iu20NuAVBrIbTIB+OLFF3ceJPrHp0hsBJU=
x-served-by
cache-hhn4038-HHN
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1632939407.963612,VS0,VE0
date
Wed, 29 Sep 2021 18:16:46 GMT
x-amz-request-id
PDAX0NJ0ZCYB7FMQ
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
84
x-cache-hits
1555
cds-pips.js
cdn.taboola.com/scripts/ Frame E7CE
2 KB
1 KB
Script
General
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210923-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://st.chatango.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
iYtYacMlAb7PnD4NbVgysKvLj2fov4iK
content-encoding
gzip
etag
"3aa74dbf5cd656dbb65deda2d238ddbd"
age
2979
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
911
x-amz-id-2
qLA+ntpX0xsn1M4H/vpvkV0o8w6UGkVVXckTk0W0F2Kr9YHvQvZKGJImLauo/YXexJMT5LeMdnk=
x-served-by
cache-hhn4038-HHN
last-modified
Wed, 14 Jul 2021 05:06:01 GMT
server
AmazonS3
x-timer
S1632939408.936683,VS0,VE0
date
Wed, 29 Sep 2021 18:16:47 GMT
vary
Accept-Encoding
x-amz-request-id
4KMJJDXMWM2DB40W
via
1.1 varnish
cache-control
private, max-age=3600
accept-ranges
bytes
content-type
application/javascript
abp
84
x-cache-hits
3757
/
pips.taboola.com/ Frame E7CE
4 B
178 B
XHR
General
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://st.chatango.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 18:16:47 GMT
via
1.1 varnish
server
Varnish
x-served-by
cache-fra19155-FRA
access-control-allow-methods
GET
access-control-allow-origin
https://st.chatango.com
cache-control
no-store
x-cache
HIT
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
/
cds.taboola.com/ Frame E7CE
0
155 B
XHR
General
Full URL
https://cds.taboola.com/?uid=55dc2d40-d2e0-4850-aacd-fa609ba74680-tuct84e330d
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://st.chatango.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 29 Sep 2021 18:16:48 GMT
Cache-Control
no-store
Server
nginx
Connection
close
message_received.mp3
st.chatango.com/pcache/sounds/ Frame E7CE
4 KB
4 KB
Media
General
Full URL
https://st.chatango.com/pcache/sounds/message_received.mp3?1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.93.230.22 , United States, ASN29893 (CHATANGO, US),
Reverse DNS
Software
nginx /
Resource Hash
1ff3e9a39d7c0b422cd1a275c2292f55effdde5f3d648369634ad121bfb81b2b

Request headers

Referer
https://st.chatango.com/h5/gz/r0817211056/id.html
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range
bytes=0-

Response headers

Date
Wed, 29 Sep 2021 18:16:48 GMT
Last-Modified
Tue, 17 Aug 2021 18:00:49 GMT
Server
nginx
Content-Type
audio/mpeg
Content-Range
bytes 0-3583/3584
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Length
3584
Expires
Thu, 29 Sep 2022 18:16:48 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.hesgoal.com
URL
http://www.hesgoal.com/templates/lol/style3.css
Domain
code.jquery.com
URL
http://code.jquery.com/jquery-1.6.2.js
Domain
code.jquery.com
URL
http://code.jquery.com/jquery-latest.min.js

Verdicts & Comments Add Verdict or Comment

213 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| onbeforexrselect boolean| originAgentCluster function| geoip object| block number| b string| siteurl object| cookieconsent_options boolean| hasCookieConsent object| name6now object| _Hasync object| __twttrll object| twttr object| __twttr function| chfh function| chfh2 string| _HST_cntval object| Histats object| _mgIntExchangeNews object| AdskeeperInfC994688 function| AdskeeperCContextBlock994688 function| AdskeeperCMainBlock994688 function| AdskeeperCInternalExchangeBlock994688 function| AdskeeperCColorBlock994688 function| AdskeeperCRejectBlock994688 function| AdskeeperCInternalExchangeLoggerBlock994688 function| AdskeeperCObserverBlock994688 function| AdskeeperCSendDimensionsBlock994688 function| AdskeeperCAntifraudStatisticsBlock994688 function| AdskeeperCRtbBlock994688 function| AdskeeperCContentPreviewBlock994688 function| AdskeeperCGradientBlock994688 function| AdskeeperCResponsiveBlock994688 boolean| mg_loaded_288223_994688 object| onClickExcludes function| mgReject994688 function| mgLoadAds994688_13433 function| AdskeeperCReject994688 function| AdskeeperLoadGoods994688_13433 object| _mgq function| _mgqp number| _mgqt number| _mgqi string| _mgCanonicalUri boolean| _mgPageViewEndPoint288223 string| _mgPvid object| _HistatsCounterGraphics_0_setValues boolean| _mgPageView288223 object| a object| cv object| Tynt object| _dtspv boolean| i.js.loaded boolean| i-noref.js.loaded object| __connect