www.xscores.com Open in urlscan Pro
195.201.128.7 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://xscores.com/
Effective URL:
https://www.xscores.com/
Submission: On January 04 via manual (January 4th 2023, 1:17:56 pm UTC) from CH — Scanned from DE

Summary HTTP 144 Redirects Links 50 Behaviour Indicators

Summary

This website contacted 35 IPs in 10 countries across 31 domains to perform 144 HTTP transactions. The main IP is 195.201.128.7, located in Gunzenhausen, Germany and belongs to HETZNER-AS, DE. The main domain is www.xscores.com. The Cisco Umbrella rank of the primary domain is 681523.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 4th 2022. Valid for: a year.

This is the only time www.xscores.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	176.9.34.173 176.9.34.173	24940 (HETZNER-AS) (HETZNER-AS)
16	195.201.128.7 195.201.128.7	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:400d:80a::200a	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:400d:806::2002	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	109.236.91.3 109.236.91.3	49981 (WORLDSTREAM) (WORLDSTREAM)
1	2a00:1450:400... 2a00:1450:400d:807::2008	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::178	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:807::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:80a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:400d:808::2001	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6812:ddb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:bac0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a00:1450:400... 2a00:1450:400d:80c::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80c::2003	15169 (GOOGLE) (GOOGLE)
3 34	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	96.16.144.106 96.16.144.106	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a02:26f0:11a... 2a02:26f0:11a::217:9a8a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.18.12.14 104.18.12.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.134 142.250.185.134	15169 (GOOGLE) (GOOGLE)
2	34.149.12.213 34.149.12.213	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:400d:803::2006	15169 (GOOGLE) (GOOGLE)
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
2	142.250.180.226 142.250.180.226	15169 (GOOGLE) (GOOGLE)
2 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a02:26f0:350... 2a02:26f0:3500:11::215:14dc	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1	188.65.124.66 188.65.124.66	41690 (DAILYMOTI...) (DAILYMOTION For peering related business)
1 1	18.198.164.240 18.198.164.240	16509 (AMAZON-02) (AMAZON-02)
2 2	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	142.250.201.194 142.250.201.194	15169 (GOOGLE) (GOOGLE)
2 2	52.50.220.58 52.50.220.58	() ()
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	52.208.157.7 52.208.157.7	16509 (AMAZON-02) (AMAZON-02)
144	35

1 176.9.34.173 (Weimar, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.173.34.9.176.clients.your-server.de

xscores.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 195.201.128.7 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.7.128.201.195.clients.your-server.de

www.xscores.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80a::200a (Ireland)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.236.91.3 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: customer.worldstream.nl

extreme-ip-lookup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:807::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80e::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

5470d64aa34e1c47c445da06338616a3.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80a::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:400d:808::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:ddb (United States)

ASN13335 (CLOUDFLARENET, US)

tags.expo9.exponential.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:bac0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

affiliatesys.interwetten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:80c::2001 (Ireland)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80c::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2606:4700::6812:18ad (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdnx.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 96.16.144.106 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-144-106.deploy.static.akamaitechnologies.com

ssl.connextra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:11a::217:9a8a (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.12.14 (None, )

ASN13335 (CLOUDFLARENET, US)

a4.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.149.12.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.12.149.34.bc.googleusercontent.com

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtbc-eu3.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:803::2006 (Ireland)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.180.226 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s34-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (Amsterdam, Netherlands) 2 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:11::215:14dc (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.192.160.219 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.65.124.66 (Paris, France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: ingress-03-pub-prod-ix7.vip.dailymotion.com

public-prod-dspcookiematching.dmxleo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.198.164.240 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-164-240.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.115 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.201.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s35-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.50.220.58 (None, ) 2 redirects

ASN- ()

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.208.157.7 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-157-7.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	tribalfusion.com 3 redirects s.tribalfusion.com — Cisco Umbrella Rank: 2747 cdnx.tribalfusion.com — Cisco Umbrella Rank: 19950 a4.tribalfusion.com — Cisco Umbrella Rank: 31778 a.tribalfusion.com — Cisco Umbrella Rank: 1178	80 KB
23	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 145 5470d64aa34e1c47c445da06338616a3.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 187	194 KB
18	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 285 googleads.g.doubleclick.net — Cisco Umbrella Rank: 64 stats.g.doubleclick.net — Cisco Umbrella Rank: 179 ad.doubleclick.net — Cisco Umbrella Rank: 214 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 395 cm.g.doubleclick.net — Cisco Umbrella Rank: 321	213 KB
17	xscores.com 1 redirects xscores.com — Cisco Umbrella Rank: 487329 www.xscores.com — Cisco Umbrella Rank: 681523	422 KB
7	connextra.com ssl.connextra.com — Cisco Umbrella Rank: 10639	133 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 221	248 KB
6	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 362	162 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 330	109 KB
5	google.com adservice.google.com — Cisco Umbrella Rank: 142 www.google.com — Cisco Umbrella Rank: 16	2 KB
4	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 666 rtb0.doubleverify.com — Cisco Umbrella Rank: 1080 rtbc-eu3.doubleverify.com — Cisco Umbrella Rank: 17092	22 KB
3	pubmatic.com 3 redirects image6.pubmatic.com — Cisco Umbrella Rank: 996 simage2.pubmatic.com — Cisco Umbrella Rank: 882	1 KB
3	exponential.com tags.expo9.exponential.com — Cisco Umbrella Rank: 17962	19 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 5450 www.google.de — Cisco Umbrella Rank: 3658	1 KB
2	demdex.net 2 redirects dpm.demdex.net	2 KB
2	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 843	2 KB
2	spotxchange.com 2 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 815	1 KB
2	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 405	751 B
2	gstatic.com fonts.gstatic.com	32 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 103	20 KB
2	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1011	1 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 520 fonts.googleapis.com — Cisco Umbrella Rank: 127	32 KB
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 803	339 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 452	239 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 762	479 B
1	dmxleo.com public-prod-dspcookiematching.dmxleo.com — Cisco Umbrella Rank: 3268	123 B
1	bluekai.com 1 redirects tags.bluekai.com — Cisco Umbrella Rank: 807	472 B
1	createjs.com code.createjs.com — Cisco Umbrella Rank: 1929	63 KB
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 698	304 B
1	interwetten.com affiliatesys.interwetten.com	931 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 123	39 KB
1	extreme-ip-lookup.com extreme-ip-lookup.com — Cisco Umbrella Rank: 24359	684 B
144	31

	Domain	Requested by
19	s.tribalfusion.com	tags.expo9.exponential.com s.tribalfusion.com www.xscores.com
16	www.xscores.com	www.xscores.com
13	pagead2.googlesyndication.com	www.xscores.com securepubads.g.doubleclick.net tpc.googlesyndication.com ad.doubleclick.net www.googletagservices.com
12	securepubads.g.doubleclick.net	www.xscores.com securepubads.g.doubleclick.net www.googletagservices.com
11	a.tribalfusion.com	3 redirects s.tribalfusion.com
9	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.xscores.com ad.doubleclick.net
7	ssl.connextra.com	affiliatesys.interwetten.com ssl.connextra.com
7	www.googletagservices.com	www.xscores.com securepubads.g.doubleclick.net s.tribalfusion.com www.googletagservices.com s0.2mdn.net
6	s0.2mdn.net	ad.doubleclick.net s0.2mdn.net www.xscores.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
4	cdnx.tribalfusion.com	www.xscores.com
3	tags.expo9.exponential.com	securepubads.g.doubleclick.net cdn.doubleverify.com
3	www.google.com	tpc.googlesyndication.com www.xscores.com
2	dpm.demdex.net	2 redirects
2	image6.pubmatic.com	2 redirects
2	dsum-sec.casalemedia.com	2 redirects
2	sync.search.spotxchange.com	2 redirects
2	googleads4.g.doubleclick.net	ad.doubleclick.net
2	ups.analytics.yahoo.com	2 redirects
2	cdn.doubleverify.com	s.tribalfusion.com cdn.doubleverify.com
2	fonts.gstatic.com	fonts.googleapis.com
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.de	securepubads.g.doubleclick.net
2	www.google-analytics.com	www.xscores.com www.google-analytics.com
2	partner.googleadservices.com	www.xscores.com
1	beacon.krxd.net	s.tribalfusion.com
1	pixel.rubiconproject.com	s.tribalfusion.com
1	cm.g.doubleclick.net	1 redirects
1	simage2.pubmatic.com	1 redirects
1	aa.agkn.com	1 redirects
1	public-prod-dspcookiematching.dmxleo.com	s.tribalfusion.com
1	tags.bluekai.com	1 redirects
1	code.createjs.com	s0.2mdn.net
1	us-u.openx.net	s.tribalfusion.com
1	rtbc-eu3.doubleverify.com	cdn.doubleverify.com
1	rtb0.doubleverify.com	cdn.doubleverify.com
1	ad.doubleclick.net	www.googletagservices.com
1	a4.tribalfusion.com	www.xscores.com
1	fonts.googleapis.com	securepubads.g.doubleclick.net
1	affiliatesys.interwetten.com	securepubads.g.doubleclick.net
1	www.google.de
1	stats.g.doubleclick.net	www.google-analytics.com
1	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	5470d64aa34e1c47c445da06338616a3.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	www.googletagmanager.com	www.xscores.com
1	extreme-ip-lookup.com	ajax.googleapis.com
1	ajax.googleapis.com	www.xscores.com
1	xscores.com	1 redirects
144	48

This site contains links to these domains. Also see Links.

Domain
www.sveacasino.se
www.gambleaware.co.uk
casinoalpha.ro
casinobonusca.com
www.norskeautomater.com
www.nyecasino.me
kingcasinobonus.uk
www.bookmakers.bet
www.norgescasino.com
www.suomicasino.com
www.polskiekasyno.com
txodds.net
netticasinohex.com
casinohex.co.za
online-aussie-casino.com
casinoutankonto.net
casinohex.at
swisscasinohex.com
facebook.com
twitter.com
www.youtube.com
www.instagram.com
www.linkedin.com
freelivescores.xscores.com
old.xscores.com
www.gamblingtherapy.org
kiwigambler.co.nz
xn--casinosonlineespaa-30b.es
casinochase.com
slots-online.es
www.onlinecasinosrealmoney.co.nz
www.onlinecasino-southafrica.co.za
gamers.nu
payperhead.com
www.nettikasinot24.com
www.usbetting24.com
www.gambleusa.com
uudet-pikakasinot-fi.com
inkedin.com
www.casasapuestasdeportivas.es
www.rahapelit-netissa.com
www.xn--casinoonlineespaa-uxb.es
www.casinoer.com
www.thecasinodb.com
www.casinoutanlicens.io
www.norges.casino
www.casinotop.com
casinoohne.com
xn--lktaren-5wa.se
www.casivo.se

Subject Issuer	Validity	Valid
*.xscores.com Sectigo RSA Domain Validation Secure Server CA	`2022-07-04` - `2023-06-29`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
t1.extreme-dm.com R3	`2022-11-08` - `2023-02-06`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
exponential.com Cloudflare Inc ECC CA-3	`2022-03-21` - `2023-03-21`	a year	crt.sh
admin.casumoaffiliates.com R3	`2022-12-07` - `2023-03-07`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-07` - `2023-06-06`	a year	crt.sh
*.connextra.com DigiCert TLS RSA SHA256 2020 CA1	`2022-05-26` - `2023-05-26`	a year	crt.sh
*.doubleverify.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-07`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
tls.adobe.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-29` - `2023-05-30`	a year	crt.sh

This page contains 26 frames:

Primary Page: https://www.xscores.com/
Frame ID: FBF2169A1BE55133560B2F54760BF3A5
Requests: 40 HTTP requests in this frame

Frame: https://5470d64aa34e1c47c445da06338616a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 905D06C7545D5E264C4410873154E1E2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Frame ID: 37C2A07E00A92F724277FB2C6E603186
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 27D39EF162EE2F34BB2C059D8A893771
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7E7315317359D6DC436C223847FC5E99
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvc-smlbN5ksym5GDmrHPkl27on1EHHkzWMsvZf63NsEnVnl8v7xcP7Nis6PtfQZZY_SrALf3M_36x4qcRs59WN8vhBEUt1-NuRKuRzltYMXLz-mLB6aly4oy7uMLUsdhOxXHDSEd-TEfDuc8P8wJMiomOiLUf9XdX0--53JsxY-Yar1W1zkecfVZ0NUKFbLEVwEu1ksBgONk8Dh5J4iYMgYqhHX6RCzuvKWczmvLs3lagxrOFElmusYHimze9qg_CgLCFQj1-imKn4tyiq9cM_82tn7LPKe9jgS_6a4XHFgBVaKFVikW09vPtRwjfwoobg3_FDJJt5xFZuq7IVqcA&sai=AMfl-YQsLDUP2e4Z80vQ4jsSz4HIkYUsEpZHd0TClVXml5YHQd1XfoHe-1nCZxpZpD24GuSjePj6sg2LsM95w_fQZyB0EhXkihFf_nwdFezZnHiPJlFqAfdifuGc1ZtefkLC&sig=Cg0ArKJSzB55X7pa0uO1EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 9042E9EB0A2452C3CCB917B19572838C
Requests: 19 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvy-gNBNWihGQC0D__lzs3WFyhTbWMb2BKk5-uHSLKP44VoDXRMs4qGo3bGtP9zu7iNOBAD_SrG9ItpJbyNHRQmZOerNzvGDCnQAGjyUFj8pHiIp7TScs_OLBbUv9fAoKZEa2DRtgdMYRcmmY7Soil4fcDy8dbionfLqwemtyMEO6NygrwUWYJYmV93FSUXg-t2hF2i2HzxJ-AA5Eeq3AfUwBbO8xn2x12ilhyfEMKpLR3cAp9Du8qjne-Se79zMoKArztuou7SFz-LgecVL-vj0r-8bQgS9n6To97RfjTQad9uRPPP6JEzkix5-LH4b_PQIzsEhoOD-eRH69S_y440aH9T&sai=AMfl-YRXGEHifWs8PhzsKR3-hlWnct0045vW7QOdau28JpIrjIVzccgdRV7-u8qSYdaI4Ry8lMDwOqzhCHj56ODCPpsmPFDmGhnqda7Zf0pFTD1nDM3K8Q-Y2LMB9eGd14_Z&sig=Cg0ArKJSzBgcSdNTIBGjEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: EF2F9BF1F8E80294FF87E6C950C87F1B
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvyQhLXj8umORGf8MMqL0XbKM870MtnSifis-su_U011Wt6b46kl6u9c3fFX1eaB6vpiQ8cg735JHpYHk7zdQRM_1fRLk4YTc72Krz9LpErPCS4xzEpD4PANha-hGKprl-jSofCG7iLi8qSCIzoc6C38xZhojiLJGcIFIdx8qwoZ4j8FlKKdo1SbLZM9hxgvSJeH2yEGdBmBxS0jHNMwgg8JCHi0bJaiUKvtfDbntJ-8WIPgX-LFaAKF8DKeqxktXXSISJK5glng1b5uJ_3fHSd7zVHPgLJaeVDnAKehAt5Kmg2Pudc89DIWkXrGkHtmk8HYObWhRJaCa-3MYi-QJ511g&sai=AMfl-YQXd-Ey-J_vmhATkBILIWhir-0o8bYjExYFxXRbT_uw2oKBe6Hu_B-5eU1ByPa47M8689g6ZWLdRQuKWCbJdmWDnoI41rwheF_QcztheeS28ttV9sXV9zjOUcsSO3Bt&sig=Cg0ArKJSzHTTzZzojAUHEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 6FAEA9D01DC8C9529486C97B91BA5C26
Requests: 12 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Frame ID: 740D19B06B3BE1C99903CD75F0FB6A63
Requests: 17 HTTP requests in this frame

Frame: https://ssl.connextra.com/Interwetten/selector/client?client=Interwetten&placement=AFF_DE_EURO2021_728x90&cxt_aff_id=&tclk=http://affiliatesys.interwetten.gr/redirect.aspx?pid=1982&bid=8485&redirectURL=
Frame ID: EFD602127CAA34D3974A4A244E9D5A0F
Requests: 1 HTTP requests in this frame

