www.hesgoal.com Open in urlscan Pro
5.182.209.23 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.hesgoal.com/
Effective URL:
https://www.hesgoal.com/
Submission: On September 29 via manual (September 29th 2021, 6:16:50 pm UTC) from CA — Scanned from DE

Summary HTTP 157 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 44 IPs in 9 countries across 48 domains to perform 157 HTTP transactions. The main IP is 5.182.209.23, located in Amsterdam, Netherlands and belongs to SPECTRAIP SpectraIP B.V., NL. The main domain is www.hesgoal.com.
TLS certificate: Issued by localhost on November 16th 2020. Valid for: 27 years.

This is the only time www.hesgoal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	5.182.209.23 5.182.209.23	62068 (SPECTRAIP...) (SPECTRAIP SpectraIP B.V.)
1	104.26.0.100 104.26.0.100	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.16.19.94 104.16.19.94	13335 (CLOUDFLAR...) (CLOUDFLARENET)
29	142.250.185.225 142.250.185.225	15169 (GOOGLE) (GOOGLE)
4	93.184.220.66 93.184.220.66	15133 (EDGECAST) (EDGECAST)
22	208.93.230.22 208.93.230.22	29893 (CHATANGO) (CHATANGO)
10	104.18.16.65 104.18.16.65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	91.198.174.208 91.198.174.208	14907 (WIKIMEDIA) (WIKIMEDIA)
2	185.156.202.211 185.156.202.211	56388 (AMBER-AS ...) (AMBER-AS ---CLIENTS---)
1	46.105.201.240 46.105.201.240	16276 (OVH) (OVH)
1	198.27.80.143 198.27.80.143	16276 (OVH) (OVH)
2	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
1	104.19.134.80 104.19.134.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	167.114.209.61 167.114.209.61	16276 (OVH) (OVH)
4	104.18.17.65 104.18.17.65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.225.87.81 13.225.87.81	16509 (AMAZON-02) (AMAZON-02)
1	18.195.98.10 18.195.98.10	16509 (AMAZON-02) (AMAZON-02)
1	104.18.28.199 104.18.28.199	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.225.87.75 13.225.87.75	16509 (AMAZON-02) (AMAZON-02)
7	208.100.17.190 208.100.17.190	32748 (STEADFAST) (STEADFAST)
1	13.225.87.108 13.225.87.108	16509 (AMAZON-02) (AMAZON-02)
3	13.225.87.101 13.225.87.101	16509 (AMAZON-02) (AMAZON-02)
1	45.55.96.63 45.55.96.63	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 3	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	51.222.80.231 51.222.80.231	16276 (OVH) (OVH)
1 2	172.67.13.182 172.67.13.182	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 5	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	208.100.17.183 208.100.17.183	32748 (STEADFAST) (STEADFAST)
13	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
1 3	13.225.87.63 13.225.87.63	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.78 142.250.185.78	15169 (GOOGLE) (GOOGLE)
2 14	52.30.140.199 52.30.140.199	16509 (AMAZON-02) (AMAZON-02)
1	172.67.220.51 172.67.220.51	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 4	141.95.34.104 141.95.34.104	16276 (OVH) (OVH)
2 2	46.228.164.13 46.228.164.13	56396 (AMOBEE) (AMOBEE)
1	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
2 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1	104.16.92.60 104.16.92.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	18.198.69.109 18.198.69.109	16509 (AMAZON-02) (AMAZON-02)
3 3	52.214.235.66 52.214.235.66	16509 (AMAZON-02) (AMAZON-02)
2 2	52.214.44.171 52.214.44.171	16509 (AMAZON-02) (AMAZON-02)
1	51.144.7.192 51.144.7.192	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.211.234.106 52.211.234.106	16509 (AMAZON-02) (AMAZON-02)
1 1	216.46.185.182 216.46.185.182	13649 (ASN-VINS) (ASN-VINS)
1	216.46.185.184 216.46.185.184	13649 (ASN-VINS) (ASN-VINS)
1	52.208.138.90 52.208.138.90	16509 (AMAZON-02) (AMAZON-02)
1 1	3.228.133.61 3.228.133.61	14618 (AMAZON-AES) (AMAZON-AES)
2 2	34.253.137.48 34.253.137.48	16509 (AMAZON-02) (AMAZON-02)
2 3	3.122.214.165 3.122.214.165	16509 (AMAZON-02) (AMAZON-02)
1 1	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
2 2	37.252.172.38 37.252.172.38	29990 (ASN-APPNEX) (ASN-APPNEX)
1	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
1	141.226.224.32 141.226.224.32	() ()
157	44

1 5.182.209.23 (Amsterdam, Netherlands)

ASN62068 (SPECTRAIP SpectraIP B.V., NL)
PTR: server2786.web11.nl

www.hesgoal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.0.100 (United States)

ASN13335 (CLOUDFLARENET, US)

get.geojs.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.19.94 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 142.250.185.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f1.1e100.net

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
3.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
4.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 93.184.220.66 (London, United Kingdom)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 208.93.230.22 (United States)

ASN29893 (CHATANGO, US)

st.chatango.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ust.chatango.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.18.16.65 (None, )

ASN13335 (CLOUDFLARENET, US)

jsc.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 91.198.174.208 (United States)

ASN14907 (WIKIMEDIA, US)
PTR: upload-lb.esams.wikimedia.org

upload.wikimedia.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.156.202.211 (Belize)

ASN56388 (AMBER-AS ---CLIENTS---, BZ)

m.huerty.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.201.240 (France)

ASN16276 (OVH, FR)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.27.80.143 (Canada)

ASN16276 (OVH, FR)
PTR: ns558056.ip-198-27-80.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.200 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.134.80 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 167.114.209.61 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns515688.ip-167-114-209.net

e.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.17.65 (None, )

ASN13335 (CLOUDFLARENET, US)

s-img.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.87.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-81.fra2.r.cloudfront.net

get.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.98.10 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-98-10.eu-central-1.compute.amazonaws.com

pd.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.28.199 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.87.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-75.fra2.r.cloudfront.net

onetag-geo.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 208.100.17.190 (United States)

ASN32748 (STEADFAST, US)
PTR: ip190.208-100-17.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.87.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-108.fra2.r.cloudfront.net

onetag-geo-grouping.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.225.87.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-101.fra2.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.55.96.63 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

t.dtscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.215.191 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.222.80.231 (Canada) 1 redirects

ASN16276 (OVH, FR)
PTR: pikafka-4.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.13.182 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.181.226 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.100.17.183 (United States)

ASN32748 (STEADFAST, US)
PTR: ip183.208-100-17.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.225.87.63 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-63.fra2.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 52.30.140.199 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.220.51 (United States)

ASN13335 (CLOUDFLARENET, US)

a.dtssrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 141.95.34.104 (France) 4 redirects

ASN16276 (OVH, FR)
PTR: p33.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.164.13 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.242.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.92.60 (None, )

ASN13335 (CLOUDFLARENET, US)

dmp.truoptik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.198.69.109 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.214.235.66 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-235-66.eu-west-1.compute.amazonaws.com

ads.avocet.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.214.44.171 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-44-171.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.144.7.192 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.cintnetworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.211.234.106 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-234-106.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.46.185.182 (United States) 1 redirects

ASN13649 (ASN-VINS, US)

global.ib-ibi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.46.185.184 (United States)

ASN13649 (ASN-VINS, US)

ib.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.208.138.90 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-138-90.eu-west-1.compute.amazonaws.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.228.133.61 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-133-61.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.253.137.48 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-137-48.eu-west-1.compute.amazonaws.com

sync.tidaltv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.122.214.165 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-214-165.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.241 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.155.71.25 (Portsmouth, United Kingdom) 2 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.172.38 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (None, )

ASN- ()

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	blogspot.com 1.bp.blogspot.com 3.bp.blogspot.com 4.bp.blogspot.com 2.bp.blogspot.com	668 KB
22	chatango.com st.chatango.com ust.chatango.com	281 KB
17	crwdcntrl.net 2 redirects tags.crwdcntrl.net bcp.crwdcntrl.net sync.crwdcntrl.net	23 KB
15	taboola.com cdn.taboola.com trc.taboola.com images.taboola.com pips.taboola.com cds.taboola.com	175 KB
14	adskeeper.com jsc.adskeeper.com c.adskeeper.com servicer.adskeeper.com s-img.adskeeper.com cm.adskeeper.com	134 KB
9	tynt.com cdn.tynt.com ic.tynt.com de.tynt.com	6 KB
8	wikimedia.org upload.wikimedia.org	356 KB
6	twitter.com platform.twitter.com syndication.twitter.com	150 KB
5	doubleclick.net 3 redirects cm.g.doubleclick.net	1 KB
4	id5-sync.com 4 redirects id5-sync.com	6 KB
3	eyeota.net 2 redirects ps.eyeota.net	2 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	bluekai.com 1 redirects tags.bluekai.com	928 B
3	s-onetag.com get.s-onetag.com onetag-geo.s-onetag.com onetag-geo-grouping.s-onetag.com	12 KB
3	dtscout.com e.dtscout.com t.dtscout.com	10 KB
3	cloudflare.com cdnjs.cloudflare.com	7 KB
2	adnxs.com 2 redirects secure.adnxs.com	2 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net	615 B
2	sitescout.com 2 redirects pixel-sync.sitescout.com	941 B
2	tidaltv.com 2 redirects sync.tidaltv.com	686 B
2	demdex.net 2 redirects dpm.demdex.net	2 KB
2	avct.cloud 2 redirects ads.avct.cloud	896 B
2	exelator.com 1 redirects loadm.exelator.com	2 KB
2	tapad.com 2 redirects pixel.tapad.com	920 B
2	turn.com 2 redirects d.turn.com	855 B
2	zeotap.com 1 redirects spl.zeotap.com mwzeom.zeotap.com	886 B
2	histats.com s10.histats.com s4.histats.com	5 KB
2	huerty.live m.huerty.live	56 KB
1	rubiconproject.com token.rubiconproject.com	214 B
1	mathtag.com 1 redirects sync.mathtag.com	615 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com	628 B
1	ml314.com ml314.com	422 B
1	mookie1.com ib.mookie1.com	991 B
1	ib-ibi.com 1 redirects global.ib-ibi.com	511 B
1	krxd.net beacon.krxd.net	338 B
1	cintnetworks.com c.cintnetworks.com	328 B
1	avocet.io 1 redirects ads.avocet.io	204 B
1	truoptik.com dmp.truoptik.com
1	adsrvr.org match.adsrvr.org	265 B
1	dtssrv.com a.dtssrv.com	560 B
1	google-analytics.com www.google-analytics.com	20 KB
1	onaudience.com 1 redirects pixel.onaudience.com	400 B
1	dtscdn.com t.dtscdn.com	407 B
1	sharethis.com pd.sharethis.com	88 B
1	adskeeper.co.uk cdn.adskeeper.co.uk	2 KB
1	geojs.io get.geojs.io	1011 B
1	hesgoal.com www.hesgoal.com	13 KB
0	jquery.com Failed code.jquery.com Failed
157	48

	Domain	Requested by
16	ust.chatango.com	st.chatango.com
9	sync.crwdcntrl.net	1 redirects bcp.crwdcntrl.net
9	1.bp.blogspot.com	www.hesgoal.com
8	3.bp.blogspot.com	www.hesgoal.com
8	upload.wikimedia.org	www.hesgoal.com
7	cdn.taboola.com	st.chatango.com cdn.taboola.com
7	ic.tynt.com	www.hesgoal.com
7	4.bp.blogspot.com	www.hesgoal.com
6	st.chatango.com	www.hesgoal.com st.chatango.com
5	bcp.crwdcntrl.net	1 redirects tags.crwdcntrl.net bcp.crwdcntrl.net
5	cm.g.doubleclick.net	3 redirects bcp.crwdcntrl.net
5	c.adskeeper.com	jsc.adskeeper.com www.hesgoal.com
5	2.bp.blogspot.com	www.hesgoal.com
4	trc.taboola.com	bcp.crwdcntrl.net cdn.taboola.com
4	id5-sync.com	4 redirects
4	s-img.adskeeper.com	www.hesgoal.com
4	platform.twitter.com	www.hesgoal.com platform.twitter.com
3	ps.eyeota.net	2 redirects bcp.crwdcntrl.net
3	sb.scorecardresearch.com	1 redirects cdn.taboola.com st.chatango.com
3	tags.bluekai.com	1 redirects www.hesgoal.com bcp.crwdcntrl.net
3	tags.crwdcntrl.net	e.dtscout.com tags.crwdcntrl.net
3	cdnjs.cloudflare.com	www.hesgoal.com cdnjs.cloudflare.com
2	images.taboola.com
2	secure.adnxs.com	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	pixel-sync.sitescout.com	2 redirects
2	sync.tidaltv.com	2 redirects
2	dpm.demdex.net	2 redirects
2	ads.avct.cloud	2 redirects
2	loadm.exelator.com	1 redirects bcp.crwdcntrl.net
2	pixel.tapad.com	2 redirects
2	d.turn.com	2 redirects
2	cm.adskeeper.com	jsc.adskeeper.com
2	t.dtscout.com	e.dtscout.com
2	syndication.twitter.com	platform.twitter.com www.hesgoal.com
2	m.huerty.live	www.hesgoal.com
2	jsc.adskeeper.com	www.hesgoal.com jsc.adskeeper.com
1	cds.taboola.com	cdn.taboola.com
1	pips.taboola.com	cdn.taboola.com
1	token.rubiconproject.com	bcp.crwdcntrl.net
1	sync.mathtag.com	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	ml314.com	bcp.crwdcntrl.net
1	ib.mookie1.com	bcp.crwdcntrl.net
1	global.ib-ibi.com	1 redirects
1	beacon.krxd.net	bcp.crwdcntrl.net
1	c.cintnetworks.com	bcp.crwdcntrl.net
1	ads.avocet.io	1 redirects
1	dmp.truoptik.com	bcp.crwdcntrl.net
1	match.adsrvr.org	bcp.crwdcntrl.net
1	a.dtssrv.com	e.dtscout.com
1	www.google-analytics.com	st.chatango.com
1	de.tynt.com	cdn.tynt.com
1	mwzeom.zeotap.com	www.hesgoal.com
1	spl.zeotap.com	1 redirects
1	pixel.onaudience.com	1 redirects
1	t.dtscdn.com	e.dtscout.com
1	onetag-geo-grouping.s-onetag.com	get.s-onetag.com
1	onetag-geo.s-onetag.com	get.s-onetag.com
1	cdn.tynt.com	e.dtscout.com
1	pd.sharethis.com	e.dtscout.com
1	get.s-onetag.com	e.dtscout.com
1	servicer.adskeeper.com	jsc.adskeeper.com
1	e.dtscout.com	s4.histats.com
1	cdn.adskeeper.co.uk	www.hesgoal.com
1	s4.histats.com	s10.histats.com
1	s10.histats.com	www.hesgoal.com
1	get.geojs.io	www.hesgoal.com
1	www.hesgoal.com	www.hesgoal.com
0	code.jquery.com Failed	www.hesgoal.com
157	70

This site contains links to these domains. Also see Links.

Domain
silktide.com
twitter.com
widgets.adskeeper.com
www.adskeeper.com

Subject Issuer	Validity	Valid
localhost localhost	`2020-11-16` - `2048-04-02`	27 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
*.chatango.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-07` - `2022-07-06`	2 years	crt.sh
*.wikipedia.org DigiCert SHA2 High Assurance Server CA	`2020-11-09` - `2021-11-16`	a year	crt.sh
huerty.live R3	`2021-09-21` - `2021-12-20`	3 months	crt.sh
histats.com R3	`2021-08-02` - `2021-10-31`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.dtscout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2020-11-03` - `2021-11-03`	a year	crt.sh
*.s-onetag.com Amazon	`2021-02-03` - `2022-03-04`	a year	crt.sh
sharethis.com Amazon	`2021-09-01` - `2022-09-30`	a year	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-23` - `2022-09-30`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
t.dtscdn.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2020-11-03` - `2021-11-15`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-26`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.truoptik.com Go Daddy Secure Certificate Authority - G2	`2020-10-19` - `2021-11-20`	a year	crt.sh
*.exelator.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-02` - `2022-06-07`	a year	crt.sh
*.cintnetworks.com DigiCert SHA2 Secure Server CA	`2020-09-21` - `2021-10-23`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-01-13` - `2022-01-07`	a year	crt.sh
ib.mookie1.com DigiCert SHA2 High Assurance Server CA	`2019-10-07` - `2021-11-12`	2 years	crt.sh
*.ml314.com Amazon	`2021-01-17` - `2022-02-14`	a year	crt.sh
*.eyeota.net R3	`2021-08-27` - `2021-11-25`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://www.hesgoal.com/
Frame ID: 7B11E8B9D89500A737DA67757BC7CC3B
Requests: 88 HTTP requests in this frame

Frame: https://m.huerty.live/
Frame ID: 5CBF8C79E88224DCDB0CD865CE180CBC
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fwww.hesgoal.com
Frame ID: 62F2EDEA9C8C43F9D0F30B520764EA04
Requests: 2 HTTP requests in this frame

Frame: https://m.huerty.live/
Frame ID: 79115958631F31E8DC8E8B46748DEF87
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.f88235f49a156f8b4cab34c7bc1a0acc.en.html
Frame ID: 5E21F6EE2B5DF1C55FE80C57EC215647
Requests: 2 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=6D001632939402D0DE01155F7B2FCA6B
Frame ID: 719074236C37A5F1B82DBACF5FE19267
Requests: 1 HTTP requests in this frame

Frame: https://cm.adskeeper.com/i-noref.js?cbuster=1632939402696771501076
Frame ID: 9228CD14D644911AD7E97B177C191A90
Requests: 1 HTTP requests in this frame

Frame: https://st.chatango.com/h5/gz/r0817211056/id.html
Frame ID: E7CEEABCF7286DA3C1821F74BAF1AE3F
Requests: 37 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Frame ID: A36BC750E3B9CE3D4E4C825C32CEE4C7
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C54%2C50%2C49%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Frame ID: 139F691DA4218DEBD8986D1F9CCED723
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

HesGoal.Com Sports News

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

157
Requests

97 %
HTTPS

0 %
IPv6

48
Domains

70
Subdomains

44
IPs

9
Countries

1923 kB
Transfer

3554 kB
Size

70
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: http://silktide.com/cookieconsent
Title: Cookie Consent plugin for the EU cookie law

Search URL Search Domain Scan URL

URL: https://twitter.com/hesgoalme
Title: Twitter

Search URL Search Domain Scan URL

URL: https://widgets.adskeeper.com/?utm_source=widget_adskeeper&utm_medium=text&utm_campaign=add&utm_content=994688

Search URL Search Domain Scan URL

URL: https://www.adskeeper.com/ghits/8193502/i/57330416/2/pp/1/1?h=o6TJbXlb0rW4BK4xgEYYMeOQB9-TiaeqjwVQJznLr_pcpmTSoGvdzG8vpUB746v4&rid=65d39f6d-2151-11ec-9658-d0946675f626&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=1

Search URL Search Domain Scan URL

URL: https://www.adskeeper.com/ghits/8164884/i/57330416/2/pp/2/1?h=o6TJbXlb0rW4BK4xgEYYMaRw76mHjAF_AsTDqgR87EmC9eIi23Vzc8eVLogz3w0y&rid=65d39f6d-2151-11ec-9658-d0946675f626&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=1

Search URL Search Domain Scan URL

URL: https://www.adskeeper.com/ghits/8164865/i/57330416/2/pp/3/1?h=o6TJbXlb0rW4BK4xgEYYMcGDAPwy_8Vpuuziswk25wL-6TdPfmS4NzXpnOlkt7xK&rid=65d39f6d-2151-11ec-9658-d0946675f626&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=1

Search URL Search Domain Scan URL

URL: https://www.adskeeper.com/ghits/8164883/i/57330416/2/pp/4/1?h=o6TJbXlb0rW4BK4xgEYYMfAapqLRAfeFAmE3N--PNGLlVRwnIkmYmUjaloFqsV-G&rid=65d39f6d-2151-11ec-9658-d0946675f626&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=1

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 79

https://pixel.onaudience.com/?partner=137085098&mapped=6D001632939402D0DE01155F7B2FCA6B HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=25bc434ffda60366 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=edad4164-976c-4c64-5a9c-6d0b98402f13&reqId=f4a68b40-c750-461a-69ea-864cbeb07f62&zcluid=25bc434ffda60366&zdid=1332 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=edad4164-976c-4c64-5a9c-6d0b98402f13&reqId=f4a68b40-c750-461a-69ea-864cbeb07f62&zcluid=25bc434ffda60366&zdid=1332&google_tc= HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=&google_cver=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=edad4164-976c-4c64-5a9c-6d0b98402f13&reqId=f4a68b40-c750-461a-69ea-864cbeb07f62&zcluid=25bc434ffda60366&zdid=1332&google_error=15

Request Chain 91

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1632939403498&ns_c=windows-1252&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fst.chatango.com%2Fh5%2Fgz%2Fr0817211056%2Fid.html&c9=https%3A%2F%2Fwww.hesgoal.com%2F HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1632939403498&ns_c=windows-1252&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fst.chatango.com%2Fh5%2Fgz%2Fr0817211056%2Fid.html&c9=https%3A%2F%2Fwww.hesgoal.com%2F

Request Chain 103

https://id5-sync.com/s/19/9.gif?puid=d397f98759b469b5ac68e9b79e5ac48&gdpr=1 HTTP 302
https://id5-sync.com/c/19/19/9/1.gif?puid=d397f98759b469b5ac68e9b79e5ac48&gdpr=1&gdpr_consent= HTTP 302
https://bcp.crwdcntrl.net/map/c=1882/tp=BKAI/gdpr=1/gdpr_consent=?https://tags.bluekai.com/site/5907?limit=0&id=${masked_profileid}&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F321%2F8%2F2.gif%3Fpuid%3D%24_BK_UUID%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://tags.bluekai.com/site/5907?limit=0&id=5af92ea1d32a61379fcaa97c07337278&redir=https://id5-sync.com/c/19/321/8/2.gif?puid=$_BK_UUID&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/19/321/8/2.gif?puid=$_BK_UUID HTTP 302
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODM4ODY2Ni90LzI/dpuid/ID5-ZHMO1MmJghyEihheHDKFT16e-5DLWoBP8cCIc8lHqA/url/https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F224%2F7%2F3.gif%3Fpuid%3D%24%21%7BTURN_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/19/224/7/3.gif?puid=3959275450501156904&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/c=2831/tp=GDMP?https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&google_redir={xENCODEDURL}&id5id=ID5-ZHMO1MmJghyEihheHDKFT16e-5DLWoBP8cCIc8lHqA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=ZDM5N2Y5ODc1OWI0NjliNWFjNjhlOWI3OWU1YWM0OA&google_redir={xENCODEDURL}&id5id=ID5-ZHMO1MmJghyEihheHDKFT16e-5DLWoBP8cCIc8lHqA

Request Chain 106

https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=d397f98759b469b5ac68e9b79e5ac48&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=d397f98759b469b5ac68e9b79e5ac48&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=0fae4663-9701-4758-be3b-7a70469e530c

Request Chain 108

https://loadm.exelator.com/load/?p=204&g=260&buid=d397f98759b469b5ac68e9b79e5ac48&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=260&buid=d397f98759b469b5ac68e9b79e5ac48&j=0&xl8blockcheck=1

Request Chain 109

https://ads.avocet.io/getuid?url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10492%2Ftp%3DAVCT%2Ftpid%3D%7B%7BUUID%7D%7D HTTP 301
https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10492%2Ftp%3DAVCT%2Ftpid%3D%7B%7BUUID%7D%7D HTTP 307
https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10492%2Ftp%3DAVCT%2Ftpid%3D%7B%7BUUID%7D%7D HTTP 302
https://sync.crwdcntrl.net/map/c=10492/tp=AVCT/tpid=26063f5f-5840-4fd1-8dce-134c9657d121

Request Chain 110

https://dpm.demdex.net/ibs:dpid=121998&dpuuid=d397f98759b469b5ac68e9b79e5ac48&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=d397f98759b469b5ac68e9b79e5ac48&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D HTTP 302
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=69554753551921484420374101805203095274