object| _33Across function| __uspapi object| lotame_3825 number| char function| lotameIsCompatible function| lt3825_ba function| lt3825_b undefined| lt3825_c undefined| lt3825_ca undefined| lt3825_d function| lt3825_e function| lt3825_da function| lt3825_ea object| lt3825_fa object| lt3825_ object| lt3825_4 function| lt3825_aa function| lt3825_a function| lt3825_f function| lt3825_g function| lt3825_h function| lt3825_i function| lt3825_j function| lt3825_l function| lt3825_ga function| lt3825_k function| lt3825_m function| lt3825_n function| lt3825_o function| lt3825_p function| lt3825_q function| lt3825_r function| lt3825_s function| lt3825_t function| lt3825_u function| lt3825_ha function| lt3825_ia function| lt3825_w function| lt3825_ja function| lt3825_x function| lt3825_y function| lt3825_v function| lt3825_z function| lt3825_A function| lt3825_B function| lt3825_C function| lt3825_D function| lt3825_E function| lt3825_F function| lt3825_G function| lt3825_H function| lt3825_I function| lt3825_J function| lt3825_L function| lt3825_M function| lt3825_N function| lt3825_K function| lt3825_ka function| lt3825_la function| lt3825_P function| lt3825_O function| lt3825_Q function| lt3825_R function| lt3825_S function| lt3825_T function| lt3825_ma function| lt3825_na function| lt3825_oa function| lt3825_pa function| lt3825_U function| lt3825_V function| lt3825_W function| lt3825_qa function| lt3825_sa function| lt3825_ra function| lt3825_X function| lt3825_ta function| lt3825_ua function| lt3825_Y function| lt3825_Z function| lt3825__ function| lt3825_va function| lt3825_wa function| lt3825_xa function| lt3825_ya function| lt3825_0 function| lt3825_za function| lt3825_Aa function| lt3825_Ba function| lt3825_1 function| lt3825_Da function| lt3825_Ca function| lt3825_Ea function| lt3825_Fa function| lt3825_Ga function| lt3825_Ha function| lt3825_2 function| lt3825_3 function| lt3825_Ia function| lt3825_Ja function| lt3825_Ka function| lt3825_La function| lt3825_Ma function| lt3825_Na function| lt3825_Oa function| lt3825_Pa function| lt3825_Qa function| lt3825_5 function| lt3825_6 function| lt3825_Ta function| lt3825_Ua function| lt3825_Sa function| lt3825_Ra function| lt3825_Wa function| lt3825_Va function| lt3825_Ya function| lt3825_Xa function| lt3825_7 function| lt3825_Za function| lt3825__a function| lt3825_0a function| lt3825_1a function| lt3825_2a function| lt3825_4a function| lt3825_7a function| lt3825_6a function| lt3825_3a function| lt3825_9a function| lt3825_5a function| lt3825_8a function| lt3825_ab function| lt3825_$a function| lt3825_bb function| lt3825_8 function| lt3825_cb function| lt3825_db function| lt3825_eb function| lt3825_fb function| lt3825_gb function| lt3825_hb function| lt3825_ib function| lt3825_kb function| lt3825_$ function| lt3825_jb function| lt3825_lb function| lt3825_9 object| closure_lm_905886 object| _mgwcapping boolean| _mgPageImp288223 function| update_cookieconsent_options

70 Cookies

Domain/Path Name / Value
www.hesgoal.com/ Name: PHPSESSID
Value: pct2m1gjmtqnl0q0n73hfu34a1
www.hesgoal.com/ Name: HstCfa3907345
Value: 1632939402035
www.hesgoal.com/ Name: HstCla3907345
Value: 1632939402035
www.hesgoal.com/ Name: HstCmu3907345
Value: 1632939402035
www.hesgoal.com/ Name: HstPn3907345
Value: 1
www.hesgoal.com/ Name: HstPt3907345
Value: 1
www.hesgoal.com/ Name: HstCnv3907345
Value: 1
www.hesgoal.com/ Name: HstCns3907345
Value: 1
www.hesgoal.com/ Name: szm_log_id68
Value: YRpDCAVDW0MCVVNWAFEABAQFBFEDWVADQxxp
.adskeeper.com/ Name: muidn
Value: l8tGFdzdUggb
servicer.adskeeper.com/ Name: __mglb
Value: b77c90ace61932b85ead847cc0fcb78b
www.hesgoal.com/ Name: AdskeeperStorage
Value: %7B%220%22%3A%7B%7D%2C%22C994688%22%3A%7B%22page%22%3A1%2C%22time%22%3A1632939402648%7D%7D
.dtscout.com/ Name: m
Value: 1
.dtscout.com/ Name: b
Value: 1
.dtscout.com/ Name: st
Value: 1
.dtscout.com/ Name: oa
Value: 1
.dtscout.com/ Name: df
Value: 1632939402
.dtscout.com/ Name: l
Value: 6D001632939402D0DE01155F7B2FCA6B
.hesgoal.com/ Name: __dtsu
Value: 6D001632939402D0DE01155F7B2FCA6B
.hesgoal.com/ Name: lotame_domain_check
Value: hesgoal.com
.onaudience.com/ Name: cookie
Value: 25bc434ffda60366
.onaudience.com/ Name: done_redirects219
Value: 1
.dtscdn.com/ Name: uid
Value: 6D001632939402D0DE01155F7B2FCA6B
.zeotap.com/ Name: zc
Value: edad4164-976c-4c64-5a9c-6d0b98402f13
.zeotap.com/ Name: zsc