Frame: https://ssl.connextra.com/servlet/controller?service=DE_SB_NKB_2021_IWde_SWI_HTML_728x90&pubhost=www.xscores.com&tclk=http%3A%2F%2Faffiliatesys.interwetten.gr%2Fredirect.aspx%3Fpid%3D1982%26bid%3D8485%26redirectURL%3D&client=Interwetten&placement=AFF_DE_EURO2021_728x90&cxt_aff_id=
Frame ID: B13AE675EF382E51967A280F2D3D01D7
Requests: 6 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N1820114.1141592EXPONENTIAL.COM/B28402876.344984901;dc_ver=92.271;sz=160x600;u_sd=1;dc_adk=2114207691;ord=upx8s9;click=https%3A%2F%2Fs.tribalfusion.com%2Fh.click%2FaimY1xWd3WWrb52rasWTvmTTQbQE3KSVjZaRrAsRWrdUVjW5UenodarYaXx2HfHSGvH4AUZbodXOTdZb6XrvkXUJiXTEmSbYHWUJ2TtrWmbZbmRUjNXqno3E7f5T70maZbFYFFgWHZb1mPYZamG7modbD5EYh2tZap3AbGmFYZbXGYS1cQY1Gbomaj23UFVWbjZcV6M5REMQQVZbtQWUO1dbqVPru3VB5XbZbZbTmuv2AQbPmFD2dYOXWBApd2wOFyCx8ubstiRxmeMPmYWUWF3oPE5y6MnntnCViA9ww%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.xscores.com%2F$0;xdt=0;crlt=FKUQTkuYzx;stc=1;chaa=1;sttr=40;prcl=s
Frame ID: 1547C89B46427F693390A55080DBFEA2
Requests: 8 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=akmUwfWUYYTtQ5nUJqRF7t1EZbr4abi5aYRnEBCYUJfWWjVoPnBmG3qpdrB3aZbe5duq5PfGnUjGXVnR1cr41srMmqJV3rF4WrnBUAU0REMQPVnNQWBs0HvpT6vp2cUVXFZbKT62r5mZb9R6BF2t3p0tBJmWiv3PMP3cMgTsJdUcb8R6FOWdZbWTFnS3FeuWanvWEYcSaJZcRsJZaPUamPH7iUVb54qEmodr0M6UOx9ml3rftdPCxTS&mediaDataID=9148826&mediaName=frame.html
Frame ID: DDE83E79C5142A53AD6157435C544345
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=almUwfWrb05bEpUavrTEFcSTrIQGJZdQrAvSW3cWsv52UmrotiOYqTM3HvHQGrF26BZbotIyTtYfXrnc1Ufh1TunSFvFUUBQWHJXorbrRUjNXqYs4E7c5T7YoT7IYbBgUWMQmPYZcmc7nmHUG3a3j3Wmt4mJZbpFYZb0Vv0YsF2XG7nnavS5UnRWrFAUPUTPTvQPs3qSH3N0W7sVAvw4sBU0UZbDTBIn2PZaZbrqAGxSX5Va3xlbDrs3&mediaDataID=6546596&mediaName=frame.html
Frame ID: 34403C877AB7C9670D47A1E9F29E719C
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=aAmUwfTFfEUAv5Qaj0QcYqSt7wYdBmWP3p3cM5XrQDV6yq2AUeQ6BE3tQt0tBJptTu5mQY5VbeTsQbUcZbgS6JNTHrUTFMR2U2tUqYtTTQlQTJJSsfLQFuoPHMiWGn24U6omtEmYTeu4dYAQcbA4PJZcpWetVdj80rvkYFYfXaiMRUJAWUr1WHv3mrbxPFfNXTUr3a3l5Ev2mq7B1rUfWHMXmnZbKpG65WSTFwAXBQEiFl6gZa5Zd&mediaDataID=6347136&mediaName=frame.html
Frame ID: 48B46B11461B6D308C7B73B7ED1C5422
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4358F11307B66478EC962DA8F4CAF8A6
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/1163240558329770775/index.html
Frame ID: F18751FF681E26DB5816B8677E97E45B
Requests: 6 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=aUmV8E5EUh5ten5mrZbmbUZb0GQVXVJ31VBnmEFT3rY2TU7AUPvTQEY5PGQrQWUyYdnoVmrp2VJWXFULVm2o56BaQAJD4HZbM1dBZdpdey36YY5s3cUV3bVVMhP6rnTdZb4WrZbX3baqVqjpVqFbSTUZdRVjZdRravSt3bWVUV2FqqndeyYEyn2dbFSGjZa4AJZamdiyUHfd0Uv7XrYf0TqpRb3ZcWF34Vdn4mFFxRUrN1EFtXqJa27EyQ6ZaivPURAR83MB&mediaDataID=5578346&mediaName=frame.html
Frame ID: 8EE418BCB1F01AFFD568662357574D89
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=aVmUwfSGjG2mQZamtArTWB80b39XUjf1aZaMSrrHUr3STdYYobJxQUJmXaYq5TUj2qfXmEjIYU3hUWbPoAYJmsjspd3B3qZb92Hmn3AZbIprMEYsrPYGv01svwpTb43FQ5VUnHWPQ1Qab0ScnoQWFv1WvnWPUu4GM20F3DT6im2PUePPMH4Wvn0W3Cndeo5m3Y4cM9VVBcVGbiRmYxWdF3WrMP3TupUqi2pAq9sPTb5bZbvgZcNZba6&mediaDataID=6530936&mediaName=frame.html
Frame ID: 6FF8F969C9E9A0ADF28049A77C5121BA
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=aWmUwfXWYKpdEx3mQU5cY9VcFdVGBeS6MoTtvWUU7P5rZasUarvWTr7Pq3ZbSVQLRbmpRWniWsj34UupodEtYEaO3HQHQVrZc5AJImdioVWJhYUvbXbbg1TqsPbUZbUFUPVdJ4mb7qQrrr1Evp5qFe4E71naZbD1Ff6WWjXmPfLpGvwotfE5EBg3tum46ZbGnbvEYVvS1VZb31c7OnqbW5UF2TFnZcWnF5REaqqomnspAUWEbDgkjCh9&mediaDataID=8039566&mediaName=frame.html
Frame ID: FAB4BDF3285F859813091B359B100A84
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=aXmUwf5teq3A7ZanUQGYc7S1cU31sZbMpaB42FvVVbjZcUPn0RTMQPcnpPWJM1WvnTmjv2cQUXrFBT6qo2PM6QPnG3tvt0tBCmW2M36rW3srgTGYaWGbhS6FvWdY3UbfS3r2nWa3sWqJaSTMKSsBZcPUumStQdUcYV2Umxmtqr0qmp2WbCSG7A46YLodiyTHZbhYrvd1bQe1EipRFUEWUBSTtJWmErmRUq1yPumuPAERWMfeYhGI1&mediaDataID=2713736&mediaName=frame.html
Frame ID: 44ECA15229FB194FD2540D3809DF5260
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=aYmUwf2mQZbmdArVHBc0rbd1UflXqApRrnZbTFMYVWUWobBrRFjNXEvo4qJi4E71oErCYbFfUdr0mPnJpGQoptbF2avf3tmy4mvJprQK0Gn0XVQ4XsJMmavU5UY2VUbZbWP73PTU4PGZbsStfw1WfqVAbw3Gn40bnKV6yw4AZb8R6bK2dZboXWnZbmHaM3mrY5cngUsYaUVrfSm3yUHYTWrMP5b2uWFJoTTIKqAyJqRE82GaClYOBbU&mediaDataID=7665496&mediaName=frame.html
Frame ID: 5CBC163C551DA3F97079F8D047C15B43
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=a0mUwfpdEu36YR5srfVVMaUcBgRmrmTdM3TbB03FAuUaMtTEQlPTMLRsZbKPUumPWfcWGr54bevmtit0qXx3WfDPcBE5AJFpWXpVWbb0bnkYUZbjXqimSUJGWU3SVd3TmbQoPFFnXaFt3Tfh4En4mqMBXFb8WtBQoPvBnV7mmHnJ3qZbi5tZar4PZbZcpbQEXVr0XsU5Xsnwmq7P3rYUTFnZcUA7TPrB0ScZaXq9evypiX0SvIecaDg0&mediaDataID=4056396&mediaName=frame.html
Frame ID: F02608DEE7D6CBF31E031709B57BC7CC
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=a1mUwf3A7ZaprMZcXc3QXcM5XGZbpmanU3FM2WUZbEW6MTRTr5SsUMPtfx0WbmVAbw4cJ5XF3DTPau4AU6R6ZbC3dBp1trImt2m4PBV3sYaVcQjVV7kRPnMTWFVWr7P3rIxWajmVEv6PqBZcQVjZbPUerRd7bVcUT2r2ootaOXaev4dMZdQsrB2mMEoWepUtbhXrrkXFJgXTysSFQDUr30TtJWorQxPaQr1EEYwAeev6qoyd7pgBUU0Zc&mediaDataID=6807466&mediaName=frame.html
Frame ID: 4D2DED965BF3135B593507F12A780416
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=a2mUwfmdAsVWJ9XbQ9XFUgXaZamRrYETFvSWdr3mUZbxRFbm1T3y4Tfg5EM0mqMB1b39UWjXm67DnVvomHYB2qBj2WEs46vEmFbL0G3T1c3V0GJumq7T2bFWTFjZcWPrWPTbXQsMoPWUNYtFtVArO2VB2YbMIVAPp2A3ePmMA4WUO0dBZbpdaM56rV5VYgTsUjVsjhP6ZbvTH3SUU7Y5b2uUqjvVbjaSTA6sCiZctnjY4qMWgi851P&mediaDataID=5436426&mediaName=frame.html
Frame ID: DBC6843E79AEB4C8C5BB2AFB1A90BB01
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=a3mUwf36YS3sr6TsMaVGBhPPnnTHQRTFFP2r6oWTnvTEY7SEYFRVjZaQUanRH7bUGjU4UmxmHyMXamx4dUHPsvA5PMZdpdXNUdQa0b361UB91TepSrnETbBXTtUWmbFuPFrtYTrp4qUl2a33mqjEYUU6TtZbSomUIpVnwoWfD5EU73Hmp3AZbKnbjIYs30YsYV1VfupanU2r3RVbjHUA7TREbQQWfsStTPN9EqnamSPF3klmZcVkq&mediaDataID=6719746&mediaName=frame.html
Frame ID: 675D0DD170DBBBB12BB4440A41419716
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Live Scores - Live Sports Results by xScores

Page URL History Show full URLs

http://xscores.com/ HTTP 301
https://www.xscores.com/ Page URL

Detected technologies

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

144
Requests

92 %
HTTPS

52 %
IPv6

31
Domains

48
Subdomains

35
IPs

10
Countries

1791 kB
Transfer

4294 kB
Size

27
Cookies

50 Outgoing links

These are links going to different origins than the main page.

URL: https://www.sveacasino.se/
Title: SveaCasino

Search URL Search Domain Scan URL

URL: http://www.gambleaware.co.uk/
Title: 18+. Please gamble responsibly. For more information please visit http://gambleaware.co.uk

Search URL Search Domain Scan URL

URL: https://casinoalpha.ro/online-casino/
Title: Romanian Top Online Casinos

Search URL Search Domain Scan URL

URL: https://casinobonusca.com/no-deposit-bonuses/
Title: Canadian no deposit bonuses

Search URL Search Domain Scan URL

URL: https://www.norskeautomater.com/
Title: Norgesautomaten

Search URL Search Domain Scan URL

URL: https://www.nyecasino.me/
Title: Nye Casino

Search URL Search Domain Scan URL

URL: https://kingcasinobonus.uk/free-spins/
Title: free spins no deposit

Search URL Search Domain Scan URL

URL: https://www.bookmakers.bet/
Title: bookmaker reviews

Search URL Search Domain Scan URL

URL: https://www.norgescasino.com/
Title: best casinos online

Search URL Search Domain Scan URL

URL: https://www.suomicasino.com/nettikasino-ilman-rekisteroitymista
Title: Suomicasino.com

Search URL Search Domain Scan URL

URL: https://www.polskiekasyno.com/
Title: Polskiekasyno.com

Search URL Search Domain Scan URL

URL: https://txodds.net/
Title: TX ODDS

Search URL Search Domain Scan URL

URL: https://netticasinohex.com/kasinot/
Title: NetticasinoHEX.com

Search URL Search Domain Scan URL

URL: https://casinohex.co.za/online-casinos/
Title: CasinoHEX.co.za

Search URL Search Domain Scan URL

URL: https://online-aussie-casino.com/
Title: AussieCasinoHEX.com

Search URL Search Domain Scan URL

URL: https://casinoutankonto.net/
Title: casinoutankonto.net

Search URL Search Domain Scan URL

URL: https://casinohex.at/
Title: CasinoHEX.at

Search URL Search Domain Scan URL

URL: https://swisscasinohex.com/online-casinos/chf/
Title: SwissCasinoHEX.com

Search URL Search Domain Scan URL

URL: https://facebook.com/xscores

Search URL Search Domain Scan URL

URL: https://twitter.com/xscores

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/xscoreslivescores

Search URL Search Domain Scan URL

URL: https://www.instagram.com/xscores1

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/xscores-com

Search URL Search Domain Scan URL

URL: https://freelivescores.xscores.com/theme-generator-demo/
Title: Free Livescores Widget

Search URL Search Domain Scan URL

URL: http://old.xscores.com/
Title: http://old.xscores.com

Search URL Search Domain Scan URL

URL: http://www.gamblingtherapy.org/
Title: 18+. Please gamble responsibly www.gamblingtherapy.org

Search URL Search Domain Scan URL

URL: https://kiwigambler.co.nz/online-casinos/1-deposit-casinos
Title: $1 deposit casino

Search URL Search Domain Scan URL

URL: https://xn--casinosonlineespaa-30b.es/
Title: CasinosOnlineEspaña.es

Search URL Search Domain Scan URL

URL: https://casinochase.com/casinos-online/
Title: CasinoChase.com

Search URL Search Domain Scan URL

URL: https://slots-online.es/tragamonedas-gratis/
Title: https://slots-online.es/tragamonedas-gratis/

Search URL Search Domain Scan URL

URL: https://www.onlinecasinosrealmoney.co.nz/
Title: online casino nz

Search URL Search Domain Scan URL

URL: https://www.onlinecasino-southafrica.co.za/
Title: online casino south africa

Search URL Search Domain Scan URL

URL: https://gamers.nu/
Title: Gamers.nu

Search URL Search Domain Scan URL

URL: https://payperhead.com/sportsbook-software/
Title: own US sports betting software

Search URL Search Domain Scan URL

URL: https://www.nettikasinot24.com/
Title: Nettikasinot24

Search URL Search Domain Scan URL

URL: https://www.usbetting24.com/
Title: USBetting24

Search URL Search Domain Scan URL

URL: https://www.gambleusa.com/
Title: GambleUsa

Search URL Search Domain Scan URL

URL: https://uudet-pikakasinot-fi.com/
Title: Uudet-pikakasinot-fi.com

Search URL Search Domain Scan URL

URL: https://inkedin.com/
Title: inkedin

Search URL Search Domain Scan URL

URL: https://www.casasapuestasdeportivas.es/
Title: www.casasapuestasdeportivas.es

Search URL Search Domain Scan URL

URL: https://www.rahapelit-netissa.com/netticasinot/
Title: netticasinot

Search URL Search Domain Scan URL

URL: https://www.xn--casinoonlineespaa-uxb.es/
Title: casinos online

Search URL Search Domain Scan URL

URL: https://www.casinoer.com/
Title: Visit Casinoer.com

Search URL Search Domain Scan URL

URL: https://www.thecasinodb.com/new-casino-sites
Title: New Casinos at TheCasinoDB.com

Search URL Search Domain Scan URL

URL: https://www.casinoutanlicens.io/
Title: Check here

Search URL Search Domain Scan URL

URL: https://www.norges.casino/
Title: Norges Casino online

Search URL Search Domain Scan URL

URL: https://www.casinotop.com/
Title: Casinotop.com

Search URL Search Domain Scan URL

URL: https://casinoohne.com/
Title: www.casinoohne.com

Search URL Search Domain Scan URL

URL: https://xn--lktaren-5wa.se/
Title: Läktaren.se

Search URL Search Domain Scan URL

URL: https://www.casivo.se/
Title: Casivo.se

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://xscores.com/ HTTP 301
https://www.xscores.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 104

https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662257301422927&_origin=1&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662257301422927&_origin=1&redir=true&verify=true HTTP 302
https://a.tribalfusion.com/i.match?p=b17&u=y-FFfkCTBE2uhs4j3l2mp6lueguFKHGCA-~A

Request Chain 111

https://sync.search.spotxchange.com/partner?adv_id=8731&uid=18072662257301422927&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db19%26u%3D$SPOTX_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=8731&uid=18072662257301422927&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db19%26u%3D$SPOTX_USER_ID&__user_check__=1&sync_id=32e06f89-8c32-11ed-97f3-10a0cca80306 HTTP 302
https://a.tribalfusion.com/i.match?p=b19&u=32e06f37-8c32-11ed-97f3-10a0cca80306

Request Chain 134

https://tags.bluekai.com/site/4229?id=18072662257301422927&redir=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db3%26u%3D%24_BK_UUID HTTP 302
https://a.tribalfusion.com/i.match?p=b3&u=$_BK_UUID

Request Chain 135

https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=131&external_user_id=18072662257301422927&cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D&cm_dsp_id=131&external_user_id=18072662257301422927&C=1 HTTP 302
https://a.tribalfusion.com/i.match?p=b20&u=Y7V8g5F4ryzFjW5B-5vrUQAA

Request Chain 136

https://a.tribalfusion.com/i.match?p=b24&u=18072662257301422927&redirect=https%3A%2F%2Fpublic-prod-dspcookiematching.dmxleo.com%2Fdspreply%3FdspId%3D15%26dspUserId%3D%24TF_USER_ID_ENC%24 HTTP 302
https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662257301422927

Request Chain 137

https://aa.agkn.com/adscores/g.pixel?sid=9212295768&_puid=18072662257301422927 HTTP 302
https://a.tribalfusion.com/i.match?p=b23&u=217023104386002182734

Request Chain 138

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D18072662257301422927%2526r%253Dhttps%25253A//a.tribalfusion.com/i.match%25253Fp%25253Db11%252526u%25253D%252524%25257BPUBMATIC_UID%25257D HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D18072662257301422927%2526r%253Dhttps%25253A//a.tribalfusion.com/i.match%25253Fp%25253Db11%252526u%25253D%252524%25257BPUBMATIC_UID%25257D&rdf=1 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw&piggybackCookie=18072662257301422927&r=https%3A//a.tribalfusion.com/i.match%3Fp%3Db11%26u%3D%24%7BPUBMATIC_UID%7D HTTP 302
https://a.tribalfusion.com/i.match?p=b11&u=8BA12CE6-22FA-4A8F-9420-4CCFD2F15DF4

Request Chain 139

https://cm.g.doubleclick.net/pixel?google_nid=exp&google_cm&google_sc&google_ula=2786954&google_hm=18072662257301422927 HTTP 302
https://a.tribalfusion.com/i.match?p=b6&u=adx&google_gid=CAESEItACyJOGFdTCmUHG89iyWo&google_cver=1&google_ula=2786954,0

Request Chain 140

https://dpm.demdex.net/ibs:dpid=22054&dpuuid=18072662257301422927&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db13%26u%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22054&dpuuid=18072662257301422927&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db13%26u%3D%24%7BDD_UUID%7D HTTP 302
https://a.tribalfusion.com/i.match?p=b13&u=26029760435081225763880393193622045245

Request Chain 141

https://a.tribalfusion.com/i.match?p=b10&u=18072662257301422927&redirect=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662257301422927&expires=180

Request Chain 142

https://a.tribalfusion.com/i.match?p=b22&u=18072662257301422927&redirect=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dexponential%26partner_uid%3D%24TF_USER_ID_ENC%24 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662257301422927

144 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.xscores.com/
Redirect Chain

http://xscores.com/
https://www.xscores.com/

41 KB
9 KB

107ms
51ms

Document
text/html

195.201.128.7
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xscores.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.128.7 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.7.128.201.195.clients.your-server.de
Software: nginx /
Resource Hash: e3af54006103468bdacbce80cc404c9225fb57bdfb718c91d23dfaff116849a8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0 no-cache, max-age=3600, no-store, must-revalidate
content-encoding: gzip
content-language: de-DE
content-type: text/html;charset=UTF-8
date: Wed, 04 Jan 2023 13:17:51 GMT
expires: Wed, 04 Jan 2023 13:17:51 GMT
server: nginx
vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 178
Content-Type: text/html
Date: Wed, 04 Jan 2023 13:17:51 GMT
Location: https://www.xscores.com/
Server: nginx

GET
H2 200 home.min.css
www.xscores.com/home/ 16 KB
4 KB 17ms
17ms Stylesheet
text/css 195.201.128.7
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xscores.com/home/home.min.css?v=1669200258
Requested by: Host: www.xscores.com
URL: https://www.xscores.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.128.7 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.7.128.201.195.clients.your-server.de
Software: nginx /
Resource Hash: a41fd753285dab05bc5ccd15cf23f44ec9c00a81c3a58db161816621875d3459

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 13:17:51 GMT
content-encoding: gzip
last-modified: Wed, 23 Nov 2022 10:44:18 GMT
server: nginx
etag: W/"16113-1669200258000"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=0, no-cache, max-age=3600, no-store, must-revalidate
accept-ranges: bytes
expires: Wed, 04 Jan 2023 13:17:51 GMT