Request Chain 113

https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=d397f98759b469b5ac68e9b79e5ac48 HTTP 302
https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=d397f98759b469b5ac68e9b79e5ac48

Request Chain 115

https://sync.srv.stackadapt.com/sync?nid=lotame HTTP 302
https://bcp.crwdcntrl.net/map/c=6569/tp=STKA/tpid=0-e63043a3-5fc2-4c94-7fcc-5025cdf7351a$ip$216.131.114.18

Request Chain 116

https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1695 HTTP 302
https://sync.tidaltv.com/genericusersync.ashx?dpid=1695&s_h=1 HTTP 302
https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=9be4ef42-102e-490b-b89c-c8edd8146faf?gdpr=1&gdpr_consent=

Request Chain 117

https://ps.eyeota.net/match?bid=51mdg9u&uid=d397f98759b469b5ac68e9b79e5ac48 HTTP 302
https://ps.eyeota.net/match/bounce/?bid=51mdg9u&uid=d397f98759b469b5ac68e9b79e5ac48 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MlFxaWhwSjZJNWtpdEFPZVRtWS1EODNObjJNR2pWVDlZNzJPSjc2d3ByMHc&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=51mdg9u& HTTP 302
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=51mdg9u&google_error=15

Request Chain 118

https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D HTTP 302
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=bdca6154-ad8c-4f00-bfe0-dbb257c72a08

Request Chain 119

https://pixel-sync.sitescout.com/connectors/lotame/usersync?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID HTTP 302
https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID HTTP 302
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=1f2dc50e-bb1b-4802-99f7-dc59d80cbfd7-6154ad8c-5553

Request Chain 121

https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D&_test=YVStjAAFUzV3CAA6 HTTP 302
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YVStjAAFUzV3CAA6&_test=YVStjAAFUzV3CAA6

Request Chain 124

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/d397f98759b469b5ac68e9b79e5ac48/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D HTTP 302
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=3887217856463228968

Request Chain 125

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc=281%2Frand=39441056%2Ftpid%3D%24UID%2Ftp%3DANXS HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%3D281%252Frand%3D39441056%252Ftpid%253D%2524UID%252Ftp%253DANXS HTTP 302
https://sync.crwdcntrl.net/map/c=281/rand=39441056/tpid=3867230706839292309/tp=ANXS

157 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.hesgoal.com/ 54 KB
13 KB 65ms
24ms Document
text/html 5.182.209.23
SPECTRAIP Spectra...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hesgoal.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.182.209.23 Amsterdam, Netherlands, ASN62068 (SPECTRAIP SpectraIP B.V., NL),
Reverse DNS: server2786.web11.nl
Software: Apache/2 / PHP/5.6.40
Resource Hash: d008867b9024617b5233a0aab38ec158a60400b60afcfbb1a2d793557f955296

Request headers

:method: GET
:authority: www.hesgoal.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 29 Sep 2021 18:16:41 GMT
server: Apache/2
x-powered-by: PHP/5.6.40
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: PHPSESSID=pct2m1gjmtqnl0q0n73hfu34a1; path=/
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 12756
content-type: text/html; charset=UTF-8

GET
H2 200 geo.js Show response
get.geojs.io/v1/ip/ 342 B
1011 B 114ms
55ms Script
application/javascript 104.26.0.100
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://get.geojs.io/v1/ip/geo.js

Requested by

Host: www.hesgoal.com
URL: https://www.hesgoal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.0.100 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5a4397698a3fa51e1dded6959e1b16e6bc1e89b28c949f3f0313ace1a3b5a97

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 18:16:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-request-id: 1dcf79f423834c4256dcb9277df3056e-AMS
x-geojs-location: AMS
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yIrqQYOQ2B2jIC31c4x547s9f6g1WPuhw4WlVXHYpI9SPB1TEMOT4zBCo1%2B4bSCQWUsjkKNvl8XH1iwuOdqKgLENM53ZRo72u%2FA6g%2BcTtdrSUb2PZMs3hbmwottM8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: no-store, no-cache, must-revalidate, private, max-age=0
cf-ray: 6967343e4d772788-PRG

GET
H2 200 cookieconsent.min.js Show response
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/ 4 KB
2 KB 35ms
14ms Script
application/javascript 104.16.19.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/cookieconsent.min.js

Requested by

Host: www.hesgoal.com
URL: https://www.hesgoal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

190fc02d8e8f1dd5acc40f48d0d6203e6115eb31e3f47f55db0c3f07797d68f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 18:16:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1439658
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1618
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-11d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3536tBLmw8tRCQdxPwI%2BxzBcDiONKXUvBBSmh33LPPG8BKsT652TkVZA02DXSSBFoPBItn0XioKKFjpJM33HE6oQCOfhc41r1EthGrEIMg6g%2FRl4jIYBfTbI8%2FzbdR2dhMRpjGDr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6967343e0fe15b7a-FRA
expires: Mon, 19 Sep 2022 18:16:41 GMT

GET
H2 200 HOME_m.jpg
1.bp.blogspot.com/-edGffEd258I/YJ-zGOCY-yI/AAAAAAAABgQ/i4RwrvaavtwL2JAd93kbOTIX3yTPBma3wCLcBGAsYHQ/s0/ 2 KB
3 KB 32ms
7ms Image
image/jpeg 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-edGffEd258I/YJ-zGOCY-yI/AAAAAAAABgQ/i4RwrvaavtwL2JAd93kbOTIX3yTPBma3wCLcBGAsYHQ/s0/HOME_m.jpg

Requested by

Host: www.hesgoal.com
URL: https://www.hesgoal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

fife /

Resource Hash

a8558243788f0dc91ae04cfbfcb192804bb5c08a247e6707053944046c0936c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 16:50:07 GMT
x-content-type-options: nosniff
age: 5194
content-disposition: inline;filename="HOME_m.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2350
x-xss-protection: 0
server: fife
etag: "v60a"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 18 Sep 2021 12:20:08 GMT

GET
H2 200 BALL_m.jpg
1.bp.blogspot.com/-jqLVfmI_j3E/YJ-zF_yj9tI/AAAAAAAABgI/DVz_DVq_DewdWi3JmAw_0WHo_pNztym8gCLcBGAsYHQ/s0/ 2 KB
2 KB 33ms
9ms Image
image/jpeg 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-jqLVfmI_j3E/YJ-zF_yj9tI/AAAAAAAABgI/DVz_DVq_DewdWi3JmAw_0WHo_pNztym8gCLcBGAsYHQ/s0/BALL_m.jpg

Requested by

Host: www.hesgoal.com
URL: https://www.hesgoal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

fife /

Resource Hash

1f1cbc94de77db002ad23121c7baf05a826b7233c7432753a1fc696d5782d2d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 15:16:12 GMT
x-content-type-options: nosniff
age: 10829
content-disposition: inline;filename="BALL_m.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2122
x-xss-protection: 0
server: fife
etag: "v608"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 06 Sep 2021 17:35:38 GMT

GET
H2 200 RACEFLAG2.jpg
1.bp.blogspot.com/-8_Bz70I9EHs/YJ-zGF7_G7I/AAAAAAAABgM/ULWODzthBC0grofs-lD4df2OPcBexRIYgCLcBGAsYHQ/s0/ 5 KB
5 KB 32ms
8ms Image
image/jpeg 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-8_Bz70I9EHs/YJ-zGF7_G7I/AAAAAAAABgM/ULWODzthBC0grofs-lD4df2OPcBexRIYgCLcBGAsYHQ/s0/RACEFLAG2.jpg

Requested by

Host: www.hesgoal.com
URL: https://www.hesgoal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

fife /

Resource Hash

3e2c9ee8c65fe5cba61424da8a143be0e4c50d80d2758a1464e1cc9255df97b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 14:58:05 GMT
x-content-type-options: nosniff
age: 11916
content-disposition: inline;filename="RACEFLAG2.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5356
x-xss-protection: 0
server: fife
etag: "v60a"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 16 Sep 2021 22:12:24 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 30ms
6ms Script
application/javascript 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67C1) /
Resource Hash: 8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 29 Sep 2021 18:16:41 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 98
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Content-Length: 28872
x-tw-cdn: VZ
Last-Modified: Mon, 02 Aug 2021 20:34:57 GMT
Server: ECS (frb/67C1)
Etag: "d405b816322f9770c70cbd10cfa87be4+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H/1.1 200
OK emb.js Show response
st.chatango.com/js/gz/ 68 KB
24 KB 1301ms
324ms Script
application/x-javascript 208.93.230.22
CHATANGO

General

Check archive.org

Show headers Download Go to

Full URL: https://st.chatango.com/js/gz/emb.js
Requested by: Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.93.230.22 , United States, ASN29893 (CHATANGO, US),
Reverse DNS
Software: nginx /
Resource Hash: 29837203efe096a89bbaf504ee7ba517fbde6567fd80cc90a257e42886d7d54f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 29 Sep 2021 18:16:42 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 Aug 2021 18:00:48 GMT
Server: nginx
Content-Type: application/x-javascript
Cache-Control: max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 23775
Expires: Wed, 29 Sep 2021 18:16:42 GMT

GET
H2 200 hesgoal.com.994688.js Show response
jsc.adskeeper.com/h/e/ 2 KB
1 KB 50ms
15ms Script
text/javascript 104.18.16.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.com/h/e/hesgoal.com.994688.js
Requested by: Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.16.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ebfe7bf8564d707f3ce257dfa899381e29627e5e2a941b606546cf1e3787c10

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 18:16:41 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4989
cf-ray: 6967343e2b2f4eaa-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 740
x-amz-id-2: DvyQ9ItscSG4CCqERzKchs/ZDc//F/YHcy/j5GevRQsMPw1jQwS2RAx2SNwJAozDhSw0kacZutQ=
last-modified: Wed, 08 Sep 2021 05:45:35 GMT
server: cloudflare
etag: "2f5fc0217833fcc27fc63319b5cf9f5e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 47A7TDJWT3P2ZCKA
cache-control: public, max-age=14400
accept-ranges: bytes
content-type: text/javascript
expires: Wed, 29 Sep 2021 22:16:41 GMT

GET
H2 200 UEFA_Champions_League_Logo_2021.png
upload.wikimedia.org/wikipedia/fr/9/9b/ 28 KB
30 KB 57ms
24ms Image
image/png 91.198.174.208
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/fr/9/9b/UEFA_Champions_League_Logo_2021.png

Requested by

Host: www.hesgoal.com
URL: https://www.hesgoal.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.198.174.208 , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

upload-lb.esams.wikimedia.org

Software

ATS/8.0.8 /

Resource Hash

dbd7750c69d1dda28b5a18ac3d2b66324ef8e35ed8150f79d5b617afaa64cdb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 06:35:48 GMT
x-content-security-policy-report-only: default-src 'none'; style-src 'unsafe-inline' data:; font-src data:; img-src data: https://upload.wikimedia.org/favicon.ico; media-src data:; sandbox; report-uri https://commons.wikimedia.org/w/api.php?reportonly=1&source=image&action=cspreport&format=json&
nel: { "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age: 42053
x-cache-status: hit-front
content-security-policy-report-only: default-src 'none'; style-src 'unsafe-inline' data:; font-src data:; img-src data: https://upload.wikimedia.org/favicon.ico; media-src data:; sandbox; report-uri https://commons.wikimedia.org/w/api.php?reportonly=1&source=image&action=cspreport&format=json&
x-cache: cp3061 hit, cp3057 hit/16167
server-timing: cache;desc="hit-front", host;desc="cp3057"
content-length: 29108
x-client-ip: 216.131.114.18
x-object-meta-sha1base36: o9hrxe4z9vyina5zcd3t7uki2a0lm5t
last-modified: Wed, 19 May 2021 10:08:53 GMT
server: ATS/8.0.8
etag: 415d0ab5edfa2e246662431727e2d811
x-webkit-csp-report-only: default-src 'none'; style-src 'unsafe-inline' data:; font-src data:; img-src data: https://upload.wikimedia.org/favicon.ico; media-src data:; sandbox; report-uri https://commons.wikimedia.org/w/api.php?reportonly=1&source=image&action=cspreport&format=json&
strict-transport-security: max-age=106384710; includeSubDomains; preload
report-to: { "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type: image/png
access-control-allow-origin: *
x-timestamp: 1621418932.46040
permissions-policy: interest-cohort=()
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache

GET
H2 200 20170618020317%21UAE_Arabian_Gulf_League_Logo.png
upload.wikimedia.org/wikipedia/ar/archive/8/8c/ 25 KB
25 KB 60ms
28ms Image
image/png 91.198.174.208
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/ar/archive/8/8c/20170618020317%21UAE_Arabian_Gulf_League_Logo.png

Requested by

Host: www.hesgoal.com
URL: https://www.hesgoal.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.198.174.208 , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

upload-lb.esams.wikimedia.org

Software

ATS/8.0.8 /

Resource Hash

c7ad40b7c0215a36e2adbecc2c9813b1eeae285a314724a5b540efe0f785cf54

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 10:59:40 GMT
nel: { "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age: 26221
x-cache-status: hit-front
x-cache: cp3063 hit, cp3057 hit/16861
server-timing: cache;desc="hit-front", host;desc="cp3057"
content-length: 25348
x-client-ip: 216.131.114.18
x-object-meta-sha1base36: la1ndpwdh5ovmam3mpqn2bt2lesbhlj
last-modified: Sun, 18 Jun 2017 02:03:19 GMT
server: ATS/8.0.8
etag: 18ebb4b0a2a246bcd6e16d6934997038
strict-transport-security: max-age=106384710; includeSubDomains; preload
report-to: { "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type: image/png
access-control-allow-origin: *
x-timestamp: 1497751398.55202
permissions-policy: interest-cohort=()
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache

GET
H2 200 1200px-Superettan_logo.svg.png
upload.wikimedia.org/wikipedia/en/thumb/b/bc/Superettan_logo.svg/ 164 KB
164 KB 65ms
32ms Image
image/webp 91.198.174.208
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/en/thumb/b/bc/Superettan_logo.svg/1200px-Superettan_logo.svg.png

Requested by

Host: www.hesgoal.com
URL: https://www.hesgoal.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.198.174.208 , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

upload-lb.esams.wikimedia.org

Software

ATS/8.0.8 /

Resource Hash

d9d29be0489fcf2b400b25f7a16ba7bae84b4a3ce7c2ccf6a31cce4f5e64235c

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 16:05:03 GMT
nel: { "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age: 7898
x-cache-status: hit-front
x-cache: cp3065 hit, cp3057 hit/12193
content-disposition: inline;filename*=UTF-8''Superettan_logo.svg.webp
server-timing: cache;desc="hit-front", host;desc="cp3057"
content-length: 167886
x-client-ip: 216.131.114.18
last-modified: Thu, 16 Sep 2021 16:24:31 GMT
server: ATS/8.0.8
etag: b35f3a857fbdc2b7642637811af66032
strict-transport-security: max-age=106384710; includeSubDomains; preload
report-to: { "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type: image/webp
access-control-allow-origin: *
x-timestamp: 1631809470.57702
permissions-policy: interest-cohort=()
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache

GET
H2 200 1200px-Eliteserien_logo.svg.png
upload.wikimedia.org/wikipedia/en/thumb/5/50/Eliteserien_logo.svg/ 34 KB
34 KB 34ms
32ms Image
image/webp 91.198.174.208
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/en/thumb/5/50/Eliteserien_logo.svg/1200px-Eliteserien_logo.svg.png

Requested by

Host: www.hesgoal.com
URL: https://www.hesgoal.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.198.174.208 , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

upload-lb.esams.wikimedia.org

Software

ATS/8.0.8 /

Resource Hash

9c5681c33c41690b895e5bb0b7d7e748fa3252852f94c1112ff03b837f3ee36f

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 16:05:13 GMT
nel: { "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age: 7888
x-cache-status: hit-front
x-cache: cp3053 hit, cp3057 hit/10597
server-timing: cache;desc="hit-front", host;desc="cp3057"
content-length: 34910
x-client-ip: 216.131.114.18
last-modified: Sat, 07 Dec 2019 16:20:02 GMT
server: ATS/8.0.8
etag: 612f95a5697ee07704b30ef233d71580
strict-transport-security: max-age=106384710; includeSubDomains; preload
report-to: { "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type: image/webp
access-control-allow-origin: *
x-timestamp: 1575735601.86089
permissions-policy: interest-cohort=()
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache

GET
H2 200 1200px-Scottish_Championship.svg.png
upload.wikimedia.org/wikipedia/en/thumb/1/17/Scottish_Championship.svg/ 32 KB
32 KB 66ms
64ms Image
image/webp 91.198.174.208
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/en/thumb/1/17/Scottish_Championship.svg/1200px-Scottish_Championship.svg.png

Requested by

Host: www.hesgoal.com
URL: https://www.hesgoal.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.198.174.208 , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

upload-lb.esams.wikimedia.org

Software

ATS/8.0.8 /

Resource Hash

c48220cc9ef4604a3d8f7484a5c7c35a55d06f34f898f52de85d64fff9f8282c

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 05:04:23 GMT
nel: { "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age: 47538
x-cache-status: hit-front
x-cache: cp3055 hit, cp3057 hit/2300
server-timing: cache;desc="hit-front", host;desc="cp3057"
content-length: 32304
x-client-ip: 216.131.114.18
last-modified: Fri, 20 Nov 2020 19:22:42 GMT
server: ATS/8.0.8
etag: 0c7b45b940bc082c9324e9b1118b7681
strict-transport-security: max-age=106384710; includeSubDomains; preload
report-to: { "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type: image/webp
access-control-allow-origin: *
x-timestamp: 1605900161.92259
permissions-policy: interest-cohort=()
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache

GET
H2 200 250px-Turkishsupercup.jpg
upload.wikimedia.org/wikipedia/en/thumb/1/1a/Turkishsupercup.jpg/ 7 KB
7 KB 41ms
39ms Image
image/webp 91.198.174.208
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/en/thumb/1/1a/Turkishsupercup.jpg/250px-Turkishsupercup.jpg

Requested by

Host: www.hesgoal.com
URL: https://www.hesgoal.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.198.174.208 , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

upload-lb.esams.wikimedia.org

Software

ATS/8.0.8 /

Resource Hash

f2d6214b8f28883772525a47935d20435da481d26e99abbcddfe3766f49601a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 10:02:12 GMT
nel: { "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age: 29669
x-cache-status: hit-front
x-cache: cp3061 hit, cp3057 hit/14624
server-timing: cache;desc="hit-front", host;desc="cp3057"
content-length: 7428
x-client-ip: 216.131.114.18
last-modified: Wed, 07 Aug 2019 17:30:06 GMT
server: ATS/8.0.8
etag: 1f158642a786a9824d9c26f505b555af
strict-transport-security: max-age=106384710; includeSubDomains; preload
report-to: { "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type: image/webp
access-control-allow-origin: *
x-timestamp: 1565199005.36028
permissions-policy: interest-cohort=()
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache

GET
H2 200 1280px-WTA_logo_2010.svg.png
upload.wikimedia.org/wikipedia/commons/thumb/b/bf/WTA_logo_2010.svg/ 33 KB
33 KB 55ms
54ms Image
image/webp 91.198.174.208
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/commons/thumb/b/bf/WTA_logo_2010.svg/1280px-WTA_logo_2010.svg.png

Requested by

Host: www.hesgoal.com
URL: https://www.hesgoal.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.198.174.208 , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

upload-lb.esams.wikimedia.org

Software

ATS/8.0.8 /

Resource Hash

03504b510d0a289c3cf9aa389bf60edb1b19785eed0f8d41dbd19355c55ad6f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 11:30:28 GMT
nel: { "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age: 24373
x-cache-status: hit-front
x-cache: cp3063 hit, cp3057 hit/9685
server-timing: cache;desc="hit-front", host;desc="cp3057"
content-length: 33358
x-client-ip: 216.131.114.18
last-modified: Thu, 07 Jan 2021 09:51:19 GMT
server: ATS/8.0.8
etag: 374a9bab5b102003384594b6d0ef9dab
strict-transport-security: max-age=106384710; includeSubDomains; preload
report-to: { "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type: image/webp
access-control-allow-origin: *
x-timestamp: 1610013078.89806
permissions-policy: interest-cohort=()
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache

GET
H2 200 langfr-800px-Nitto_ATP_Finals_Logo.svg.png
upload.wikimedia.org/wikipedia/fr/thumb/3/33/Nitto_ATP_Finals_Logo.svg/ 31 KB
31 KB 63ms
62ms Image
image/webp 91.198.174.208
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/fr/thumb/3/33/Nitto_ATP_Finals_Logo.svg/langfr-800px-Nitto_ATP_Finals_Logo.svg.png

Requested by

Host: www.hesgoal.com
URL: https://www.hesgoal.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.198.174.208 , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

upload-lb.esams.wikimedia.org

Software

ATS/8.0.8 /

Resource Hash

3dd384ba5379d14c2803ff711a3f4869d29ef29566cdd5141c41f9e4dbd509ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 05:15:44 GMT
x-content-security-policy-report-only: default-src 'none'; style-src 'unsafe-inline' data:; font-src data:; img-src data: https://upload.wikimedia.org/favicon.ico; media-src data:; sandbox; report-uri https://commons.wikimedia.org/w/api.php?reportonly=1&source=image&action=cspreport&format=json&
nel: { "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age: 46857
x-cache-status: hit-front
content-security-policy-report-only: default-src 'none'; style-src 'unsafe-inline' data:; font-src data:; img-src data: https://upload.wikimedia.org/favicon.ico; media-src data:; sandbox; report-uri https://commons.wikimedia.org/w/api.php?reportonly=1&source=image&action=cspreport&format=json&
x-cache: cp3061 hit, cp3057 hit/18552
content-disposition: inline;filename*=UTF-8''Nitto_ATP_Finals_Logo.svg.webp
server-timing: cache;desc="hit-front", host;desc="cp3057"
content-length: 31400
x-client-ip: 216.131.114.18
last-modified: Tue, 21 Sep 2021 09:28:42 GMT
server: ATS/8.0.8
etag: 01165c6aa7ddd39b11dbec96b84e8b5c
x-webkit-csp-report-only: default-src 'none'; style-src 'unsafe-inline' data:; font-src data:; img-src data: https://upload.wikimedia.org/favicon.ico; media-src data:; sandbox; report-uri https://commons.wikimedia.org/w/api.php?reportonly=1&source=image&action=cspreport&format=json&
strict-transport-security: max-age=106384710; includeSubDomains; preload
report-to: { "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type: image/webp
access-control-allow-origin: *
x-timestamp: 1632216521.32123
permissions-policy: interest-cohort=()
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache

GET
H2 200 J%25C3%25A9r%25C3%25A9my-Mathieu-au-FC-Barcelone%2B%2528320%2Bx%2B180%2529.jpg
3.bp.blogspot.com/-dIvRPhEjBVk/Vh0xh4poWxI/AAAAAAAAAkQ/pQ4LwjACdms/s1600/ 13 KB
13 KB 9ms
8ms Image
image/jpeg 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-dIvRPhEjBVk/Vh0xh4poWxI/AAAAAAAAAkQ/pQ4LwjACdms/s1600/J%25C3%25A9r%25C3%25A9my-Mathieu-au-FC-Barcelone%2B%2528320%2Bx%2B180%2529.jpg

Requested by

Host: www.hesgoal.com
URL: https://www.hesgoal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

fife /

Resource Hash

dbc8af2a2b9ce5900394f7b3cc31975e54cbedd7e83e8a654ccaf62aaa79edb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 14:55:03 GMT
x-content-type-options: nosniff
age: 12098
content-disposition: inline;filename="J_r_my-Mathieu-au-FC-Barcelone (320 x 180).jpg";filename*=UTF-8''J%C3%A9r%C3%A9my-Mathieu-au-FC-Barcelone%20(320%20x%20180).jpg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12876
x-xss-protection: 0
server: fife
etag: "v245"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 16 Sep 2021 17:47:52 GMT

GET
H2 200 soccer-Colombia-Falcao%2B%2528465%2Bx%2B261%2529.jpg
4.bp.blogspot.com/-6PmeR4KYHCg/Vh0xu8fOe9I/AAAAAAAAAkY/ooWCQ4HPxBc/s1600/ 30 KB
30 KB 11ms
11ms Image
image/jpeg 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-6PmeR4KYHCg/Vh0xu8fOe9I/AAAAAAAAAkY/ooWCQ4HPxBc/s1600/soccer-Colombia-Falcao%2B%2528465%2Bx%2B261%2529.jpg