Value: Yu+s%A3%B5-%C6o%8C%2A%F0%15%DCt8c%C5%B0c%E5%26w%19%E3y%FD%A0z%9C%D2%DC-i%27%B0%0D3%86%AD%D1I%D5n%AE%27%F7%BE%BD2%1A%B8%EF%AB%A7%17%23MTGq%08k%07%D5%D9-Sp%E8%B9%8C%10%DF%0D%AB%27%08%0E%C5%BA%7Bt
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.scorecardresearch.com/ Name: UID
Value: 1USPON6C8W3V6FNI2LLSFPg1632939404
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: d397f98759b469b5ac68e9b79e5ac48
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmOQTzG2NE%2BztDA3tUwyMbNMMk1MNrNItUwyt0wFMk0sGIAgMWRtD4iGAN6t77tEGD%2FKMvxnZGQ4vmkKC4z98bMljPls8Ry48PI%2FhXDVRw8xw9i7910WgLE%2FNNyHsw8jaZ1%2BQh2m5N0ShIlrNjzlholP%2FDhBG8YGAJttQXY%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIDFnbA6QggJmBgWsGmLmoFUQyPqwHkgBfxQUc"
.hesgoal.com/ Name: _cc_id
Value: d397f98759b469b5ac68e9b79e5ac48
.hesgoal.com/ Name: _cc_cc
Value: ACZ4XmOQTzG2NE%2BztDA3tUwyMbNMMk1MNrNItUwyt0wFMk0sGIAgMWRtD4iGAN6t77tEGD%2FKMvxnZGQ4vmkKC4z98bMljPls8Ry48PI%2FhXDVRw8xw9i7910WgLE%2FNNyHsw8jaZ1%2BQh2m5N0ShIlrNjzlholP%2FDhBG8YGAJttQXY%3D
.hesgoal.com/ Name: _cc_aud
Value: ABR4XmNgYGBIDFnbA6QggJmBgWsGmLmoFUQyPqwHkgBfxQUc
.hesgoal.com/ Name: panoramaId_expiry
Value: 1633544204110
.hesgoal.com/ Name: panoramaId
Value: 14efb0d68e4ee9556b8971790e7d4945a702f499e0a749190b48ccdf3b478fc0
.exelator.com/ Name: EE
Value: "0e9954838d590cc1e793fc79e7f71378"
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcEg1dLS1MTC2CLF1NIgOdkw1dzSOC3Z3DLVPM3c0NjcYnFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yNJ4SX5RZvoiF9fFRSlpDItKik8F75NMBgBY0ik7"
.id5-sync.com/ Name: id5
Value: 132eee7e-1f72-424a-80fa-4a9bb62afc39#1632939400507#2
.tapad.com/ Name: TapAd_TS
Value: 1632939404288
.tapad.com/ Name: TapAd_DID
Value: 0fae4663-9701-4758-be3b-7a70469e530c
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.krxd.net/ Name: _kuid_
Value: OZDE1gBM
.demdex.net/ Name: demdex
Value: 69554753551921484420374101805203095274
.eyeota.net/ Name: mako_uid
Value: 17c32c5ec6a-660000010f4900
.eyeota.net/ Name: SERVERID
Value: 18688~DM
.dpm.demdex.net/ Name: dpm
Value: 69554753551921484420374101805203095274
.mathtag.com/ Name: uuid
Value: bdca6154-ad8c-4f00-bfe0-dbb257c72a08
ads.avct.cloud/ Name: uuid
Value: 26063f5f-5840-4fd1-8dce-134c9657d121
.adnxs.com/ Name: uuid2
Value: 3867230706839292309
.tidaltv.com/ Name: tidal_ttid
Value: 9be4ef42-102e-490b-b89c-c8edd8146faf
.turn.com/ Name: uid
Value: 3959275450501156904
.sitescout.com/ Name: ssi
Value: 1f2dc50e-bb1b-4802-99f7-dc59d80cbfd7#1632939404506
.id5-sync.com/ Name: 3pi
Value: 224#1632939400771#-218242696|321#1632939400737#-1897356074|19#1632939400520#-2046754217#d397f98759b469b5ac68e9b79e5ac48|398#1632939400771#-1943652784
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0srA0sDI0NAAAlTHIWwkAAAA="
.sitescout.com/ Name: _ssuma
Value: eyI3IjoxNjMyOTM5NDA0NTQ5fQ
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YVStjAAFUzV3CAA6
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-e63043a3-5fc2-4c94-7fcc-5025cdf7351a.GjDU3DcbgAKQcfQ%2FtcVUn52CHn18xnMg0cALv%2Bg7%2FnQ
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A0-e63043a3-5fc2-4c94-7fcc-5025cdf7351a%24ip%24216.131.114.18.Cthoe5ynHJte%2F9tr7ud0Akas66rgDh2LZhdIwlVq%2BRE
global.ib-ibi.com/ Name: ASP.NET_SessionId
Value: 5nbqcwhcvk24acclaxzhqrot
st.chatango.com/ Name: session_id
Value: 3382499208805272
ib.mookie1.com/ Name: ASP.NET_SessionId
Value: qmoxfz2rvlwcbh0j1h00vib4
.ib.mookie1.com/ Name: ibkukiuno
Value: s=569846e8-718d-4721-8b33-307d0d77e4f6&h=&v=8742079031&l=-8585686674834261396&op=&hl=0&vlu=3&tcs=1&dcc=-8585686674834261396
.ib.mookie1.com/ Name: ibkukinet
Value: 3632493074=-8585686674834261396

59 Console Messages

Source Level URL
Text
security warning URL: https://www.hesgoal.com/(Line 2)
Message:
Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://3.bp.blogspot.com/-dIvRPhEjBVk/Vh0xh4poWxI/AAAAAAAAAkQ/pQ4LwjACdms/s1600/J%25C3%25A9r%25C3%25A9my-Mathieu-au-FC-Barcelone%2B%2528320%2Bx%2B180%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.hesgoal.com/(Line 2)
Message:
Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://4.bp.blogspot.com/-6PmeR4KYHCg/Vh0xu8fOe9I/AAAAAAAAAkY/ooWCQ4HPxBc/s1600/soccer-Colombia-Falcao%2B%2528465%2Bx%2B261%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.hesgoal.com/(Line 2)
Message:
Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://1.bp.blogspot.com/-ceC9vs4yQ30/Vh0x_sMDIuI/AAAAAAAAAkg/w5pBuY8zB4s/s1600/Nice-vs-Monaco-team%2B%2528330%2Bx%2B160%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.hesgoal.com/(Line 2)
Message:
Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://4.bp.blogspot.com/-Ddt-dDXho6s/Vh0yKjBXGCI/AAAAAAAAAko/HGFMszpBJ8M/s1600/Kaboul.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.hesgoal.com/(Line 2)
Message:
Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://1.bp.blogspot.com/-H27asjimQ94/Vh0yg_MPaoI/AAAAAAAAAk4/XosrwwcGfKE/s1600/bayyr%2B%2528305%2Bx%2B171%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.hesgoal.com/(Line 2)
Message:
Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://2.bp.blogspot.com/-V6RT9Vezcsg/Vh0ytsQc1oI/AAAAAAAAAlA/aoRhlMRPBnU/s1600/arssd.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.hesgoal.com/(Line 2)
Message:
Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://3.bp.blogspot.com/-Eps1ylN-vys/Vh0zBlSyOwI/AAAAAAAAAlI/f2WCaN4SztE/s1600/shai%2B%2528310%2Bx%2B215%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.hesgoal.com/(Line 2)
Message:
Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://1.bp.blogspot.com/-cgLilAUBe14/Vh0zWz7QKvI/AAAAAAAAAlY/09Q2LcdN0GE/s1600/DHiOS%2B%2528426%2Bx%2B240%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.hesgoal.com/(Line 2)
Message:
Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://1.bp.blogspot.com/-RBFwLfIMCPs/Vh0zicH1cXI/AAAAAAAAAlg/wkFuVQOooEE/s1600/dim%2B%2528309%2Bx%2B157%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.hesgoal.com/(Line 2)
Message:
Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://2.bp.blogspot.com/-q4xPw_Rdydw/Vh0zs--afqI/AAAAAAAAAlo/tcFnI2iJnjw/s1600/Marcelo-Modric_1872047c%2B%2528230%2Bx%2B143%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.hesgoal.com/(Line 2)
Message:
Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://3.bp.blogspot.com/-EV746E9dtDo/Vh0z297Av6I/AAAAAAAAAlw/uspUTJ3uK3o/s1600/Olympique-Lyonnais-Naples%2B%2528297%2Bx%2B185%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.hesgoal.com/(Line 2)
Message:
Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://2.bp.blogspot.com/-07G0LmocPB4/Vh00NrOK-vI/AAAAAAAAAl4/rnx8r_gc9F8/s1600/shic%2B%2528360%2Bx%2B270%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.hesgoal.com/(Line 2)
Message:
Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://4.bp.blogspot.com/-qp60VT61rWc/Vh00YbvtLYI/AAAAAAAAAmA/qMSbSsXYpzI/s1600/saint%2B%2528348%2Bx%2B217%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.hesgoal.com/(Line 2)
Message:
Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://2.bp.blogspot.com/-3VKlWr_OKDI/Vh00iHasFvI/AAAAAAAAAmI/gHRa6roZPkI/s1600/mascheranopa_450x250%2B%2528337%2Bx%2B187%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.hesgoal.com/(Line 2)
Message:
Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://4.bp.blogspot.com/-QfVoWLsz05M/Vh00uifNM1I/AAAAAAAAAmQ/lhjn32auqdc/s1600/marr%2B%2528235%2Bx%2B156%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.hesgoal.com/(Line 2)
Message:
Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://1.bp.blogspot.com/--kC9H4FjLcM/Vh0rPwsgKSI/AAAAAAAAAh0/aZagbphWh8w/s1600/fernando-alonso-budapest-%2B%2528403%2Bx%2B302%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.hesgoal.com/(Line 2)
Message:
Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://1.bp.blogspot.com/-dW3KvDqGfmg/Vh0rfy8azlI/AAAAAAAAAh8/OrfkDWgPqHY/s1600/Jari%252BMatti%252BLatvala%252BFIA%252BWorld%252BRally%252BChampionship%252BYqf_yBl0Wg-l%2B%2528445%2Bx%2B297%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.hesgoal.com/(Line 2)
Message:
Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://3.bp.blogspot.com/-zutjz__Fnuc/Vh0so6W6w4I/AAAAAAAAAiU/Z2rrpXzDeZg/s1600/PHENO%2B%2528475%2Bx%2B324%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.hesgoal.com/(Line 2)
Message:
Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://4.bp.blogspot.com/-Bt7BlUW-o20/Vh0s17MbYPI/AAAAAAAAAic/j89fLwbIPE0/s1600/WRC_222%2B%2528471%2Bx%2B264%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.hesgoal.com/(Line 2)
Message:
Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://3.bp.blogspot.com/-aZulEqqldn8/Vh0tbybVBmI/AAAAAAAAAi0/O9BEUJtJzYA/s1600/alonso%2B%2528495%2Bx%2B262%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.hesgoal.com/(Line 2)
Message:
Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://3.bp.blogspot.com/-U6K5vyAOznY/Vh0to4OAbGI/AAAAAAAAAi8/aXsGdvr-LAs/s1600/REDBB%2B%2528480%2Bx%2B270%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.hesgoal.com/(Line 2)
Message:
Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://3.bp.blogspot.com/-2ZRgdn0h1PQ/Vh0t0JmTj0I/AAAAAAAAAjE/RYHrOQ-KZfQ/s1600/van-der-garde%2B%2528472%2Bx%2B315%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.hesgoal.com/(Line 2)
Message:
Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://2.bp.blogspot.com/-droslkcAUmA/Vh0uYF6QAzI/AAAAAAAAAjc/Y3t5W-6h2jg/s1600/winner_lewis_hamilton_getty%2B%2528468%2Bx%2B263%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.hesgoal.com/(Line 2)
Message:
Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://4.bp.blogspot.com/-vkmA3_ST_e4/Vh0ujAsTcFI/AAAAAAAAAjk/iQl_b7j0-tM/s1600/MotoGp%252Bof%252BGermany%2B%2528445%2Bx%2B296%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.hesgoal.com/(Line 2)
Message:
Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://3.bp.blogspot.com/-ltxoRMYHgkw/Vh0utkpIfyI/AAAAAAAAAjs/vipaMuMFvQo/s1600/depuniet%2B%2528315%2Bx%2B210%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.hesgoal.com/(Line 2)
Message:
Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://4.bp.blogspot.com/-qFd__8GuOmc/Vh0u4NEm2BI/AAAAAAAAAj0/sCopngmhQVo/s1600/vedel%2B%2528465%2Bx%2B291%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security error URL: https://www.hesgoal.com/(Line 42)
Message:
Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure stylesheet 'http://www.hesgoal.com/templates/lol/style3.css'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://www.hesgoal.com/
Message:
Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure script 'http://code.jquery.com/jquery-1.6.2.js'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://www.hesgoal.com/
Message:
Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure script 'http://code.jquery.com/jquery-latest.min.js'. This request has been blocked; the content must be served over HTTPS.
security warning URL: https://www.hesgoal.com/(Line 123)
Message:
Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over a secure connection, but contains a form that targets an insecure endpoint 'http://www.hesgoal.com/search.php'. This endpoint should be made available over a secure connection.
security warning URL: https://www.hesgoal.com/
Message:
Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://3.bp.blogspot.com/-dIvRPhEjBVk/Vh0xh4poWxI/AAAAAAAAAkQ/pQ4LwjACdms/s1600/J%25C3%25A9r%25C3%25A9my-Mathieu-au-FC-Barcelone%2B%2528320%2Bx%2B180%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.hesgoal.com/
Message:
Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://4.bp.blogspot.com/-6PmeR4KYHCg/Vh0xu8fOe9I/AAAAAAAAAkY/ooWCQ4HPxBc/s1600/soccer-Colombia-Falcao%2B%2528465%2Bx%2B261%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.hesgoal.com/
Message:
Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://1.bp.blogspot.com/-ceC9vs4yQ30/Vh0x_sMDIuI/AAAAAAAAAkg/w5pBuY8zB4s/s1600/Nice-vs-Monaco-team%2B%2528330%2Bx%2B160%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.hesgoal.com/
Message:
Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://4.bp.blogspot.com/-Ddt-dDXho6s/Vh0yKjBXGCI/AAAAAAAAAko/HGFMszpBJ8M/s1600/Kaboul.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.hesgoal.com/
Message:
Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://1.bp.blogspot.com/-H27asjimQ94/Vh0yg_MPaoI/AAAAAAAAAk4/XosrwwcGfKE/s1600/bayyr%2B%2528305%2Bx%2B171%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.hesgoal.com/
Message:
Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://2.bp.blogspot.com/-V6RT9Vezcsg/Vh0ytsQc1oI/AAAAAAAAAlA/aoRhlMRPBnU/s1600/arssd.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.hesgoal.com/
Message:
Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://3.bp.blogspot.com/-Eps1ylN-vys/Vh0zBlSyOwI/AAAAAAAAAlI/f2WCaN4SztE/s1600/shai%2B%2528310%2Bx%2B215%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.hesgoal.com/
Message:
Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://1.bp.blogspot.com/-cgLilAUBe14/Vh0zWz7QKvI/AAAAAAAAAlY/09Q2LcdN0GE/s1600/DHiOS%2B%2528426%2Bx%2B240%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.hesgoal.com/
Message:
Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://1.bp.blogspot.com/-RBFwLfIMCPs/Vh0zicH1cXI/AAAAAAAAAlg/wkFuVQOooEE/s1600/dim%2B%2528309%2Bx%2B157%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.hesgoal.com/
Message:
Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://2.bp.blogspot.com/-q4xPw_Rdydw/Vh0zs--afqI/AAAAAAAAAlo/tcFnI2iJnjw/s1600/Marcelo-Modric_1872047c%2B%2528230%2Bx%2B143%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.hesgoal.com/