GET
H2 200 all.min.css
www.xscores.com/style/fontawesome/css/ 159 KB
31 KB 29ms
28ms Stylesheet
text/css 195.201.128.7
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xscores.com/style/fontawesome/css/all.min.css
Requested by: Host: www.xscores.com
URL: https://www.xscores.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.128.7 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.7.128.201.195.clients.your-server.de
Software: nginx /
Resource Hash: 4b8627a66dc1214cc828e7554cfce628fd7e287fb90d10596cc7a542a0b77717

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 13:17:51 GMT
content-encoding: gzip
last-modified: Sat, 25 Sep 2021 15:11:16 GMT
server: nginx
etag: W/"163299-1632582676000"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
accept-ranges: bytes
expires: Thu, 05 Jan 2023 13:17:51 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 85 KB
30 KB 83ms
21ms Script
text/javascript 2a00:1450:400d:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: www.xscores.com
URL: https://www.xscores.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 02:03:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40452
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30399
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 Jan 2024 02:03:39 GMT

GET
H2 200 home.min.js Show response
www.xscores.com/scripts/ 4 KB
2 KB 17ms
17ms Script
application/javascript 195.201.128.7
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xscores.com/scripts/home.min.js?v=1669200258
Requested by: Host: www.xscores.com
URL: https://www.xscores.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.128.7 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.7.128.201.195.clients.your-server.de
Software: nginx /
Resource Hash: 4fb5e2957e56de42e571ef78aefe8acca2518d9035612896ac8c8185bbf86894

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 13:17:51 GMT
content-encoding: gzip
last-modified: Wed, 23 Nov 2022 10:44:18 GMT
server: nginx
etag: W/"4319-1669200258000"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, max-age=3600, no-store, must-revalidate
accept-ranges: bytes
expires: Wed, 04 Jan 2023 13:17:51 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 37ms
16ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.xscores.com
URL: https://www.xscores.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b643dfe54d43b150b4e41b81aced56c4322a7c4c081483777c20ce15798bd68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 13:17:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27528
x-xss-protection: 0
server: sffe
etag: "1441 / 696 of 1000 / last-modified: 1672834288"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 04 Jan 2023 13:17:51 GMT

GET
H2 200 logosred_site.png
www.xscores.com/image/ 3 KB
3 KB 58ms
58ms Image
image/png 195.201.128.7
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xscores.com/image/logosred_site.png
Requested by: Host: www.xscores.com
URL: https://www.xscores.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.128.7 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.7.128.201.195.clients.your-server.de
Software: nginx /
Resource Hash: 38a48e47b475a766c44799a882ea41baa48273087bfbb708063fc3cf61965794

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 13:17:51 GMT
content-encoding: gzip
last-modified: Sat, 25 Sep 2021 15:11:16 GMT
server: nginx
etag: W/"2853-1632582676000"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
expires: Thu, 05 Jan 2023 13:17:51 GMT

GET
H2 200 emailicon3.png
www.xscores.com/image/ 831 B
1 KB 68ms
65ms Image
image/png 195.201.128.7
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xscores.com/image/emailicon3.png
Requested by: Host: www.xscores.com
URL: https://www.xscores.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.128.7 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.7.128.201.195.clients.your-server.de
Software: nginx /
Resource Hash: e5254992d29b548bc6b934ba3c3b6f07ae9da486e9a09289d8d48a894a41953a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 13:17:51 GMT
content-encoding: gzip
last-modified: Sat, 25 Sep 2021 15:11:16 GMT
server: nginx
etag: W/"831-1632582676000"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
expires: Thu, 05 Jan 2023 13:17:51 GMT

GET
H2 200 logo4_mobile.png
www.xscores.com/image/ 5 KB
6 KB 68ms
66ms Image
image/png 195.201.128.7
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xscores.com/image/logo4_mobile.png
Requested by: Host: www.xscores.com
URL: https://www.xscores.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.128.7 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.7.128.201.195.clients.your-server.de
Software: nginx /
Resource Hash: a9e5066fc66528c496cbe35fb7df215e3ffb26ad7fe74ef207a14935aa5a5375

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 13:17:51 GMT
content-encoding: gzip
last-modified: Sat, 25 Sep 2021 15:11:16 GMT
server: nginx
etag: W/"5407-1632582676000"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
expires: Thu, 05 Jan 2023 13:17:51 GMT

GET
H2 200 jquery.cookiebar.min.js Show response
www.xscores.com/scripts/ 4 KB
2 KB 67ms
64ms Script
application/javascript 195.201.128.7
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xscores.com/scripts/jquery.cookiebar.min.js
Requested by: Host: www.xscores.com
URL: https://www.xscores.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.128.7 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.7.128.201.195.clients.your-server.de
Software: nginx /
Resource Hash: f8917df2e8cde1e6a0f4050a2223786b329402d0a33ce4efbd92491b53bb2a21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 13:17:51 GMT
content-encoding: gzip
last-modified: Wed, 23 Nov 2022 10:44:18 GMT
server: nginx
etag: W/"3647-1669200258000"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, max-age=3600, no-store, must-revalidate
accept-ranges: bytes
expires: Wed, 04 Jan 2023 13:17:51 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 80 KB
27 KB 129ms
54ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.xscores.com
URL: https://www.xscores.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b643dfe54d43b150b4e41b81aced56c4322a7c4c081483777c20ce15798bd68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 13:17:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27528
x-xss-protection: 0
server: sffe
etag: "1441 / 480 of 1000 / last-modified: 1672834288"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 04 Jan 2023 13:17:51 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
49 KB 97ms
72ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.xscores.com
URL: https://www.xscores.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5299ea507fd5eb7d812f8e182900512abcc20e03e9c3ce496ff9e6555184257

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 13:17:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49418
x-xss-protection: 0
server: cafe
etag: 11020916770199578511
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 04 Jan 2023 13:17:51 GMT

GET
H2 200 jquery.agemodalpopup.min.js Show response
www.xscores.com/scripts/ 4 KB
2 KB 20ms
19ms Script
application/javascript 195.201.128.7
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xscores.com/scripts/jquery.agemodalpopup.min.js
Requested by: Host: www.xscores.com
URL: https://www.xscores.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.128.7 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.7.128.201.195.clients.your-server.de
Software: nginx /
Resource Hash: 57924c930348d111e0e217f84872ee5470f49ae2a30aff2b7d9f5fade1a2e0fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 13:17:51 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 12:08:16 GMT
server: nginx
etag: W/"4287-1663675696000"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, max-age=3600, no-store, must-revalidate
accept-ranges: bytes
expires: Wed, 04 Jan 2023 13:17:51 GMT

GET
H2 200 jquery.bettingversionbar.min.js Show response
www.xscores.com/scripts/ 4 KB
2 KB 21ms
20ms Script
application/javascript 195.201.128.7
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xscores.com/scripts/jquery.bettingversionbar.min.js
Requested by: Host: www.xscores.com
URL: https://www.xscores.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.128.7 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.7.128.201.195.clients.your-server.de
Software: nginx /
Resource Hash: 6282c106a3f19f0225f74e66e53ba4e468fdf86bcc80c9ffa7efbf91a4ed1849

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 13:17:51 GMT
content-encoding: gzip
last-modified: Wed, 23 Nov 2022 10:44:18 GMT
server: nginx
etag: W/"3594-1669200258000"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, max-age=3600, no-store, must-revalidate
accept-ranges: bytes
expires: Wed, 04 Jan 2023 13:17:51 GMT

GET
H2 200 GoogleAnalytics.js Show response
www.xscores.com/scripts/ 396 B
570 B 69ms
66ms Script
application/javascript 195.201.128.7
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xscores.com/scripts/GoogleAnalytics.js
Requested by: Host: www.xscores.com
URL: https://www.xscores.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.128.7 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.7.128.201.195.clients.your-server.de
Software: nginx /
Resource Hash: 04fc8a54f49993b1ec621ff6a5e07354952566f83d397f41b34ac68ffdd79811

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 13:17:51 GMT
content-encoding: gzip
last-modified: Sat, 25 Sep 2021 15:11:16 GMT
server: nginx
etag: W/"396-1632582676000"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, max-age=3600, no-store, must-revalidate
accept-ranges: bytes
expires: Wed, 04 Jan 2023 13:17:51 GMT

GET
H2 200 google_service.js Show response
partner.googleadservices.com/gampad/ 1 KB
428 B 31ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/google_service.js

Requested by

Host: www.xscores.com
URL: https://www.xscores.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

27860bbd92fc2f77d8f4c4b0c01ab7649cc8002ad183240e7289338d217b0566

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 12:54:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1384
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 341
x-xss-protection: 0
server: cafe
etag: 953604975598805376
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Wed, 04 Jan 2023 13:54:47 GMT

GET
H2 200 google_ads.js Show response
partner.googleadservices.com/gampad/ 1 KB
844 B 30ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/google_ads.js

Requested by

Host: www.xscores.com
URL: https://www.xscores.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

27860bbd92fc2f77d8f4c4b0c01ab7649cc8002ad183240e7289338d217b0566

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 12:40:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2259
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 341
x-xss-protection: 0
server: cafe
etag: 953604975598805376
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Wed, 04 Jan 2023 13:40:12 GMT

GET
H2 200 Timezones.min.js Show response
www.xscores.com/scripts/ 4 KB
2 KB 69ms
67ms Script
application/javascript 195.201.128.7
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xscores.com/scripts/Timezones.min.js
Requested by: Host: www.xscores.com
URL: https://www.xscores.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.128.7 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.7.128.201.195.clients.your-server.de
Software: nginx /
Resource Hash: 9985ce069228442c8d25e513cc3e181fd2e5cd600f7103d793d4ac7267dd8d3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 13:17:51 GMT
content-encoding: gzip
last-modified: Wed, 21 Dec 2022 14:10:18 GMT
server: nginx
etag: W/"4483-1671631818000"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, max-age=3600, no-store, must-revalidate
accept-ranges: bytes
expires: Wed, 04 Jan 2023 13:17:51 GMT

GET
H2 200 home950.min.css
www.xscores.com/home/ 4 KB
2 KB 71ms
69ms Stylesheet
text/css 195.201.128.7
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xscores.com/home/home950.min.css?v=1641893294
Requested by: Host: www.xscores.com
URL: https://www.xscores.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.128.7 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.7.128.201.195.clients.your-server.de
Software: nginx /
Resource Hash: dee15017d1842b24ead7034d3466aae2e072ac71be529e00ab8fcd876e4d1270

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 13:17:51 GMT
content-encoding: gzip
last-modified: Tue, 11 Jan 2022 09:28:14 GMT
server: nginx
etag: W/"4334-1641893294000"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=0, no-cache, max-age=3600, no-store, must-revalidate
accept-ranges: bytes
expires: Wed, 04 Jan 2023 13:17:51 GMT

GET
H2 200 / Show response
extreme-ip-lookup.com/json/ 536 B
684 B 88ms
15ms XHR
application/json 109.236.91.3
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://extreme-ip-lookup.com/json/?key=v4bwFkJIPmNo27al9Yhr
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.236.91.3 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: customer.worldstream.nl
Software: nginx /
Resource Hash: 641ff06cb9a0fa47fd9c40779d2c65cc836c05bb12b679ae59e86803dd81bf44

Request headers

Accept: */*
Referer: https://www.xscores.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 04 Jan 2023 13:17:51 GMT
cache-control: max-age=3600
server: nginx
access-control-allow-headers: *
content-length: 536
content-type: application/json; charset=utf-8;

GET
H2 200 fa-solid-900.woff2
www.xscores.com/style/fontawesome/webfonts/ 127 KB
127 KB 71ms
70ms Font
font/woff2 195.201.128.7
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xscores.com/style/fontawesome/webfonts/fa-solid-900.woff2
Requested by: Host: www.xscores.com
URL: https://www.xscores.com/style/fontawesome/css/all.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.128.7 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.7.128.201.195.clients.your-server.de
Software: nginx /
Resource Hash: 0c103ae844c36c58f5947f4ffac0ef3edf1d447d0650fe33437071d3e13645ca

Request headers

Referer: https://www.xscores.com/style/fontawesome/css/all.min.css
Origin: https://www.xscores.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 13:17:51 GMT
content-encoding: gzip
last-modified: Sat, 25 Sep 2021 15:11:16 GMT
server: nginx
etag: W/"129832-1632582676000"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=86400
accept-ranges: bytes
expires: Thu, 05 Jan 2023 13:17:51 GMT

GET
H2 200 fa-regular-400.woff2
www.xscores.com/style/fontawesome/webfonts/ 156 KB
156 KB 70ms
69ms Font
font/woff2 195.201.128.7
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xscores.com/style/fontawesome/webfonts/fa-regular-400.woff2
Requested by: Host: www.xscores.com
URL: https://www.xscores.com/style/fontawesome/css/all.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.128.7 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.7.128.201.195.clients.your-server.de
Software: nginx /
Resource Hash: 42d979d54a12b76d10c5f34709c774b14aedcbf25f268f332a7e9163011b658b

Request headers

Referer: https://www.xscores.com/style/fontawesome/css/all.min.css
Origin: https://www.xscores.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 13:17:51 GMT
content-encoding: gzip
last-modified: Sat, 25 Sep 2021 15:11:16 GMT
server: nginx
etag: W/"159884-1632582676000"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=86400
accept-ranges: bytes
expires: Thu, 05 Jan 2023 13:17:51 GMT

GET
H2 200 fa-brands-400.woff2
www.xscores.com/style/fontawesome/webfonts/ 74 KB
74 KB 84ms
83ms Font
font/woff2 195.201.128.7
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xscores.com/style/fontawesome/webfonts/fa-brands-400.woff2
Requested by: Host: www.xscores.com
URL: https://www.xscores.com/style/fontawesome/css/all.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.128.7 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.7.128.201.195.clients.your-server.de
Software: nginx /
Resource Hash: b55616e4eada60d4e94a044efa03f45c3550056a0e93a55a993b0b85a7e7689b

Request headers

Referer: https://www.xscores.com/style/fontawesome/css/all.min.css
Origin: https://www.xscores.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 13:17:51 GMT
content-encoding: gzip
last-modified: Sat, 25 Sep 2021 15:11:16 GMT
server: nginx
etag: W/"75308-1632582676000"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=86400
accept-ranges: bytes
expires: Thu, 05 Jan 2023 13:17:51 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 98 KB
39 KB 105ms
43ms Script
application/javascript 2a00:1450:400d:807::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P6QL2T2

Requested by

Host: www.xscores.com
URL: https://www.xscores.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b245c431e6569826e79c97d269a24d1a367fdc1b0f773e6f86da54a8e8bfb066

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 13:17:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39320
x-xss-protection: 0
last-modified: Wed, 04 Jan 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 04 Jan 2023 13:17:51 GMT

GET
H2 200 pubads_impl_2022120701.js Show response
securepubads.g.doubleclick.net/gpt/ 382 KB
129 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2f8c7997f52d388163a69b8832524663fd4b607f83cdb13ed9c6e928ad71fac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 12:55:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1346
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132289
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 09:34:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 04 Jan 2024 12:55:25 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 354 B
172 B 55ms
41ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.xscores.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57f031cf2b8305844b9744296d7de36c01f5e53e2d2ef61198cb641b2ee0b34f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 13:17:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 147
x-xss-protection: 0
expires: Wed, 04 Jan 2023 13:17:51 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 28ms
6ms Script
text/javascript 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.xscores.com
URL: https://www.xscores.com/scripts/GoogleAnalytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 04 Jan 2023 11:24:37 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 6794
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 04 Jan 2023 13:24:37 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 109ms
42ms Script
application/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.xscores.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 13:17:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 112ms
43ms Script
application/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.xscores.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 13:17:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 657 B
371 B 50ms
49ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4273723628055545&correlator=1046355857739469&eid=31071185%2C44780792%2C21065725&output=ldjh&gdfp_req=1&vrg=2022120701&ptt=17&impl=fifs&iu_parts=1054677%2COut-of-Page&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=2978826840&didk=3822112896&sfv=1-0-40&ists=1&sc=1&cookie_enabled=1&abxe=1&dt=1672838271781&lmt=1672838271&dlt=1672838271544&idt=195&adxs=100&adys=707&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.xscores.com%2F&frm=20&vis=1&psz=1400x569&msz=1400x0&fws=0&ohw=0&ga_vid=297026340.1672838272&ga_sid=1672838272&ga_hid=1188576461&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55952431c4aaff28a5e805fc8ab9aa18ddaa3bce69f1c55793e449b508f0d4db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 13:17:51 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 341
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.xscores.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
5470d64aa34e1c47c445da06338616a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 905D 6 KB
3 KB 68ms
15ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5470d64aa34e1c47c445da06338616a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xscores.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 04 Jan 2023 13:17:51 GMT
expires: Thu, 04 Jan 2024 13:17:51 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/ Frame 37C2 10 KB
5 KB 85ms
20ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xscores.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 41962
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 Jan 2023 01:38:29 GMT
etag: 10353107486223812946
expires: Wed, 18 Jan 2023 01:38:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 29ms
13ms XHR
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1188576461&t=pageview&_s=1&dl=https%3A%2F%2Fwww.xscores.com%2F&ul=en-us&de=UTF-8&dt=Live%20Scores%20-%20Live%20Sports%20Results%20by%20xScores&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEABAAAAACAAI~&jid=258296644&gjid=1127157311&cid=297026340.1672838272&tid=UA-100572923-1&_gid=1536028946.1672838272&_r=1&_slc=1&z=1486251888

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.xscores.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 04 Jan 2023 13:17:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.xscores.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
442 B 64ms
21ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-100572923-1&cid=297026340.1672838272&jid=258296644&gjid=1127157311&_gid=1536028946.1672838272&_u=IAhAAEAAAAAAACAAI~&z=1340795399

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.xscores.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 04 Jan 2023 13:17:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.xscores.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 72ms
57ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d640896cce366cd04e49e772ff67aa65bda3709ac95f7d7b273ccc31617b4a3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 13:17:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11298
x-xss-protection: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 116ms
55ms Image
image/gif 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-100572923-1&cid=297026340.1672838272&jid=258296644&_u=IAhAAEAAAAAAACAAI~&z=1032078178

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Jan 2023 13:17:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 58ms
36ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-100572923-1&cid=297026340.1672838272&jid=258296644&_u=IAhAAEAAAAAAACAAI~&z=1032078178