Requested by

Host: www.hesgoal.com
URL: https://www.hesgoal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

fife /

Resource Hash

a12e522508f84829d98353fbca78badae6da34aa5cdcb387bdffe5679de6317f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 17:22:13 GMT
x-content-type-options: nosniff
age: 3268
content-disposition: inline;filename="soccer-Colombia-Falcao (465 x 261).jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30865
x-xss-protection: 0
server: fife
etag: "v247"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 08 Sep 2021 07:02:13 GMT

GET
H2 200 Nice-vs-Monaco-team%2B%2528330%2Bx%2B160%2529.jpg
1.bp.blogspot.com/-ceC9vs4yQ30/Vh0x_sMDIuI/AAAAAAAAAkg/w5pBuY8zB4s/s1600/ 22 KB
22 KB 8ms
7ms Image
image/jpeg 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-ceC9vs4yQ30/Vh0x_sMDIuI/AAAAAAAAAkg/w5pBuY8zB4s/s1600/Nice-vs-Monaco-team%2B%2528330%2Bx%2B160%2529.jpg

Requested by

Host: www.hesgoal.com
URL: https://www.hesgoal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

fife /

Resource Hash

c61a68b4338345f13141b316e626d72cc2327b091b34c5b44b412abe45de7561

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 17:44:45 GMT
x-content-type-options: nosniff
age: 1916
content-disposition: inline;filename="Nice-vs-Monaco-team (330 x 160).jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22775
x-xss-protection: 0
server: fife
etag: "v249"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 17 Sep 2021 07:30:53 GMT

GET
H2 200 Kaboul.jpg
4.bp.blogspot.com/-Ddt-dDXho6s/Vh0yKjBXGCI/AAAAAAAAAko/HGFMszpBJ8M/s1600/ 30 KB
30 KB 10ms
9ms Image
image/jpeg 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-Ddt-dDXho6s/Vh0yKjBXGCI/AAAAAAAAAko/HGFMszpBJ8M/s1600/Kaboul.jpg

Requested by

Host: www.hesgoal.com
URL: https://www.hesgoal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

fife /

Resource Hash

d6002ac80e0b2185318aec97b4cc5a53e63eb72af9de04251817458f07a1599c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 17:22:13 GMT
x-content-type-options: nosniff
age: 3268
content-disposition: inline;filename="Kaboul.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30829
x-xss-protection: 0
server: fife
etag: "v24b"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 06 Sep 2021 18:04:31 GMT

GET
H2 200 bayyr%2B%2528305%2Bx%2B171%2529.jpg
1.bp.blogspot.com/-H27asjimQ94/Vh0yg_MPaoI/AAAAAAAAAk4/XosrwwcGfKE/s1600/ 18 KB
18 KB 14ms
13ms Image
image/jpeg 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-H27asjimQ94/Vh0yg_MPaoI/AAAAAAAAAk4/XosrwwcGfKE/s1600/bayyr%2B%2528305%2Bx%2B171%2529.jpg

Requested by

Host: www.hesgoal.com
URL: https://www.hesgoal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

fife /

Resource Hash

11e47e3f46e571aaf1ac77329cbd60847f6c8057068fb0f97bfd1ca5ef59bb79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 17:44:45 GMT
x-content-type-options: nosniff
age: 1916
content-disposition: inline;filename="bayyr (305 x 171).jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18147
x-xss-protection: 0
server: fife
etag: "v24f"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 17 Sep 2021 07:30:53 GMT

GET
H2 200 arssd.jpg
2.bp.blogspot.com/-V6RT9Vezcsg/Vh0ytsQc1oI/AAAAAAAAAlA/aoRhlMRPBnU/s1600/ 23 KB
23 KB 10ms
8ms Image
image/jpeg 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-V6RT9Vezcsg/Vh0ytsQc1oI/AAAAAAAAAlA/aoRhlMRPBnU/s1600/arssd.jpg

Requested by

Host: www.hesgoal.com
URL: https://www.hesgoal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

fife /

Resource Hash

c7ee651e00a56adb1e06aca0aab62e0aeb66cc4594592c7ac1344f81b3fea1b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 14:55:04 GMT
x-content-type-options: nosniff
age: 12097
content-disposition: inline;filename="arssd.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23133
x-xss-protection: 0
server: fife
etag: "v251"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 06 Sep 2021 18:04:31 GMT

GET
H3 200 shai%2B%2528310%2Bx%2B215%2529.jpg
3.bp.blogspot.com/-Eps1ylN-vys/Vh0zBlSyOwI/AAAAAAAAAlI/f2WCaN4SztE/s1600/ 18 KB
18 KB 8ms
7ms Image
image/jpeg 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-Eps1ylN-vys/Vh0zBlSyOwI/AAAAAAAAAlI/f2WCaN4SztE/s1600/shai%2B%2528310%2Bx%2B215%2529.jpg

Requested by

Host: www.hesgoal.com
URL: https://www.hesgoal.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

fife /

Resource Hash

b04d3cfa9b28e61adce17e6779f4b7f3dcfca34000d7b88bb85734a465c4100f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 14:55:03 GMT
x-content-type-options: nosniff
age: 12098
content-disposition: inline;filename="shai (310 x 215).jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18628
x-xss-protection: 0
server: fife
etag: "v253"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 08 Sep 2021 07:02:14 GMT

GET
H3 200 DHiOS%2B%2528426%2Bx%2B240%2529.jpg
1.bp.blogspot.com/-cgLilAUBe14/Vh0zWz7QKvI/AAAAAAAAAlY/09Q2LcdN0GE/s1600/ 30 KB
30 KB 12ms
11ms Image
image/jpeg 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-cgLilAUBe14/Vh0zWz7QKvI/AAAAAAAAAlY/09Q2LcdN0GE/s1600/DHiOS%2B%2528426%2Bx%2B240%2529.jpg

Requested by

Host: www.hesgoal.com
URL: https://www.hesgoal.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

fife /

Resource Hash

7bbd228ebb7a313c02f48fee3f8398ddaf2df196477f3e245abef62c6c0dd6a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 17:44:45 GMT
x-content-type-options: nosniff
age: 1916
content-disposition: inline;filename="DHiOS (426 x 240).jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30400
x-xss-protection: 0
server: fife
etag: "v257"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 16 Sep 2021 05:24:42 GMT

GET
H3 200 dim%2B%2528309%2Bx%2B157%2529.jpg
1.bp.blogspot.com/-RBFwLfIMCPs/Vh0zicH1cXI/AAAAAAAAAlg/wkFuVQOooEE/s1600/ 17 KB
17 KB 15ms
13ms Image
image/jpeg 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-RBFwLfIMCPs/Vh0zicH1cXI/AAAAAAAAAlg/wkFuVQOooEE/s1600/dim%2B%2528309%2Bx%2B157%2529.jpg

Requested by

Host: www.hesgoal.com
URL: https://www.hesgoal.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

fife /

Resource Hash

738819381485d1be56e646985b53c057ad49e45e310ad0fda6f22434f77402d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 17:44:45 GMT
x-content-type-options: nosniff
age: 1916
content-disposition: inline;filename="dim (309 x 157).jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17403
x-xss-protection: 0
server: fife
etag: "v259"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 16 Sep 2021 05:24:42 GMT

GET
H2 200 Marcelo-Modric_1872047c%2B%2528230%2Bx%2B143%2529.jpg
2.bp.blogspot.com/-q4xPw_Rdydw/Vh0zs--afqI/AAAAAAAAAlo/tcFnI2iJnjw/s1600/ 14 KB
15 KB 8ms
7ms Image
image/jpeg 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-q4xPw_Rdydw/Vh0zs--afqI/AAAAAAAAAlo/tcFnI2iJnjw/s1600/Marcelo-Modric_1872047c%2B%2528230%2Bx%2B143%2529.jpg

Requested by

Host: www.hesgoal.com
URL: https://www.hesgoal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

fife /

Resource Hash

d27f53bbfc004b239b92ee8d8e8493293f5790ade1237ca74a82d76bb74e44de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 14:55:04 GMT
x-content-type-options: nosniff
age: 12097
content-disposition: inline;filename="Marcelo-Modric_1872047c (230 x 143).jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14712
x-xss-protection: 0
server: fife
etag: "v25b"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 17 Sep 2021 07:26:05 GMT

GET
H3 200 Olympique-Lyonnais-Naples%2B%2528297%2Bx%2B185%2529.jpg
3.bp.blogspot.com/-EV746E9dtDo/Vh0z297Av6I/AAAAAAAAAlw/uspUTJ3uK3o/s1600/ 16 KB
16 KB 16ms
15ms Image
image/jpeg 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-EV746E9dtDo/Vh0z297Av6I/AAAAAAAAAlw/uspUTJ3uK3o/s1600/Olympique-Lyonnais-Naples%2B%2528297%2Bx%2B185%2529.jpg

Requested by

Host: www.hesgoal.com
URL: https://www.hesgoal.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

fife /

Resource Hash

2c91b0e6f34ac9ba15363622392e08daed9ae565ff18d92ceac3eb94edb0f1cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 14:55:03 GMT
x-content-type-options: nosniff
age: 12098
content-disposition: inline;filename="Olympique-Lyonnais-Naples (297 x 185).jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16641
x-xss-protection: 0
server: fife
etag: "v25d"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 06 Sep 2021 21:04:34 GMT

GET
H2 200 shic%2B%2528360%2Bx%2B270%2529.jpg
2.bp.blogspot.com/-07G0LmocPB4/Vh00NrOK-vI/AAAAAAAAAl4/rnx8r_gc9F8/s1600/ 24 KB
24 KB 8ms
7ms Image
image/jpeg 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-07G0LmocPB4/Vh00NrOK-vI/AAAAAAAAAl4/rnx8r_gc9F8/s1600/shic%2B%2528360%2Bx%2B270%2529.jpg

Requested by

Host: www.hesgoal.com
URL: https://www.hesgoal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

fife /

Resource Hash

8d876054904ddf1100888777d73a57cd36f3b51a83fbd75774bfdf7339fe2209

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 14:55:03 GMT
x-content-type-options: nosniff
age: 12098
content-disposition: inline;filename="shic (360 x 270).jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24946
x-xss-protection: 0
server: fife
etag: "v25f"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 18 Sep 2021 14:10:00 GMT

GET
H3 200 saint%2B%2528348%2Bx%2B217%2529.jpg
4.bp.blogspot.com/-qp60VT61rWc/Vh00YbvtLYI/AAAAAAAAAmA/qMSbSsXYpzI/s1600/ 26 KB
26 KB 15ms
15ms Image
image/jpeg 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-qp60VT61rWc/Vh00YbvtLYI/AAAAAAAAAmA/qMSbSsXYpzI/s1600/saint%2B%2528348%2Bx%2B217%2529.jpg

Requested by

Host: www.hesgoal.com
URL: https://www.hesgoal.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

fife /

Resource Hash

718e169411e938c6ccca40681574efaf03da136dfef6332174652485368e78bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 17:22:13 GMT
x-content-type-options: nosniff
age: 3268
content-disposition: inline;filename="saint (348 x 217).jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26355
x-xss-protection: 0
server: fife
etag: "v261"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 07 Sep 2021 09:12:00 GMT

GET
H3 200 mascheranopa_450x250%2B%2528337%2Bx%2B187%2529.jpg
2.bp.blogspot.com/-3VKlWr_OKDI/Vh00iHasFvI/AAAAAAAAAmI/gHRa6roZPkI/s1600/ 17 KB
17 KB 14ms
11ms Image
image/jpeg 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-3VKlWr_OKDI/Vh00iHasFvI/AAAAAAAAAmI/gHRa6roZPkI/s1600/mascheranopa_450x250%2B%2528337%2Bx%2B187%2529.jpg

Requested by

Host: www.hesgoal.com
URL: https://www.hesgoal.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

fife /

Resource Hash

702f1e6aca82f2b576d881b27d7f6d230aba208e4209e2edaaf4c4d2f94ded40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 14:55:03 GMT
x-content-type-options: nosniff
age: 12098
content-disposition: inline;filename="mascheranopa_450x250 (337 x 187).jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17417
x-xss-protection: 0
server: fife
etag: "v263"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 08 Sep 2021 09:20:33 GMT

GET
H3 200 marr%2B%2528235%2Bx%2B156%2529.jpg
4.bp.blogspot.com/-QfVoWLsz05M/Vh00uifNM1I/AAAAAAAAAmQ/lhjn32auqdc/s1600/ 12 KB
12 KB 15ms
12ms Image
image/jpeg 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-QfVoWLsz05M/Vh00uifNM1I/AAAAAAAAAmQ/lhjn32auqdc/s1600/marr%2B%2528235%2Bx%2B156%2529.jpg

Requested by

Host: www.hesgoal.com
URL: https://www.hesgoal.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

fife /

Resource Hash

5d1129f473527dce92086e246848c28a08b5b182042a533ae717bb8d5358a254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 17:22:13 GMT
x-content-type-options: nosniff
age: 3268
content-disposition: inline;filename="marr (235 x 156).jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12567
x-xss-protection: 0
server: fife
etag: "v265"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 06 Sep 2021 08:29:39 GMT

GET
H3 200 fernando-alonso-budapest-%2B%2528403%2Bx%2B302%2529.jpg
1.bp.blogspot.com/--kC9H4FjLcM/Vh0rPwsgKSI/AAAAAAAAAh0/aZagbphWh8w/s1600/ 22 KB
22 KB 13ms
10ms Image
image/jpeg 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/--kC9H4FjLcM/Vh0rPwsgKSI/AAAAAAAAAh0/aZagbphWh8w/s1600/fernando-alonso-budapest-%2B%2528403%2Bx%2B302%2529.jpg

Requested by

Host: www.hesgoal.com
URL: https://www.hesgoal.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

fife /

Resource Hash

11048c3be88262e2cf43c9144ea5272dde3369f954f705d4eea26aa4b33d96e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 17:44:45 GMT
x-content-type-options: nosniff
age: 1916
content-disposition: inline;filename="fernando-alonso-budapest- (403 x 302).jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22862
x-xss-protection: 0
server: fife
etag: "v21e"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 16 Sep 2021 05:24:42 GMT

GET
H3 200 Jari%252BMatti%252BLatvala%252BFIA%252BWorld%252BRally%252BChampionship%252BYqf_yBl0Wg-l%2B%2528445%2Bx%2B297%2529.jpg
1.bp.blogspot.com/-dW3KvDqGfmg/Vh0rfy8azlI/AAAAAAAAAh8/OrfkDWgPqHY/s1600/ 36 KB
36 KB 12ms
8ms Image
image/jpeg 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-dW3KvDqGfmg/Vh0rfy8azlI/AAAAAAAAAh8/OrfkDWgPqHY/s1600/Jari%252BMatti%252BLatvala%252BFIA%252BWorld%252BRally%252BChampionship%252BYqf_yBl0Wg-l%2B%2528445%2Bx%2B297%2529.jpg

Requested by

Host: www.hesgoal.com
URL: https://www.hesgoal.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

fife /

Resource Hash

6b387b1ce511eb9e24efb3cbb349a11db51da1e3828b065a4f7954893a0fc680

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 17:44:45 GMT
x-content-type-options: nosniff
age: 1916
content-disposition: inline;filename="Jari+Matti+Latvala+FIA+World+Rally+Championship+Yqf_yBl0Wg-l (445 x 297).jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37022
x-xss-protection: 0
server: fife
etag: "v220"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 18 Sep 2021 09:39:40 GMT

GET
H3 200 PHENO%2B%2528475%2Bx%2B324%2529.jpg
3.bp.blogspot.com/-zutjz__Fnuc/Vh0so6W6w4I/AAAAAAAAAiU/Z2rrpXzDeZg/s1600/ 41 KB
41 KB 21ms
18ms Image
image/jpeg 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-zutjz__Fnuc/Vh0so6W6w4I/AAAAAAAAAiU/Z2rrpXzDeZg/s1600/PHENO%2B%2528475%2Bx%2B324%2529.jpg

Requested by

Host: www.hesgoal.com
URL: https://www.hesgoal.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

fife /

Resource Hash

a73a2f96c9c3c66bad7f0974859a398b16d81c2023e797eec43e537bfc9a9670

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 14:55:03 GMT
x-content-type-options: nosniff
age: 12098
content-disposition: inline;filename="PHENO (475 x 324).jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41552
x-xss-protection: 0
server: fife
etag: "v226"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 07 Sep 2021 06:49:31 GMT

GET
H3 200 WRC_222%2B%2528471%2Bx%2B264%2529.jpg
4.bp.blogspot.com/-Bt7BlUW-o20/Vh0s17MbYPI/AAAAAAAAAic/j89fLwbIPE0/s1600/ 23 KB
23 KB 19ms
16ms Image
image/jpeg 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-Bt7BlUW-o20/Vh0s17MbYPI/AAAAAAAAAic/j89fLwbIPE0/s1600/WRC_222%2B%2528471%2Bx%2B264%2529.jpg

Requested by

Host: www.hesgoal.com
URL: https://www.hesgoal.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

fife /

Resource Hash

7cd0e977de74caad61054e8991c774c3bfc8342704ba9b80c9fa1035d946f4db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 17:22:13 GMT
x-content-type-options: nosniff
age: 3268
content-disposition: inline;filename="WRC_222 (471 x 264).jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24005
x-xss-protection: 0
server: fife
etag: "v228"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 18 Sep 2021 14:10:00 GMT

GET
H3 200 alonso%2B%2528495%2Bx%2B262%2529.jpg
3.bp.blogspot.com/-aZulEqqldn8/Vh0tbybVBmI/AAAAAAAAAi0/O9BEUJtJzYA/s1600/ 20 KB
20 KB 22ms
18ms Image
image/jpeg 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-aZulEqqldn8/Vh0tbybVBmI/AAAAAAAAAi0/O9BEUJtJzYA/s1600/alonso%2B%2528495%2Bx%2B262%2529.jpg

Requested by

Host: www.hesgoal.com
URL: https://www.hesgoal.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

fife /

Resource Hash

cd5269f06e0db0b8c23c34a32815e4ef9e6349d93fd6943b60542d2e24a411f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 14:55:03 GMT
x-content-type-options: nosniff
age: 12098
content-disposition: inline;filename="alonso (495 x 262).jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20258
x-xss-protection: 0
server: fife
etag: "v22e"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 08 Sep 2021 07:02:14 GMT

GET
H3 200 REDBB%2B%2528480%2Bx%2B270%2529.jpg
3.bp.blogspot.com/-U6K5vyAOznY/Vh0to4OAbGI/AAAAAAAAAi8/aXsGdvr-LAs/s1600/ 32 KB
32 KB 21ms
17ms Image
image/jpeg 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-U6K5vyAOznY/Vh0to4OAbGI/AAAAAAAAAi8/aXsGdvr-LAs/s1600/REDBB%2B%2528480%2Bx%2B270%2529.jpg

Requested by

Host: www.hesgoal.com
URL: https://www.hesgoal.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

fife /

Resource Hash

eb7fc01edc455bd8c043bdf74dd4395c08a6f4465023ef2d54214914c055f4f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 14:55:04 GMT
x-content-type-options: nosniff
age: 12097
content-disposition: inline;filename="REDBB (480 x 270).jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33138
x-xss-protection: 0
server: fife
etag: "v230"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 06 Sep 2021 08:24:16 GMT

GET
H3 200 van-der-garde%2B%2528472%2Bx%2B315%2529.jpg
3.bp.blogspot.com/-2ZRgdn0h1PQ/Vh0t0JmTj0I/AAAAAAAAAjE/RYHrOQ-KZfQ/s1600/ 32 KB
32 KB 20ms
16ms Image
image/jpeg 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-2ZRgdn0h1PQ/Vh0t0JmTj0I/AAAAAAAAAjE/RYHrOQ-KZfQ/s1600/van-der-garde%2B%2528472%2Bx%2B315%2529.jpg

Requested by

Host: www.hesgoal.com
URL: https://www.hesgoal.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

fife /

Resource Hash

3d2f50274e7b3aec5963f044253b2e5ec72f77c307610362dd94b266aabe11ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 14:55:04 GMT
x-content-type-options: nosniff
age: 12097
content-disposition: inline;filename="van-der-garde (472 x 315).jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33124
x-xss-protection: 0
server: fife
etag: "v232"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 08 Sep 2021 09:20:34 GMT

GET
H3 200 winner_lewis_hamilton_getty%2B%2528468%2Bx%2B263%2529.jpg
2.bp.blogspot.com/-droslkcAUmA/Vh0uYF6QAzI/AAAAAAAAAjc/Y3t5W-6h2jg/s1600/ 37 KB
37 KB 16ms
12ms Image
image/jpeg 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-droslkcAUmA/Vh0uYF6QAzI/AAAAAAAAAjc/Y3t5W-6h2jg/s1600/winner_lewis_hamilton_getty%2B%2528468%2Bx%2B263%2529.jpg

Requested by

Host: www.hesgoal.com
URL: https://www.hesgoal.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

fife /

Resource Hash

8ba0b29fd70cf1a0f96de43957319df4d6490c9d796d560f0fb60504dadf2158

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 14:55:04 GMT
x-content-type-options: nosniff
age: 12097
content-disposition: inline;filename="winner_lewis_hamilton_getty (468 x 263).jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38209
x-xss-protection: 0
server: fife
etag: "v238"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 08 Sep 2021 07:02:14 GMT

GET
H3 200 MotoGp%252Bof%252BGermany%2B%2528445%2Bx%2B296%2529.jpg
4.bp.blogspot.com/-vkmA3_ST_e4/Vh0ujAsTcFI/AAAAAAAAAjk/iQl_b7j0-tM/s1600/ 45 KB
45 KB 17ms
13ms Image
image/jpeg 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-vkmA3_ST_e4/Vh0ujAsTcFI/AAAAAAAAAjk/iQl_b7j0-tM/s1600/MotoGp%252Bof%252BGermany%2B%2528445%2Bx%2B296%2529.jpg

Requested by

Host: www.hesgoal.com
URL: https://www.hesgoal.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

fife /

Resource Hash

b87d0c1195e80246d9b4386e8b60bd43862497c45099baf093d23f86b96a5452

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 17:22:13 GMT
x-content-type-options: nosniff
age: 3268
content-disposition: inline;filename="MotoGp+of+Germany (445 x 296).jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45863
x-xss-protection: 0
server: fife
etag: "v23a"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 07 Sep 2021 09:12:00 GMT

GET
H3 200 depuniet%2B%2528315%2Bx%2B210%2529.jpg
3.bp.blogspot.com/-ltxoRMYHgkw/Vh0utkpIfyI/AAAAAAAAAjs/vipaMuMFvQo/s1600/ 15 KB
15 KB 19ms
15ms Image
image/jpeg 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-ltxoRMYHgkw/Vh0utkpIfyI/AAAAAAAAAjs/vipaMuMFvQo/s1600/depuniet%2B%2528315%2Bx%2B210%2529.jpg

Requested by

Host: www.hesgoal.com
URL: https://www.hesgoal.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

fife /

Resource Hash

77db8e3a0c1157eb4946f816fee2f1bccd44fd03a8098618b15b470cb610e0c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 14:55:04 GMT
x-content-type-options: nosniff
age: 12097
content-disposition: inline;filename="depuniet (315 x 210).jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
server: fife
etag: "v23c"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 08 Sep 2021 09:20:34 GMT

GET
H3 200 vedel%2B%2528465%2Bx%2B291%2529.jpg
4.bp.blogspot.com/-qFd__8GuOmc/Vh0u4NEm2BI/AAAAAAAAAj0/sCopngmhQVo/s1600/ 42 KB
42 KB 22ms
18ms Image
image/jpeg 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-qFd__8GuOmc/Vh0u4NEm2BI/AAAAAAAAAj0/sCopngmhQVo/s1600/vedel%2B%2528465%2Bx%2B291%2529.jpg

Requested by

Host: www.hesgoal.com
URL: https://www.hesgoal.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

fife /

Resource Hash

c8164a629b41019e218dc4afdb572fdb310e3e85ea1215b3fbdda1d2e56d81b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 17:22:13 GMT
x-content-type-options: nosniff
age: 3268
content-disposition: inline;filename="vedel (465 x 291).jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42662
x-xss-protection: 0
server: fife
etag: "v23e"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 18 Sep 2021 09:38:26 GMT

GET style3.css
www.hesgoal.com/templates/lol/ 0
0

GET jquery-1.6.2.js
code.jquery.com/ 0
0

GET jquery-latest.min.js
code.jquery.com/ 0
0

POST
H2 200 / Show response
m.huerty.live/ Frame 5CBF 97 KB
55 KB 132ms
53ms XHR
text/plain 185.156.202.211
AMBER-AS ---CLIEN...