Message:
Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://3.bp.blogspot.com/-EV746E9dtDo/Vh0z297Av6I/AAAAAAAAAlw/uspUTJ3uK3o/s1600/Olympique-Lyonnais-Naples%2B%2528297%2Bx%2B185%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.hesgoal.com/
Message:
Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://2.bp.blogspot.com/-07G0LmocPB4/Vh00NrOK-vI/AAAAAAAAAl4/rnx8r_gc9F8/s1600/shic%2B%2528360%2Bx%2B270%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.hesgoal.com/
Message:
Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://4.bp.blogspot.com/-qp60VT61rWc/Vh00YbvtLYI/AAAAAAAAAmA/qMSbSsXYpzI/s1600/saint%2B%2528348%2Bx%2B217%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.hesgoal.com/
Message:
Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://2.bp.blogspot.com/-3VKlWr_OKDI/Vh00iHasFvI/AAAAAAAAAmI/gHRa6roZPkI/s1600/mascheranopa_450x250%2B%2528337%2Bx%2B187%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.hesgoal.com/
Message:
Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://4.bp.blogspot.com/-QfVoWLsz05M/Vh00uifNM1I/AAAAAAAAAmQ/lhjn32auqdc/s1600/marr%2B%2528235%2Bx%2B156%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.hesgoal.com/
Message:
Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://1.bp.blogspot.com/--kC9H4FjLcM/Vh0rPwsgKSI/AAAAAAAAAh0/aZagbphWh8w/s1600/fernando-alonso-budapest-%2B%2528403%2Bx%2B302%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.hesgoal.com/
Message:
Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://1.bp.blogspot.com/-dW3KvDqGfmg/Vh0rfy8azlI/AAAAAAAAAh8/OrfkDWgPqHY/s1600/Jari%252BMatti%252BLatvala%252BFIA%252BWorld%252BRally%252BChampionship%252BYqf_yBl0Wg-l%2B%2528445%2Bx%2B297%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.hesgoal.com/
Message:
Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://3.bp.blogspot.com/-zutjz__Fnuc/Vh0so6W6w4I/AAAAAAAAAiU/Z2rrpXzDeZg/s1600/PHENO%2B%2528475%2Bx%2B324%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.hesgoal.com/
Message:
Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://4.bp.blogspot.com/-Bt7BlUW-o20/Vh0s17MbYPI/AAAAAAAAAic/j89fLwbIPE0/s1600/WRC_222%2B%2528471%2Bx%2B264%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.hesgoal.com/
Message:
Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://3.bp.blogspot.com/-aZulEqqldn8/Vh0tbybVBmI/AAAAAAAAAi0/O9BEUJtJzYA/s1600/alonso%2B%2528495%2Bx%2B262%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.hesgoal.com/
Message:
Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://3.bp.blogspot.com/-U6K5vyAOznY/Vh0to4OAbGI/AAAAAAAAAi8/aXsGdvr-LAs/s1600/REDBB%2B%2528480%2Bx%2B270%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.hesgoal.com/
Message:
Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://3.bp.blogspot.com/-2ZRgdn0h1PQ/Vh0t0JmTj0I/AAAAAAAAAjE/RYHrOQ-KZfQ/s1600/van-der-garde%2B%2528472%2Bx%2B315%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.hesgoal.com/
Message:
Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://2.bp.blogspot.com/-droslkcAUmA/Vh0uYF6QAzI/AAAAAAAAAjc/Y3t5W-6h2jg/s1600/winner_lewis_hamilton_getty%2B%2528468%2Bx%2B263%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.hesgoal.com/
Message:
Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://4.bp.blogspot.com/-vkmA3_ST_e4/Vh0ujAsTcFI/AAAAAAAAAjk/iQl_b7j0-tM/s1600/MotoGp%252Bof%252BGermany%2B%2528445%2Bx%2B296%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.hesgoal.com/
Message:
Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://3.bp.blogspot.com/-ltxoRMYHgkw/Vh0utkpIfyI/AAAAAAAAAjs/vipaMuMFvQo/s1600/depuniet%2B%2528315%2Bx%2B210%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.hesgoal.com/
Message:
Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://4.bp.blogspot.com/-qFd__8GuOmc/Vh0u4NEm2BI/AAAAAAAAAj0/sCopngmhQVo/s1600/vedel%2B%2528465%2Bx%2B291%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
rendering warning URL: https://st.chatango.com/h5/gz/r0817211056/id.html(Line 4)
Message:
The key "target-densitydpi" is not supported.
network error URL: https://dmp.truoptik.com/f2d2e39fc16bc9cc/sync.gif?cbp=tpid&cbk=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10832%2Ftp%3DTRUP
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://sync.crwdcntrl.net/map/c=10492/tp=AVCT/tpid=26063f5f-5840-4fd1-8dce-134c9657d121
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