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Jan 2023 13:17:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 136ms
73ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 13:17:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 04 Jan 2023 13:17:52 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 27D3 13 KB
5 KB 65ms
20ms Document
text/html 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xscores.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 575325
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 28 Dec 2022 21:29:07 GMT
expires: Thu, 28 Dec 2023 21:29:07 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7E73 783 B
535 B 91ms
44ms Document
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f92c8e68b176ac57a1a248e0440d4fc09ac02953ffb095e0f1c8a89d65ea1ec8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4n_4YuERfplAIwhAK7sQUQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.xscores.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-4n_4YuERfplAIwhAK7sQUQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 04 Jan 2023 13:17:52 GMT
expires: Wed, 04 Jan 2023 13:17:52 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js Show response
pagead2.googlesyndication.com/bg/ Frame 27D3 36 KB
16 KB 25ms
9ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 12:47:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1793
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jan 2024 12:47:59 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7E73 0
0 110ms
108ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120701&jk=4273723628055545&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 27D3 0
10 B 20ms
20ms Image
text/plain 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?gVGT_Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 13:17:52 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 86ms
44ms Script
application/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.xscores.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 13:17:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 88ms
43ms Script
application/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.xscores.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 13:17:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 115 KB
23 KB 532ms
531ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4273723628055545&correlator=2372826975101699&eid=31071185%2C44780792%2C21065725&output=ldjh&gdfp_req=1&vrg=2022120701&ptt=17&impl=fifs&iu_parts=1054677%2COut-of-Page%2C728x90top_homepage_desktop%2C728x90bottom_homepage_desktop%2C160x600left_homepage_desktop%2C160x600right_homepage_desktop&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=1x1%2C728x90%2C728x90%2C160x600%2C160x600&ifi=2&adks=2978826840%2C938601209%2C2259562403%2C517810145%2C3229912211&didk=3822112896~574482059~3617755304~1115340430~510828413&sfv=1-0-40&ris=1~~~~&rcs=1%2C0%2C0%2C0%2C0&ists=16&prev_scp=%7C%7C%7Ctest%3Dprivacy%7C&eri=1&sc=1&cookie=ID%3D1257c052dd3300c3%3AT%3D1672838271%3AS%3DALNI_MY3uw1vLzIdfz6VQfABEVWukBOhaA&gpic=UID%3D00000b9d2657b403%3AT%3D1672838271%3ART%3D1672838271%3AS%3DALNI_MaOgSdlEBzlnfGGbJj_eTYoOlXsxQ&abxe=1&dt=1672838272777&lmt=1672838272&dlt=1672838271544&idt=195&adxs=100%2C436%2C436%2C105%2C1335&adys=707%2C5%2C743%2C143%2C143&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0%7C0&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.xscores.com%2F&frm=20&vis=1&psz=1400x569%7C728x95%7C728x90%7C160x600%7C160x600&msz=1400x0%7C728x-1%7C728x-1%7C160x-1%7C160x-1&fws=0%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0&ga_vid=297026340.1672838272&ga_sid=1672838272&ga_hid=1188576461&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0b2183fee2e5f7dc4b4b0caed38102dd6fd22145d8e8ebf7459919e5ce3484e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 13:17:53 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23358
x-xss-protection: 0
google-lineitem-id: -2,5171949781,5148331893,5171949781,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,138287348054,138284717565,138287664097,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.xscores.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 116ms
115ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120701&jk=4273723628055545&bg=!AQKlAkbNAAYgquz3AKo7ACkAdvg8WuD79ieU4qr6nCVA5u7ZtbtlxGuI7j7y-JaFySiw2kANajdzjwIAAABTUgAAAARoAQcKABhVWm-R3cis3d4eFo15bd0gn53G1KNyJJOZAtkSerABHq1_uScHolYf9v_4-QsfGjAaz-Zr_er22GShVbatBzopiqYs0tmMBTQWqwopHrYt_98O0t96u1t6oBWjjW1GfI2IJ196m7rU-orfMTnGE0yxuBacpiC_YEpqHLOhgLsqM8eNOzQ27UYLrEEV9n-khDfasAjy6OYX4Kbr1NqMjBjmN60MqBb9Z-300sTz9M79gCxTcJj6jHZlBOD8wMqVDTIXPfLL6oL6zwfVYIKJGvPKso-RZINl8hXCnf6wc_gq8SpjoTALxahxo3z9mzd0VYFCUy-NIywGvkw-TUyWKlN23GK5SkFtNcCJHJwrJSIWhN-CR_N8zZEn5aF_ypsBMX-UdQkkctXi3tNbQJpsm8JHEZ13wAUFJQShJhWvdbM1LLPpSpMmaIrWhjX1E1L5RIOqH4ymB2jvVJbOO4xCe-aDKP51Mb3xxtn_WgxLxLp-51pf7gqrHYWABTZCuk-rNUAbcMBvblPEcgZGA1rciJtcMCDImb7hykN17-OVoA5V4rKXYkdYi9lwq7YPcCQU8iTXP2qpPmd1MTc74QG9IFcl_SZ5cilRI6NQx74xfNUzEOr8IdFZgufI4pPG8zaMwPyIakfyxCV6GF8JOeA4IeB7P3teNJuMWlhpBVPNZcxE1riR2wRqfqfw1L8cTVfdF1OskX69kx1fUyUl9dboA4gPQ2U3MAOmwQ366sfM4Cu4-dHNT4k6wOUxrDLYh19YeXGwWsg5Dn8Er0lXk6xPybzL6ntqYWuPAvG7KawekRl0ebd9jcMJjtbTfDgDE2_4iu7EDpw-2zyO6iESD-cWIIY7PZE5pKo0lAgZEjBt4j-KMgEYrwyseGbF7R7tIXtKajCap7tAxOyswgMLvpqpFLWnbdDRVpX5pBwKv1F7HHcli_jUvoctTMs0poIJS1VmINoyU40sbtlIHHMYqbhbJRy9IaIptE8kYLknsNRAYwFd0ClEpmA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9042 0
0 44ms
44ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvc-smlbN5ksym5GDmrHPkl27on1EHHkzWMsvZf63NsEnVnl8v7xcP7Nis6PtfQZZY_SrALf3M_36x4qcRs59WN8vhBEUt1-NuRKuRzltYMXLz-mLB6aly4oy7uMLUsdhOxXHDSEd-TEfDuc8P8wJMiomOiLUf9XdX0--53JsxY-Yar1W1zkecfVZ0NUKFbLEVwEu1ksBgONk8Dh5J4iYMgYqhHX6RCzuvKWczmvLs3lagxrOFElmusYHimze9qg_CgLCFQj1-imKn4tyiq9cM_82tn7LPKe9jgS_6a4XHFgBVaKFVikW09vPtRwjfwoobg3_FDJJt5xFZuq7IVqcA&sai=AMfl-YQsLDUP2e4Z80vQ4jsSz4HIkYUsEpZHd0TClVXml5YHQd1XfoHe-1nCZxpZpD24GuSjePj6sg2LsM95w_fQZyB0EhXkihFf_nwdFezZnHiPJlFqAfdifuGc1ZtefkLC&sig=Cg0ArKJSzB55X7pa0uO1EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.xscores.com
URL: https://www.xscores.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 13:17:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 tags.js Show response
tags.expo9.exponential.com/tags/LivescoresbyXScorescom/ROS/ Frame 9042 7 KB
2 KB 208ms
169ms Script
application/x-javascript 2606:4700::6812:ddb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.expo9.exponential.com/tags/LivescoresbyXScorescom/ROS/tags.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ddb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0e84e667672bf1c1c675beab334b374919c2a76172ddf890e48ac57b182f5ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 13:17:53 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
p3p: CP="NOI DEVo TAIa OUR BUS"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2306
x-function: 151
last-modified: Wed, 11 Aug 2021 04:08:51 GMT
server: cloudflare
x-reuse-index: 362
etag: 5909443542969422214
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600, public
cf-ray: 784441c8ae58916a-FRA
expires: Wed, 04 Jan 2023 14:17:53 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9042 153 KB
47 KB 179ms
136ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 13:17:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 04 Jan 2023 13:17:53 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame EF2F 0
0 44ms
43ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvy-gNBNWihGQC0D__lzs3WFyhTbWMb2BKk5-uHSLKP44VoDXRMs4qGo3bGtP9zu7iNOBAD_SrG9ItpJbyNHRQmZOerNzvGDCnQAGjyUFj8pHiIp7TScs_OLBbUv9fAoKZEa2DRtgdMYRcmmY7Soil4fcDy8dbionfLqwemtyMEO6NygrwUWYJYmV93FSUXg-t2hF2i2HzxJ-AA5Eeq3AfUwBbO8xn2x12ilhyfEMKpLR3cAp9Du8qjne-Se79zMoKArztuou7SFz-LgecVL-vj0r-8bQgS9n6To97RfjTQad9uRPPP6JEzkix5-LH4b_PQIzsEhoOD-eRH69S_y440aH9T&sai=AMfl-YRXGEHifWs8PhzsKR3-hlWnct0045vW7QOdau28JpIrjIVzccgdRV7-u8qSYdaI4Ry8lMDwOqzhCHj56ODCPpsmPFDmGhnqda7Zf0pFTD1nDM3K8Q-Y2LMB9eGd14_Z&sig=Cg0ArKJSzBgcSdNTIBGjEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.xscores.com
URL: https://www.xscores.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 13:17:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 ad.aspx Show response
affiliatesys.interwetten.com/ Frame EF2F 348 B
931 B 564ms
90ms Script
text/html 2a02:26f0:6c00::210:bac0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://affiliatesys.interwetten.com/ad.aspx?pid=1982&bid=8485
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bac0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 1d895af5c6bdee70d72b67ceb2f53495dbe9382a614e179371e61b0a94e3ed27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
pragma: no-cache
date: Wed, 04 Jan 2023 13:17:53 GMT
content-encoding: gzip
x-aspnet-version: 4.0.30319
vary: Accept-Encoding
content-type: text/html; charset=utf-8
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
access-control-expose-headers: Request-Context
cache-control: max-age=0, no-cache, no-store
server-timing: cdn-cache; desc=MISS, edge; dur=9, origin; dur=50
content-length: 273
x-akamai-transformed: 9 348 0 pmb=mRUM,1
expires: Wed, 04 Jan 2023 13:17:53 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EF2F 153 KB
47 KB 102ms
71ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 13:17:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 04 Jan 2023 13:17:53 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6FAE 0
0 45ms
44ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvyQhLXj8umORGf8MMqL0XbKM870MtnSifis-su_U011Wt6b46kl6u9c3fFX1eaB6vpiQ8cg735JHpYHk7zdQRM_1fRLk4YTc72Krz9LpErPCS4xzEpD4PANha-hGKprl-jSofCG7iLi8qSCIzoc6C38xZhojiLJGcIFIdx8qwoZ4j8FlKKdo1SbLZM9hxgvSJeH2yEGdBmBxS0jHNMwgg8JCHi0bJaiUKvtfDbntJ-8WIPgX-LFaAKF8DKeqxktXXSISJK5glng1b5uJ_3fHSd7zVHPgLJaeVDnAKehAt5Kmg2Pudc89DIWkXrGkHtmk8HYObWhRJaCa-3MYi-QJ511g&sai=AMfl-YQXd-Ey-J_vmhATkBILIWhir-0o8bYjExYFxXRbT_uw2oKBe6Hu_B-5eU1ByPa47M8689g6ZWLdRQuKWCbJdmWDnoI41rwheF_QcztheeS28ttV9sXV9zjOUcsSO3Bt&sig=Cg0ArKJSzHTTzZzojAUHEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.xscores.com
URL: https://www.xscores.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 13:17:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 tags.js Show response
tags.expo9.exponential.com/tags/LivescoresbyXScorescom/ROS/ Frame 6FAE 7 KB
3 KB 182ms
167ms Script
application/x-javascript 2606:4700::6812:ddb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.expo9.exponential.com/tags/LivescoresbyXScorescom/ROS/tags.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ddb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0e84e667672bf1c1c675beab334b374919c2a76172ddf890e48ac57b182f5ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 13:17:53 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
p3p: CP="NOI DEVo TAIa OUR BUS"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2306
x-function: 151
last-modified: Wed, 11 Aug 2021 04:08:51 GMT
server: cloudflare
x-reuse-index: 234
etag: 5909443542969422214
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600, public
cf-ray: 784441c8ae5c916a-FRA
expires: Wed, 04 Jan 2023 14:17:53 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6FAE 153 KB
47 KB 153ms
135ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 13:17:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 04 Jan 2023 13:17:53 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012211060024000/ Frame 740D 221 KB
60 KB 154ms
29ms Script
text/javascript 2a00:1450:400d:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 28 Dec 2022 21:36:05 GMT
age: 574908
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61592
x-xss-protection: 0
server: sffe
etag: "a2fca7132416d151"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 28 Dec 2023 21:36:05 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 740D 14 KB
6 KB 145ms
20ms Script
text/javascript 2a00:1450:400d:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 28 Dec 2022 21:36:05 GMT
age: 574908
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5218
x-xss-protection: 0
server: sffe
etag: "abd4378f71571d78"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 28 Dec 2023 21:36:05 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 740D 94 KB
28 KB 185ms
61ms Script
text/javascript 2a00:1450:400d:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 28 Dec 2022 21:36:06 GMT
age: 574907
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28809
x-xss-protection: 0
server: sffe
etag: "dd6615029de85e23"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 28 Dec 2023 21:36:06 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 740D 5 KB
2 KB 192ms
68ms Script
text/javascript 2a00:1450:400d:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 28 Dec 2022 21:36:05 GMT
age: 574908
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1913
x-xss-protection: 0
server: sffe
etag: "403438c4d550ee88"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 28 Dec 2023 21:36:05 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 740D 40 KB
13 KB 151ms
27ms Script
text/javascript 2a00:1450:400d:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 28 Dec 2022 21:36:05 GMT
age: 574908
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12946
x-xss-protection: 0
server: sffe
etag: "0bacd3f1ce38a7db"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 28 Dec 2023 21:36:05 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 740D 6 KB
1 KB 43ms
21ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 04 Jan 2023 13:17:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 04 Jan 2023 12:40:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 04 Jan 2023 13:17:53 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 740D 2 KB
2 KB 21ms
20ms Image
image/png 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.xscores.com
URL: https://www.xscores.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 00:34:48 GMT
x-content-type-options: nosniff
server: cafe
age: 45785
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 05 Jan 2023 00:34:48 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 740D 295 B
319 B 22ms
21ms Image
image/png 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.xscores.com
URL: https://www.xscores.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 00:34:47 GMT
x-content-type-options: nosniff
server: cafe
age: 45786
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 05 Jan 2023 00:34:47 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 740D 0
0 51ms
50ms Image
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaStrjJK1MU2K-3u9l5rgqzqayfWw9w8m-a6ayQsI6SSEB0M3poHscPsEYRM5mSUzcOroPznnOh_Cg6RTW_eC6FNpc4jpg
Requested by: Host: www.xscores.com
URL: https://www.xscores.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 740D 0
0 52ms
51ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CrEykgHy1Y7yaM6r_7_UPtMKo6AfQn9GfbsTl7qatEfe6udGODhABILu3qZIBYJXikIKgB6AB3tn1jCnIAQmpAtCPQEo8xrE-4AIAqAMByAMKqgSKAk_QQaslrDkwb1FmqTHVHqjUS5LyfiqvRizwXxnYGUKWO2lbL2x2mF8wi-rj1Ts2O7mL3uXpLww8i1P0s8xLP2pUWGcyJRN7hjH9Wwk8q23k9_0m17rbWb17xmHVnYk0WATAdgqEM68glmAVzRxjoKU4nfXWhPfwb6BPIBswAYa1k2xcdb7CkxHcpJhjRMAa0aFp5qXLbUIeBgY0aj8l5CC1_sqgsbn5tscHp_HJ8FN9oLi0upSUtRrr1qp4u79rK92lyE0RJzk52-EH7XsZaC_j5r6yQgIfYnJ1suUMcWCc7Gtq0ewduCwh7tEDwIyCoUHIGbtxzdpSxH7AEpGc220YNonUt3uimxzbwATtuq76mQTgBAGSBQQIBBgBkgUECAUYBKAGLoAH3pHG7AOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDb8w_SCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAbgT5APYEwzQFQGAFwGyFx4KHAgAEhRwdWItMTg2NzQ5MjU3OTQ0MzQzNxil6gg&sigh=KRsJA4LHKLQ&uach_m=[UACH]&cid=CAQSOwDq26N9e76hLrXaqJdRWPJbmjsQk97LQI2LBhDrP6Ayz8bcvBs427FFEiLG8UpNlvj8gi4D3F-7AsvNGAEgEw&template_id=484
Requested by: Host: www.xscores.com
URL: https://www.xscores.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/6063972444542556210/ Frame 740D 48 KB
48 KB 22ms
21ms Image
image/jpeg 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6063972444542556210/2076313506083323656

Requested by

Host: www.xscores.com
URL: https://www.xscores.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1afa58ba922a027077434c3c3d3aaa70dc9c5882d273c3de0ea7fc97663398e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 08:11:54 GMT
x-content-type-options: nosniff
age: 104759
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49270
x-xss-protection: 0
last-modified: Mon, 28 Nov 2022 21:06:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 03 Jan 2024 08:11:54 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/11055800874229895024/ Frame 740D 10 KB
10 KB 42ms
41ms Image
image/png 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11055800874229895024/14763004658117789537?w=100&h=100

Requested by

Host: www.xscores.com
URL: https://www.xscores.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c104ec098bbe63627860a2d0144e9864c4db095e1e4f1e9f38119affa80bc39c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 20:23:03 GMT
x-content-type-options: nosniff
age: 60890
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10673
x-xss-protection: 0
last-modified: Mon, 28 Nov 2022 21:06:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 03 Jan 2024 20:23:03 GMT

GET
DATA 200
OK truncated
/ Frame 740D 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 740D 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fccbc9fc071f43a50a96ffb7fd285f802365e44ade74d69ca587631dff22c656

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 740D 15 KB
16 KB 97ms
26ms Font
font/woff2 2a00:1450:400d:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.xscores.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 19:33:08 GMT
x-content-type-options: nosniff
age: 582285
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Dec 2023 19:33:08 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 740D 15 KB
15 KB 99ms
27ms Font
font/woff2 2a00:1450:400d:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.xscores.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 01:58:46 GMT
x-content-type-options: nosniff
age: 559147
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Dec 2023 01:58:46 GMT

GET
H2 200 tags.js Show response
s.tribalfusion.com/real/tags/LivescoresbyXScorescom/ROS/ Frame 6FAE 59 KB
14 KB 290ms
253ms Script
application/x-javascript 2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/real/tags/LivescoresbyXScorescom/ROS/tags.js
Requested by: Host: tags.expo9.exponential.com
URL: https://tags.expo9.exponential.com/tags/LivescoresbyXScorescom/ROS/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80271754c60af1d6768c448b145131cecd30913b15fc3e363d52a5cc3737a3cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 13:17:53 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
p3p: CP="NOI DEVo TAIa OUR BUS"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14154
x-function: 151
last-modified: Wed, 11 Aug 2021 04:08:51 GMT
server: cloudflare
x-reuse-index: 9
etag: 9330498666248965293
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600, private
cf-ray: 784441c9fc7a8ff4-FRA
expires: Wed, 04 Jan 2023 14:17:53 GMT