General

Check archive.org

Show headers Download Go to

Full URL: https://m.huerty.live/
Requested by: Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.156.202.211 , Belize, ASN56388 (AMBER-AS ---CLIENTS---, BZ),
Reverse DNS
Software: openresty /
Resource Hash: 0222608801301cf9e7a5e78a9e6645318b98156857f0fdd3666c6ed46036f3c2

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 29 Sep 2021 18:16:42 GMT
content-encoding: gzip
server: openresty
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Meta-Request-Id, X-Location, X-Meta-Status, X-Check, X-Cookie
x-cache-date: Wed, 29 Sep 2021 18:16:36 GMT
x-cache: HIT
access-control-allow-headers: X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
5 KB 40ms
10ms Script
application/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 18:08:58 GMT
content-encoding: br
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip: 137.74.120.0/27
etag: "-375139978"
x-cacheable: Matched cache
content-type: application/javascript; charset=UTF-8
x-cdn-pop: sbg
accept-ranges: bytes
content-length: 4364
x-request-id: 354191094

GET
H/1.1 200
OK widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html Show response
platform.twitter.com/widgets/ Frame 62F2 319 KB
103 KB 13ms
12ms Document
text/html 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fwww.hesgoal.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67F3) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.hesgoal.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1344876
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 29 Sep 2021 18:16:42 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Mon, 02 Aug 2021 20:33:53 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67F3)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H3 200 hesgoal.com.994688.es6.js Show response
jsc.adskeeper.com/h/e/ 224 KB
65 KB 34ms
17ms Script
text/javascript 104.18.16.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.com/h/e/hesgoal.com.994688.es6.js
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/h/e/hesgoal.com.994688.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.16.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ba080cb87210455600d30f6cbb946d407474b06b89d3a50f297ff1747e2c37c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 18:16:42 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4823
cf-ray: 6967343eaa472b41-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 65622
x-amz-id-2: WYaKMvR/G6jTCp2GlXtzJCv1fwq54OzSbZGkhUHJoZwyhORzFmBqaohc75DFI2NEct3wWHwC7YM=
last-modified: Wed, 08 Sep 2021 05:45:35 GMT
server: cloudflare
etag: "fe7a78297f1c5999c722226925b90ebb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: KCT8FS3NXPGASX91
cache-control: public, max-age=14400
accept-ranges: bytes
content-type: text/javascript
expires: Wed, 29 Sep 2021 22:16:42 GMT

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 382 B
517 B 298ms
102ms Script
text/html 198.27.80.143
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?3907345&@f16&@g1&@h1&@i1&@j1632939402035&@k0&@l1&@mHesGoal.Com%20Sports%20News&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-154850252&@b3:1632939402&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fwww.hesgoal.com%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.27.80.143 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns558056.ip-198-27-80.net
Software: /
Resource Hash: 7c2dbcb92e66fe8b66c124b8f21dcc8a1d67d7d573e38cd2e86e2ecd6fddb599

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 29 Sep 2021 18:16:42 GMT
Connection: close
Content-Length: 382
Content-Type: text/html;charset=UTF-8

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 62F2 232 B
431 B 137ms
110ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=2bf300e45b365574cb649d203a07b72c8ad19dcb

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fwww.hesgoal.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 18:16:41 GMT
content-encoding: gzip
last-modified: Wed, 29 Sep 2021 18:16:42 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: f1e2356bc2c3ab1362e4ff58e5d2c7e884ddbb0a707a96e7d6cfcb1765d6e157
content-length: 166

POST
H2 200 / Show response
m.huerty.live/ Frame 7911 102 B
449 B 43ms
42ms XHR
text/plain 185.156.202.211
AMBER-AS ---CLIEN...

General

Check archive.org

Show headers Download Go to

Full URL: https://m.huerty.live/
Requested by: Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.156.202.211 , Belize, ASN56388 (AMBER-AS ---CLIENTS---, BZ),
Reverse DNS
Software: openresty /
Resource Hash: 3fe7f4a2d9e68e6d3ea3665ffa83df459dbb4bc64562c510fa7324301b2447b0

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-language: eyJ4LXBvc3QiOiIxIn0=
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 29 Sep 2021 18:16:42 GMT
content-encoding
server: openresty
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Meta-Request-Id, X-Location, X-Meta-Status, X-Check, X-Cookie
access-control-allow-headers: X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length: 102

GET
H/1.1 200
OK button.5d16ecc02fbaf599a24dfb57ab239320.js Show response
platform.twitter.com/js/ 7 KB
3 KB 7ms
7ms Script
application/javascript 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.5d16ecc02fbaf599a24dfb57ab239320.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67C1) /
Resource Hash: 3ee8351e156e2e80d99018a585c18c0dbd9098e3bea84a131d8cbad1ec72c81e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 29 Sep 2021 18:16:42 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Aug 2021 20:33:39 GMT
Server: ECS (frb/67C1)
Age: 1369028
Etag: "6b95f5a9a2ff4b885e2eafdf446d70d0+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 2296

GET
H/1.1 200
OK follow_button.f88235f49a156f8b4cab34c7bc1a0acc.en.html Show response
platform.twitter.com/widgets/ Frame 5E21 36 KB
14 KB 9ms
9ms Document
text/html 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/follow_button.f88235f49a156f8b4cab34c7bc1a0acc.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67C1) /
Resource Hash: 8ade4559ba0159fe586121f621bed885f04755e81a8d02e58eb7d0f9771afe2b

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.hesgoal.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1369020
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 29 Sep 2021 18:16:42 GMT
Etag: "a237d70af6aab8c30f8fef9c8de02f69+gzip"
Last-Modified: Mon, 02 Aug 2021 20:33:41 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67C1)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 13651

GET
DATA 200
OK truncated
/ Frame 5E21 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 / Show response
c.adskeeper.com/pv/ 0
307 B 68ms
53ms Script
text/plain 104.18.16.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.adskeeper.com/pv/?pv=5&cbuster=1632939402278207949714&uniqId=13433&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fwww.hesgoal.com%2F&lu=https%3A%2F%2Fwww.hesgoal.com%2F&sessionId=6154ad8a-128fe&pageView=1&pvid=17c32c5e427b8224c5c&site=288223&implVersion=11&dpr=1
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/h/e/hesgoal.com.994688.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.16.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Sep 2021 18:16:42 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6967344058c74eaa-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 adskeeper_svg.svg
cdn.adskeeper.co.uk/images/ 4 KB
2 KB 55ms
24ms Image
image/svg+xml 104.19.134.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Requested by: Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 18:16:42 GMT
content-encoding: br
cf-cache-status: HIT
age: 1333
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: XXQX9JBSCH0N5JS5
x-amz-id-2: CWQcblvkNgl841zhni5fxo9UtrMY0Uhwn5zh1oLPU16Poqdim6PAdvDXGiizTIG8dmF0P9kScEk=
last-modified: Tue, 08 Dec 2020 08:34:59 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag: W/"93f6d1136fb77e38a0a2c72108588f09"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 696734409b6e1f2d-FRA
expires: Wed, 29 Sep 2021 22:16:42 GMT

GET
H/1.1 200
OK / Show response
e.dtscout.com/e/ 8 KB
9 KB 311ms
103ms Script
application/javascript 167.114.209.61
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fwww.hesgoal.com%2F&j=
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/0.php?3907345&@f16&@g1&@h1&@i1&@j1632939402035&@k0&@l1&@mHesGoal.Com%20Sports%20News&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-154850252&@b3:1632939402&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fwww.hesgoal.com%2F&@w
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 167.114.209.61 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns515688.ip-167-114-209.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: c051f20e397bda903dda0cdd3e3af421ea67923f737697b50868b0f7f2627378

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 29 Sep 2021 18:16:42 GMT
X-T: 8.489
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
X-S: mtl1
Expires: Wed, 29 Sep 2021 18:16:41 GMT

GET
H3 200 widget-ssp-performance
c.adskeeper.com/ 43 B
399 B 57ms
56ms Image
image/gif 104.18.16.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.adskeeper.com/widget-ssp-performance?time=69
Requested by: Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.16.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Sep 2021 18:16:42 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 69673440be2c2b41-FRA
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
352 B 117ms
117ms Image
image/gif 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fwww.hesgoal.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Awithcount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1632939402359%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%221890d59c%3A1627936082797%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D

Requested by

Host: www.hesgoal.com
URL: https://www.hesgoal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 18:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Wed, 29 Sep 2021 18:16:42 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: f1e2356bc2c3ab1362e4ff58e5d2c7e884ddbb0a707a96e7d6cfcb1765d6e157
x-transaction: e3bebdc3d77b5a10
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 1 Show response
servicer.adskeeper.com/994688/ 3 KB
1 KB 81ms
67ms Script
application/x-javascript 104.18.16.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.adskeeper.com/994688/1?pv=5&cbuster=1632939402553319263147&uniqId=13433&niet=4g&nisd=false&jsv=es6&w=1584&h=1290&cols=1&ref=&cxurl=https%3A%2F%2Fwww.hesgoal.com%2F&lu=https%3A%2F%2Fwww.hesgoal.com%2F&sessionId=6154ad8a-128fe&pageView=1&pvid=17c32c5e427b8224c5c&implVersion=11&dpr=1
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/h/e/hesgoal.com.994688.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.16.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b3e048ef33a432b755395dbf54f027723c7624aa5ea1eec18b8b778e62c3520

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Sep 2021 18:16:42 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 696734420c084eaa-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 widget-ssp-performance
c.adskeeper.com/ 43 B
399 B 70ms
70ms Image
image/gif 104.18.16.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.adskeeper.com/widget-ssp-performance?time=83
Requested by: Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.16.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Sep 2021 18:16:42 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 696734427b122b41-FRA
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDgvMTAxOTI0LzcxNDkzMDc4YjMzMzRmYjk1MzRjOGEwMmYxMzQ5OThkLmpwZw.webp
s-img.adskeeper.com/g/8193502/492x277/0x299x1080x720/ 16 KB
16 KB 57ms
26ms Image
image/webp 104.18.17.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/8193502/492x277/0x299x1080x720/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDgvMTAxOTI0LzcxNDkzMDc4YjMzMzRmYjk1MzRjOGEwMmYxMzQ5OThkLmpwZw.webp?v=1632939402-cXNJh_diUR3V7gfK9OcLwuhuGS4nn9gBoB2z507czfA
Requested by: Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83147d4b02fdda83728e35c64a246133da2171d543343efbbc10a0717639074c

Request headers

Referer: https://www.hesgoal.com/
Origin: https://www.hesgoal.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 18:16:42 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 11:23:17 GMT
x-mg-request-uuid: 260042c6-8a1f-43ac-8bf4-798a99ec9184
age: 367921
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 69673442c87b05b3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 16032
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDUvMTAxOTI0LzA2ZWM0NWZkMzdjZmYxNTI4MzVjNjEzMDMxMmE5NjYxLmpwZWc.webp
s-img.adskeeper.com/g/8164884/492x277/0x0x1001x667/ 19 KB
19 KB 50ms
19ms Image
image/webp 104.18.17.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/8164884/492x277/0x0x1001x667/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDUvMTAxOTI0LzA2ZWM0NWZkMzdjZmYxNTI4MzVjNjEzMDMxMmE5NjYxLmpwZWc.webp?v=1632939402-CmYVey51eajO9wHenxGQ0F1VkFUce5lrsDe6W8YjLSs
Requested by: Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c49c82f3f670e16ab6ad5231d4dba5ccea94142649a946a69d5d7f64a9cfe4cd

Request headers

Referer: https://www.hesgoal.com/
Origin: https://www.hesgoal.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 18:16:42 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 10:38:40 GMT
x-mg-request-uuid: 78e084c8-2987-49df-835a-d395015c9003
age: 453368
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 69673442c88205b3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 18944
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzcyYTQ1NjNjYzFmY2Y5MjAwOWYzMGZkYThiZjFiMGFhLmpwZWc.webp
s-img.adskeeper.com/g/8164865/492x277/0x0x900x600/ 19 KB
19 KB 51ms
20ms Image
image/webp 104.18.17.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/8164865/492x277/0x0x900x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzcyYTQ1NjNjYzFmY2Y5MjAwOWYzMGZkYThiZjFiMGFhLmpwZWc.webp?v=1632939402-HrNz51Hz6M3NyUXDAICZUeRsdx-PXAoy9bNI75GyGEY
Requested by: Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d50c76f222ed812d0aef55d3b7fe52f4ea68565e14496a8d8e52fb290be7bc3e

Request headers

Referer: https://www.hesgoal.com/
Origin: https://www.hesgoal.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 18:16:42 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 10:37:29 GMT
x-mg-request-uuid: 8cf00a1d-d2d0-445c-80fa-b1221795b1b5
age: 453378
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 69673442c88405b3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 19190
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzIwOWY0ODAyNmU2NjY1ZjAzMWRlZDMyNzE5ZWI1ZmEwLmpwZw.webp
s-img.adskeeper.com/g/8164883/492x277/0x0x492x328/ 11 KB
11 KB 56ms
25ms Image
image/webp 104.18.17.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/8164883/492x277/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzIwOWY0ODAyNmU2NjY1ZjAzMWRlZDMyNzE5ZWI1ZmEwLmpwZw.webp?v=1632939402-CZkhLg9TLI_WjlB5sxhhOahq8-D-k7sA2e92pBrW_sQ
Requested by: Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a4439966cf3114fcfbe92d56d21b21810b5f3a0f138032a7e665113f2c754a7

Request headers

Referer: https://www.hesgoal.com/
Origin: https://www.hesgoal.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 18:16:42 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 10:36:41 GMT
x-mg-request-uuid: 06996ae9-1438-4398-a255-311c115cc868
age: 100865
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 69673442c88505b3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10766
server: cloudflare

GET
H/1.1 200
OK / Show response
t.dtscout.com/idg/ Frame 7190 1 KB
752 B 322ms
101ms Document
text/html 167.114.209.61
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/idg/?su=6D001632939402D0DE01155F7B2FCA6B
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fwww.hesgoal.com%2F&j=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 167.114.209.61 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns515688.ip-167-114-209.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 9cdac6ebed7b54bbee2bcdd18f9aec4ee761e0bf4b6c2d87a8ff31d45c67f6cd

Request headers

Host: t.dtscout.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.hesgoal.com/
Accept-Encoding: gzip, deflate, br
Cookie: m=1; b=1; st=1; oa=1; df=1632939402; l=6D001632939402D0DE01155F7B2FCA6B
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/

Response headers

Server: nginx/1.10.3 (Ubuntu)
Date: Wed, 29 Sep 2021 18:16:42 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Expires: Wed, 29 Sep 2021 18:16:41 GMT
Cache-Control: no-cache
Content-Encoding: gzip

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ 30 KB
10 KB 42ms
7ms Script
text/javascript 13.225.87.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fwww.hesgoal.com%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-81.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d9262f833e999fddfae1cb297ae5f9e260529ca0ca737ed805a11fbf3ab92bcd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: BC1z2ASq_5A8fCLvu30SOKeIK4SZ9jqY
content-encoding: gzip
last-modified: Thu, 03 Jun 2021 13:27:46 GMT
server: AmazonS3
age: 1715
etag: W/"a1c6ef0f57fd5dc66dd46feb78238adf"
vary: Accept-Encoding
x-edge-origin-shield-skipped: 0
content-type: text/javascript
via: 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Wed, 29 Sep 2021 17:48:08 GMT
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: 2ZhTIgJ9lJvC9OrIVqsFCOS8dtOzz3NYvfpxtdW50LNz4051bm2rMg==

GET
H/1.1 204
No Content dtscout Show response
pd.sharethis.com/pd/ 0
88 B 60ms
7ms Script
text/plain 18.195.98.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pd.sharethis.com/pd/dtscout
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fwww.hesgoal.com%2F&j=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.98.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-98-10.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Connection: keep-alive
Date: Wed, 29 Sep 2021 18:16:42 GMT

GET
H2 200 afwu.js Show response
cdn.tynt.com/ 10 KB
4 KB 72ms
17ms Script
application/javascript 104.18.28.199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tynt.com/afwu.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fwww.hesgoal.com%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.28.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ee04154662e67cdd4a6694f6afacb682bb184617b5e81948524637dde2f31d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 18:16:42 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 27 Aug 2021 20:58:51 GMT
server: cloudflare
age: 249434
etag: W/"6129520b-288b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 69673442fffc4ac2-FRA
expires: Sat, 02 Oct 2021 18:16:42 GMT

GET
H/1.1 200
OK / Show response
t.dtscout.com/pv/ 50 B
318 B 325ms
102ms Script
application/javascript 167.114.209.61
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=hesgoal.com&_ss=6mknsgk9n7&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=om52&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fwww.hesgoal.com%2F&j=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 167.114.209.61 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns515688.ip-167-114-209.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 826a820fd1c9ee09e48db0ca5ec0b54cdf311786c9e6a23783b9968a506b7111

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 29 Sep 2021 18:16:42 GMT
X-T: 0.299
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
X-C: 0
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
Expires: Wed, 29 Sep 2021 18:16:41 GMT

GET
H2 200 i.js Show response
cm.adskeeper.com/ 19 B
197 B 121ms
95ms Script
application/javascript 104.18.16.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adskeeper.com/i.js?&cbuster=1632939402681792922169
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/h/e/hesgoal.com.994688.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.16.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Sep 2021 18:16:42 GMT
content-encoding: gzip
cf-cache-status: MISS
x-mg-request-uuid: 74aaf643-1e76-40b0-aaa4-95c46cc7b8d3
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 69673442edde4eaa-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare

GET
H2 200 i-noref.js Show response
cm.adskeeper.com/ Frame 9228 19 B
127 B 109ms
98ms Script
application/javascript 104.18.16.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adskeeper.com/i-noref.js?cbuster=1632939402696771501076
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/h/e/hesgoal.com.994688.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.16.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Sep 2021 18:16:42 GMT
content-encoding: gzip
cf-cache-status: MISS
x-mg-request-uuid: a367cf50-15ed-4afa-b58d-d63f06e08a16
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 69673442ede14eaa-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 555 B
985 B 151ms
116ms Fetch
application/json 13.225.87.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-75.fra2.r.cloudfront.net
Software: /
Resource Hash: f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 18:16:42 GMT
via: 1.1 910a343c3141ba3fe805e18bded62491.cloudfront.net (CloudFront), 1.1 e56e6732f380db727425bac2d6158761.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3, FRA2-C2
x-amzn-requestid: bbe3bc16-7615-4b20-aa4d-2e81c3d1d6b5
x-edge-origin-shield-skipped: 0
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-cache: Miss from cloudfront
x-amz-apigw-id: GcANtEAqiYcFoLQ=
content-length: 555
x-amz-cf-id: wRzvT1_TiqLXS_6RMA6-QQUorMNBnhni18KgEGwMhlT6J2DvdpG7VQ==

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 348ms
110ms Image
text/plain 208.100.17.190
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1632939402729&dn=AFWU&iso=0&t=HesGoal.Com%20Sports%20News
Requested by: Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.190 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip190.208-100-17.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 18:16:43 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 EU Show response
onetag-geo-grouping.s-onetag.com/regionalbloc/ 1 KB
852 B 161ms
125ms Fetch
application/json 13.225.87.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo-grouping.s-onetag.com/regionalbloc/EU
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-108.fra2.r.cloudfront.net
Software: restify /
Resource Hash: 6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 18:16:43 GMT
content-encoding: gzip
server: restify
x-edge-origin-shield-skipped: 0
vary: Accept-Encoding,origin
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://www.hesgoal.com
access-control-expose-headers: api-version, content-length, content-md5, content-type, date, request-id, response-time
cache-control: max-age=86400
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: qG2FYvAG8n38uh0fvoQCyOYVbkv7YIqdQYEzSitrLx-kpnoMG-pkgw==
via: 1.1 edfd22ec6695cdc9d7ac634220af1315.cloudfront.net (CloudFront)

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/3825/ 38 KB
13 KB 44ms
7ms Script
text/javascript 13.225.87.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fwww.hesgoal.com%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-101.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dc9dc5abccf3e062029d71dcdc0e04b7cc9a9be96103d07f98b4ff4a5459c668

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 29 Sep 2021 09:40:12 GMT
content-encoding: gzip
last-modified: Tue, 16 Mar 2021 13:30:17 GMT
server: AmazonS3
age: 30992
etag: W/"f321a7442b8087eba0d1817aa7dbb5f7"
vary: Accept-Encoding
x-edge-origin-shield-skipped: 0
content-type: text/javascript
via: 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: j8tD2U85hpt8kcvkvqXeFYCOXmPYS0h1P6XZUV8lhy62ulVInwsP7w==

GET
H/1.1 200
OK / Show response
t.dtscdn.com/widget/ 0
407 B 379ms
94ms Script
application/javascript 45.55.96.63
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=6D001632939402D0DE01155F7B2FCA6B&nid=300&p=836148727&t=0&s=1600x1200x24&u=https%3A%2F%2Fwww.hesgoal.com%2F&r=
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fwww.hesgoal.com%2F&j=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.55.96.63 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 29 Sep 2021 17:40:30 GMT
X-T: 1.56
x-server: web12.ny1.dtscdn.com
Cache-Control: no-cache
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Expires: Wed, 29 Sep 2021 17:40:29 GMT

GET
H/1.1 200
OK 27675
tags.bluekai.com/site/ 62 B
329 B 318ms
158ms Image
image/gif 104.111.215.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/27675?id=6D001632939402D0DE01155F7B2FCA6B&ret=html&phint=__bk_t%3DHesGoal.Com%20Sports%20News&phint=__bk_k%3Deredivisie%2Cjupiler%20pro%20league%2Cserie%20a%2Cepl%2Cenglish%20premier%20league%2Cligue%201%2Cdanish%20league%2Cformule%201%2Cf1%2Cformula%201%2Cmoto%20gp%2Cralley%2Cligue%201%2Callsvenskan%2CSuperligaen%2CTippeligaen%2CBundesliga%2Cscottish%20premier%20league%2C&phint=__bk_l%3Dhttps%3A%2F%2Fwww.hesgoal.com%2F&r=65023235
Requested by: Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-191.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 29 Sep 2021 18:16:43 GMT
X-N: S
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
BK-Server: 57cb
Content-Type: image/gif

GET
H2

200

mw
mwzeom.zeotap.com/
Redirect Chain

https://pixel.onaudience.com/?partner=137085098&mapped=6D001632939402D0DE01155F7B2FCA6B
https://spl.zeotap.com/?zdid=1332&zcluid=25bc434ffda60366
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=edad4164-976c-4c64-5a9c-6d0b98402f13&reqId=f4a68b40-c750-461a-69ea-864cbeb07f62&zclui...
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=edad4164-976c-4c64-5a9c-6d0b98402f13&reqId=f4a68b40-c750-461a-69ea-864cbeb07f62&zclu...
https://mwzeom.zeotap.com/mw?google_gid=&google_cver=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=edad4164-976c-4c64-5a9c-6d0b98402f13&reqId=f4a68b40-c750-461a-69ea-864cbeb07f62&zcluid=25bc434ffda...