2.bp.blogspot.com
3.bp.blogspot.com
4.bp.blogspot.com
a.dtssrv.com
ads.avct.cloud
ads.avocet.io
bcp.crwdcntrl.net
beacon.krxd.net
c.adskeeper.com
c.cintnetworks.com
cdn.adskeeper.co.uk
cdn.taboola.com
cdn.tynt.com
cdnjs.cloudflare.com
cds.taboola.com
cm.adskeeper.com
cm.g.doubleclick.net
code.jquery.com
d.turn.com
de.tynt.com
dmp.truoptik.com
dpm.demdex.net
e.dtscout.com
get.geojs.io
get.s-onetag.com
global.ib-ibi.com
ib.mookie1.com
ic.tynt.com
id5-sync.com
images.taboola.com
jsc.adskeeper.com
loadm.exelator.com
m.huerty.live
match.adsrvr.org
ml314.com
mwzeom.zeotap.com
onetag-geo-grouping.s-onetag.com
onetag-geo.s-onetag.com
pd.sharethis.com
pips.taboola.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.tapad.com
platform.twitter.com
ps.eyeota.net
s-img.adskeeper.com
s10.histats.com
s4.histats.com
sb.scorecardresearch.com
secure.adnxs.com
servicer.adskeeper.com
spl.zeotap.com
st.chatango.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.mathtag.com
sync.srv.stackadapt.com
sync.tidaltv.com
syndication.twitter.com
t.dtscdn.com
t.dtscout.com
tags.bluekai.com
tags.crwdcntrl.net
token.rubiconproject.com
trc.taboola.com
upload.wikimedia.org
ust.chatango.com
www.google-analytics.com
www.hesgoal.com
code.jquery.com
www.hesgoal.com
104.111.215.191
104.16.19.94
104.16.92.60
104.18.16.65
104.18.17.65
104.18.28.199
104.19.134.80
104.244.42.200
104.26.0.100
13.225.87.101
13.225.87.108
13.225.87.63
13.225.87.75
13.225.87.81
13.248.242.197
141.226.224.32
141.95.34.104
142.250.181.226
142.250.185.225
142.250.185.78
151.101.130.49
151.101.193.44
151.101.65.44
167.114.209.61
172.67.13.182
172.67.220.51
18.195.98.10
18.198.69.109
185.156.202.211
185.29.132.241
198.27.80.143
208.100.17.183
208.100.17.190
208.93.230.22
216.46.185.182
216.46.185.184
3.122.214.165
3.228.133.61
34.253.137.48
35.227.248.159
37.252.172.38
45.55.96.63
46.105.201.240
46.228.164.13
5.182.209.23
51.144.7.192
51.222.80.231
52.208.138.90
52.211.234.106
52.214.235.66
52.214.44.171
52.30.140.199
66.155.71.25
69.173.144.165
91.198.174.208
93.184.220.66
0197913b1c33f10c2ceb13c0702bfcd15638b458c3ef26a84f29ff646a8e42d2
0222608801301cf9e7a5e78a9e6645318b98156857f0fdd3666c6ed46036f3c2
03504b510d0a289c3cf9aa389bf60edb1b19785eed0f8d41dbd19355c55ad6f7
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
11048c3be88262e2cf43c9144ea5272dde3369f954f705d4eea26aa4b33d96e6
11e47e3f46e571aaf1ac77329cbd60847f6c8057068fb0f97bfd1ca5ef59bb79
190fc02d8e8f1dd5acc40f48d0d6203e6115eb31e3f47f55db0c3f07797d68f0
1a34977d38ab954500e2d89c81be2e8a19dee4e30492f33da233283859cc197a
1a4439966cf3114fcfbe92d56d21b21810b5f3a0f138032a7e665113f2c754a7
1f1cbc94de77db002ad23121c7baf05a826b7233c7432753a1fc696d5782d2d6
1ff3e9a39d7c0b422cd1a275c2292f55effdde5f3d648369634ad121bfb81b2b
242a75ba54f0b62ab4e7f78a503df8b6f1d475bc7a246ffa5dc7981a315bad04
29837203efe096a89bbaf504ee7ba517fbde6567fd80cc90a257e42886d7d54f
29e28dc9767fd91b19b86e6cf9db100cfd0c0ef8ab36337fe98794fd41d17bcb
2c91b0e6f34ac9ba15363622392e08daed9ae565ff18d92ceac3eb94edb0f1cb
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be
3d2f50274e7b3aec5963f044253b2e5ec72f77c307610362dd94b266aabe11ef
3dd384ba5379d14c2803ff711a3f4869d29ef29566cdd5141c41f9e4dbd509ee
3e2c9ee8c65fe5cba61424da8a143be0e4c50d80d2758a1464e1cc9255df97b1
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ee8351e156e2e80d99018a585c18c0dbd9098e3bea84a131d8cbad1ec72c81e
3fe7f4a2d9e68e6d3ea3665ffa83df459dbb4bc64562c510fa7324301b2447b0
411967072c021b1a4671c42b781142b19ac8e2da9bbb551ca188fc87202df93a
42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423
4ea647e1d512a7f4b4e9e72fc9fe7f823836f9c52eb974823a9c16731ec0ed4b
4ebfe7bf8564d707f3ce257dfa899381e29627e5e2a941b606546cf1e3787c10
5d1129f473527dce92086e246848c28a08b5b182042a533ae717bb8d5358a254
6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0
63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372
695cb99e9e3942a92d95f65aa792db534ac5594e20bafad3137fd332fe26af9d
6b387b1ce511eb9e24efb3cbb349a11db51da1e3828b065a4f7954893a0fc680
6b3e048ef33a432b755395dbf54f027723c7624aa5ea1eec18b8b778e62c3520
6ba080cb87210455600d30f6cbb946d407474b06b89d3a50f297ff1747e2c37c
702f1e6aca82f2b576d881b27d7f6d230aba208e4209e2edaaf4c4d2f94ded40
718e169411e938c6ccca40681574efaf03da136dfef6332174652485368e78bb
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
738819381485d1be56e646985b53c057ad49e45e310ad0fda6f22434f77402d3
77db8e3a0c1157eb4946f816fee2f1bccd44fd03a8098618b15b470cb610e0c1