GET
H2 200 tags.js Show response
s.tribalfusion.com/real/tags/LivescoresbyXScorescom/ROS/ Frame 9042 59 KB
14 KB 318ms
282ms Script
application/x-javascript 2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/real/tags/LivescoresbyXScorescom/ROS/tags.js
Requested by: Host: tags.expo9.exponential.com
URL: https://tags.expo9.exponential.com/tags/LivescoresbyXScorescom/ROS/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80271754c60af1d6768c448b145131cecd30913b15fc3e363d52a5cc3737a3cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 13:17:53 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
p3p: CP="NOI DEVo TAIa OUR BUS"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14154
x-function: 151
last-modified: Wed, 11 Aug 2021 04:08:51 GMT
server: cloudflare
x-reuse-index: 836
etag: 9330498666248965293
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600, private
cf-ray: 784441c9fc7c8ff4-FRA
expires: Wed, 04 Jan 2023 14:17:53 GMT

GET
H3 200 displayAd.js Show response
s.tribalfusion.com/ Frame 6FAE 677 B
929 B 251ms
241ms Script
application/x-javascript 2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/displayAd.js?dver=0.9&th=8153096748
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/LivescoresbyXScorescom/ROS/tags.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2cd5d4ec27efd3b78be46074e908cdae1f7b6fdd9c4b09e5613be6473e8a7fbb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 13:17:54 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-function: 153
last-modified: Wed, 11 Aug 2021 04:08:51 GMT
server: cloudflare
x-reuse-index: 59
vary: Accept-Encoding
content-type: application/x-javascript
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: private
cf-ray: 784441cbaec89054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 329
expires: Tue, 04 Apr 2023 13:17:54 GMT

GET
H3 200 displayAd.js Show response
s.tribalfusion.com/ Frame 9042 680 B
891 B 229ms
229ms Script
application/x-javascript 2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/displayAd.js?dver=0.9&th=8153096748
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/LivescoresbyXScorescom/ROS/tags.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e2d45fa140f6240dc23d273d6cccaf61639819f77bc027e733a8b1db90bcc39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 13:17:54 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-function: 153
last-modified: Wed, 11 Aug 2021 04:08:51 GMT
server: cloudflare
x-reuse-index: 263
vary: Accept-Encoding
content-type: application/x-javascript
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: private
cf-ray: 784441cbceef9054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 332
expires: Tue, 04 Apr 2023 13:17:54 GMT

GET
H2 200 client Show response
ssl.connextra.com/Interwetten/selector/ Frame EFD6 510 B
1 KB 187ms
42ms Document
text/html 96.16.144.106
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.connextra.com/Interwetten/selector/client?client=Interwetten&placement=AFF_DE_EURO2021_728x90&cxt_aff_id=&tclk=http://affiliatesys.interwetten.gr/redirect.aspx?pid=1982&bid=8485&redirectURL=
Requested by: Host: affiliatesys.interwetten.com
URL: https://affiliatesys.interwetten.com/ad.aspx?pid=1982&bid=8485
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 96.16.144.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-144-106.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 09e2cde841d20eb7a050856760dc680b5643fa8c1c5068b4c271969b087a31f9

Request headers

Referer: https://www.xscores.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-length: 510
content-type: text/html;charset=utf-8
date: Wed, 04 Jan 2023 13:17:54 GMT
expires: Wed, 04 Jan 2023 13:17:54 GMT
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
pragma: no-cache
vary: *
x-served-by: vlp-cxtadsrv10.connextra.net

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame EF2F 0
0 44ms
44ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstteVXfD1W4Dess4Qb54tXYA_ln4Bku4RPQXGVOHp7CqOEzqepvoG42YfJfBEiidq6GAY10T8zNk73dXaueUKSGwe3BkYpVuXVrQOahZT3VNAl2KtI5QzqePou2Jbe3vVbmORgfzFMHBkRkc2VSKriXjAWP-aW7TnJb33-KgFZqaJaGEy0Y7tlz_ySUdJ6H8YVaQitQuDjC5Z5o--IVQK0YIWR4Tx857qARjgwLX40_9-0kruAnYM2IvY1zFCihC2nrltOLKMLeUfBng38bWjuq6rTs6ulPG1649LJujqGjUxN816sf-WLjpahbV7dkhkADGGwz8MLjSjXHy-3ce1TAPb1ht0A&sai=AMfl-YQgX6ZhdwhT14adM7rmoEPqgIquq_czUTPOS9GhFlMLy7fwYi_YtjmP-5Eiqxm0KWRadA1vaT5DlqTkqg4zlyBTY3Da-iVL_oCDMU3NXZjBMbl2J6TJ3iPofYgli3Es&sig=Cg0ArKJSzIUurgBd6dH_EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 13:17:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 04 Jan 2023 13:17:53 GMT

GET
DATA 200
OK truncated
/ Frame EF2F 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7bc7443e12f0c6ac90dc11455835608b5ca6f4b96fd8bf091ccbf2999e7afbf9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 j.ad Show response
s.tribalfusion.com/ Frame 6FAE 3 KB
2 KB 223ms
223ms Script
application/x-javascript 2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=8153096748&tagKey=3341591413&loaderVer=0.1&site=livescoresbyxscorescom&adSpace=ros&center=1&env=display&size=160x600&busted=1&url=https%3A%2F%2Fwww.xscores.com%2F&f=1&p=18194392&tKey=aNmneM5A37RPrB3tUn0t3JMTAJQpxLja&a=1&adContainerId=richmedia_2&rnd=18191904
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/LivescoresbyXScorescom/ROS/tags.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aead5e8d42441f9f2d8270a1d1c0d4101b7d0d1b1874fa20b90b628606faa0c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Jan 2023 13:17:54 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-function: 101
server: cloudflare
x-reuse-index: 60
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: private, no-cache, no-store, proxy-revalidate
cf-ray: 784441cd29389054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1518
expires: 0

GET
H2 200 controller Show response
ssl.connextra.com/servlet/ Frame B13A 3 KB
2 KB 81ms
80ms Document
text/html 96.16.144.106
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.connextra.com/servlet/controller?service=DE_SB_NKB_2021_IWde_SWI_HTML_728x90&pubhost=www.xscores.com&tclk=http%3A%2F%2Faffiliatesys.interwetten.gr%2Fredirect.aspx%3Fpid%3D1982%26bid%3D8485%26redirectURL%3D&client=Interwetten&placement=AFF_DE_EURO2021_728x90&cxt_aff_id=
Requested by: Host: ssl.connextra.com
URL: https://ssl.connextra.com/Interwetten/selector/client?client=Interwetten&placement=AFF_DE_EURO2021_728x90&cxt_aff_id=&tclk=http://affiliatesys.interwetten.gr/redirect.aspx?pid=1982&bid=8485&redirectURL=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 96.16.144.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-144-106.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0fb78ab6edaa1856259461519a4970a5dfb0ada10c46f3f5029c5e5cbed9e8b6

Request headers

Referer: https://ssl.connextra.com/Interwetten/selector/client?client=Interwetten&placement=AFF_DE_EURO2021_728x90&cxt_aff_id=&tclk=http://affiliatesys.interwetten.gr/redirect.aspx?pid=1982&bid=8485&redirectURL=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-length: 1406
content-type: text/html;charset=UTF-8
date: Wed, 04 Jan 2023 13:17:54 GMT
expires: Wed, 04 Jan 2023 13:27:31 GMT
vary: Accept-Encoding
x-served-by: vlp-cxtadsrv10.connextra.net

GET
H3 200 j.ad Show response
s.tribalfusion.com/ Frame 9042 8 KB
4 KB 167ms
167ms Script
application/x-javascript 2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=8153096748&tagKey=3341591413&loaderVer=0.1&site=livescoresbyxscorescom&adSpace=ros&center=1&env=display&size=728x90&busted=1&url=https%3A%2F%2Fwww.xscores.com%2F&f=1&p=18194392&tKey=aomneMWmrw4GJ4YrUZbTPmpR9QSQpxZbuZa&a=3&adContainerId=richmedia_4&rnd=18192959
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/LivescoresbyXScorescom/ROS/tags.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 982f6727aa2fdb0cd453fa35a27ae5b97216e195443aaf2d5d21f83311b83135

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Jan 2023 13:17:54 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-function: 101
server: cloudflare
x-reuse-index: 57
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: private, no-cache, no-store, proxy-revalidate
cf-ray: 784441cd49619054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3296
expires: 0

GET
H2 200 load3.js Show response
ssl.connextra.com/services/ActiveAd/ Frame B13A 3 KB
873 B 23ms
23ms Script
application/x-javascript 96.16.144.106
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.connextra.com/services/ActiveAd/load3.js
Requested by: Host: ssl.connextra.com
URL: https://ssl.connextra.com/servlet/controller?service=DE_SB_NKB_2021_IWde_SWI_HTML_728x90&pubhost=www.xscores.com&tclk=http%3A%2F%2Faffiliatesys.interwetten.gr%2Fredirect.aspx%3Fpid%3D1982%26bid%3D8485%26redirectURL%3D&client=Interwetten&placement=AFF_DE_EURO2021_728x90&cxt_aff_id=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 96.16.144.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-144-106.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: efa868a96d117a28e0d2d0e338e2b248179d0247cd5e4bfa73363d8001e03a82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.connextra.com/servlet/controller?service=DE_SB_NKB_2021_IWde_SWI_HTML_728x90&pubhost=www.xscores.com&tclk=http%3A%2F%2Faffiliatesys.interwetten.gr%2Fredirect.aspx%3Fpid%3D1982%26bid%3D8485%26redirectURL%3D&client=Interwetten&placement=AFF_DE_EURO2021_728x90&cxt_aff_id=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 13:17:54 GMT
content-encoding: gzip
last-modified: Wed, 16 Nov 2016 14:10:53 GMT
server: AkamaiNetStorage
etag: "743a5e7701b844723629ba8123740a92:1479305453"
vary: Accept-Encoding
content-type: application/x-javascript
accept-ranges: bytes
content-length: 687

GET
H2 200 createjs.min.js Show response
ssl.connextra.com/resources/Interwetten/2021/NKB/Lothar/DE/21_IWde_DE_NKB100_HTML_728x90/libs/1.0.0/ Frame B13A 236 KB
63 KB 223ms
223ms Script
text/javascript 96.16.144.106
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.connextra.com/resources/Interwetten/2021/NKB/Lothar/DE/21_IWde_DE_NKB100_HTML_728x90/libs/1.0.0/createjs.min.js
Requested by: Host: ssl.connextra.com
URL: https://ssl.connextra.com/servlet/controller?service=DE_SB_NKB_2021_IWde_SWI_HTML_728x90&pubhost=www.xscores.com&tclk=http%3A%2F%2Faffiliatesys.interwetten.gr%2Fredirect.aspx%3Fpid%3D1982%26bid%3D8485%26redirectURL%3D&client=Interwetten&placement=AFF_DE_EURO2021_728x90&cxt_aff_id=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 96.16.144.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-144-106.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: adf379f80ce276b9dc4030667cf06a2b68c7bc10908a9cc4d492b8b96aa15997

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.connextra.com/servlet/controller?service=DE_SB_NKB_2021_IWde_SWI_HTML_728x90&pubhost=www.xscores.com&tclk=http%3A%2F%2Faffiliatesys.interwetten.gr%2Fredirect.aspx%3Fpid%3D1982%26bid%3D8485%26redirectURL%3D&client=Interwetten&placement=AFF_DE_EURO2021_728x90&cxt_aff_id=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 13:17:54 GMT
content-encoding: gzip
last-modified: Thu, 22 Jul 2021 11:44:00 GMT
etag: W/"242065-1626954240000"
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
accept-ranges: bytes
content-length: 63942

GET
H2 200 21_IWde_DE_NKB100_HTML_728x90.js Show response
ssl.connextra.com/resources/Interwetten/2021/NKB/Lothar/DE/21_IWde_DE_NKB100_HTML_728x90/ Frame B13A 84 KB
15 KB 363ms
363ms Script
text/javascript 96.16.144.106
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.connextra.com/resources/Interwetten/2021/NKB/Lothar/DE/21_IWde_DE_NKB100_HTML_728x90/21_IWde_DE_NKB100_HTML_728x90.js?1626950310597
Requested by: Host: ssl.connextra.com
URL: https://ssl.connextra.com/servlet/controller?service=DE_SB_NKB_2021_IWde_SWI_HTML_728x90&pubhost=www.xscores.com&tclk=http%3A%2F%2Faffiliatesys.interwetten.gr%2Fredirect.aspx%3Fpid%3D1982%26bid%3D8485%26redirectURL%3D&client=Interwetten&placement=AFF_DE_EURO2021_728x90&cxt_aff_id=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 96.16.144.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-144-106.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0d7a118bfb318d490e11513e33ab5987792f8a034c036f95be4d51c1d59326ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.connextra.com/servlet/controller?service=DE_SB_NKB_2021_IWde_SWI_HTML_728x90&pubhost=www.xscores.com&tclk=http%3A%2F%2Faffiliatesys.interwetten.gr%2Fredirect.aspx%3Fpid%3D1982%26bid%3D8485%26redirectURL%3D&client=Interwetten&placement=AFF_DE_EURO2021_728x90&cxt_aff_id=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 13:17:54 GMT
content-encoding: gzip
last-modified: Thu, 22 Jul 2021 11:44:00 GMT
etag: W/"85939-1626954240000"
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
accept-ranges: bytes
content-length: 15039

GET
H2 200 tf_adChoice11.js Show response
cdnx.tribalfusion.com/media/common/adChoice/ Frame 9042 4 KB
1 KB 35ms
17ms Script
application/x-javascript 2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnx.tribalfusion.com/media/common/adChoice/tf_adChoice11.js
Requested by: Host: www.xscores.com
URL: https://www.xscores.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9ebddedcebd351bb4e992c15921ef1378358eb1e02a8bae03d249506f2cd11a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 13:17:54 GMT
content-encoding: gzip
cf-cache-status: HIT
x-function: 301
last-modified: Wed, 10 Aug 2022 06:59:18 GMT
server: cloudflare
age: 71455
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: public
cf-ray: 784441ce7b3f8ff4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 31 Dec 2030 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame 9042 2 KB
1 KB 116ms
19ms Script
application/javascript 2a02:26f0:11a::217:9a8a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=3758893&cmp=28820081&plc=354472897&sid=6596925&dvregion=0&unit=728x90
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=8153096748&tagKey=3341591413&loaderVer=0.1&site=livescoresbyxscorescom&adSpace=ros&center=1&env=display&size=728x90&busted=1&url=https%3A%2F%2Fwww.xscores.com%2F&f=1&p=18194392&tKey=aomneMWmrw4GJ4YrUZbTPmpR9QSQpxZbuZa&a=3&adContainerId=richmedia_4&rnd=18192959
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::217:9a8a Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: d8b1280df015b12fd4ea4138faad855238e57f1819a6d2b854d0fd9879532805

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 04 Jan 2023 13:17:54 GMT
Content-Encoding: gzip
Last-Modified: Tue, 20 Dec 2022 11:37:28 GMT
Server: Microsoft-IIS/10.0
ETag: "f3ae98706714d91:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1170

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 6FAE 28 KB
11 KB 25ms
21ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=8153096748&tagKey=3341591413&loaderVer=0.1&site=livescoresbyxscorescom&adSpace=ros&center=1&env=display&size=160x600&busted=1&url=https%3A%2F%2Fwww.xscores.com%2F&f=1&p=18194392&tKey=aNmneM5A37RPrB3tUn0t3JMTAJQpxLja&a=1&adContainerId=richmedia_2&rnd=18191904

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9406a92f81fad251295cd64386a8bb62ee7503f589ae1b96893faae2f4fcb18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 13:05:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 731
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10900
x-xss-protection: 0
last-modified: Wed, 09 Nov 2022 17:19:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 04 Jan 2023 14:05:43 GMT

GET
H2 200 ipg
a4.tribalfusion.com/ Frame 6FAE 43 B
310 B 201ms
162ms Image
image/gif 104.18.12.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a4.tribalfusion.com/ipg?ip6=2001:ac8:20:3a00:1012:bbe8:f393:8476&kv=%7B%22ord%22%3A%20734876731%2C%20%22clientID%22%3A%20800013%7D
Requested by: Host: www.xscores.com
URL: https://www.xscores.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.12.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Jan 2023 13:17:54 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 784441cef9539220-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 impl_v92.js Show response
www.googletagservices.com/dcm/ Frame 6FAE 60 KB
23 KB 22ms
20ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v92.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8acf96115cb55ad61bfdc24b7918a946d1b983ac14062a584dbbe8744021430a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 01:05:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43929
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23563
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 16:32:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jan 2024 01:05:45 GMT

GET
H/1.1 200
OK dvbs_src_internal115.js Show response
cdn.doubleverify.com/ Frame 9042 59 KB
19 KB 19ms
19ms Script
application/javascript 2a02:26f0:11a::217:9a8a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal115.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=3758893&cmp=28820081&plc=354472897&sid=6596925&dvregion=0&unit=728x90
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::217:9a8a Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 4804c2aedacd4aeaa883f9ee68a46db16fca0019e321d2991ccc16531d57f7aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 04 Jan 2023 13:17:54 GMT
Content-Encoding: gzip
Last-Modified: Tue, 20 Dec 2022 11:38:02 GMT
Server: Microsoft-IIS/10.0
ETag: "096c846714d91:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19510

GET
H2 200 B28402876.344984901;dc_ver=92.271;sz=160x600;u_sd=1;dc_adk=2114207691;ord=upx8s9;click=https%3A%2F%2Fs.tribalfusion.com%2Fh.click%2FaimY1xWd3WWrb52rasWTvmTTQbQE3KSVjZaRrAsRWrdUVjW5UenodarYaXx2HfHSG... Show response
ad.doubleclick.net/ddm/adi/N1820114.1141592EXPONENTIAL.COM/ Frame 1547 56 KB
27 KB 85ms
48ms Document
text/html 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adi/N1820114.1141592EXPONENTIAL.COM/B28402876.344984901;dc_ver=92.271;sz=160x600;u_sd=1;dc_adk=2114207691;ord=upx8s9;click=https%3A%2F%2Fs.tribalfusion.com%2Fh.click%2FaimY1xWd3WWrb52rasWTvmTTQbQE3KSVjZaRrAsRWrdUVjW5UenodarYaXx2HfHSGvH4AUZbodXOTdZb6XrvkXUJiXTEmSbYHWUJ2TtrWmbZbmRUjNXqno3E7f5T70maZbFYFFgWHZb1mPYZamG7modbD5EYh2tZap3AbGmFYZbXGYS1cQY1Gbomaj23UFVWbjZcV6M5REMQQVZbtQWUO1dbqVPru3VB5XbZbZbTmuv2AQbPmFD2dYOXWBApd2wOFyCx8ubstiRxmeMPmYWUWF3oPE5y6MnntnCViA9ww%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.xscores.com%2F$0;xdt=0;crlt=FKUQTkuYzx;stc=1;chaa=1;sttr=40;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v92.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

cafe /

Resource Hash

a94a2d7b13788571f53a1edf1f4c9b85e38cc3b455ee89d06ecad97786878257

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xscores.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 27579
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 Jan 2023 13:17:54 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 p.media Show response
s.tribalfusion.com/ Frame DDE8 277 B
504 B 237ms
236ms Document
text/html 2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=akmUwfWUYYTtQ5nUJqRF7t1EZbr4abi5aYRnEBCYUJfWWjVoPnBmG3qpdrB3aZbe5duq5PfGnUjGXVnR1cr41srMmqJV3rF4WrnBUAU0REMQPVnNQWBs0HvpT6vp2cUVXFZbKT62r5mZb9R6BF2t3p0tBJmWiv3PMP3cMgTsJdUcb8R6FOWdZbWTFnS3FeuWanvWEYcSaJZcRsJZaPUamPH7iUVb54qEmodr0M6UOx9ml3rftdPCxTS&mediaDataID=9148826&mediaName=frame.html
Requested by: Host: www.xscores.com
URL: https://www.xscores.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b824c13d278f1b790024b8318a26f9f66169cb7339c90f25d330a75c5e322764