95 B
164 B

44ms
27ms

Image
image/png

172.67.13.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=&google_cver=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=edad4164-976c-4c64-5a9c-6d0b98402f13&reqId=f4a68b40-c750-461a-69ea-864cbeb07f62&zcluid=25bc434ffda60366&zdid=1332&google_error=15
Requested by: Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.13.182 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 18:16:43 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://www.hesgoal.com
access-control-allow-credentials: true
cf-ray: 69673447ea62c2e5-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Wed, 29 Sep 2021 18:16:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://mwzeom.zeotap.com/mw?google_gid=&google_cver=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=edad4164-976c-4c64-5a9c-6d0b98402f13&reqId=f4a68b40-c750-461a-69ea-864cbeb07f62&zcluid=25bc434ffda60366&zdid=1332&google_error=15
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 461
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 v2 Show response
de.tynt.com/deb/ 4 B
202 B 349ms
110ms Script
application/javascript 208.100.17.183
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=1&r=
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/afwu.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.183 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip183.208-100-17.static.steadfastdns.net
Software: /
Resource Hash: d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 18:16:42 GMT
cache-control: max-age=86400
content-type: application/javascript
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length: 4
expires: Thu, 30 Sep 2021 18:16:43 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 111ms
111ms Image
text/plain 208.100.17.190
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1632939402729&dn=AFWU&iso=0&t=HesGoal.Com%20Sports%20News
Requested by: Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.190 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip190.208-100-17.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 18:16:43 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 133ms
133ms Image
text/plain 208.100.17.190
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1632939402729&dn=AFWU&iso=0&t=HesGoal.Com%20Sports%20News
Requested by: Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.190 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip190.208-100-17.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 18:16:43 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H/1.1 200
OK id.html Show response
st.chatango.com/h5/gz/r0817211056/ Frame E7CE 681 KB
219 KB 160ms
159ms Document
text/html 208.93.230.22
CHATANGO

General

Check archive.org

Show headers Download Go to

Full URL: https://st.chatango.com/h5/gz/r0817211056/id.html
Requested by: Host: st.chatango.com
URL: https://st.chatango.com/js/gz/emb.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.93.230.22 , United States, ASN29893 (CHATANGO, US),
Reverse DNS
Software: nginx /
Resource Hash: e23f3a6e99524b4a3c64675a721185d366fb02194726b75cc0c9ed896fef81df

Request headers

Host: st.chatango.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.hesgoal.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/

Response headers

Server: nginx
Date: Wed, 29 Sep 2021 18:16:43 GMT
Content-Type: text/html
Content-Length: 224126
Last-Modified: Tue, 17 Aug 2021 18:00:48 GMT
Connection: keep-alive
Expires: Thu, 29 Sep 2022 18:16:43 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
P3P: CP="Chatango does not have a P3P policy. Please see our privacy policy: http://chatango.com/page?full_privacy"
Accept-Ranges: bytes

GET
H/1.1 200
OK r.json Show response
st.chatango.com/cfg/nc/ 20 B
338 B 1143ms
168ms XHR
application/octet-stream 208.93.230.22
CHATANGO

General

Check archive.org

Show headers Download Go to

Full URL: https://st.chatango.com/cfg/nc/r.json?8b32230020000289915587905
Requested by: Host: st.chatango.com
URL: https://st.chatango.com/js/gz/emb.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.93.230.22 , United States, ASN29893 (CHATANGO, US),
Reverse DNS
Software: nginx /
Resource Hash: f6943106e4ec38d43fcb1b7616e34417aceb78763846c1c32e11589649c437f5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 29 Sep 2021 18:16:44 GMT
Last-Modified: Tue, 17 Aug 2021 18:00:48 GMT
Server: nginx
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 110ms
110ms Image
text/plain 208.100.17.190
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1632939402729&dn=AFWU&iso=0
Requested by: Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.190 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip190.208-100-17.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 18:16:43 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H3 200 c
c.adskeeper.com/ 43 B
441 B 52ms
52ms Image
image/gif 104.18.16.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.adskeeper.com/c?f=1&pv=3&v=1566|302|8|o6TJbXlb0rW4BK4xgEYYMaRw76mHjAF_AsTDqgR87EmC9eIi23Vzc8eVLogz3w0y&fw=1&extjs=66044&cid=994688&h2=CBvd3SiXK6CDlaashqQY2P1flr7oH3XRjeqGg-aXiiU*&rid=65d39f6d-2151-11ec-9658-d0946675f626&tt=Direct&iv=11&pageImp=1&pvid=17c32c5e427b8224c5c&muid=l8tGFdzdUggb&cbuster=1632939403343561729381&tpl=0
Requested by: Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.16.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Sep 2021 18:16:43 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: c21e0203-5179-4701-a700-59b8863638f7
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 69673446ec352b41-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/chatango-network/ Frame E7CE 73 KB
20 KB 34ms
6ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/chatango-network/loader.js
Requested by: Host: st.chatango.com
URL: https://st.chatango.com/h5/gz/r0817211056/id.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ef71ad0e3206edc6bf524507d43c65f6f68a1cb02638fb074849af78fd500d70

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://st.chatango.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: FDBn7gz9ecwGukb4zvc9crpIN2Okt3IP
content-encoding: gzip
etag: "8f88a258e49ce6aefbd6a980dd522a57"
age: 84
x-cache: HIT
content-length: 19749
x-amz-id-2: zpM04K0jwkI3P9dzQlBOu7FrdK9BJI3BWNRVsefQFoiowvvByluxQRinB9GQGqS3EyxILlhbLAI=
x-served-by: cache-hhn4038-HHN
last-modified: Thu, 23 Sep 2021 09:11:44 GMT
server: AmazonS3
x-timer: S1632939403.435193,VS0,VE0
date: Wed, 29 Sep 2021 18:16:43 GMT
vary: Accept-Encoding
x-amz-request-id: J52N1WPT1TWC7XCB
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 91
x-cache-hits: 4

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 111ms
110ms Image
text/plain 208.100.17.190
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1632939402729&dn=AFWU&iso=0
Requested by: Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.190 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip190.208-100-17.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 18:16:43 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 impl.20210923-4-RELEASE.js Show response
cdn.taboola.com/libtrc/ Frame E7CE 528 KB
117 KB 6ms
6ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20210923-4-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/chatango-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 9ef2fa6d02bd3595685a4fa73762bb189deac1d05605ff00a2bb58b879b75557

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://st.chatango.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: nwL3Iwz5OuKqoxSKveF130DQoW3dPflo
content-encoding: br
etag: "f30da82f08687af7c0344b8258fb7906"
age: 4973
x-cache: HIT
content-length: 119564
x-amz-id-2: dK57JIgF8uuifsYuM4y6sAijDMGwf/ZfuCo3kh2iJAa2DwLo/sz6UblCQ+G6GGBc5E9jbfhQHhg=
x-served-by: cache-hhn4038-HHN
last-modified: Thu, 23 Sep 2021 08:53:48 GMT
server: AmazonS3-br
x-timer: S1632939403.448488,VS0,VE0
date: Wed, 29 Sep 2021 18:16:43 GMT
vary: Accept-Encoding
x-amz-request-id: W1KK0T44X58BQDDH
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 84
x-cache-hits: 2439

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ Frame E7CE 1 KB
1 KB 31ms
11ms Script
application/javascript 13.225.87.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/chatango-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-63.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://st.chatango.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 05:46:43 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 131400
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-edge-origin-shield-skipped: 0
content-type: application/javascript
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: 7w0wQxumcY0t_PKaebaXkNyixMaQZx28hP6xnV2eoTKvFe9nZtJaRg==

GET
H2

200

b2
sb.scorecardresearch.com/ Frame E7CE
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1632939403498&ns_c=windows-1252&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fst.chatango.com%2Fh5%2Fgz%2Fr0817211056%2Fid.html&c9=https%3A%2F%2...
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1632939403498&ns_c=windows-1252&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fst.chatango.com%2Fh5%2Fgz%2Fr0817211056%2Fid.html&c9=https%3A%2F%...

64 B
328 B

12ms
12ms

Image
image/gif

13.225.87.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1632939403498&ns_c=windows-1252&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fst.chatango.com%2Fh5%2Fgz%2Fr0817211056%2Fid.html&c9=https%3A%2F%2Fwww.hesgoal.com%2F
Requested by: Host: st.chatango.com
URL: https://st.chatango.com/h5/gz/r0817211056/id.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-63.fra2.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://st.chatango.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 18:16:43 GMT
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: wfahzrCWujkeiiItsb1oMqp8A7Wwrr97u6wblZJ3yljM3JdO5bnahw==

Redirect headers

date: Wed, 29 Sep 2021 18:16:43 GMT
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1632939403498&ns_c=windows-1252&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fst.chatango.com%2Fh5%2Fgz%2Fr0817211056%2Fid.html&c9=https%3A%2F%2Fwww.hesgoal.com%2F
content-length: 239
x-amz-cf-id: UspON6C8W3v6fnI2L-lsFPMEeuwc3IRfQ3io_ZErrvxh4aKZXuxwDg==

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 113ms
112ms Image
text/plain 208.100.17.190
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1632939402729&dn=AFWU&iso=0
Requested by: Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.190 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip190.208-100-17.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 18:16:43 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 110ms
110ms Image
text/plain 208.100.17.190
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1632939402729&dn=AFWU&iso=0
Requested by: Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.190 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip190.208-100-17.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 18:16:43 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H3 200 c
c.adskeeper.com/ 43 B
441 B 57ms
57ms Image
image/gif 104.18.16.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.adskeeper.com/c?pv=3&v=1566|302|8|o6TJbXlb0rW4BK4xgEYYMeOQB9-TiaeqjwVQJznLr_pcpmTSoGvdzG8vpUB746v4&extjs=66044&cid=994688&h2=CBvd3SiXK6CDlaashqQY2P1flr7oH3XRjeqGg-aXiiU*&rid=65d39f6d-2151-11ec-9658-d0946675f626&tt=Direct&iv=11&pageImp=0&pvid=17c32c5e427b8224c5c&muid=l8tGFdzdUggb&cbuster=1632939403842927213301&tpl=0
Requested by: Host: www.hesgoal.com
URL: https://www.hesgoal.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.16.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Sep 2021 18:16:43 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 35ed295c-1e4a-48d7-ad54-c9b1cb795623
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6967344a09da2b41-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame E7CE 48 KB
20 KB 27ms
6ms Script
text/javascript 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: st.chatango.com
URL: https://st.chatango.com/h5/gz/r0817211056/id.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://st.chatango.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 5386
date: Wed, 29 Sep 2021 16:46:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Wed, 29 Sep 2021 18:46:57 GMT

GET
H/1.1 200
OK gprofile.xml Show response
ust.chatango.com/groupinfo/h/e/hesgoalchat3/ Frame E7CE 337 B
643 B 808ms
157ms XHR
text/xml 208.93.230.22
CHATANGO

General

Check archive.org

Show headers Download Go to

Full URL: https://ust.chatango.com/groupinfo/h/e/hesgoalchat3/gprofile.xml
Requested by: Host: st.chatango.com
URL: https://st.chatango.com/h5/gz/r0817211056/id.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.93.230.22 , United States, ASN29893 (CHATANGO, US),
Reverse DNS
Software: nginx /
Resource Hash: f369c41399a02489b8db3d2712c86082949847a670b059367b9deb6d1f87a1d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://st.chatango.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 29 Sep 2021 18:16:44 GMT
Last-Modified: Sat, 14 Aug 2021 06:58:44 GMT
Server: nginx
Content-Type: text/xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 337
Expires: Wed, 29 Sep 2021 18:16:44 GMT

GET
H3 200 dark-top.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/ 3 KB
1 KB 26ms
15ms Stylesheet
text/css 104.16.19.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/dark-top.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/cookieconsent.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

242a75ba54f0b62ab4e7f78a503df8b6f1d475bc7a246ffa5dc7981a315bad04

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 18:16:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 520266
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 676
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-b6f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GdIDunZewgjpbDE3%2BI1th5MSABpNbXvMPnLsw1WKEq3tDL3%2BLIqDq2cGysHXLHw2DjPTxYXNcUuEhBXJFKUPqVwWyPZJwT4DOrrqiCnMW8Bg%2FaSgUqc4bGJ%2BP4%2FZb53lR57kGWeO"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6967344addcc2bdd-FRA
expires: Mon, 19 Sep 2022 18:16:43 GMT

GET
H2 200 optimus_rules.json Show response
tags.crwdcntrl.net/lt/c/3825/ 4 KB
1 KB 27ms
11ms XHR
application/json 13.225.87.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/optimus_rules.json
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-101.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9933d7066a22669cd5d48d0051aa5f2d7ea91bad0a9223f3d7884e93c3ca8a28

Request headers

Referer: https://www.hesgoal.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 29 Sep 2021 18:10:05 GMT
content-encoding: gzip
age: 399
x-amz-server-side-encryption: AES256
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Tue, 16 Mar 2021 13:30:17 GMT
server: AmazonS3
etag: W/"6db43f44304c37d76768275ee4f01ba4"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
via: 1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: Y8PTebm2VmYvrYSGWkBtSi4ZYUomyq4kOFoHf-FVvtf4uKB9h5QNoA==

POST
H2 200 data Show response
bcp.crwdcntrl.net/6/ 611 B
1 KB 165ms
72ms XHR
application/json 52.30.140.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/data
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 695cb99e9e3942a92d95f65aa792db534ac5594e20bafad3137fd332fe26af9d

Request headers

Referer: https://www.hesgoal.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 29 Sep 2021 18:16:44 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.hesgoal.com
cache-control: no-cache
x-server: 10.45.4.176
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 611
expires: 0

POST
H2 200 a
a.dtssrv.com/ 0
560 B 187ms
128ms Ping
text/html 172.67.220.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dtssrv.com/a?i=6D001632939402D0DE01155F7B2FCA6B&k=lotpano&v=14efb0d68e4ee9556b8971790e7d4945a702f499e0a749190b48ccdf3b478fc0
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fwww.hesgoal.com%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.220.51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.hesgoal.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 29 Sep 2021 18:16:44 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4H%2B%2BguJXQ3JzZfE1BLBHeq%2BHQGFt9UBHbL06qhxHJoqi9x5%2F1mh2cTbuhH9kTV0yHicqYoptFpPYCdj6oi%2B3AeLoxHTe3yDNp4pV6%2BOS1PjN4baRcxBX62EEih1mS0E%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 6967344c7e79f9ce-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 lt.iframe.html Show response
tags.crwdcntrl.net/lt/shared/2/ Frame A36B 2 KB
1 KB 9ms
8ms Document
text/html 13.225.87.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-101.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372

Request headers

:method: GET
:authority: tags.crwdcntrl.net
:scheme: https
:path: /lt/shared/2/lt.iframe.html?c=3825
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.hesgoal.com/
accept-encoding: gzip, deflate, br
cookie: _cc_dc=1; _cc_id=d397f98759b469b5ac68e9b79e5ac48; _cc_cc="ACZ4XmOQTzG2NE%2BztDA3tUwyMbNMMk1MNrNItUwyt0wFMk0sGIAgMWRtD4iGAN6t77tEGD%2FKMvxnZGQ4vmkKC4z98bMljPls8Ry48PI%2FhXDVRw8xw9i7910WgLE%2FNNyHsw8jaZ1%2BQh2m5N0ShIlrNjzlholP%2FDhBG8YGAJttQXY%3D"; _cc_aud="ABR4XmNgYGBIDFnbA6QggJmBgWsGmLmoFUQyPqwHkgBfxQUc"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hesgoal.com/

Response headers

content-type: text/html
last-modified: Mon, 01 Feb 2021 20:35:17 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
x-edge-origin-shield-skipped: 0
content-encoding: gzip
date: Tue, 28 Sep 2021 18:23:34 GMT
cache-control: max-age: 86400
etag: W/"6fcf4f5197ab24c92d090f6ac8d87e01"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: S7zZlWJwzS8WMe6N80A3QMBkvkY0AwVLLV9U3q4oqWsScUYIEqoYTw==
age: 85991

GET
H2 200 pixels Show response
bcp.crwdcntrl.net/ Frame 139F 3 KB
3 KB 32ms
32ms Document
text/html 52.30.140.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C54%2C50%2C49%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 919f0d5d2f1a61109be1d457ec197149f7fa4ce56ae130732a9877509575bba9

Request headers

:method: GET
:authority: bcp.crwdcntrl.net
:scheme: https
:path: /pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C54%2C50%2C49%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tags.crwdcntrl.net/
accept-encoding: gzip, deflate, br
cookie: _cc_dc=1; _cc_id=d397f98759b469b5ac68e9b79e5ac48; _cc_cc="ACZ4XmOQTzG2NE%2BztDA3tUwyMbNMMk1MNrNItUwyt0wFMk0sGIAgMWRtD4iGAN6t77tEGD%2FKMvxnZGQ4vmkKC4z98bMljPls8Ry48PI%2FhXDVRw8xw9i7910WgLE%2FNNyHsw8jaZ1%2BQh2m5N0ShIlrNjzlholP%2FDhBG8YGAJttQXY%3D"; _cc_aud="ABR4XmNgYGBIDFnbA6QggJmBgWsGmLmoFUQyPqwHkgBfxQUc"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tags.crwdcntrl.net/

Response headers

date: Wed, 29 Sep 2021 18:16:44 GMT
content-type: text/html
content-length: 3236
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.4.251
server: Jetty(9.4.38.v20210224)

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 139F
Redirect Chain

https://id5-sync.com/s/19/9.gif?puid=d397f98759b469b5ac68e9b79e5ac48&gdpr=1
https://id5-sync.com/c/19/19/9/1.gif?puid=d397f98759b469b5ac68e9b79e5ac48&gdpr=1&gdpr_consent=
https://bcp.crwdcntrl.net/map/c=1882/tp=BKAI/gdpr=1/gdpr_consent=?https://tags.bluekai.com/site/5907?limit=0&id=${masked_profileid}&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F321%2F8%2F2.gif%3Fpui...
https://tags.bluekai.com/site/5907?limit=0&id=5af92ea1d32a61379fcaa97c07337278&redir=https://id5-sync.com/c/19/321/8/2.gif?puid=$_BK_UUID&gdpr=1&gdpr_consent=
https://id5-sync.com/c/19/321/8/2.gif?puid=$_BK_UUID
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODM4ODY2Ni90LzI/dpuid/ID5-ZHMO1MmJghyEihheHDKFT16e-5DLWoBP8cCIc8lHqA/url/https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F224%2F7%2F3.gif%3Fpuid%3D%24%21%7BTURN_...
https://id5-sync.com/c/19/224/7/3.gif?puid=3959275450501156904&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
https://sync.crwdcntrl.net/map/c=2831/tp=GDMP?https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&google_redir={xENCODEDURL}&id5id=ID5-ZHMO1MmJghyEihheHDKFT16e-5D...
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=ZDM5N2Y5ODc1OWI0NjliNWFjNjhlOWI3OWU1YWM0OA&google_redir={xENCODEDURL}&id5id=ID5-ZHMO1MmJghyEihheHDKFT16e-5DLWoBP8cCIc8lHqA

170 B
188 B

16ms
15ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=ZDM5N2Y5ODc1OWI0NjliNWFjNjhlOWI3OWU1YWM0OA&google_redir={xENCODEDURL}&id5id=ID5-ZHMO1MmJghyEihheHDKFT16e-5DLWoBP8cCIc8lHqA

Requested by

Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C54%2C50%2C49%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Sep 2021 18:16:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 29 Sep 2021 18:16:44 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=ZDM5N2Y5ODc1OWI0NjliNWFjNjhlOWI3OWU1YWM0OA&google_redir={xENCODEDURL}&id5id=ID5-ZHMO1MmJghyEihheHDKFT16e-5DLWoBP8cCIc8lHqA
cache-control: no-cache
x-server: 10.45.18.1
content-length: 0
expires: 0

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 139F 70 B
265 B 108ms
32ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C54%2C50%2C49%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Sep 2021 18:16:44 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 cm
trc.taboola.com/sg/lotame/1/ Frame 139F 43 B
181 B 39ms
16ms Image
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/lotame/1/cm
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C54%2C50%2C49%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Wed, 29 Sep 2021 18:16:44 GMT
via: 1.1 varnish
server: nginx
x-timer: S1632939404.271441,VS0,VE9
x-served-by: cache-hhn4038-HHN
x-cache: MISS
cache-control: no-cache, no-store
accept-ranges: bytes
x-cache-hits: 0

GET
H2

200

tpid=0fae4663-9701-4758-be3b-7a70469e530c
sync.crwdcntrl.net/map/c=10158/tp=TPAD/ Frame 139F
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=d397f98759b469b5ac68e9b79e5ac48&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpi...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=d397f98759b469b5ac68e9b79e5ac48&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD...
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=0fae4663-9701-4758-be3b-7a70469e530c

49 B
265 B

51ms
33ms

Image
image/gif

52.30.140.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=0fae4663-9701-4758-be3b-7a70469e530c
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C54%2C50%2C49%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Sep 2021 18:16:44 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.24.175
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=0fae4663-9701-4758-be3b-7a70469e530c
date: Wed, 29 Sep 2021 18:16:44 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2 403 sync.gif
dmp.truoptik.com/f2d2e39fc16bc9cc/ Frame 139F 0
0 46ms
12ms Image
text/html 104.16.92.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.truoptik.com/f2d2e39fc16bc9cc/sync.gif?cbp=tpid&cbk=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10832%2Ftp%3DTRUP
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C54%2C50%2C49%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.92.60 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2

204

/
loadm.exelator.com/load/ Frame 139F
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=260&buid=d397f98759b469b5ac68e9b79e5ac48&j=0
https://loadm.exelator.com/load/?p=204&g=260&buid=d397f98759b469b5ac68e9b79e5ac48&j=0&xl8blockcheck=1

0
751 B

12ms
12ms

Image
text/plain

18.198.69.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=260&buid=d397f98759b469b5ac68e9b79e5ac48&j=0&xl8blockcheck=1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C54%2C50%2C49%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 18:16:44 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Wed, 29 Sep 2021 18:16:44 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadm.exelator.com/load/?p=204&g=260&buid=d397f98759b469b5ac68e9b79e5ac48&j=0&xl8blockcheck=1
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H2

403

tpid=26063f5f-5840-4fd1-8dce-134c9657d121
sync.crwdcntrl.net/map/c=10492/tp=AVCT/ Frame 139F
Redirect Chain

https://ads.avocet.io/getuid?url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10492%2Ftp%3DAVCT%2Ftpid%3D%7B%7BUUID%7D%7D
https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10492%2Ftp%3DAVCT%2Ftpid%3D%7B%7BUUID%7D%7D
https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10492%2Ftp%3DAVCT%2Ftpid%3D%7B%7BUUID%7D%7D
https://sync.crwdcntrl.net/map/c=10492/tp=AVCT/tpid=26063f5f-5840-4fd1-8dce-134c9657d121

49 B
269 B

31ms
31ms

Image
image/gif

52.30.140.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10492/tp=AVCT/tpid=26063f5f-5840-4fd1-8dce-134c9657d121
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C54%2C50%2C49%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Sep 2021 18:16:44 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.24.150
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/map/c=10492/tp=AVCT/tpid=26063f5f-5840-4fd1-8dce-134c9657d121
date: Wed, 29 Sep 2021 18:16:44 GMT
p3p: policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 111
content-type: text/html; charset=utf-8

GET
H2

200

tpid=69554753551921484420374101805203095274
sync.crwdcntrl.net/map/c=9828/tp=ADBE/ Frame 139F
Redirect Chain

https://dpm.demdex.net/ibs:dpid=121998&dpuuid=d397f98759b469b5ac68e9b79e5ac48&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=d397f98759b469b5ac68e9b79e5ac48&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=69554753551921484420374101805203095274

49 B
263 B

34ms
34ms

Image
image/gif

52.30.140.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=69554753551921484420374101805203095274
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C54%2C50%2C49%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Sep 2021 18:16:44 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.2.2
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

DCS: dcs-prod-irl1-1-v018-012e7a688.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: FdwBoCbWTjc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=69554753551921484420374101805203095274
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK identity
c.cintnetworks.com/ Frame 139F 0
328 B 223ms
31ms Image
text/plain 51.144.7.192
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.cintnetworks.com/identity?a=5461&id=Lotame:d397f98759b469b5ac68e9b79e5ac48
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C54%2C50%2C49%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.144.7.192 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 29 Sep 2021 18:16:44 GMT
Vary: Origin
P3P: CP="This is not a P3P policy! See https://cint.com/cookie-usage/ for more info."
Arr-Disable-Session-Affinity: true
Cache-Control: max-age=60, private, must-revalidate
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=5
Content-Length: 0