7bbd228ebb7a313c02f48fee3f8398ddaf2df196477f3e245abef62c6c0dd6a9
7c2dbcb92e66fe8b66c124b8f21dcc8a1d67d7d573e38cd2e86e2ecd6fddb599
7cc009f23b6e5199632a4df96cc8f69c6de6f9eaa4079c83e759516695ef8c82
7cd0e977de74caad61054e8991c774c3bfc8342704ba9b80c9fa1035d946f4db
7ee04154662e67cdd4a6694f6afacb682bb184617b5e81948524637dde2f31d3
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3
80b8f8fd882bf4183eed3bb9d74311f820cf16057833a928d09ba1613188b987
826a820fd1c9ee09e48db0ca5ec0b54cdf311786c9e6a23783b9968a506b7111
83147d4b02fdda83728e35c64a246133da2171d543343efbbc10a0717639074c
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8ade4559ba0159fe586121f621bed885f04755e81a8d02e58eb7d0f9771afe2b
8ba0b29fd70cf1a0f96de43957319df4d6490c9d796d560f0fb60504dadf2158
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d876054904ddf1100888777d73a57cd36f3b51a83fbd75774bfdf7339fe2209
8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18
9184949092862871ea4a0638f963edc72ade0428d4df177f6597412e3345c68b
919f0d5d2f1a61109be1d457ec197149f7fa4ce56ae130732a9877509575bba9
92f2023a8479cf95c3d98e383e25751c5cadc9b5412266fbf00ea54c3584c330
9654d9b53441b6a76ea9caa18eb89e2f91c9935f306fb4590c8896e8b3efe9ef
9933d7066a22669cd5d48d0051aa5f2d7ea91bad0a9223f3d7884e93c3ca8a28
9c22ac6dd3da1db544d1b1974fba41c7994137bfe9f60d954bf18e9bdbda15df
9c5681c33c41690b895e5bb0b7d7e748fa3252852f94c1112ff03b837f3ee36f
9cdac6ebed7b54bbee2bcdd18f9aec4ee761e0bf4b6c2d87a8ff31d45c67f6cd
9d38a00c79a9c87d78d7dfe4dcd21f67fcc933e72db56702f9201e6b6834a391
9dae62151120e18b465ffc5c8e9e342ecc28a6efe1a0d71c9766d677a5ddc389
9ef2fa6d02bd3595685a4fa73762bb189deac1d05605ff00a2bb58b879b75557
a12e522508f84829d98353fbca78badae6da34aa5cdcb387bdffe5679de6317f
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a73a2f96c9c3c66bad7f0974859a398b16d81c2023e797eec43e537bfc9a9670
a8558243788f0dc91ae04cfbfcb192804bb5c08a247e6707053944046c0936c2
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ac908d1b13e23604cb93d6183b386c4cfc3ae8c07aa6ca77debe9ddf975393cd
b04d3cfa9b28e61adce17e6779f4b7f3dcfca34000d7b88bb85734a465c4100f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b87d0c1195e80246d9b4386e8b60bd43862497c45099baf093d23f86b96a5452
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c051f20e397bda903dda0cdd3e3af421ea67923f737697b50868b0f7f2627378
c48220cc9ef4604a3d8f7484a5c7c35a55d06f34f898f52de85d64fff9f8282c
c49c82f3f670e16ab6ad5231d4dba5ccea94142649a946a69d5d7f64a9cfe4cd
c61a68b4338345f13141b316e626d72cc2327b091b34c5b44b412abe45de7561
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c7ad40b7c0215a36e2adbecc2c9813b1eeae285a314724a5b540efe0f785cf54
c7ee651e00a56adb1e06aca0aab62e0aeb66cc4594592c7ac1344f81b3fea1b6
c8164a629b41019e218dc4afdb572fdb310e3e85ea1215b3fbdda1d2e56d81b7
cd5269f06e0db0b8c23c34a32815e4ef9e6349d93fd6943b60542d2e24a411f2
d008867b9024617b5233a0aab38ec158a60400b60afcfbb1a2d793557f955296
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
d27f53bbfc004b239b92ee8d8e8493293f5790ade1237ca74a82d76bb74e44de
d50c76f222ed812d0aef55d3b7fe52f4ea68565e14496a8d8e52fb290be7bc3e
d5a4397698a3fa51e1dded6959e1b16e6bc1e89b28c949f3f0313ace1a3b5a97
d6002ac80e0b2185318aec97b4cc5a53e63eb72af9de04251817458f07a1599c
d6de45b23e6b655fe6074a5217e43ce195490faa5dc458706d3ddf188c3ec6b4
d9262f833e999fddfae1cb297ae5f9e260529ca0ca737ed805a11fbf3ab92bcd
d9d29be0489fcf2b400b25f7a16ba7bae84b4a3ce7c2ccf6a31cce4f5e64235c
daf5aa10f48006b8b318edc196b852ed356f9a9dadf14447568876ad7bea17e6
dbc8af2a2b9ce5900394f7b3cc31975e54cbedd7e83e8a654ccaf62aaa79edb9
dbd7750c69d1dda28b5a18ac3d2b66324ef8e35ed8150f79d5b617afaa64cdb6
dc9dc5abccf3e062029d71dcdc0e04b7cc9a9be96103d07f98b4ff4a5459c668
e23f3a6e99524b4a3c64675a721185d366fb02194726b75cc0c9ed896fef81df
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb7fc01edc455bd8c043bdf74dd4395c08a6f4465023ef2d54214914c055f4f6
ef71ad0e3206edc6bf524507d43c65f6f68a1cb02638fb074849af78fd500d70
ef92a8dd084f1681d883112395918d6db6cd497318f0c9265bc953f3de0478bc
f2d6214b8f28883772525a47935d20435da481d26e99abbcddfe3766f49601a0
f369c41399a02489b8db3d2712c86082949847a670b059367b9deb6d1f87a1d4
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6943106e4ec38d43fcb1b7616e34417aceb78763846c1c32e11589649c437f5
f93d541d99a48eb26c0a5ff9a419b538b1cc06666f6d4a2925f051cf4c9953c5
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fcfa793d204b4144bf54f59bd9c5c720843af02dd02999d1653c8fafc0ebd8ea
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62