Request headers

Referer: https://www.xscores.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 784441cf5ca49054-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 04 Jan 2023 13:17:54 GMT
expires: 0
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-function: 102
x-reuse-index: 52

GET
H3 200 p.media Show response
s.tribalfusion.com/ Frame 3440 379 B
555 B 265ms
264ms Document
text/html 2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=almUwfWrb05bEpUavrTEFcSTrIQGJZdQrAvSW3cWsv52UmrotiOYqTM3HvHQGrF26BZbotIyTtYfXrnc1Ufh1TunSFvFUUBQWHJXorbrRUjNXqYs4E7c5T7YoT7IYbBgUWMQmPYZcmc7nmHUG3a3j3Wmt4mJZbpFYZb0Vv0YsF2XG7nnavS5UnRWrFAUPUTPTvQPs3qSH3N0W7sVAvw4sBU0UZbDTBIn2PZaZbrqAGxSX5Va3xlbDrs3&mediaDataID=6546596&mediaName=frame.html
Requested by: Host: www.xscores.com
URL: https://www.xscores.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 221a36a8ea26b8426847000fe0ba2a00a8308ee1d4cf51b3f34fdf1f2326075b

Request headers

Referer: https://www.xscores.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 784441cf5ca79054-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 04 Jan 2023 13:17:54 GMT
expires: 0
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-function: 102
x-reuse-index: 170

GET
H3 200 p.media Show response
s.tribalfusion.com/ Frame 48B4 211 B
449 B 164ms
164ms Document
text/html 2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=aAmUwfTFfEUAv5Qaj0QcYqSt7wYdBmWP3p3cM5XrQDV6yq2AUeQ6BE3tQt0tBJptTu5mQY5VbeTsQbUcZbgS6JNTHrUTFMR2U2tUqYtTTQlQTJJSsfLQFuoPHMiWGn24U6omtEmYTeu4dYAQcbA4PJZcpWetVdj80rvkYFYfXaiMRUJAWUr1WHv3mrbxPFfNXTUr3a3l5Ev2mq7B1rUfWHMXmnZbKpG65WSTFwAXBQEiFl6gZa5Zd&mediaDataID=6347136&mediaName=frame.html
Requested by: Host: www.xscores.com
URL: https://www.xscores.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e78577781db1d3c245393da81e1317a82e7db5b0593add887ac4974bdebe7a9d

Request headers

Referer: https://www.xscores.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 784441cf5cad9054-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 04 Jan 2023 13:17:54 GMT
expires: 0
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-function: 102
x-reuse-index: 54

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6FAE 0
0 45ms
44ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsttpSjiSgMLgNoH5dMCQ2rHIHA9CsMOSYMb9AIVyIEi4nUVg1hhSuzrxE1CVGlr4NFDE7p3pc3JHHUh4Bz-tijBQ2pNU7pyjc-F_vx4wb04umFHJgvTibvxhtpTgzR30--0NxoyBbDYrmwYwKMX6VgH-f6pLax6Tk5EUJEoUTnSHp67gHmeSYIPWLEXMriDkpJJJXjBNIlPhkPlqGDTB8hs94KnLG930Bxf-dlVQBmNpECdbzZHnsu7HUvxdMdNYShMPh681cZ1pVBIGtupVHUzgQJLnonQP4uDKZDcl8fMj-ladBPS5sPvxU9r34GibZOyJht-Ld0wEV5PnhyQ2Ax_M7fa&sai=AMfl-YSHs69mg91ZMo1ORZSys3zF0ejBaFi1M9uzdP8fBNm7TTjlQR-CE2fHmpT_sdnVohRnyNL70DqoKHvuMtRYcdiqm8vx2uosqv9Jw01qJ3pJTYGY6s4KRA7EG22J8XX-&sig=Cg0ArKJSzL2s21ZE_zO0EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 13:17:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 04 Jan 2023 13:17:54 GMT

GET
DATA 200
OK truncated
/ Frame 6FAE 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c1d977389d61203d8224ac592fd37b7cc745f67b3f3bebb02d10ac40e0dd5123

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame 9042 751 B
720 B 125ms
15ms Script
text/javascript 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_973687119123&jsTagObjCallback=__tagObject_callback_973687119123&num=6&ctx=3758893&cmp=28820081&plc=354472897&sid=6596925&advid=&adsrv=&unit=728x90&isdvvid=&uid=973687119123&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&brid=3&brver=108&bridua=3&dup=null&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=1&htmlmsging=1&tstype=2&m1=13&noc=4&fcifrms=7&brh=2&fwc=0&fcl=283&flt=25&fec=506&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=163&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5DID4%40C6D%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5DID4%40C6D%5D4%40%3ETar9EEADTbpTauTauHHH%5DID4%40C6D%5D4%40%3E&dvp_exetime=8.10&callbackName=__verify_callback_973687119123
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal115.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 511f3ce594c53b71fe2a9ebe659b5760538e8f0fa8e996e13ee5e3aa0557e468

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 04 Jan 2023 13:17:54 GMT
Content-Encoding: br
X-DV-Response: 1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Expires: 01/03/2023 13:17:54

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ Frame 1547 8 KB
3 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N1820114.1141592EXPONENTIAL.COM/B28402876.344984901;dc_ver=92.271;sz=160x600;u_sd=1;dc_adk=2114207691;ord=upx8s9;click=https%3A%2F%2Fs.tribalfusion.com%2Fh.click%2FaimY1xWd3WWrb52rasWTvmTTQbQE3KSVjZaRrAsRWrdUVjW5UenodarYaXx2HfHSGvH4AUZbodXOTdZb6XrvkXUJiXTEmSbYHWUJ2TtrWmbZbmRUjNXqno3E7f5T70maZbFYFFgWHZb1mPYZamG7modbD5EYh2tZap3AbGmFYZbXGYS1cQY1Gbomaj23UFVWbjZcV6M5REMQQVZbtQWUO1dbqVPru3VB5XbZbZbTmuv2AQbPmFD2dYOXWBApd2wOFyCx8ubstiRxmeMPmYWUWF3oPE5y6MnntnCViA9ww%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.xscores.com%2F$0;xdt=0;crlt=FKUQTkuYzx;stc=1;chaa=1;sttr=40;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 08:56:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15664
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Jan 2023 08:56:50 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 1547 106 KB
38 KB 105ms
20ms Script
text/javascript 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Origin: https://ad.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 21:33:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56658
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Jan 2023 21:33:36 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 1547 41 KB
15 KB 22ms
21ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:33:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 575058
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Dec 2023 21:33:36 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 4358 22 KB
8 KB 21ms
20ms Document
text/html 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 575058
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 28 Dec 2022 21:33:36 GMT
expires: Thu, 28 Dec 2023 21:33:36 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 _680x90_728x90.jpg
ssl.connextra.com/resources/Interwetten/2021/NKB/Lothar/DE/21_IWde_DE_NKB100_HTML_728x90/ Frame B13A 21 KB
21 KB 22ms
22ms Image
image/jpeg 96.16.144.106
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssl.connextra.com/resources/Interwetten/2021/NKB/Lothar/DE/21_IWde_DE_NKB100_HTML_728x90/_680x90_728x90.jpg?1626950310391
Requested by: Host: ssl.connextra.com
URL: https://ssl.connextra.com/Interwetten/selector/client?client=Interwetten&placement=AFF_DE_EURO2021_728x90&cxt_aff_id=&tclk=http://affiliatesys.interwetten.gr/redirect.aspx?pid=1982&bid=8485&redirectURL=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 96.16.144.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-144-106.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0cecc9a403e88c4966a093e58384636f80897b90d6369c045cf91e115cf9d43e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.connextra.com/servlet/controller?service=DE_SB_NKB_2021_IWde_SWI_HTML_728x90&pubhost=www.xscores.com&tclk=http%3A%2F%2Faffiliatesys.interwetten.gr%2Fredirect.aspx%3Fpid%3D1982%26bid%3D8485%26redirectURL%3D&client=Interwetten&placement=AFF_DE_EURO2021_728x90&cxt_aff_id=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 13:17:54 GMT
last-modified: Thu, 22 Jul 2021 11:44:00 GMT
accept-ranges: bytes
etag: W/"21815-1626954240000"
content-length: 21815
content-type: image/jpeg

GET
H3 200 GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js Show response
pagead2.googlesyndication.com/bg/ Frame 4358 36 KB
16 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

182e4ce4dfd537795577b12b9b19a57422a8b21815f5dd92ef8acb3fd872a19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 11:05:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7972
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16025
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jan 2024 11:05:02 GMT

GET
H2 200 IW_728x90_hintergrund.jpg
ssl.connextra.com/resources/Interwetten/2021/NKB/Lothar/DE/21_IWde_DE_NKB100_HTML_728x90/ Frame B13A 31 KB
31 KB 483ms
483ms Image
image/jpeg 96.16.144.106
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssl.connextra.com/resources/Interwetten/2021/NKB/Lothar/DE/21_IWde_DE_NKB100_HTML_728x90/IW_728x90_hintergrund.jpg?1626950310391
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 96.16.144.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-144-106.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f5a6507f5b2184bb886fc7fab40237e061a70095eb2848d4966d7d9747dd6d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.connextra.com/servlet/controller?service=DE_SB_NKB_2021_IWde_SWI_HTML_728x90&pubhost=www.xscores.com&tclk=http%3A%2F%2Faffiliatesys.interwetten.gr%2Fredirect.aspx%3Fpid%3D1982%26bid%3D8485%26redirectURL%3D&client=Interwetten&placement=AFF_DE_EURO2021_728x90&cxt_aff_id=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 13:17:55 GMT
last-modified: Thu, 22 Jul 2021 11:44:00 GMT
accept-ranges: bytes
etag: W/"31261-1626954240000"
content-length: 31261
content-type: image/jpeg

GET
H2

200

i.match
a.tribalfusion.com/ Frame 48B4
Redirect Chain

https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662257301422927&_origin=1&redir=true
https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662257301422927&_origin=1&redir=true&verify=true
https://a.tribalfusion.com/i.match?p=b17&u=y-FFfkCTBE2uhs4j3l2mp6lueguFKHGCA-~A

43 B
525 B

162ms
161ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b17&u=y-FFfkCTBE2uhs4j3l2mp6lueguFKHGCA-~A
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=aAmUwfTFfEUAv5Qaj0QcYqSt7wYdBmWP3p3cM5XrQDV6yq2AUeQ6BE3tQt0tBJptTu5mQY5VbeTsQbUcZbgS6JNTHrUTFMR2U2tUqYtTTQlQTJJSsfLQFuoPHMiWGn24U6omtEmYTeu4dYAQcbA4PJZcpWetVdj80rvkYFYfXaiMRUJAWUr1WHv3mrbxPFfNXTUr3a3l5Ev2mq7B1rUfWHMXmnZbKpG65WSTFwAXBQEiFl6gZa5Zd&mediaDataID=6347136&mediaName=frame.html
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Jan 2023 13:17:55 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 784441d2d9828ff4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://a.tribalfusion.com/i.match?p=b17&u=y-FFfkCTBE2uhs4j3l2mp6lueguFKHGCA-~A
date: Wed, 04 Jan 2023 13:17:55 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

POST
H/1.1 204
No Content bsevent.gif
rtbc-eu3.doubleverify.com/ Frame 9042 0
234 B 25ms
9ms Ping
text/plain 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbc-eu3.doubleverify.com/bsevent.gif?flvr=0&impid=7f0969d77b30490e86eef07f6d8b6335&vfdur=126&cbust=1672838274628143
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal115.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Wed, 04 Jan 2023 13:17:54 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 01/03/2023 13:17:54

GET
H3 200 tags.js Show response
tags.expo9.exponential.com/tags/ContentVerification/AdVerificationBackup_DV/ Frame 9042 59 KB
14 KB 180ms
167ms Script
application/x-javascript 2606:4700::6812:ddb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.expo9.exponential.com/tags/ContentVerification/AdVerificationBackup_DV/tags.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal115.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:ddb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 788e78a6cdcc3c33d2139d288faae5e11a52be02900fa6230308867859053362

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 13:17:54 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
p3p: CP="NOI DEVo TAIa OUR BUS"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14121
x-function: 151
last-modified: Wed, 11 Aug 2021 04:08:51 GMT
server: cloudflare
x-reuse-index: 84
etag: 8464877699716200285
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600, private
cf-ray: 784441d08ce68ffb-FRA
expires: Wed, 04 Jan 2023 14:17:54 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 740D 42 B
64 B 119ms
119ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvicJ4pP_uSxa622NmEjYWe3N2s015eAOS856qgzHFHrHNrFEjJ5PV0OTruDCO5PgH-S8Q9R20yognAy15_cZsG87Fo4dl9zq52bLjktw5e8uTT9DO84CCmybzWGK5ObTiQzOTkAw&sai=AMfl-YQDsz77t6URAKAeQvn5Ba1bFtiIoZZGLueyy2tbPm945WVAmQD8JTokDO58EeDrpH0jpd5RmU-mI_T62Kriph6lzEb9dQfXSO79JvyIiyQUDAl-P1iWuq8lsPYnLA&sig=Cg0ArKJSzLEPUi-MtReXEAE&cid=CAQSOwDq26N9e76hLrXaqJdRWPJbmjsQk97LQI2LBhDrP6Ayz8bcvBs427FFEiLG8UpNlvj8gi4D3F-7AsvNGAEgEw&id=ampim&o=1335,143&d=160,600&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=301&tls=1301&g=100&h=100&tt=1301&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Jan 2023 13:17:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1547 153 KB
47 KB 112ms
112ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 13:17:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 04 Jan 2023 13:17:54 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/1163240558329770775/ Frame F187 6 KB
2 KB 62ms
21ms Document
text/html 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1163240558329770775/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d32ffa0a631dca8367608eabc4b892f1bbd0457df475283e0fd519f927645ff4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 14357
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2319
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 04 Jan 2023 09:18:37 GMT
expires: Thu, 04 Jan 2024 09:18:37 GMT
last-modified: Wed, 21 Dec 2022 03:04:36 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1547 0
0 133ms
57ms Fetch
image/gif 142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvStagd8hlLz5PGvp5U2aRayEEBg5iep9d2PbPKasMnk6AdO4FdkbKh03ndfM9zFvzTmutmUFDqot81_JVmf6vW1CV8t2q_t-1LZO6ZH8YctRpJ8DduOxc__2f_0rI3JyvOgtT_tl00l4LvztBka968F1aOlpZ9zfE&sai=AMfl-YRAwfwRLZPYu-b_mc9c_wmLsPo08TrokqQOm-5BTm8fnEvCCJKvORr6CzxfoqW98vfKMQ4mZn3a-07FFKSfB-E1TwfbCrh-52pw22M3&sig=Cg0ArKJSzCni6vOQ7TjAEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=153&cbvp=1&cstd=150&cisv=r20221207.77278&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 13:17:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 04 Jan 2023 13:17:54 GMT

GET
H2

200

i.match
a.tribalfusion.com/ Frame DDE8
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=8731&uid=18072662257301422927&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db19%26u%3D$SPOTX_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=8731&uid=18072662257301422927&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db19%26u%3D$SPOTX_USER_ID&__user_check__=1&sync_id=32e06f89-8c32-11e...
https://a.tribalfusion.com/i.match?p=b19&u=32e06f37-8c32-11ed-97f3-10a0cca80306

43 B
630 B

173ms
162ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b19&u=32e06f37-8c32-11ed-97f3-10a0cca80306
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=akmUwfWUYYTtQ5nUJqRF7t1EZbr4abi5aYRnEBCYUJfWWjVoPnBmG3qpdrB3aZbe5duq5PfGnUjGXVnR1cr41srMmqJV3rF4WrnBUAU0REMQPVnNQWBs0HvpT6vp2cUVXFZbKT62r5mZb9R6BF2t3p0tBJmWiv3PMP3cMgTsJdUcb8R6FOWdZbWTFnS3FeuWanvWEYcSaJZcRsJZaPUamPH7iUVb54qEmodr0M6UOx9ml3rftdPCxTS&mediaDataID=9148826&mediaName=frame.html
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Jan 2023 13:17:55 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 784441d1f80c8ff4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Wed, 04 Jan 2023 13:17:54 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Location: https://a.tribalfusion.com/i.match?p=b19&u=32e06f37-8c32-11ed-97f3-10a0cca80306
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 14
Connection: keep-alive
Content-Length: 43