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 139F 0
338 B 97ms
30ms Image
text/plain 52.211.234.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=lotame&partner_uid=d397f98759b469b5ac68e9b79e5ac48
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C54%2C50%2C49%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.234.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-234-106.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 18:16:44 GMT
cache-control: private, no-cache, no-store
x-request-time: D=43 t=1632939404
x-served-by: beacon-n006-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

image.sbxx
ib.mookie1.com/ Frame 139F
Redirect Chain

https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=d397f98759b469b5ac68e9b79e5ac48
https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=d397f98759b469b5ac68e9b79e5ac48

120 B
991 B

559ms
136ms

Image
image/png

216.46.185.184
ASN-VINS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=d397f98759b469b5ac68e9b79e5ac48
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C54%2C50%2C49%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.46.185.184 , United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 29 Sep 2021 18:16:41 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
p3p: CP=\"DSP COR ADM DEV PSA PSD OUR\", CP="DSP COR ADM DEV PSA PSD OUR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
X-Server: COR11
Content-Type: image/png
Content-Length: 120
Expires: -1

Redirect headers

Date: Wed, 29 Sep 2021 18:16:42 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Location: https://ib.mookie1.com:443/image.sbxx?go=262106&pid=420&xid=d397f98759b469b5ac68e9b79e5ac48
p3p: CP="DSP COR ADM DEV PSA PSD OUR"
Access-Control-Allow-Origin: *
Cache-Control: private
X-Server: COR01
Content-Type: text/html; charset=utf-8
Content-Length: 216

GET
H/1.1 200
OK utsync.ashx
ml314.com/ Frame 139F 43 B
422 B 116ms
29ms Image
image/gif 52.208.138.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/utsync.ashx?eid=50146&et=0&fp=d397f98759b469b5ac68e9b79e5ac48&gdpr=1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C54%2C50%2C49%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.138.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-138-90.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 29 Sep 2021 18:16:43 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
p3P: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0,Thu, 30 Sep 2021 14:16:44 GMT

GET
H2

200

tpid=0-e63043a3-5fc2-4c94-7fcc-5025cdf7351a$ip$216.131.114.18
bcp.crwdcntrl.net/map/c=6569/tp=STKA/ Frame 139F
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=lotame
https://bcp.crwdcntrl.net/map/c=6569/tp=STKA/tpid=0-e63043a3-5fc2-4c94-7fcc-5025cdf7351a$ip$216.131.114.18

49 B
265 B

33ms
33ms

Image
image/gif

52.30.140.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=6569/tp=STKA/tpid=0-e63043a3-5fc2-4c94-7fcc-5025cdf7351a$ip$216.131.114.18
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C54%2C50%2C49%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Sep 2021 18:16:44 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.21.145
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

Location: https://bcp.crwdcntrl.net/map/c=6569/tp=STKA/tpid=0-e63043a3-5fc2-4c94-7fcc-5025cdf7351a$ip$216.131.114.18
Date: Wed, 29 Sep 2021 18:16:44 GMT
Connection: keep-alive
Content-Length: 129
Content-Type: text/html; charset=utf-8

GET
H2

200

tpid=9be4ef42-102e-490b-b89c-c8edd8146faf
bcp.crwdcntrl.net/map/c=6584/tp=VIDO/ Frame 139F
Redirect Chain

https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1695
https://sync.tidaltv.com/genericusersync.ashx?dpid=1695&s_h=1
https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=9be4ef42-102e-490b-b89c-c8edd8146faf?gdpr=1&gdpr_consent=

49 B
264 B

35ms
35ms

Image
image/gif

52.30.140.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=9be4ef42-102e-490b-b89c-c8edd8146faf?gdpr=1&gdpr_consent=
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C54%2C50%2C49%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Sep 2021 18:16:44 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.13.29
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 29 Sep 2021 18:16:44 GMT
server: Apache-Coyote/1.1
location: https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=9be4ef42-102e-490b-b89c-c8edd8146faf?gdpr=1&gdpr_consent=
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame 139F
Redirect Chain

https://ps.eyeota.net/match?bid=51mdg9u&uid=d397f98759b469b5ac68e9b79e5ac48
https://ps.eyeota.net/match/bounce/?bid=51mdg9u&uid=d397f98759b469b5ac68e9b79e5ac48
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MlFxaWhwSjZJNWtpdEFPZVRtWS1EODNObjJNR2pWVDlZNzJPSjc2d3ByMHc&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&...
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=51mdg9u&google_error=15

0
344 B

9ms
8ms

Image
text/plain

3.122.214.165
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=51mdg9u&google_error=15
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C54%2C50%2C49%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.122.214.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-214-165.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 29 Sep 2021 18:16:44 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma: no-cache
date: Wed, 29 Sep 2021 18:16:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=51mdg9u&google_error=15
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 353
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame 139F
Redirect Chain

https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=bdca6154-ad8c-4f00-bfe0-dbb257c72a08

49 B
264 B

34ms
34ms

Image
image/gif

52.30.140.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=bdca6154-ad8c-4f00-bfe0-dbb257c72a08
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C54%2C50%2C49%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Sep 2021 18:16:44 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.12.52
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

Date: Wed, 29 Sep 2021 18:16:44 GMT
Server: MT3 3984 0e3af3b master zrh-pixel-x30 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=bdca6154-ad8c-4f00-bfe0-dbb257c72a08
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 29 Sep 2021 18:16:43 GMT

GET
H2

200

tpid=1f2dc50e-bb1b-4802-99f7-dc59d80cbfd7-6154ad8c-5553
sync.crwdcntrl.net/map/c=1389/tp=STSC/ Frame 139F
Redirect Chain

https://pixel-sync.sitescout.com/connectors/lotame/usersync?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID
https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=1f2dc50e-bb1b-4802-99f7-dc59d80cbfd7-6154ad8c-5553

49 B
264 B

33ms
33ms

Image
image/gif

52.30.140.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=1f2dc50e-bb1b-4802-99f7-dc59d80cbfd7-6154ad8c-5553
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C54%2C50%2C49%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Sep 2021 18:16:44 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.31.83
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 29 Sep 2021 18:16:44 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=1f2dc50e-bb1b-4802-99f7-dc59d80cbfd7-6154ad8c-5553
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 139F 0
214 B 29ms
7ms Image
text/plain 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=7&puid=d397f98759b469b5ac68e9b79e5ac48&gdpr=1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C54%2C50%2C49%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

tpid=YVStjAAFUzV3CAA6&_test=YVStjAAFUzV3CAA6
sync.crwdcntrl.net/map/c=1811/tp=TBMG/ Frame 139F
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D&_test=YVStjAAFUzV3CAA6
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YVStjAAFUzV3CAA6&_test=YVStjAAFUzV3CAA6

49 B
264 B

37ms
37ms

Image
image/gif

52.30.140.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YVStjAAFUzV3CAA6&_test=YVStjAAFUzV3CAA6
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C54%2C50%2C49%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Sep 2021 18:16:44 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.26.8
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 29 Sep 2021 18:16:44 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1632939405.615295,VS0,VE0
x-served-by: cache-hhn4073-HHN
x-cache: HIT
location: https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YVStjAAFUzV3CAA6&_test=YVStjAAFUzV3CAA6
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 139F 170 B
188 B 17ms
17ms Image
image/png 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}

Requested by

Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C54%2C50%2C49%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Sep 2021 18:16:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 5907
tags.bluekai.com/site/ Frame 139F 62 B
304 B 156ms
143ms Image
image/gif 104.111.215.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/5907?limit=0&id=5af92ea1d32a61379fcaa97c07337278
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C54%2C50%2C49%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-191.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 29 Sep 2021 18:16:44 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
Content-Type: image/gif

GET
H2

200

tpid=3887217856463228968
sync.crwdcntrl.net/map/c=10915/tp=TRNN/ Frame 139F
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/d397f98759b469b5ac68e9b79e5ac48/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=3887217856463228968

49 B
264 B

34ms
34ms

Image
image/gif

52.30.140.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=3887217856463228968
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C54%2C50%2C49%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Sep 2021 18:16:44 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.4.156
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=3887217856463228968
pragma: no-cache
date: Wed, 29 Sep 2021 18:16:43 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

tp=ANXS
sync.crwdcntrl.net/map/c=281/rand=39441056/tpid=3867230706839292309/ Frame 139F
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc=281%2Frand=39441056%2Ftpid%3D%24UID%2Ftp%3DANXS
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%3D281%252Frand%3D39441056%252Ftpid%253D%2524UID%252Ftp%253DANXS
https://sync.crwdcntrl.net/map/c=281/rand=39441056/tpid=3867230706839292309/tp=ANXS

49 B
264 B

38ms
37ms

Image
image/gif

52.30.140.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=281/rand=39441056/tpid=3867230706839292309/tp=ANXS
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C97%2C94%2C92%2C80%2C78%2C61%2C54%2C50%2C49%2C38%2C33%2C31%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Sep 2021 18:16:44 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.4.47
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 29 Sep 2021 18:16:44 GMT
X-Proxy-Origin: 216.131.114.18; 216.131.114.18; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 2a53e9df-2be2-47b5-b1a6-03bcc226b5a7
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.crwdcntrl.net/map/c=281/rand=39441056/tpid=3867230706839292309/tp=ANXS
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 logo.png
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/ 3 KB
4 KB 22ms
22ms Image
image/png 104.16.19.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/logo.png

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/dark-top.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9dae62151120e18b465ffc5c8e9e342ecc28a6efe1a0d71c9766d677a5ddc389

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/dark-top.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 18:16:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 610830
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3087
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-c0b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k6fQ1rQKztOnEC6m2aYWbbevxrFJcs5NphbFV9%2FZmqQ0sVX2CPskDLvgqiF%2F%2FjUC9I5fh4HsyTtNGo%2FaStpDgEyWm0Rs5CIAbiBWUFZ6gdFfHRhSZr%2FMkmgj%2BP2lBeXWUtSl%2B0nX"}],"group":"cf-nel","max_age":604800}
content-type: image/png; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6967344ca98e2bdd-FRA
expires: Mon, 19 Sep 2022 18:16:44 GMT

GET
H/1.1 200
OK CommonUIModule.js Show response
st.chatango.com/js/gz/r0817211056/ Frame E7CE 21 KB
8 KB 171ms
170ms XHR
application/x-javascript 208.93.230.22
CHATANGO

General

Check archive.org

Show headers Download Go to

Full URL: https://st.chatango.com/js/gz/r0817211056/CommonUIModule.js
Requested by: Host: st.chatango.com
URL: https://st.chatango.com/h5/gz/r0817211056/id.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.93.230.22 , United States, ASN29893 (CHATANGO, US),
Reverse DNS
Software: nginx /
Resource Hash: 29e28dc9767fd91b19b86e6cf9db100cfd0c0ef8ab36337fe98794fd41d17bcb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://st.chatango.com/h5/gz/r0817211056/id.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 29 Sep 2021 18:16:45 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 Aug 2021 18:00:48 GMT
Server: nginx
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7609
Expires: Thu, 29 Sep 2022 18:16:45 GMT

GET
H/1.1 200
OK thumb.jpg
ust.chatango.com/profileimg/t/e/terminator419/ Frame E7CE 2 KB
2 KB 802ms
159ms Image
image/jpeg 208.93.230.22
CHATANGO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ust.chatango.com/profileimg/t/e/terminator419/thumb.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.93.230.22 , United States, ASN29893 (CHATANGO, US),
Reverse DNS
Software: nginx /
Resource Hash: ac908d1b13e23604cb93d6183b386c4cfc3ae8c07aa6ca77debe9ddf975393cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://st.chatango.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 29 Sep 2021 18:16:45 GMT
Last-Modified: Thu, 26 Nov 2020 19:10:43 GMT
Server: nginx
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1742
Expires: Wed, 29 Sep 2021 18:16:45 GMT

GET
H/1.1 200
OK thumb.jpg
ust.chatango.com/profileimg/y/k/ykselistatwn/ Frame E7CE 2 KB
2 KB 802ms
159ms Image
image/jpeg 208.93.230.22
CHATANGO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ust.chatango.com/profileimg/y/k/ykselistatwn/thumb.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.93.230.22 , United States, ASN29893 (CHATANGO, US),
Reverse DNS
Software: nginx /
Resource Hash: 4ea647e1d512a7f4b4e9e72fc9fe7f823836f9c52eb974823a9c16731ec0ed4b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://st.chatango.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 29 Sep 2021 18:16:45 GMT
Last-Modified: Sat, 04 Sep 2021 14:37:21 GMT
Server: nginx
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1809
Expires: Wed, 29 Sep 2021 18:16:45 GMT

GET
H/1.1 200
OK thumb.jpg
ust.chatango.com/profileimg/d/u/dufcdavie/ Frame E7CE 2 KB
2 KB 819ms
162ms Image
image/jpeg 208.93.230.22
CHATANGO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ust.chatango.com/profileimg/d/u/dufcdavie/thumb.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.93.230.22 , United States, ASN29893 (CHATANGO, US),
Reverse DNS
Software: nginx /
Resource Hash: 411967072c021b1a4671c42b781142b19ac8e2da9bbb551ca188fc87202df93a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://st.chatango.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 29 Sep 2021 18:16:45 GMT
Last-Modified: Mon, 06 Sep 2021 17:22:47 GMT
Server: nginx
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2129
Expires: Wed, 29 Sep 2021 18:16:45 GMT

GET
H/1.1 200
OK thumb.jpg
ust.chatango.com/profileimg/b/o/bossesboysreturn/ Frame E7CE 1 KB
2 KB 951ms
164ms Image
image/jpeg 208.93.230.22
CHATANGO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ust.chatango.com/profileimg/b/o/bossesboysreturn/thumb.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.93.230.22 , United States, ASN29893 (CHATANGO, US),
Reverse DNS
Software: nginx /
Resource Hash: 9d38a00c79a9c87d78d7dfe4dcd21f67fcc933e72db56702f9201e6b6834a391

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://st.chatango.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 29 Sep 2021 18:16:45 GMT
Last-Modified: Sun, 04 Jul 2021 16:50:45 GMT
Server: nginx
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1521
Expires: Wed, 29 Sep 2021 18:16:45 GMT

GET
H/1.1 200
OK thumb.jpg
ust.chatango.com/profileimg/d/e/dennisfrennis/ Frame E7CE 2 KB
2 KB 948ms
160ms Image
image/jpeg 208.93.230.22
CHATANGO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ust.chatango.com/profileimg/d/e/dennisfrennis/thumb.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.93.230.22 , United States, ASN29893 (CHATANGO, US),
Reverse DNS
Software: nginx /
Resource Hash: 9654d9b53441b6a76ea9caa18eb89e2f91c9935f306fb4590c8896e8b3efe9ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://st.chatango.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 29 Sep 2021 18:16:45 GMT
Last-Modified: Thu, 22 Apr 2021 17:14:39 GMT
Server: nginx
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1670
Expires: Wed, 29 Sep 2021 18:16:45 GMT

GET
H/1.1 200
OK thumb.jpg
ust.chatango.com/profileimg/b/o/boehserbasler/ Frame E7CE 640 B
948 B 953ms
159ms Image
image/jpeg 208.93.230.22
CHATANGO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ust.chatango.com/profileimg/b/o/boehserbasler/thumb.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.93.230.22 , United States, ASN29893 (CHATANGO, US),
Reverse DNS
Software: nginx /
Resource Hash: fcfa793d204b4144bf54f59bd9c5c720843af02dd02999d1653c8fafc0ebd8ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://st.chatango.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 29 Sep 2021 18:16:45 GMT
Last-Modified: Tue, 09 Jun 2009 03:36:06 GMT
Server: nginx
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 640
Expires: Wed, 29 Sep 2021 18:16:45 GMT

GET
H/1.1 200
OK thumb.jpg
ust.chatango.com/profileimg/o/r/orion2219/ Frame E7CE 640 B
948 B 780ms
157ms Image
image/jpeg 208.93.230.22
CHATANGO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ust.chatango.com/profileimg/o/r/orion2219/thumb.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.93.230.22 , United States, ASN29893 (CHATANGO, US),
Reverse DNS
Software: nginx /
Resource Hash: fcfa793d204b4144bf54f59bd9c5c720843af02dd02999d1653c8fafc0ebd8ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://st.chatango.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 29 Sep 2021 18:16:45 GMT
Last-Modified: Tue, 09 Jun 2009 03:36:06 GMT
Server: nginx
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 640
Expires: Wed, 29 Sep 2021 18:16:45 GMT

GET
H/1.1 200
OK thumb.jpg
ust.chatango.com/profileimg/c/h/chulocity/ Frame E7CE 640 B
948 B 779ms
158ms Image
image/jpeg 208.93.230.22
CHATANGO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ust.chatango.com/profileimg/c/h/chulocity/thumb.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.93.230.22 , United States, ASN29893 (CHATANGO, US),
Reverse DNS
Software: nginx /
Resource Hash: fcfa793d204b4144bf54f59bd9c5c720843af02dd02999d1653c8fafc0ebd8ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://st.chatango.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 29 Sep 2021 18:16:45 GMT
Last-Modified: Tue, 09 Jun 2009 03:36:06 GMT
Server: nginx
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 640
Expires: Wed, 29 Sep 2021 18:16:45 GMT

GET
H/1.1 200
OK thumb.jpg
ust.chatango.com/profileimg/m/a/mangemaker/ Frame E7CE 640 B
948 B 783ms
161ms Image
image/jpeg 208.93.230.22
CHATANGO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ust.chatango.com/profileimg/m/a/mangemaker/thumb.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.93.230.22 , United States, ASN29893 (CHATANGO, US),
Reverse DNS
Software: nginx /
Resource Hash: fcfa793d204b4144bf54f59bd9c5c720843af02dd02999d1653c8fafc0ebd8ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://st.chatango.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 29 Sep 2021 18:16:45 GMT
Last-Modified: Tue, 09 Jun 2009 03:36:06 GMT
Server: nginx
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 640
Expires: Wed, 29 Sep 2021 18:16:45 GMT

GET
H/1.1 200
OK thumb.jpg
ust.chatango.com/profileimg/d/a/dannybhoy85/ Frame E7CE 2 KB
2 KB 160ms
160ms Image
image/jpeg 208.93.230.22
CHATANGO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ust.chatango.com/profileimg/d/a/dannybhoy85/thumb.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.93.230.22 , United States, ASN29893 (CHATANGO, US),
Reverse DNS
Software: nginx /
Resource Hash: daf5aa10f48006b8b318edc196b852ed356f9a9dadf14447568876ad7bea17e6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://st.chatango.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 29 Sep 2021 18:16:45 GMT
Last-Modified: Fri, 13 Aug 2021 18:16:23 GMT
Server: nginx
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1661
Expires: Wed, 29 Sep 2021 18:16:45 GMT

GET
H/1.1 200
OK thumb.jpg
ust.chatango.com/profileimg/f/o/fotbollfotbollfotbol/ Frame E7CE 1 KB
2 KB 162ms
162ms Image
image/jpeg 208.93.230.22
CHATANGO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ust.chatango.com/profileimg/f/o/fotbollfotbollfotbol/thumb.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.93.230.22 , United States, ASN29893 (CHATANGO, US),
Reverse DNS
Software: nginx /
Resource Hash: 7cc009f23b6e5199632a4df96cc8f69c6de6f9eaa4079c83e759516695ef8c82

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://st.chatango.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 29 Sep 2021 18:16:45 GMT
Last-Modified: Wed, 29 Sep 2021 18:03:04 GMT
Server: nginx
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1521
Expires: Wed, 29 Sep 2021 18:16:45 GMT

GET
H/1.1 200
OK thumb.jpg
ust.chatango.com/profileimg/t/u/turboville/ Frame E7CE 640 B
948 B 164ms
163ms Image
image/jpeg 208.93.230.22
CHATANGO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ust.chatango.com/profileimg/t/u/turboville/thumb.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.93.230.22 , United States, ASN29893 (CHATANGO, US),
Reverse DNS
Software: nginx /
Resource Hash: fcfa793d204b4144bf54f59bd9c5c720843af02dd02999d1653c8fafc0ebd8ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://st.chatango.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 29 Sep 2021 18:16:45 GMT
Last-Modified: Tue, 09 Jun 2009 03:36:06 GMT
Server: nginx
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 640
Expires: Wed, 29 Sep 2021 18:16:45 GMT

GET
H/1.1 200
OK thumb.jpg
ust.chatango.com/profileimg/u/p/upthecoys1/ Frame E7CE 2 KB
2 KB 159ms
158ms Image
image/jpeg 208.93.230.22
CHATANGO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ust.chatango.com/profileimg/u/p/upthecoys1/thumb.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.93.230.22 , United States, ASN29893 (CHATANGO, US),
Reverse DNS
Software: nginx /
Resource Hash: 0197913b1c33f10c2ceb13c0702bfcd15638b458c3ef26a84f29ff646a8e42d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://st.chatango.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 29 Sep 2021 18:16:45 GMT
Last-Modified: Tue, 19 Jan 2021 13:24:56 GMT
Server: nginx
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1575
Expires: Wed, 29 Sep 2021 18:16:45 GMT

GET
H/1.1 200
OK thumb.jpg
ust.chatango.com/profileimg/s/0/s0dervarn/ Frame E7CE 2 KB
2 KB 158ms
157ms Image
image/jpeg 208.93.230.22
CHATANGO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ust.chatango.com/profileimg/s/0/s0dervarn/thumb.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.93.230.22 , United States, ASN29893 (CHATANGO, US),
Reverse DNS
Software: nginx /
Resource Hash: d6de45b23e6b655fe6074a5217e43ce195490faa5dc458706d3ddf188c3ec6b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://st.chatango.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 29 Sep 2021 18:16:45 GMT
Last-Modified: Thu, 01 Oct 2020 17:23:42 GMT
Server: nginx
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1742
Expires: Wed, 29 Sep 2021 18:16:45 GMT

GET
H/1.1 200
OK thumb.jpg
ust.chatango.com/profileimg/i/v/ivanilyic/ Frame E7CE 1 KB
2 KB 163ms
162ms Image
image/jpeg 208.93.230.22
CHATANGO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ust.chatango.com/profileimg/i/v/ivanilyic/thumb.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.93.230.22 , United States, ASN29893 (CHATANGO, US),
Reverse DNS
Software: nginx /
Resource Hash: ef92a8dd084f1681d883112395918d6db6cd497318f0c9265bc953f3de0478bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://st.chatango.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 29 Sep 2021 18:16:46 GMT
Last-Modified: Thu, 01 Apr 2021 21:42:04 GMT
Server: nginx
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1499
Expires: Wed, 29 Sep 2021 18:16:46 GMT

GET
H/1.1 200
OK RklModule.js Show response
st.chatango.com/js/gz/r0817211056/ Frame E7CE 2 KB
1 KB 162ms
162ms XHR
application/x-javascript 208.93.230.22
CHATANGO

General

Check archive.org

Show headers Download Go to

Full URL: https://st.chatango.com/js/gz/r0817211056/RklModule.js
Requested by: Host: st.chatango.com
URL: https://st.chatango.com/h5/gz/r0817211056/id.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.93.230.22 , United States, ASN29893 (CHATANGO, US),
Reverse DNS
Software: nginx /
Resource Hash: 9184949092862871ea4a0638f963edc72ade0428d4df177f6597412e3345c68b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://st.chatango.com/h5/gz/r0817211056/id.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 29 Sep 2021 18:16:45 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 Aug 2021 18:00:48 GMT
Server: nginx
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 852
Expires: Thu, 29 Sep 2022 18:16:45 GMT

GET
H2 200 json Show response
trc.taboola.com/chatango-chatango1/trc/3/ Frame E7CE 4 KB
2 KB 141ms
141ms XHR
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/chatango-chatango1/trc/3/json?tim=18%3A16%3A45.784&lti=deflated&data=%7B%22id%22%3A194%2C%22ii%22%3A%22%2Fh5%2Fgz%2Fr0817211056%2Fid.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1632388258896%2C%22vi%22%3A1632939405783%2C%22cv%22%3A%2220210923-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fst.chatango.com%2Fh5%2Fgz%2Fr0817211056%2Fid.html%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22e%22%3A%22https%3A%2F%2Fst.chatango.com%2Fh5%2Fgz%2Fr0817211056%2Fid.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A305%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A450%2C%22dw%22%3A305%2C%22dh%22%3A450%2C%22nsid%22%3A%22chatango-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-a%3Apub%3Dchatango-network%3Aabp%3D0%22%2C%22uip%22%3A%22Chat%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Chat%20Article%20Thumbnails%22%2C%22cd%22%3A124%2C%22mw%22%3A175%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fh5%2Fgz%2Fr0817211056%2Fid.html%2CChat%20Article%20Thumbnails%3Dthumbnails-a%3Apub%3Dchatango-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210923-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 80b8f8fd882bf4183eed3bb9d74311f820cf16057833a928d09ba1613188b987

Request headers

Referer: https://st.chatango.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 116
date: Wed, 29 Sep 2021 18:16:45 GMT
content-encoding: gzip
server: nginx
x-timer: S1632939406.807557,VS0,VE116
x-served-by: cache-hhn4038-HHN
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://st.chatango.com
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 tfa-eid.20210923-4-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame E7CE 14 KB
5 KB 9ms
9ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/tfa-eid.20210923-4-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/chatango-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9c22ac6dd3da1db544d1b1974fba41c7994137bfe9f60d954bf18e9bdbda15df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://st.chatango.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: N6pHNcuS5SkqQtrMiK6m4z7LRld9koQH
content-encoding: gzip
etag: "15c403919facc0c04904410045bddb4d"
age: 81
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5062
x-amz-id-2: Ros84iMKWw7xwXhjFdIfKis+dbTwBZqE2agK+6uiVapMcJvtD7RxJrXMJKZ2LGVPsBVGhEbhacs=
x-served-by: cache-hhn4038-HHN
last-modified: Tue, 28 Sep 2021 10:29:37 GMT
server: AmazonS3
x-timer: S1632939406.937570,VS0,VE0
date: Wed, 29 Sep 2021 18:16:45 GMT
vary: Accept-Encoding
x-amz-request-id: H6EG8SZR0723WYT9
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 84
x-cache-hits: 54

GET
H2 200 sha256.20210923-4-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame E7CE 6 KB
3 KB 9ms
9ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/sha256.20210923-4-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/chatango-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 92f2023a8479cf95c3d98e383e25751c5cadc9b5412266fbf00ea54c3584c330

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://st.chatango.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: R5ZQ5zy82cEtVBBY7_yS_gYVFJZNAqij
content-encoding: gzip
etag: "f40d845720f2b8100f52f2d2f0ee143d"
age: 67
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2589
x-amz-id-2: eq/jWdDMUqLmx9mg9vidZbxBHmjcD0QjgSt44Qfv6gZ+Ji64T6qF1vju5Us+jKjDWl/jroe0vWU=
x-served-by: cache-hhn4038-HHN
last-modified: Tue, 28 Sep 2021 10:29:52 GMT
server: AmazonS3
x-timer: S1632939406.937658,VS0,VE0
date: Wed, 29 Sep 2021 18:16:45 GMT
vary: Accept-Encoding
x-amz-request-id: PY0T79DGX1BJAN9C
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 84
x-cache-hits: 47

GET
H2 200 userx.20210923-4-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame E7CE 17 KB
6 KB 7ms
7ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20210923-4-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/chatango-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1a34977d38ab954500e2d89c81be2e8a19dee4e30492f33da233283859cc197a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://st.chatango.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: fq8gAyxj6XG1EeKWa3qIBSLZLMrqSqHl
content-encoding: gzip
etag: "e5ed0f5172a4779e9eb854c851710e16"
age: 70
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5341
x-amz-id-2: rol+U5XzkdIdGQgselPfEPfWniHYXp5ARmtYRcNiAEAnZBv5rCmf9Cq36IN1N+Xput7Bcd0B5cc=
x-served-by: cache-hhn4038-HHN
last-modified: Tue, 28 Sep 2021 10:29:24 GMT
server: AmazonS3
x-timer: S1632939406.951021,VS0,VE0
date: Wed, 29 Sep 2021 18:16:45 GMT
vary: Accept-Encoding
x-amz-request-id: DZREWDC4PJ0T1J91
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 84
x-cache-hits: 16

GET
H2 200 188fa33a4e6d058ef402dd49fe027f48.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_147%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame E7CE 9 KB
10 KB 12ms
8ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_147%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/188fa33a4e6d058ef402dd49fe027f48.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f93d541d99a48eb26c0a5ff9a419b538b1cc06666f6d4a2925f051cf4c9953c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://st.chatango.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 29 Sep 2021 18:16:45 GMT
via: 1.1 varnish, 1.1 varnish
age: 2516192
edge-cache-tag: 515138144588733592382270075944674806885,380325472310985793969509634109498380114,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 627
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_147%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/188fa33a4e6d058ef402dd49fe027f48.jpg
content-length: 9530
x-request-id: 118f959574b263371ea67b7d2e6e3623
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified: Tue, 31 Aug 2021 13:22:31 GMT
server: nginx
x-timer: S1632939406.963895,VS0,VE1
etag: "604706bccf5b1c09ab138c209d45bba3"
x-served-by: cache-wdc5548-WDC, cache-dca17763-DCA, cache-hhn4038-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 188fa33a4e6d058ef402dd49fe027f48.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_147%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame E7CE 9 KB
9 KB 7ms
6ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_147%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/188fa33a4e6d058ef402dd49fe027f48.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f93d541d99a48eb26c0a5ff9a419b538b1cc06666f6d4a2925f051cf4c9953c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://st.chatango.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 29 Sep 2021 18:16:45 GMT
via: 1.1 varnish, 1.1 varnish
age: 2516192
edge-cache-tag: 515138144588733592382270075944674806885,380325472310985793969509634109498380114,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 627
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_147%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/188fa33a4e6d058ef402dd49fe027f48.jpg
content-length: 9530
x-request-id: 118f959574b263371ea67b7d2e6e3623
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified: Tue, 31 Aug 2021 13:22:31 GMT
server: nginx
x-timer: S1632939406.977658,VS0,VE0
etag: "604706bccf5b1c09ab138c209d45bba3"
x-served-by: cache-wdc5548-WDC, cache-dca17763-DCA, cache-hhn4038-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 2

POST
H2 204 bulk Show response
trc.taboola.com/chatango-chatango1/log/3/ Frame E7CE 0
252 B 15ms
15ms XHR
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/chatango-chatango1/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210923-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://st.chatango.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 8
pragma: no-cache
date: Wed, 29 Sep 2021 18:16:46 GMT
via: 1.1 varnish
server: nginx
x-timer: S1632939407.957434,VS0,VE8
x-served-by: cache-hhn4038-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://st.chatango.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

POST
H2 204 visible Show response
trc.taboola.com/chatango-chatango1/log/3/ Frame E7CE 0
64 B 14ms
14ms XHR
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/chatango-chatango1/log/3/visible?route=AM%3AAM%3AV&lti=deflated
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210923-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://st.chatango.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Wed, 29 Sep 2021 18:16:46 GMT
via: 1.1 varnish
server: nginx
x-timer: S1632939407.959351,VS0,VE9
x-served-by: cache-hhn4038-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://st.chatango.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame E7CE 254 B
750 B 6ms
6ms Image
image/png 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://st.chatango.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
age: 9033
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: zqMTRpifsl7n57rrmbauTpy15dj75+/Yr9THvoBu2iu20NuAVBrIbTIB+OLFF3ceJPrHp0hsBJU=
x-served-by: cache-hhn4038-HHN
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1632939407.963612,VS0,VE0
date: Wed, 29 Sep 2021 18:16:46 GMT
x-amz-request-id: PDAX0NJ0ZCYB7FMQ
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 84
x-cache-hits: 1555

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ Frame E7CE 2 KB
1 KB 6ms
6ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210923-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://st.chatango.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: iYtYacMlAb7PnD4NbVgysKvLj2fov4iK
content-encoding: gzip
etag: "3aa74dbf5cd656dbb65deda2d238ddbd"
age: 2979
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 911
x-amz-id-2: qLA+ntpX0xsn1M4H/vpvkV0o8w6UGkVVXckTk0W0F2Kr9YHvQvZKGJImLauo/YXexJMT5LeMdnk=
x-served-by: cache-hhn4038-HHN
last-modified: Wed, 14 Jul 2021 05:06:01 GMT
server: AmazonS3
x-timer: S1632939408.936683,VS0,VE0
date: Wed, 29 Sep 2021 18:16:47 GMT
vary: Accept-Encoding
x-amz-request-id: 4KMJJDXMWM2DB40W
via: 1.1 varnish
cache-control: private, max-age=3600
accept-ranges: bytes
content-type: application/javascript
abp: 84
x-cache-hits: 3757

GET
H2 200 / Show response
pips.taboola.com/ Frame E7CE 4 B
178 B 26ms
7ms XHR
text/plain 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://st.chatango.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 18:16:47 GMT
via: 1.1 varnish
server: Varnish
x-served-by: cache-fra19155-FRA
access-control-allow-methods: GET
access-control-allow-origin: https://st.chatango.com
cache-control: no-store
x-cache: HIT
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

GET
H/1.1 204
No Content / Show response
cds.taboola.com/ Frame E7CE 0
155 B 374ms
90ms XHR
text/plain 141.226.224.32

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=55dc2d40-d2e0-4850-aacd-fa609ba74680-tuct84e330d
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://st.chatango.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 29 Sep 2021 18:16:48 GMT
Cache-Control: no-store
Server: nginx
Connection: close

GET
H/1.1 206
Partial Content message_received.mp3
st.chatango.com/pcache/sounds/ Frame E7CE 4 KB
4 KB 159ms
159ms Media
audio/mpeg 208.93.230.22
CHATANGO

General

Check archive.org

Show headers Download Go to

Full URL: https://st.chatango.com/pcache/sounds/message_received.mp3?1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.93.230.22 , United States, ASN29893 (CHATANGO, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ff3e9a39d7c0b422cd1a275c2292f55effdde5f3d648369634ad121bfb81b2b

Request headers

Referer: https://st.chatango.com/h5/gz/r0817211056/id.html
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range: bytes=0-

Response headers

Date: Wed, 29 Sep 2021 18:16:48 GMT
Last-Modified: Tue, 17 Aug 2021 18:00:49 GMT
Server: nginx
Content-Type: audio/mpeg
Content-Range: bytes 0-3583/3584
Cache-Control: max-age=31536000
Connection: keep-alive
Content-Length: 3584
Expires: Thu, 29 Sep 2022 18:16:48 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.hesgoal.com
URL: http://www.hesgoal.com/templates/lol/style3.css

Domain: code.jquery.com
URL: http://code.jquery.com/jquery-1.6.2.js

Domain: code.jquery.com
URL: http://code.jquery.com/jquery-latest.min.js

Verdicts & Comments Add Verdict or Comment

213 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

70 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.hesgoal.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: pct2m1gjmtqnl0q0n73hfu34a1
www.hesgoal.com/	1970-01-20 06:21:15	Name: HstCfa3907345 Value: 1632939402035
www.hesgoal.com/	1970-01-20 06:21:15	Name: HstCla3907345 Value: 1632939402035
www.hesgoal.com/	1970-01-20 06:21:15	Name: HstCmu3907345 Value: 1632939402035
www.hesgoal.com/	1970-01-20 06:21:15	Name: HstPn3907345 Value: 1
www.hesgoal.com/	1970-01-20 06:21:15	Name: HstPt3907345 Value: 1
www.hesgoal.com/	1970-01-20 06:21:15	Name: HstCnv3907345 Value: 1
www.hesgoal.com/	1970-01-20 06:21:15	Name: HstCns3907345 Value: 1
www.hesgoal.com/	1970-01-25 07:39:25	Name: szm_log_id68 Value: YRpDCAVDW0MCVVNWAFEABAQFBFEDWVADQxxp
.adskeeper.com/	1970-01-25 20:31:23	Name: muidn Value: l8tGFdzdUggb
servicer.adskeeper.com/	1970-01-19 21:35:40	Name: __mglb Value: b77c90ace61932b85ead847cc0fcb78b
www.hesgoal.com/	1969-12-31 23:59:59	Name: AdskeeperStorage Value: %7B%220%22%3A%7B%7D%2C%22C994688%22%3A%7B%22page%22%3A1%2C%22time%22%3A1632939402648%7D%7D
.dtscout.com/	1970-01-19 21:35:44	Name: m Value: 1
.dtscout.com/	1970-01-19 21:35:57	Name: b Value: 1
.dtscout.com/	1970-01-19 21:35:43	Name: st Value: 1
.dtscout.com/	1970-01-19 21:35:53	Name: oa Value: 1
.dtscout.com/	1970-01-19 23:59:39	Name: df Value: 1632939402
.dtscout.com/	1970-01-19 23:43:49	Name: l Value: 6D001632939402D0DE01155F7B2FCA6B
.hesgoal.com/	1970-01-19 23:40:56	Name: __dtsu Value: 6D001632939402D0DE01155F7B2FCA6B
.hesgoal.com/	1970-01-19 21:35:39	Name: lotame_domain_check Value: hesgoal.com
.onaudience.com/	1970-01-20 06:21:15	Name: cookie Value: 25bc434ffda60366
.onaudience.com/	1970-01-19 21:37:05	Name: done_redirects219 Value: 1
.dtscdn.com/	1970-01-20 01:53:25	Name: uid Value: 6D001632939402D0DE01155F7B2FCA6B
.zeotap.com/	1970-01-20 06:21:15	Name: zc Value: edad4164-976c-4c64-5a9c-6d0b98402f13
.zeotap.com/	1970-01-19 21:37:05	Name: zsc Value: Yu+s%A3%B5-%C6o%8C%2A%F0%15%DCt8c%C5%B0c%E5%26w%19%E3y%FD%A0z%9C%D2%DC-i%27%B0%0D3%86%AD%D1I%D5n%AE%27%F7%BE%BD2%1A%B8%EF%AB%A7%17%23MTGq%08k%07%D5%D9-Sp%E8%B9%8C%10%DF%0D%AB%27%08%0E%C5%BA%7Bt
.doubleclick.net/	1970-01-19 21:35:40	Name: test_cookie Value: CheckForPermission
.scorecardresearch.com/	1970-01-20 14:52:27	Name: UID Value: 1USPON6C8W3V6FNI2LLSFPg1632939404
.crwdcntrl.net/	1970-01-20 04:04:26	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 04:04:26	Name: _cc_id Value: d397f98759b469b5ac68e9b79e5ac48
.crwdcntrl.net/	1970-01-20 04:04:27	Name: _cc_cc Value: "ACZ4XmOQTzG2NE%2BztDA3tUwyMbNMMk1MNrNItUwyt0wFMk0sGIAgMWRtD4iGAN6t77tEGD%2FKMvxnZGQ4vmkKC4z98bMljPls8Ry48PI%2FhXDVRw8xw9i7910WgLE%2FNNyHsw8jaZ1%2BQh2m5N0ShIlrNjzlholP%2FDhBG8YGAJttQXY%3D"
.crwdcntrl.net/	1970-01-20 04:04:27	Name: _cc_aud Value: "ABR4XmNgYGBIDFnbA6QggJmBgWsGmLmoFUQyPqwHkgBfxQUc"
.hesgoal.com/	1970-01-20 04:04:27	Name: _cc_id Value: d397f98759b469b5ac68e9b79e5ac48
.hesgoal.com/	1970-01-20 04:04:27	Name: _cc_cc Value: ACZ4XmOQTzG2NE%2BztDA3tUwyMbNMMk1MNrNItUwyt0wFMk0sGIAgMWRtD4iGAN6t77tEGD%2FKMvxnZGQ4vmkKC4z98bMljPls8Ry48PI%2FhXDVRw8xw9i7910WgLE%2FNNyHsw8jaZ1%2BQh2m5N0ShIlrNjzlholP%2FDhBG8YGAJttQXY%3D
.hesgoal.com/	1970-01-20 04:04:27	Name: _cc_aud Value: ABR4XmNgYGBIDFnbA6QggJmBgWsGmLmoFUQyPqwHkgBfxQUc
.hesgoal.com/	1970-01-19 21:45:44	Name: panoramaId_expiry Value: 1633544204110
.hesgoal.com/	1970-01-19 21:45:44	Name: panoramaId Value: 14efb0d68e4ee9556b8971790e7d4945a702f499e0a749190b48ccdf3b478fc0
.exelator.com/	1970-01-20 00:28:27	Name: EE Value: "0e9954838d590cc1e793fc79e7f71378"
.id5-sync.com/	1970-01-19 21:35:39	Name: cf Value:
.id5-sync.com/	1970-01-19 21:35:39	Name: cip Value:
.id5-sync.com/	1970-01-19 21:35:39	Name: cnac Value:
.id5-sync.com/	1970-01-19 21:35:39	Name: car Value:
.id5-sync.com/	1970-01-19 21:35:39	Name: gdpr Value:
.id5-sync.com/	1970-01-19 21:35:39	Name: callback Value:
.exelator.com/	1970-01-20 00:28:27	Name: ud Value: "eJxrXxzq6XKLQcEg1dLS1MTC2CLF1NIgOdkw1dzSOC3Z3DLVPM3c0NjcYnFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yNJ4SX5RZvoiF9fFRSlpDItKik8F75NMBgBY0ik7"
.id5-sync.com/	1970-01-19 23:45:15	Name: id5 Value: 132eee7e-1f72-424a-80fa-4a9bb62afc39#1632939400507#2
.tapad.com/	1970-01-19 23:02:03	Name: TapAd_TS Value: 1632939404288
.tapad.com/	1970-01-19 23:02:03	Name: TapAd_DID Value: 0fae4663-9701-4758-be3b-7a70469e530c
.tapad.com/	1970-01-19 23:02:03	Name: TapAd_3WAY_SYNCS Value:
.krxd.net/	1970-01-20 01:54:51	Name: _kuid_ Value: OZDE1gBM
.demdex.net/	1970-01-20 01:54:51	Name: demdex Value: 69554753551921484420374101805203095274
.eyeota.net/	1970-01-20 06:21:15	Name: mako_uid Value: 17c32c5ec6a-660000010f4900
.eyeota.net/	1970-01-19 21:35:40	Name: SERVERID Value: 18688~DM
.dpm.demdex.net/	1970-01-20 01:54:51	Name: dpm Value: 69554753551921484420374101805203095274
.mathtag.com/	1970-01-20 07:01:34	Name: uuid Value: bdca6154-ad8c-4f00-bfe0-dbb257c72a08
ads.avct.cloud/	1970-01-20 06:21:15	Name: uuid Value: 26063f5f-5840-4fd1-8dce-134c9657d121
.adnxs.com/	1970-01-19 23:45:15	Name: uuid2 Value: 3867230706839292309
.tidaltv.com/	1970-01-20 06:21:15	Name: tidal_ttid Value: 9be4ef42-102e-490b-b89c-c8edd8146faf
.turn.com/	1970-01-20 01:54:51	Name: uid Value: 3959275450501156904
.sitescout.com/	1970-01-20 06:21:15	Name: ssi Value: 1f2dc50e-bb1b-4802-99f7-dc59d80cbfd7#1632939404506
.id5-sync.com/	1970-01-19 23:45:15	Name: 3pi Value: 224#1632939400771#-218242696\|321#1632939400737#-1897356074\|19#1632939400520#-2046754217#d397f98759b469b5ac68e9b79e5ac48\|398#1632939400771#-1943652784
.tidaltv.com/	1970-01-20 06:21:15	Name: sync-his Value: "H4sIAAAAAAAAADM0srA0sDI0NAAAlTHIWwkAAAA="
.sitescout.com/	1970-01-19 22:18:51	Name: _ssuma Value: eyI3IjoxNjMyOTM5NDA0NTQ5fQ
.everesttech.net/	1970-01-20 06:21:15	Name: everest_g_v2 Value: g_surferid~YVStjAAFUzV3CAA6
sync.srv.stackadapt.com/	1970-01-20 06:21:15	Name: sa-user-id Value: s%3A0-e63043a3-5fc2-4c94-7fcc-5025cdf7351a.GjDU3DcbgAKQcfQ%2FtcVUn52CHn18xnMg0cALv%2Bg7%2FnQ
.srv.stackadapt.com/	1970-01-20 06:21:15	Name: sa-user-id-v2 Value: s%3A0-e63043a3-5fc2-4c94-7fcc-5025cdf7351a%24ip%24216.131.114.18.Cthoe5ynHJte%2F9tr7ud0Akas66rgDh2LZhdIwlVq%2BRE
global.ib-ibi.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 5nbqcwhcvk24acclaxzhqrot
st.chatango.com/	1970-01-20 06:21:15	Name: session_id Value: 3382499208805272
ib.mookie1.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: qmoxfz2rvlwcbh0j1h00vib4
.ib.mookie1.com/	1970-01-20 06:21:15	Name: ibkukiuno Value: s=569846e8-718d-4721-8b33-307d0d77e4f6&h=&v=8742079031&l=-8585686674834261396&op=&hl=0&vlu=3&tcs=1&dcc=-8585686674834261396
.ib.mookie1.com/	1970-01-20 06:21:15	Name: ibkukinet Value: 3632493074=-8585686674834261396