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 3440 43 B
304 B 74ms
22ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537141727%2526val%253D%2524TF_USER_ID_ENC%2524%26u%3D
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=almUwfWrb05bEpUavrTEFcSTrIQGJZdQrAvSW3cWsv52UmrotiOYqTM3HvHQGrF26BZbotIyTtYfXrnc1Ufh1TunSFvFUUBQWHJXorbrRUjNXqYs4E7c5T7YoT7IYbBgUWMQmPYZcmc7nmHUG3a3j3Wmt4mJZbpFYZb0Vv0YsF2XG7nnavS5UnRWrFAUPUTPTvQPs3qSH3N0W7sVAvw4sBU0UZbDTBIn2PZaZbrqAGxSX5Va3xlbDrs3&mediaDataID=6546596&mediaName=frame.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Jan 2023 13:17:54 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4358 0
20 B 120ms
119ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BMO2Igny1Y5fZHsqV9u8Pn9ymmAUAAAAAOAHgBAI&bg=!wcKlwobNAAYgquz3AKo7ACkAdvg8WvxN-iESDon5YVYBs2lfOeCM3yVNCNvp2BHDR4gL5ZaRDeGGLwIAAAB1UgAAAAJoAQeZAwpNzuFgabEVLRmuBinooz8jFHXzTulnM6AGhnQLFlYh1Y7ucqLm7mmGGxB33Rm8h2PcOOQ2TM_noPPyIh6J4MrhFCOfsfOgyvGE9EqBLxw2jGmu3c44yQdVMAaFc16J6h3vI9gSRXHf29Yis0wBP-uFT-LJcX3FTl3vm7w4MXH6iHybPoIJK8vmG7rJ3sK7O9v3g6dKLcDBEovpg2WV27XaJ-Nl6GNGxc17Jo9OlDYVaRMMK5y6trQ0s0xPg27pdCFElYtkGfow36Whm5nqlD8Vzfa0FIsWttGf5IpzDviOhUevpccfPRlMjC_xvYqUU-qxdRe_RcetWfvR0y9wDMXmxUZcHNnn8usGnfedLDc236137i5I8gT8ow_uKrlb1j77x-EP-b59kBPApVKAtEPkz2EIRiLckmXYd429EfL4eXcBBB9aIJYNJbfF4pkpKSaBAJs8dbBzUC7AoBws7rEhIDn778hct5AK3vs4_vRD5tCG_Zf2NpVBkEXj8NcHGVU8FLMRaXapezVeypjPyszBu4Ro33DXjEri4Jms8ZKErNssYF44Jjc5L-sEcfYkYCcJQXqLMozd1ohNSjy0hTCPVcYiRz-hc0nkvgHWw1hGEQtOcsZAAddBB32Ih0P3NUJma9qw5_V8ZNkZGgj8cUYW6H42qq1hJMwgZ3Z-NgHlpPmp5Zie3yZTamtqx1twpwn7ejtXBI27D8qn3BcZpxERp8u3_-jvRwlBx-0jbobxkAti7Xehf3IiojpHaeis6_d0pHUv57Kaxs6jlKbuwgF2-U_YvOiUpKqCrnCta5wuMLwtRzBD3_cXTIw1maS86Belpnca4ONnICixe-29rdLIwKou0Xv5160rcyIS9vc-1l5RaglQrIxBMaGl4ylc0zrIzkzDm8H021XCk9fDLFliOzMZoNFUY8FD8VwoVeVagBlYaHrE3AZJBQYWkTGnRJOjEH0I2uU5O13Rk7yqIq3vY9_8Wr-FNJn-JRWUhCaiTcwmlMUko5zYu_1luZ4gzP53KdII3mPR47xQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Jan 2023 13:17:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame F187 236 KB
63 KB 131ms
22ms Script
text/javascript 2a02:26f0:3500:11::215:14dc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1163240558329770775/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:3500:11::215:14dc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 13:17:54 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
x-n: S
accept-ranges: bytes
expires: Wed, 04 Jan 2023 13:32:54 GMT

GET
H3 200 160x600.js Show response
s0.2mdn.net/sadbundle/1163240558329770775/ Frame F187 82 KB
15 KB 21ms
21ms Script
application/x-javascript 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1163240558329770775/160x600.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1163240558329770775/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6226883dfc94ab839c2f91e3eba4e812d36512a5a0e1ae2a50021f9964a6be7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1163240558329770775/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 09:42:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12942
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15065
x-xss-protection: 0
last-modified: Wed, 21 Dec 2022 03:04:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 04 Jan 2024 09:42:12 GMT

GET
H3 200 j.ad Show response
s.tribalfusion.com/ Frame 9042 602 B
1 KB 235ms
235ms Script
application/x-javascript 2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=8153096748&tagKey=3341591413&loaderVer=0.1&site=contentverification&adSpace=adverificationbackup_dv&center=1&env=display&size=728x90&busted=1&url=https%3A%2F%2Fwww.xscores.com%2F&f=1&p=18194392&tKey=aomneMWmrw4GJ4YrUZbTPmpR9QSQpxZbuZa&a=5&adContainerId=richmedia_6&rnd=18200180
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/LivescoresbyXScorescom/ROS/tags.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 312c637682273a8a661f9941fd7d8cae7ccc058f9a9a2b35ebeee038c80c82ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Jan 2023 13:17:55 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-function: 101
server: cloudflare
x-reuse-index: 123
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: private, no-cache, no-store, proxy-revalidate
cf-ray: 784441d1a83a9054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 479
expires: 0

GET
H3 200 bg.jpg
s0.2mdn.net/sadbundle/1163240558329770775/ Frame F187 9 KB
9 KB 21ms
21ms Image
image/jpeg 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1163240558329770775/bg.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c01657ae56c438f2defb6a0d3b0aa533d578eb1c484ff7d7ffeb70fed43c3d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1163240558329770775/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 09:42:12 GMT
x-content-type-options: nosniff
age: 12942
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8834
x-xss-protection: 0
last-modified: Wed, 21 Dec 2022 03:04:36 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 04 Jan 2024 09:42:12 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1547 0
0 97ms
55ms Fetch
image/gif 142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvStagd8hlLz5PGvp5U2aRayEEBg5iep9d2PbPKasMnk6AdO4FdkbKh03ndfM9zFvzTmutmUFDqot81_JVmf6vW1CV8t2q_t-1LZO6ZH8YctRpJ8DduOxc__2f_0rI3JyvOgtT_tl00l4LvztBka968F1aOlpZ9zfE&sai=AMfl-YRAwfwRLZPYu-b_mc9c_wmLsPo08TrokqQOm-5BTm8fnEvCCJKvORr6CzxfoqW98vfKMQ4mZn3a-07FFKSfB-E1TwfbCrh-52pw22M3&sig=Cg0ArKJSzCni6vOQ7TjAEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=380&vt=11&dtpt=227&dett=3&cstd=150&cisv=r20221207.77278&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 13:17:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 04 Jan 2023 13:17:55 GMT

GET
H3 200 imageA2.jpg
s0.2mdn.net/sadbundle/1163240558329770775/ Frame F187 52 KB
52 KB 20ms
20ms Image
image/jpeg 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1163240558329770775/imageA2.jpg

Requested by

Host: www.xscores.com
URL: https://www.xscores.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b8ad56d1d4e22dba3ee5f7d21111fa5b14c3c69d4bb2cb4ffee22d3862d50d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1163240558329770775/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 09:42:12 GMT
x-content-type-options: nosniff
age: 12942
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53296
x-xss-protection: 0
last-modified: Wed, 21 Dec 2022 03:04:36 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 04 Jan 2024 09:42:12 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EF2F 42 B
64 B 108ms
107ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstnJZtlh-N2Xi600IcOgPcBPIfn4ltbREomMJxHrHG-hKCpUW08evMrOOrZ6Ch7C5JcX5y0qxWbyLu4ox96Ib-5qjqGMMcL4ALYzHZhBpeLL1z5tIfM&sig=Cg0ArKJSzAw3OPGk3KuJEAE&id=lidar2&mcvt=1000&p=743,436,833,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2259562403&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1672838273346&rpt=604&isd=0&lsd=0&met=ie&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Jan 2023 13:17:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 imageA3.jpg
s0.2mdn.net/sadbundle/1163240558329770775/ Frame F187 47 KB
47 KB 23ms
23ms Image
image/jpeg 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1163240558329770775/imageA3.jpg

Requested by

Host: www.xscores.com
URL: https://www.xscores.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf83cef3b7b9352ab261c6ba4202e97f7fc55c093b1fd2ef781a7ef91ef75cae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1163240558329770775/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 09:42:13 GMT
x-content-type-options: nosniff
age: 12942
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48106
x-xss-protection: 0
last-modified: Wed, 21 Dec 2022 03:04:36 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 04 Jan 2024 09:42:13 GMT

GET
H3 200 adc_ndr_nepal_728x90.gif
cdnx.tribalfusion.com/media/5268406/ Frame 9042 25 KB
25 KB 16ms
16ms Image
image/gif 2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnx.tribalfusion.com/media/5268406/adc_ndr_nepal_728x90.gif
Requested by: Host: www.xscores.com
URL: https://www.xscores.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 471c6845b9b92e9ade5a83127d1a693fa80a74655cdbe4e4d820fa77de860213

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 13:17:55 GMT
cf-cache-status: HIT
age: 27688
p3p: CP="NOI DEVo TAIa OUR BUS"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25604
x-function: 301
last-modified: Wed, 03 Jun 2015 15:22:10 GMT
server: cloudflare
etag: 1433344930
vary: Accept-Encoding
content-type: image/gif; charset=utf-8
access-control-allow-origin: *
cache-control: public
accept-ranges: bytes
cf-ray: 784441d31a799054-FRA
expires: Tue, 31 Dec 2030 00:00:00 GMT

GET
H3 200 p.media Show response
s.tribalfusion.com/ Frame 8EE4 262 B
492 B 220ms
220ms Document
text/html 2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=aUmV8E5EUh5ten5mrZbmbUZb0GQVXVJ31VBnmEFT3rY2TU7AUPvTQEY5PGQrQWUyYdnoVmrp2VJWXFULVm2o56BaQAJD4HZbM1dBZdpdey36YY5s3cUV3bVVMhP6rnTdZb4WrZbX3baqVqjpVqFbSTUZdRVjZdRravSt3bWVUV2FqqndeyYEyn2dbFSGjZa4AJZamdiyUHfd0Uv7XrYf0TqpRb3ZcWF34Vdn4mFFxRUrN1EFtXqJa27EyQ6ZaivPURAR83MB&mediaDataID=5578346&mediaName=frame.html
Requested by: Host: www.xscores.com
URL: https://www.xscores.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba9a887bf04873c8dc786fdb1e63e06fd932f2788ab8d14c0d07640010c5363f

Request headers

Referer: https://www.xscores.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 784441d32a849054-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 04 Jan 2023 13:17:55 GMT
expires: 0
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-function: 102
x-reuse-index: 52

GET
H3 200 p.media Show response
s.tribalfusion.com/ Frame 6FF8 273 B
497 B 165ms
164ms Document
text/html 2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=aVmUwfSGjG2mQZamtArTWB80b39XUjf1aZaMSrrHUr3STdYYobJxQUJmXaYq5TUj2qfXmEjIYU3hUWbPoAYJmsjspd3B3qZb92Hmn3AZbIprMEYsrPYGv01svwpTb43FQ5VUnHWPQ1Qab0ScnoQWFv1WvnWPUu4GM20F3DT6im2PUePPMH4Wvn0W3Cndeo5m3Y4cM9VVBcVGbiRmYxWdF3WrMP3TupUqi2pAq9sPTb5bZbvgZcNZba6&mediaDataID=6530936&mediaName=frame.html
Requested by: Host: www.xscores.com
URL: https://www.xscores.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b47c82f71b00acfdc66f8ddbf6c423b79616d8f5f30de08aa6ec8460ca6aade

Request headers

Referer: https://www.xscores.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 784441d32a859054-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 04 Jan 2023 13:17:55 GMT
expires: 0
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-function: 102
x-reuse-index: 290

GET
H3 200 p.media Show response
s.tribalfusion.com/ Frame FAB4 307 B
524 B 165ms
165ms Document
text/html 2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=aWmUwfXWYKpdEx3mQU5cY9VcFdVGBeS6MoTtvWUU7P5rZasUarvWTr7Pq3ZbSVQLRbmpRWniWsj34UupodEtYEaO3HQHQVrZc5AJImdioVWJhYUvbXbbg1TqsPbUZbUFUPVdJ4mb7qQrrr1Evp5qFe4E71naZbD1Ff6WWjXmPfLpGvwotfE5EBg3tum46ZbGnbvEYVvS1VZb31c7OnqbW5UF2TFnZcWnF5REaqqomnspAUWEbDgkjCh9&mediaDataID=8039566&mediaName=frame.html
Requested by: Host: www.xscores.com
URL: https://www.xscores.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 302413f255a856fa0b7d20c08eb423008caf60984d55d048581b4b7194b1740b

Request headers

Referer: https://www.xscores.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 784441d32a869054-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 04 Jan 2023 13:17:55 GMT
expires: 0
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-function: 102
x-reuse-index: 58

GET
H3 200 p.media Show response
s.tribalfusion.com/ Frame 44EC 257 B
488 B 162ms
162ms Document
text/html 2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=aXmUwf5teq3A7ZanUQGYc7S1cU31sZbMpaB42FvVVbjZcUPn0RTMQPcnpPWJM1WvnTmjv2cQUXrFBT6qo2PM6QPnG3tvt0tBCmW2M36rW3srgTGYaWGbhS6FvWdY3UbfS3r2nWa3sWqJaSTMKSsBZcPUumStQdUcYV2Umxmtqr0qmp2WbCSG7A46YLodiyTHZbhYrvd1bQe1EipRFUEWUBSTtJWmErmRUq1yPumuPAERWMfeYhGI1&mediaDataID=2713736&mediaName=frame.html
Requested by: Host: www.xscores.com
URL: https://www.xscores.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74170df6f7e911f514014b731654b91a37f73e63bac0841f55d5ee9a463f3fb1

Request headers

Referer: https://www.xscores.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 784441d32a879054-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 04 Jan 2023 13:17:55 GMT
expires: 0
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-function: 102
x-reuse-index: 65

GET
H3 200 p.media Show response
s.tribalfusion.com/ Frame 5CBC 199 B
442 B 167ms
167ms Document
text/html 2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=aYmUwf2mQZbmdArVHBc0rbd1UflXqApRrnZbTFMYVWUWobBrRFjNXEvo4qJi4E71oErCYbFfUdr0mPnJpGQoptbF2avf3tmy4mvJprQK0Gn0XVQ4XsJMmavU5UY2VUbZbWP73PTU4PGZbsStfw1WfqVAbw3Gn40bnKV6yw4AZb8R6bK2dZboXWnZbmHaM3mrY5cngUsYaUVrfSm3yUHYTWrMP5b2uWFJoTTIKqAyJqRE82GaClYOBbU&mediaDataID=7665496&mediaName=frame.html
Requested by: Host: www.xscores.com
URL: https://www.xscores.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2eebcf367bba45b0ef7722b742b7fc777a8577ee0ae017ee35da322c78dbe66

Request headers

Referer: https://www.xscores.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 784441d32a8b9054-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 04 Jan 2023 13:17:55 GMT
expires: 0
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-function: 102
x-reuse-index: 112

GET
H3 200 p.media Show response
s.tribalfusion.com/ Frame F026 240 B
457 B 214ms
214ms Document
text/html 2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=a0mUwfpdEu36YR5srfVVMaUcBgRmrmTdM3TbB03FAuUaMtTEQlPTMLRsZbKPUumPWfcWGr54bevmtit0qXx3WfDPcBE5AJFpWXpVWbb0bnkYUZbjXqimSUJGWU3SVd3TmbQoPFFnXaFt3Tfh4En4mqMBXFb8WtBQoPvBnV7mmHnJ3qZbi5tZar4PZbZcpbQEXVr0XsU5Xsnwmq7P3rYUTFnZcUA7TPrB0ScZaXq9evypiX0SvIecaDg0&mediaDataID=4056396&mediaName=frame.html
Requested by: Host: www.xscores.com
URL: https://www.xscores.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 513d282e2ea5b31d712c51b824be9505d93b859159d08e26595c92ea9c79f4b3

Request headers

Referer: https://www.xscores.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 784441d32a8e9054-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 04 Jan 2023 13:17:55 GMT
expires: 0
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-function: 102
x-reuse-index: 117

GET
H3 200 p.media Show response
s.tribalfusion.com/ Frame 4D2D 300 B
518 B 218ms
218ms Document
text/html 2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=a1mUwf3A7ZaprMZcXc3QXcM5XGZbpmanU3FM2WUZbEW6MTRTr5SsUMPtfx0WbmVAbw4cJ5XF3DTPau4AU6R6ZbC3dBp1trImt2m4PBV3sYaVcQjVV7kRPnMTWFVWr7P3rIxWajmVEv6PqBZcQVjZbPUerRd7bVcUT2r2ootaOXaev4dMZdQsrB2mMEoWepUtbhXrrkXFJgXTysSFQDUr30TtJWorQxPaQr1EEYwAeev6qoyd7pgBUU0Zc&mediaDataID=6807466&mediaName=frame.html
Requested by: Host: www.xscores.com
URL: https://www.xscores.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: adff4b1f3a190d08f08a3fa52fad4599d349bc85a6b9539138e0476f49d1405f

Request headers

Referer: https://www.xscores.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 784441d32a919054-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 04 Jan 2023 13:17:55 GMT
expires: 0
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-function: 102
x-reuse-index: 60

GET
H3 200 p.media Show response
s.tribalfusion.com/ Frame DBC6 322 B
533 B 215ms
215ms Document
text/html 2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=a2mUwfmdAsVWJ9XbQ9XFUgXaZamRrYETFvSWdr3mUZbxRFbm1T3y4Tfg5EM0mqMB1b39UWjXm67DnVvomHYB2qBj2WEs46vEmFbL0G3T1c3V0GJumq7T2bFWTFjZcWPrWPTbXQsMoPWUNYtFtVArO2VB2YbMIVAPp2A3ePmMA4WUO0dBZbpdaM56rV5VYgTsUjVsjhP6ZbvTH3SUU7Y5b2uUqjvVbjaSTA6sCiZctnjY4qMWgi851P&mediaDataID=5436426&mediaName=frame.html
Requested by: Host: www.xscores.com
URL: https://www.xscores.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4632d2b022177296c064744f1f91399baf42b20c374ea34e364efb59fe8c5a15

Request headers

Referer: https://www.xscores.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 784441d32a979054-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 04 Jan 2023 13:17:55 GMT
expires: 0
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-function: 102
x-reuse-index: 264

GET
H3 200 p.media Show response
s.tribalfusion.com/ Frame 675D 445 B
586 B 165ms
164ms Document
text/html 2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=a3mUwf36YS3sr6TsMaVGBhPPnnTHQRTFFP2r6oWTnvTEY7SEYFRVjZaQUanRH7bUGjU4UmxmHyMXamx4dUHPsvA5PMZdpdXNUdQa0b361UB91TepSrnETbBXTtUWmbFuPFrtYTrp4qUl2a33mqjEYUU6TtZbSomUIpVnwoWfD5EU73Hmp3AZbKnbjIYs30YsYV1VfupanU2r3RVbjHUA7TREbQQWfsStTPN9EqnamSPF3klmZcVkq&mediaDataID=6719746&mediaName=frame.html
Requested by: Host: www.xscores.com
URL: https://www.xscores.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29016cb89d023a202d69a898e0e8080e63998a400edbd281233f6f0cc0ec3d8d

Request headers

Referer: https://www.xscores.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 784441d32a989054-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 04 Jan 2023 13:17:55 GMT
expires: 0
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-function: 102
x-reuse-index: 192

GET
DATA 200
OK truncated
/ Frame 9042 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 53006077baf39fc60073c294987659d314e89d1a6dad48918d7520e7c2b5f044