59 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://www.hesgoal.com/(Line 2) Message: Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://3.bp.blogspot.com/-dIvRPhEjBVk/Vh0xh4poWxI/AAAAAAAAAkQ/pQ4LwjACdms/s1600/J%25C3%25A9r%25C3%25A9my-Mathieu-au-FC-Barcelone%2B%2528320%2Bx%2B180%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.hesgoal.com/(Line 2) Message: Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://4.bp.blogspot.com/-6PmeR4KYHCg/Vh0xu8fOe9I/AAAAAAAAAkY/ooWCQ4HPxBc/s1600/soccer-Colombia-Falcao%2B%2528465%2Bx%2B261%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.hesgoal.com/(Line 2) Message: Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://1.bp.blogspot.com/-ceC9vs4yQ30/Vh0x_sMDIuI/AAAAAAAAAkg/w5pBuY8zB4s/s1600/Nice-vs-Monaco-team%2B%2528330%2Bx%2B160%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.hesgoal.com/(Line 2) Message: Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://4.bp.blogspot.com/-Ddt-dDXho6s/Vh0yKjBXGCI/AAAAAAAAAko/HGFMszpBJ8M/s1600/Kaboul.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.hesgoal.com/(Line 2) Message: Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://1.bp.blogspot.com/-H27asjimQ94/Vh0yg_MPaoI/AAAAAAAAAk4/XosrwwcGfKE/s1600/bayyr%2B%2528305%2Bx%2B171%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.hesgoal.com/(Line 2) Message: Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://2.bp.blogspot.com/-V6RT9Vezcsg/Vh0ytsQc1oI/AAAAAAAAAlA/aoRhlMRPBnU/s1600/arssd.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.hesgoal.com/(Line 2) Message: Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://3.bp.blogspot.com/-Eps1ylN-vys/Vh0zBlSyOwI/AAAAAAAAAlI/f2WCaN4SztE/s1600/shai%2B%2528310%2Bx%2B215%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.hesgoal.com/(Line 2) Message: Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://1.bp.blogspot.com/-cgLilAUBe14/Vh0zWz7QKvI/AAAAAAAAAlY/09Q2LcdN0GE/s1600/DHiOS%2B%2528426%2Bx%2B240%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.hesgoal.com/(Line 2) Message: Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://1.bp.blogspot.com/-RBFwLfIMCPs/Vh0zicH1cXI/AAAAAAAAAlg/wkFuVQOooEE/s1600/dim%2B%2528309%2Bx%2B157%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.hesgoal.com/(Line 2) Message: Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://2.bp.blogspot.com/-q4xPw_Rdydw/Vh0zs--afqI/AAAAAAAAAlo/tcFnI2iJnjw/s1600/Marcelo-Modric_1872047c%2B%2528230%2Bx%2B143%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.hesgoal.com/(Line 2) Message: Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://3.bp.blogspot.com/-EV746E9dtDo/Vh0z297Av6I/AAAAAAAAAlw/uspUTJ3uK3o/s1600/Olympique-Lyonnais-Naples%2B%2528297%2Bx%2B185%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.hesgoal.com/(Line 2) Message: Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://2.bp.blogspot.com/-07G0LmocPB4/Vh00NrOK-vI/AAAAAAAAAl4/rnx8r_gc9F8/s1600/shic%2B%2528360%2Bx%2B270%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.hesgoal.com/(Line 2) Message: Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://4.bp.blogspot.com/-qp60VT61rWc/Vh00YbvtLYI/AAAAAAAAAmA/qMSbSsXYpzI/s1600/saint%2B%2528348%2Bx%2B217%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.hesgoal.com/(Line 2) Message: Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://2.bp.blogspot.com/-3VKlWr_OKDI/Vh00iHasFvI/AAAAAAAAAmI/gHRa6roZPkI/s1600/mascheranopa_450x250%2B%2528337%2Bx%2B187%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.hesgoal.com/(Line 2) Message: Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://4.bp.blogspot.com/-QfVoWLsz05M/Vh00uifNM1I/AAAAAAAAAmQ/lhjn32auqdc/s1600/marr%2B%2528235%2Bx%2B156%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.hesgoal.com/(Line 2) Message: Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://1.bp.blogspot.com/--kC9H4FjLcM/Vh0rPwsgKSI/AAAAAAAAAh0/aZagbphWh8w/s1600/fernando-alonso-budapest-%2B%2528403%2Bx%2B302%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.hesgoal.com/(Line 2) Message: Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://1.bp.blogspot.com/-dW3KvDqGfmg/Vh0rfy8azlI/AAAAAAAAAh8/OrfkDWgPqHY/s1600/Jari%252BMatti%252BLatvala%252BFIA%252BWorld%252BRally%252BChampionship%252BYqf_yBl0Wg-l%2B%2528445%2Bx%2B297%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.hesgoal.com/(Line 2) Message: Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://3.bp.blogspot.com/-zutjz__Fnuc/Vh0so6W6w4I/AAAAAAAAAiU/Z2rrpXzDeZg/s1600/PHENO%2B%2528475%2Bx%2B324%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.hesgoal.com/(Line 2) Message: Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://4.bp.blogspot.com/-Bt7BlUW-o20/Vh0s17MbYPI/AAAAAAAAAic/j89fLwbIPE0/s1600/WRC_222%2B%2528471%2Bx%2B264%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.hesgoal.com/(Line 2) Message: Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://3.bp.blogspot.com/-aZulEqqldn8/Vh0tbybVBmI/AAAAAAAAAi0/O9BEUJtJzYA/s1600/alonso%2B%2528495%2Bx%2B262%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.hesgoal.com/(Line 2) Message: Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://3.bp.blogspot.com/-U6K5vyAOznY/Vh0to4OAbGI/AAAAAAAAAi8/aXsGdvr-LAs/s1600/REDBB%2B%2528480%2Bx%2B270%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.hesgoal.com/(Line 2) Message: Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://3.bp.blogspot.com/-2ZRgdn0h1PQ/Vh0t0JmTj0I/AAAAAAAAAjE/RYHrOQ-KZfQ/s1600/van-der-garde%2B%2528472%2Bx%2B315%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.hesgoal.com/(Line 2) Message: Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://2.bp.blogspot.com/-droslkcAUmA/Vh0uYF6QAzI/AAAAAAAAAjc/Y3t5W-6h2jg/s1600/winner_lewis_hamilton_getty%2B%2528468%2Bx%2B263%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.hesgoal.com/(Line 2) Message: Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://4.bp.blogspot.com/-vkmA3_ST_e4/Vh0ujAsTcFI/AAAAAAAAAjk/iQl_b7j0-tM/s1600/MotoGp%252Bof%252BGermany%2B%2528445%2Bx%2B296%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.hesgoal.com/(Line 2) Message: Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://3.bp.blogspot.com/-ltxoRMYHgkw/Vh0utkpIfyI/AAAAAAAAAjs/vipaMuMFvQo/s1600/depuniet%2B%2528315%2Bx%2B210%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.hesgoal.com/(Line 2) Message: Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://4.bp.blogspot.com/-qFd__8GuOmc/Vh0u4NEm2BI/AAAAAAAAAj0/sCopngmhQVo/s1600/vedel%2B%2528465%2Bx%2B291%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	error	URL: https://www.hesgoal.com/(Line 42) Message: Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure stylesheet 'http://www.hesgoal.com/templates/lol/style3.css'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://www.hesgoal.com/ Message: Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure script 'http://code.jquery.com/jquery-1.6.2.js'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://www.hesgoal.com/ Message: Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure script 'http://code.jquery.com/jquery-latest.min.js'. This request has been blocked; the content must be served over HTTPS.
security	warning	URL: https://www.hesgoal.com/(Line 123) Message: Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over a secure connection, but contains a form that targets an insecure endpoint 'http://www.hesgoal.com/search.php'. This endpoint should be made available over a secure connection.
security	warning	URL: https://www.hesgoal.com/ Message: Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://3.bp.blogspot.com/-dIvRPhEjBVk/Vh0xh4poWxI/AAAAAAAAAkQ/pQ4LwjACdms/s1600/J%25C3%25A9r%25C3%25A9my-Mathieu-au-FC-Barcelone%2B%2528320%2Bx%2B180%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.hesgoal.com/ Message: Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://4.bp.blogspot.com/-6PmeR4KYHCg/Vh0xu8fOe9I/AAAAAAAAAkY/ooWCQ4HPxBc/s1600/soccer-Colombia-Falcao%2B%2528465%2Bx%2B261%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.hesgoal.com/ Message: Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://1.bp.blogspot.com/-ceC9vs4yQ30/Vh0x_sMDIuI/AAAAAAAAAkg/w5pBuY8zB4s/s1600/Nice-vs-Monaco-team%2B%2528330%2Bx%2B160%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.hesgoal.com/ Message: Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://4.bp.blogspot.com/-Ddt-dDXho6s/Vh0yKjBXGCI/AAAAAAAAAko/HGFMszpBJ8M/s1600/Kaboul.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.hesgoal.com/ Message: Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://1.bp.blogspot.com/-H27asjimQ94/Vh0yg_MPaoI/AAAAAAAAAk4/XosrwwcGfKE/s1600/bayyr%2B%2528305%2Bx%2B171%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.hesgoal.com/ Message: Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://2.bp.blogspot.com/-V6RT9Vezcsg/Vh0ytsQc1oI/AAAAAAAAAlA/aoRhlMRPBnU/s1600/arssd.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.hesgoal.com/ Message: Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://3.bp.blogspot.com/-Eps1ylN-vys/Vh0zBlSyOwI/AAAAAAAAAlI/f2WCaN4SztE/s1600/shai%2B%2528310%2Bx%2B215%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.hesgoal.com/ Message: Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://1.bp.blogspot.com/-cgLilAUBe14/Vh0zWz7QKvI/AAAAAAAAAlY/09Q2LcdN0GE/s1600/DHiOS%2B%2528426%2Bx%2B240%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.hesgoal.com/ Message: Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://1.bp.blogspot.com/-RBFwLfIMCPs/Vh0zicH1cXI/AAAAAAAAAlg/wkFuVQOooEE/s1600/dim%2B%2528309%2Bx%2B157%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.hesgoal.com/ Message: Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://2.bp.blogspot.com/-q4xPw_Rdydw/Vh0zs--afqI/AAAAAAAAAlo/tcFnI2iJnjw/s1600/Marcelo-Modric_1872047c%2B%2528230%2Bx%2B143%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.hesgoal.com/ Message: Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://3.bp.blogspot.com/-EV746E9dtDo/Vh0z297Av6I/AAAAAAAAAlw/uspUTJ3uK3o/s1600/Olympique-Lyonnais-Naples%2B%2528297%2Bx%2B185%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.hesgoal.com/ Message: Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://2.bp.blogspot.com/-07G0LmocPB4/Vh00NrOK-vI/AAAAAAAAAl4/rnx8r_gc9F8/s1600/shic%2B%2528360%2Bx%2B270%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.hesgoal.com/ Message: Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://4.bp.blogspot.com/-qp60VT61rWc/Vh00YbvtLYI/AAAAAAAAAmA/qMSbSsXYpzI/s1600/saint%2B%2528348%2Bx%2B217%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.hesgoal.com/ Message: Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://2.bp.blogspot.com/-3VKlWr_OKDI/Vh00iHasFvI/AAAAAAAAAmI/gHRa6roZPkI/s1600/mascheranopa_450x250%2B%2528337%2Bx%2B187%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.hesgoal.com/ Message: Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://4.bp.blogspot.com/-QfVoWLsz05M/Vh00uifNM1I/AAAAAAAAAmQ/lhjn32auqdc/s1600/marr%2B%2528235%2Bx%2B156%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.hesgoal.com/ Message: Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://1.bp.blogspot.com/--kC9H4FjLcM/Vh0rPwsgKSI/AAAAAAAAAh0/aZagbphWh8w/s1600/fernando-alonso-budapest-%2B%2528403%2Bx%2B302%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.hesgoal.com/ Message: Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://1.bp.blogspot.com/-dW3KvDqGfmg/Vh0rfy8azlI/AAAAAAAAAh8/OrfkDWgPqHY/s1600/Jari%252BMatti%252BLatvala%252BFIA%252BWorld%252BRally%252BChampionship%252BYqf_yBl0Wg-l%2B%2528445%2Bx%2B297%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.hesgoal.com/ Message: Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://3.bp.blogspot.com/-zutjz__Fnuc/Vh0so6W6w4I/AAAAAAAAAiU/Z2rrpXzDeZg/s1600/PHENO%2B%2528475%2Bx%2B324%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.hesgoal.com/ Message: Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://4.bp.blogspot.com/-Bt7BlUW-o20/Vh0s17MbYPI/AAAAAAAAAic/j89fLwbIPE0/s1600/WRC_222%2B%2528471%2Bx%2B264%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.hesgoal.com/ Message: Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://3.bp.blogspot.com/-aZulEqqldn8/Vh0tbybVBmI/AAAAAAAAAi0/O9BEUJtJzYA/s1600/alonso%2B%2528495%2Bx%2B262%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.hesgoal.com/ Message: Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://3.bp.blogspot.com/-U6K5vyAOznY/Vh0to4OAbGI/AAAAAAAAAi8/aXsGdvr-LAs/s1600/REDBB%2B%2528480%2Bx%2B270%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.hesgoal.com/ Message: Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://3.bp.blogspot.com/-2ZRgdn0h1PQ/Vh0t0JmTj0I/AAAAAAAAAjE/RYHrOQ-KZfQ/s1600/van-der-garde%2B%2528472%2Bx%2B315%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.hesgoal.com/ Message: Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://2.bp.blogspot.com/-droslkcAUmA/Vh0uYF6QAzI/AAAAAAAAAjc/Y3t5W-6h2jg/s1600/winner_lewis_hamilton_getty%2B%2528468%2Bx%2B263%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.hesgoal.com/ Message: Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://4.bp.blogspot.com/-vkmA3_ST_e4/Vh0ujAsTcFI/AAAAAAAAAjk/iQl_b7j0-tM/s1600/MotoGp%252Bof%252BGermany%2B%2528445%2Bx%2B296%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.hesgoal.com/ Message: Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://3.bp.blogspot.com/-ltxoRMYHgkw/Vh0utkpIfyI/AAAAAAAAAjs/vipaMuMFvQo/s1600/depuniet%2B%2528315%2Bx%2B210%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.hesgoal.com/ Message: Mixed Content: The page at 'https://www.hesgoal.com/' was loaded over HTTPS, but requested an insecure element 'http://4.bp.blogspot.com/-qFd__8GuOmc/Vh0u4NEm2BI/AAAAAAAAAj0/sCopngmhQVo/s1600/vedel%2B%2528465%2Bx%2B291%2529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
rendering	warning	URL: https://st.chatango.com/h5/gz/r0817211056/id.html(Line 4) Message: The key "target-densitydpi" is not supported.
network	error	URL: https://dmp.truoptik.com/f2d2e39fc16bc9cc/sync.gif?cbp=tpid&cbk=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10832%2Ftp%3DTRUP Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://sync.crwdcntrl.net/map/c=10492/tp=AVCT/tpid=26063f5f-5840-4fd1-8dce-134c9657d121 Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
2.bp.blogspot.com
3.bp.blogspot.com
4.bp.blogspot.com
a.dtssrv.com
ads.avct.cloud
ads.avocet.io
bcp.crwdcntrl.net
beacon.krxd.net
c.adskeeper.com
c.cintnetworks.com
cdn.adskeeper.co.uk
cdn.taboola.com
cdn.tynt.com
cdnjs.cloudflare.com
cds.taboola.com
cm.adskeeper.com
cm.g.doubleclick.net
code.jquery.com
d.turn.com
de.tynt.com
dmp.truoptik.com
dpm.demdex.net
e.dtscout.com
get.geojs.io
get.s-onetag.com
global.ib-ibi.com
ib.mookie1.com
ic.tynt.com
id5-sync.com
images.taboola.com
jsc.adskeeper.com
loadm.exelator.com
m.huerty.live
match.adsrvr.org
ml314.com
mwzeom.zeotap.com
onetag-geo-grouping.s-onetag.com
onetag-geo.s-onetag.com
pd.sharethis.com
pips.taboola.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.tapad.com
platform.twitter.com
ps.eyeota.net
s-img.adskeeper.com
s10.histats.com
s4.histats.com
sb.scorecardresearch.com
secure.adnxs.com
servicer.adskeeper.com
spl.zeotap.com
st.chatango.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.mathtag.com
sync.srv.stackadapt.com
sync.tidaltv.com
syndication.twitter.com
t.dtscdn.com
t.dtscout.com
tags.bluekai.com
tags.crwdcntrl.net
token.rubiconproject.com
trc.taboola.com
upload.wikimedia.org
ust.chatango.com
www.google-analytics.com
www.hesgoal.com
code.jquery.com
www.hesgoal.com
104.111.215.191
104.16.19.94
104.16.92.60
104.18.16.65
104.18.17.65
104.18.28.199
104.19.134.80
104.244.42.200
104.26.0.100
13.225.87.101
13.225.87.108
13.225.87.63
13.225.87.75
13.225.87.81
13.248.242.197
141.226.224.32
141.95.34.104
142.250.181.226
142.250.185.225
142.250.185.78
151.101.130.49
151.101.193.44
151.101.65.44
167.114.209.61
172.67.13.182
172.67.220.51
18.195.98.10
18.198.69.109
185.156.202.211
185.29.132.241
198.27.80.143
208.100.17.183
208.100.17.190
208.93.230.22
216.46.185.182
216.46.185.184
3.122.214.165
3.228.133.61
34.253.137.48
35.227.248.159
37.252.172.38
45.55.96.63
46.105.201.240
46.228.164.13
5.182.209.23
51.144.7.192
51.222.80.231
52.208.138.90
52.211.234.106
52.214.235.66
52.214.44.171
52.30.140.199
66.155.71.25
69.173.144.165
91.198.174.208
93.184.220.66
0197913b1c33f10c2ceb13c0702bfcd15638b458c3ef26a84f29ff646a8e42d2
0222608801301cf9e7a5e78a9e6645318b98156857f0fdd3666c6ed46036f3c2
03504b510d0a289c3cf9aa389bf60edb1b19785eed0f8d41dbd19355c55ad6f7
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
11048c3be88262e2cf43c9144ea5272dde3369f954f705d4eea26aa4b33d96e6
11e47e3f46e571aaf1ac77329cbd60847f6c8057068fb0f97bfd1ca5ef59bb79
190fc02d8e8f1dd5acc40f48d0d6203e6115eb31e3f47f55db0c3f07797d68f0
1a34977d38ab954500e2d89c81be2e8a19dee4e30492f33da233283859cc197a
1a4439966cf3114fcfbe92d56d21b21810b5f3a0f138032a7e665113f2c754a7
1f1cbc94de77db002ad23121c7baf05a826b7233c7432753a1fc696d5782d2d6
1ff3e9a39d7c0b422cd1a275c2292f55effdde5f3d648369634ad121bfb81b2b
242a75ba54f0b62ab4e7f78a503df8b6f1d475bc7a246ffa5dc7981a315bad04
29837203efe096a89bbaf504ee7ba517fbde6567fd80cc90a257e42886d7d54f
29e28dc9767fd91b19b86e6cf9db100cfd0c0ef8ab36337fe98794fd41d17bcb
2c91b0e6f34ac9ba15363622392e08daed9ae565ff18d92ceac3eb94edb0f1cb
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be
3d2f50274e7b3aec5963f044253b2e5ec72f77c307610362dd94b266aabe11ef
3dd384ba5379d14c2803ff711a3f4869d29ef29566cdd5141c41f9e4dbd509ee
3e2c9ee8c65fe5cba61424da8a143be0e4c50d80d2758a1464e1cc9255df97b1
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ee8351e156e2e80d99018a585c18c0dbd9098e3bea84a131d8cbad1ec72c81e
3fe7f4a2d9e68e6d3ea3665ffa83df459dbb4bc64562c510fa7324301b2447b0
411967072c021b1a4671c42b781142b19ac8e2da9bbb551ca188fc87202df93a
42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423
4ea647e1d512a7f4b4e9e72fc9fe7f823836f9c52eb974823a9c16731ec0ed4b
4ebfe7bf8564d707f3ce257dfa899381e29627e5e2a941b606546cf1e3787c10
5d1129f473527dce92086e246848c28a08b5b182042a533ae717bb8d5358a254
6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0
63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372
695cb99e9e3942a92d95f65aa792db534ac5594e20bafad3137fd332fe26af9d
6b387b1ce511eb9e24efb3cbb349a11db51da1e3828b065a4f7954893a0fc680
6b3e048ef33a432b755395dbf54f027723c7624aa5ea1eec18b8b778e62c3520
6ba080cb87210455600d30f6cbb946d407474b06b89d3a50f297ff1747e2c37c
702f1e6aca82f2b576d881b27d7f6d230aba208e4209e2edaaf4c4d2f94ded40
718e169411e938c6ccca40681574efaf03da136dfef6332174652485368e78bb
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
738819381485d1be56e646985b53c057ad49e45e310ad0fda6f22434f77402d3
77db8e3a0c1157eb4946f816fee2f1bccd44fd03a8098618b15b470cb610e0c1
7bbd228ebb7a313c02f48fee3f8398ddaf2df196477f3e245abef62c6c0dd6a9
7c2dbcb92e66fe8b66c124b8f21dcc8a1d67d7d573e38cd2e86e2ecd6fddb599
7cc009f23b6e5199632a4df96cc8f69c6de6f9eaa4079c83e759516695ef8c82
7cd0e977de74caad61054e8991c774c3bfc8342704ba9b80c9fa1035d946f4db
7ee04154662e67cdd4a6694f6afacb682bb184617b5e81948524637dde2f31d3
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3
80b8f8fd882bf4183eed3bb9d74311f820cf16057833a928d09ba1613188b987
826a820fd1c9ee09e48db0ca5ec0b54cdf311786c9e6a23783b9968a506b7111
83147d4b02fdda83728e35c64a246133da2171d543343efbbc10a0717639074c
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8ade4559ba0159fe586121f621bed885f04755e81a8d02e58eb7d0f9771afe2b
8ba0b29fd70cf1a0f96de43957319df4d6490c9d796d560f0fb60504dadf2158
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d876054904ddf1100888777d73a57cd36f3b51a83fbd75774bfdf7339fe2209
8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18
9184949092862871ea4a0638f963edc72ade0428d4df177f6597412e3345c68b
919f0d5d2f1a61109be1d457ec197149f7fa4ce56ae130732a9877509575bba9
92f2023a8479cf95c3d98e383e25751c5cadc9b5412266fbf00ea54c3584c330
9654d9b53441b6a76ea9caa18eb89e2f91c9935f306fb4590c8896e8b3efe9ef
9933d7066a22669cd5d48d0051aa5f2d7ea91bad0a9223f3d7884e93c3ca8a28
9c22ac6dd3da1db544d1b1974fba41c7994137bfe9f60d954bf18e9bdbda15df
9c5681c33c41690b895e5bb0b7d7e748fa3252852f94c1112ff03b837f3ee36f
9cdac6ebed7b54bbee2bcdd18f9aec4ee761e0bf4b6c2d87a8ff31d45c67f6cd
9d38a00c79a9c87d78d7dfe4dcd21f67fcc933e72db56702f9201e6b6834a391
9dae62151120e18b465ffc5c8e9e342ecc28a6efe1a0d71c9766d677a5ddc389
9ef2fa6d02bd3595685a4fa73762bb189deac1d05605ff00a2bb58b879b75557
a12e522508f84829d98353fbca78badae6da34aa5cdcb387bdffe5679de6317f
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a73a2f96c9c3c66bad7f0974859a398b16d81c2023e797eec43e537bfc9a9670
a8558243788f0dc91ae04cfbfcb192804bb5c08a247e6707053944046c0936c2
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ac908d1b13e23604cb93d6183b386c4cfc3ae8c07aa6ca77debe9ddf975393cd
b04d3cfa9b28e61adce17e6779f4b7f3dcfca34000d7b88bb85734a465c4100f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b87d0c1195e80246d9b4386e8b60bd43862497c45099baf093d23f86b96a5452
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c051f20e397bda903dda0cdd3e3af421ea67923f737697b50868b0f7f2627378
c48220cc9ef4604a3d8f7484a5c7c35a55d06f34f898f52de85d64fff9f8282c
c49c82f3f670e16ab6ad5231d4dba5ccea94142649a946a69d5d7f64a9cfe4cd
c61a68b4338345f13141b316e626d72cc2327b091b34c5b44b412abe45de7561
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c7ad40b7c0215a36e2adbecc2c9813b1eeae285a314724a5b540efe0f785cf54
c7ee651e00a56adb1e06aca0aab62e0aeb66cc4594592c7ac1344f81b3fea1b6
c8164a629b41019e218dc4afdb572fdb310e3e85ea1215b3fbdda1d2e56d81b7
cd5269f06e0db0b8c23c34a32815e4ef9e6349d93fd6943b60542d2e24a411f2
d008867b9024617b5233a0aab38ec158a60400b60afcfbb1a2d793557f955296
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
d27f53bbfc004b239b92ee8d8e8493293f5790ade1237ca74a82d76bb74e44de
d50c76f222ed812d0aef55d3b7fe52f4ea68565e14496a8d8e52fb290be7bc3e
d5a4397698a3fa51e1dded6959e1b16e6bc1e89b28c949f3f0313ace1a3b5a97
d6002ac80e0b2185318aec97b4cc5a53e63eb72af9de04251817458f07a1599c
d6de45b23e6b655fe6074a5217e43ce195490faa5dc458706d3ddf188c3ec6b4
d9262f833e999fddfae1cb297ae5f9e260529ca0ca737ed805a11fbf3ab92bcd
d9d29be0489fcf2b400b25f7a16ba7bae84b4a3ce7c2ccf6a31cce4f5e64235c
daf5aa10f48006b8b318edc196b852ed356f9a9dadf14447568876ad7bea17e6
dbc8af2a2b9ce5900394f7b3cc31975e54cbedd7e83e8a654ccaf62aaa79edb9
dbd7750c69d1dda28b5a18ac3d2b66324ef8e35ed8150f79d5b617afaa64cdb6
dc9dc5abccf3e062029d71dcdc0e04b7cc9a9be96103d07f98b4ff4a5459c668
e23f3a6e99524b4a3c64675a721185d366fb02194726b75cc0c9ed896fef81df
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb7fc01edc455bd8c043bdf74dd4395c08a6f4465023ef2d54214914c055f4f6
ef71ad0e3206edc6bf524507d43c65f6f68a1cb02638fb074849af78fd500d70
ef92a8dd084f1681d883112395918d6db6cd497318f0c9265bc953f3de0478bc
f2d6214b8f28883772525a47935d20435da481d26e99abbcddfe3766f49601a0
f369c41399a02489b8db3d2712c86082949847a670b059367b9deb6d1f87a1d4
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6943106e4ec38d43fcb1b7616e34417aceb78763846c1c32e11589649c437f5
f93d541d99a48eb26c0a5ff9a419b538b1cc06666f6d4a2925f051cf4c9953c5
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fcfa793d204b4144bf54f59bd9c5c720843af02dd02999d1653c8fafc0ebd8ea
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

www.hesgoal.com Open in urlscan Pro 5.182.209.23 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

157 Requests

97 %HTTPS

0 %IPv6

48 Domains

70 Subdomains

44 IPs

9 Countries

1923 kBTransfer

3554 kBSize

70 Cookies

7 Outgoing links

Redirected requests

157 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.hesgoal.com Open in urlscan Pro
5.182.209.23 Public Scan

Screenshot
Live screenshot

Full Image

157
Requests

97 %
HTTPS

0 %
IPv6

48
Domains

70
Subdomains

44
IPs

9
Countries

1923 kB
Transfer

3554 kB
Size

70
Cookies

157 HTTP transactions
1 data transactions