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9042 0
0 45ms
45ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssL6wYh8f0uGRqVsbfRFuuMRGGpioD-sA48LZdUAuDS-NrMjCFixWmVu_HSgVG-bWx-Ng3uAsut1hjPRYkXhs60cz83PokVAjZov_rPbmfeq3g97x0RAGp08FVWr00fiP3FoXCs7LCSI8y3j9uJIEV8x3Oe5had1kWrXI-joLDOFlLGScWl7rxc5XO9NOojn2aUpz1tx2etS4kNC2CB27noJ-5QBWVgLPoF1Y16BpDHIVRVwBJ3RUkve--oe_dholR78WejMlxfiVfC5wtJPVbI2DQBp_XJK0N9er15lBmE4QpBHVD20ynGj3dx6OhvmnwENiiZI8uX_abPzI-H0BtBHA&sai=AMfl-YQRTClMiDz5GpJKwMN7-hgNkeMv1PoiWGTS_eJrgSwFwqyVrOnaHmq9AMWj4d51n1lrSxrBsFAcfKUvWblHCY9J-B0itH7EGgKx2zlWICgtKXeotWFb1m7IKfDPW9hB&sig=Cg0ArKJSzJGryFR_OeE6EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 13:17:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 04 Jan 2023 13:17:55 GMT

GET
H3

200

i.match
a.tribalfusion.com/ Frame 44EC
Redirect Chain

https://tags.bluekai.com/site/4229?id=18072662257301422927&redir=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db3%26u%3D%24_BK_UUID
https://a.tribalfusion.com/i.match?p=b3&u=$_BK_UUID

43 B
762 B

168ms
166ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b3&u=$_BK_UUID
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=aXmUwf5teq3A7ZanUQGYc7S1cU31sZbMpaB42FvVVbjZcUPn0RTMQPcnpPWJM1WvnTmjv2cQUXrFBT6qo2PM6QPnG3tvt0tBCmW2M36rW3srgTGYaWGbhS6FvWdY3UbfS3r2nWa3sWqJaSTMKSsBZcPUumStQdUcYV2Umxmtqr0qmp2WbCSG7A46YLodiyTHZbhYrvd1bQe1EipRFUEWUBSTtJWmErmRUq1yPumuPAERWMfeYhGI1&mediaDataID=2713736&mediaName=frame.html
Protocol: H3
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Jan 2023 13:17:55 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 784441d5de839054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://a.tribalfusion.com/i.match?p=b3&u=$_BK_UUID
date: Wed, 04 Jan 2023 13:17:55 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H3

200

i.match
a.tribalfusion.com/ Frame 6FF8
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=131&external_user_id=18072662257301422927&cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D&cm_dsp_id=131&external_user_id=18072662257301422927&C=1
https://a.tribalfusion.com/i.match?p=b20&u=Y7V8g5F4ryzFjW5B-5vrUQAA

43 B
732 B

168ms
167ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b20&u=Y7V8g5F4ryzFjW5B-5vrUQAA
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=aVmUwfSGjG2mQZamtArTWB80b39XUjf1aZaMSrrHUr3STdYYobJxQUJmXaYq5TUj2qfXmEjIYU3hUWbPoAYJmsjspd3B3qZb92Hmn3AZbIprMEYsrPYGv01svwpTb43FQ5VUnHWPQ1Qab0ScnoQWFv1WvnWPUu4GM20F3DT6im2PUePPMH4Wvn0W3Cndeo5m3Y4cM9VVBcVGbiRmYxWdF3WrMP3TupUqi2pAq9sPTb5bZbvgZcNZba6&mediaDataID=6530936&mediaName=frame.html
Protocol: H3
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Jan 2023 13:17:55 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 784441d51d729054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 04 Jan 2023 13:17:55 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://a.tribalfusion.com/i.match?p=b20&u=Y7V8g5F4ryzFjW5B-5vrUQAA
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H2

200

dspreply
public-prod-dspcookiematching.dmxleo.com/ Frame FAB4
Redirect Chain

https://a.tribalfusion.com/i.match?p=b24&u=18072662257301422927&redirect=https%3A%2F%2Fpublic-prod-dspcookiematching.dmxleo.com%2Fdspreply%3FdspId%3D15%26dspUserId%3D%24TF_USER_ID_ENC%24
https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662257301422927

0
123 B

91ms
19ms

Image
text/plain

188.65.124.66
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662257301422927

Requested by

Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=aWmUwfXWYKpdEx3mQU5cY9VcFdVGBeS6MoTtvWUU7P5rZasUarvWTr7Pq3ZbSVQLRbmpRWniWsj34UupodEtYEaO3HQHQVrZc5AJImdioVWJhYUvbXbbg1TqsPbUZbUFUPVdJ4mb7qQrrr1Evp5qFe4E71naZbD1Ff6WWjXmPfLpGvwotfE5EBg3tum46ZbGnbvEYVvS1VZb31c7OnqbW5UF2TFnZcWnF5REaqqomnspAUWEbDgkjCh9&mediaDataID=8039566&mediaName=frame.html

Protocol

Server

188.65.124.66 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),

Reverse DNS

ingress-03-pub-prod-ix7.vip.dailymotion.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-dm-lb-name: ingress-nginx-nginx-in-cluster-4wqvp
date: Wed, 04 Jan 2023 13:17:55 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 0

Redirect headers

pragma: no-cache
date: Wed, 04 Jan 2023 13:17:55 GMT
cf-cache-status: DYNAMIC
x-function: 209
server: cloudflare
x-reuse-index: 158
content-type: text/html
location: https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662257301422927
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 784441d46c6f9054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

i.match
a.tribalfusion.com/ Frame 5CBC
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212295768&_puid=18072662257301422927
https://a.tribalfusion.com/i.match?p=b23&u=217023104386002182734

43 B
742 B

170ms
169ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b23&u=217023104386002182734
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=aYmUwf2mQZbmdArVHBc0rbd1UflXqApRrnZbTFMYVWUWobBrRFjNXEvo4qJi4E71oErCYbFfUdr0mPnJpGQoptbF2avf3tmy4mvJprQK0Gn0XVQ4XsJMmavU5UY2VUbZbWP73PTU4PGZbsStfw1WfqVAbw3Gn40bnKV6yw4AZb8R6bK2dZboXWnZbmHaM3mrY5cngUsYaUVrfSm3yUHYTWrMP5b2uWFJoTTIKqAyJqRE82GaClYOBbU&mediaDataID=7665496&mediaName=frame.html
Protocol: H3
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Jan 2023 13:17:55 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 784441d4fd539054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 04 Jan 2023 13:17:55 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://a.tribalfusion.com/i.match?p=b23&u=217023104386002182734
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H3

200

i.match
a.tribalfusion.com/ Frame 675D
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D180726622573...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D180726622573...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw&piggybackCookie=18072662257301422927&r=https%3A//a.tribalfusion.com/i.match%3Fp%3Db11%26u%3D%24%7BPUBMATIC_U...
https://a.tribalfusion.com/i.match?p=b11&u=8BA12CE6-22FA-4A8F-9420-4CCFD2F15DF4

43 B
740 B

168ms
167ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b11&u=8BA12CE6-22FA-4A8F-9420-4CCFD2F15DF4
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=a3mUwf36YS3sr6TsMaVGBhPPnnTHQRTFFP2r6oWTnvTEY7SEYFRVjZaQUanRH7bUGjU4UmxmHyMXamx4dUHPsvA5PMZdpdXNUdQa0b361UB91TepSrnETbBXTtUWmbFuPFrtYTrp4qUl2a33mqjEYUU6TtZbSomUIpVnwoWfD5EU73Hmp3AZbKnbjIYs30YsYV1VfupanU2r3RVbjHUA7TREbQQWfsStTPN9EqnamSPF3klmZcVkq&mediaDataID=6719746&mediaName=frame.html
Protocol: H3
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Jan 2023 13:17:55 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 784441d56de99054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://a.tribalfusion.com/i.match?p=b11&u=8BA12CE6-22FA-4A8F-9420-4CCFD2F15DF4
date: Wed, 04 Jan 2023 13:17:54 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3

200

i.match
a.tribalfusion.com/ Frame F026
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=exp&google_cm&google_sc&google_ula=2786954&google_hm=18072662257301422927
https://a.tribalfusion.com/i.match?p=b6&u=adx&google_gid=CAESEItACyJOGFdTCmUHG89iyWo&google_cver=1&google_ula=2786954,0

43 B
738 B

187ms
186ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=adx&google_gid=CAESEItACyJOGFdTCmUHG89iyWo&google_cver=1&google_ula=2786954,0
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=a0mUwfpdEu36YR5srfVVMaUcBgRmrmTdM3TbB03FAuUaMtTEQlPTMLRsZbKPUumPWfcWGr54bevmtit0qXx3WfDPcBE5AJFpWXpVWbb0bnkYUZbjXqimSUJGWU3SVd3TmbQoPFFnXaFt3Tfh4En4mqMBXFb8WtBQoPvBnV7mmHnJ3qZbi5tZar4PZbZcpbQEXVr0XsU5Xsnwmq7P3rYUTFnZcUA7TPrB0ScZaXq9evypiX0SvIecaDg0&mediaDataID=4056396&mediaName=frame.html
Protocol: H3
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Jan 2023 13:17:55 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 784441d56df69054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 04 Jan 2023 13:17:55 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://a.tribalfusion.com/i.match?p=b6&u=adx&google_gid=CAESEItACyJOGFdTCmUHG89iyWo&google_cver=1&google_ula=2786954,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

i.match
a.tribalfusion.com/ Frame 8EE4
Redirect Chain

https://dpm.demdex.net/ibs:dpid=22054&dpuuid=18072662257301422927&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db13%26u%3D%24%7BDD_UUID%7D
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22054&dpuuid=18072662257301422927&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db13%26u%3D%24%7BDD_UUID%7D
https://a.tribalfusion.com/i.match?p=b13&u=26029760435081225763880393193622045245

43 B
793 B

167ms
167ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b13&u=26029760435081225763880393193622045245
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=aUmV8E5EUh5ten5mrZbmbUZb0GQVXVJ31VBnmEFT3rY2TU7AUPvTQEY5PGQrQWUyYdnoVmrp2VJWXFULVm2o56BaQAJD4HZbM1dBZdpdey36YY5s3cUV3bVVMhP6rnTdZb4WrZbX3baqVqjpVqFbSTUZdRVjZdRravSt3bWVUV2FqqndeyYEyn2dbFSGjZa4AJZamdiyUHfd0Uv7XrYf0TqpRb3ZcWF34Vdn4mFFxRUrN1EFtXqJa27EyQ6ZaivPURAR83MB&mediaDataID=5578346&mediaName=frame.html
Protocol: H3
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Jan 2023 13:17:56 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 784441d8db569054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

DCS: dcs-prod-irl1-2-v045-061dae83e.edge-irl1.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: LKKntkpTSpI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://a.tribalfusion.com/i.match?p=b13&u=26029760435081225763880393193622045245
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame DBC6
Redirect Chain

https://a.tribalfusion.com/i.match?p=b10&u=18072662257301422927&redirect=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180
https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662257301422927&expires=180

0
239 B

76ms
8ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662257301422927&expires=180
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=a2mUwfmdAsVWJ9XbQ9XFUgXaZamRrYETFvSWdr3mUZbxRFbm1T3y4Tfg5EM0mqMB1b39UWjXm67DnVvomHYB2qBj2WEs46vEmFbL0G3T1c3V0GJumq7T2bFWTFjZcWPrWPTbXQsMoPWUNYtFtVArO2VB2YbMIVAPp2A3ePmMA4WUO0dBZbpdaM56rV5VYgTsUjVsjhP6ZbvTH3SUU7Y5b2uUqjvVbjaSTA6sCiZctnjY4qMWgi851P&mediaDataID=5436426&mediaName=frame.html
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Wed, 04 Jan 2023 13:17:55 GMT
cf-cache-status: DYNAMIC
x-function: 209
server: cloudflare
x-reuse-index: 939
content-type: text/html
location: https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662257301422927&expires=180
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 784441d4acd19054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 4D2D
Redirect Chain

https://a.tribalfusion.com/i.match?p=b22&u=18072662257301422927&redirect=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dexponential%26partner_uid%3D%24TF_USER_ID_ENC%24
https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662257301422927

0
339 B

154ms
29ms

Image
text/plain

52.208.157.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662257301422927
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=a1mUwf3A7ZaprMZcXc3QXcM5XGZbpmanU3FM2WUZbEW6MTRTr5SsUMPtfx0WbmVAbw4cJ5XF3DTPau4AU6R6ZbC3dBp1trImt2m4PBV3sYaVcQjVV7kRPnMTWFVWr7P3rIxWajmVEv6PqBZcQVjZbPUerRd7bVcUT2r2ootaOXaev4dMZdQsrB2mMEoWepUtbhXrrkXFJgXTysSFQDUr30TtJWorQxPaQr1EEYwAeev6qoyd7pgBUU0Zc&mediaDataID=6807466&mediaName=frame.html
Protocol: H2
Server: 52.208.157.7 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-157-7.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by: beacon-n018-dub-prod.krxd.net
date: Wed, 04 Jan 2023 13:17:55 GMT
cache-control: private, no-cache, no-store
x-request-time: D=36 t=1672838275
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Wed, 04 Jan 2023 13:17:55 GMT
cf-cache-status: DYNAMIC
x-function: 209
server: cloudflare
x-reuse-index: 64
content-type: text/html
location: https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662257301422927
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 784441d4acd49054-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6FAE 42 B
64 B 109ms
108ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss8_Kt5c2m-_p2lj4uIQa-lD4_y7PkiwKNiOT-MfjDTBRK0vlWVgGncaFAkr2RHpE4mPX2knRRXwfJjv43tyKCNXHspPczlugDhGHjMl9siOC-MCPoS&sig=Cg0ArKJSzFLGXkxp4aOsEAE&id=lidar2&mcvt=1007&p=143,105,747,265&mtos=0,1007,1007,1007,1007&tos=0,1007,0,0,0&v=20221207&bin=7&avms=nio&bs=1600,1200&mc=0.99&vu=1&app=0&itpl=19&adk=517810145&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1672838273357&rpt=1116&isd=0&lsd=0&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Jan 2023 13:17:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1547 42 B
64 B 108ms
107ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuyD-kPGJwd0bTbhw6WwLlAU3S7P5Pgv2lvVlg4qiEs77RkleqPO1FeW7g2IhDk2Nv4VxvJMoUhu4pgUuJZrSMz8BrxROaJ&sig=Cg0ArKJSzO20PJSNa1ZwEAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=34&adk=2114207691&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1672838274436&rpt=414&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Jan 2023 13:17:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9042 42 B
64 B 109ms
108ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvg57i4Y9PekIYkn11AfNQcPEiCCEP8WBPN0VTTw3Kc_5nwnYq8ObN4H20Hulh_r0QlvT4xQkf8114W1QakydLuDX8hG2YPYsPrDvZm0u_QzIiEWjZQ&sig=Cg0ArKJSzDrzRzfiYmceEAE&id=lidar2&mcvt=1001&p=5,436,99,1164&mtos=0,1001,1001,1001,1001&tos=0,1001,0,0,0&v=20221207&bin=7&avms=nio&bs=1600,1200&mc=0.96&vu=1&app=0&itpl=19&adk=938601209&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1672838273333&rpt=1752&isd=0&lsd=0&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Jan 2023 13:17:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad_choices_i_UR.png
cdnx.tribalfusion.com/media/common//adChoice/icon/ Frame 9042 513 B
793 B 22ms
21ms Image
image/png 2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnx.tribalfusion.com/media/common//adChoice/icon/ad_choices_i_UR.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1afa262e624f1634b15d619047f0addeb94a4f964711ae7d89997559ab75e77f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 13:17:56 GMT
cf-cache-status: HIT
age: 80973
p3p: CP="NOI DEVo TAIa OUR BUS"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 513
x-function: 301
last-modified: Wed, 10 Aug 2022 06:59:18 GMT
server: cloudflare
etag: 1660114758
vary: Accept-Encoding
content-type: image/png; charset=utf-8
access-control-allow-origin: *
cache-control: public
accept-ranges: bytes
cf-ray: 784441db2f179054-FRA
expires: Tue, 31 Dec 2030 00:00:00 GMT

GET
H3 200 ad_choices_UR.png
cdnx.tribalfusion.com/media/common//adChoice/icon/ Frame 9042 2 KB
2 KB 35ms
35ms Image
image/png 2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnx.tribalfusion.com/media/common//adChoice/icon/ad_choices_UR.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69f04517e8026c40b59c45b86cce990587bd1480ed65a966767c49f3afb9683b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xscores.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 13:17:56 GMT
cf-cache-status: HIT
age: 71028
p3p: CP="NOI DEVo TAIa OUR BUS"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1608
x-function: 301
last-modified: Wed, 10 Aug 2022 06:59:18 GMT
server: cloudflare
etag: 1660114758
vary: Accept-Encoding
content-type: image/png; charset=utf-8
access-control-allow-origin: *
cache-control: public
accept-ranges: bytes
cf-ray: 784441db2f1a9054-FRA
expires: Tue, 31 Dec 2030 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

105 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.xscores.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: D0FCFFFF1103AB26BA1A1509B69B18CC
www.xscores.com/	1970-01-20 08:40:59	Name: countryLocation Value: DE
www.xscores.com/	1970-01-20 17:26:14	Name: cookiebar Value: displayed
.xscores.com/	1970-01-20 18:16:38	Name: _ga Value: GA1.2.297026340.1672838272
.xscores.com/	1970-01-20 08:42:04	Name: _gid Value: GA1.2.1536028946.1672838272
.xscores.com/	1970-01-20 08:40:38	Name: _gat Value: 1
.xscores.com/	1970-01-20 18:02:14	Name: __gads Value: ID=1257c052dd3300c3:T=1672838271:S=ALNI_MY3uw1vLzIdfz6VQfABEVWukBOhaA
.xscores.com/	1970-01-20 18:02:14	Name: __gpi Value: UID=00000b9d2657b403:T=1672838271:RT=1672838271:S=ALNI_MaOgSdlEBzlnfGGbJj_eTYoOlXsxQ
.doubleclick.net/	1970-01-20 18:02:14	Name: IDE Value: AHWqTUkdDXE0a4wikMKXOhs2Lfcp_RypnH48pUysvWotKMPbPc9jvClWu5xlAsijSgM
.interwetten.com/	1970-01-20 18:16:38	Name: NetRefer_CookieUniTrack_V Value: %5b%7b%22PID%22%3a1982%2c%22BID%22%3a8485%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1672838273881)%5c%2f%22%2c%22CookieTag%22%3a%22848519824112101C2023141317%22%7d%5d
.connextra.com/	1970-01-20 17:26:14	Name: CxtId Value: 568b52f9-76ec-484c-9352-10cc6e4ca602
.connextra.com/	1970-01-20 17:26:14	Name: Interwetten Value: A%7Cpostimpression%7C1%7C202301041317%7C9%7CAFF_DE_EURO2021_728x90%7CDE_SB_NKB_2021_IWde_SWI_HTML_728x90%7C%7C%7C7IKdgxbtQd2sFppTPKFwPA
.spotxchange.com/	1970-01-20 09:20:57	Name: audience Value: 32e06f37-8c32-11ed-97f3-10a0cca80306
.yahoo.com/	1970-01-20 17:26:35	Name: A3 Value: d=AQABBIJ8tWMCECSh2qdjU6QSvA1WhVdW3igFEgEBAQHOtmO_YwAAAAAA_eMAAA&S=AQAAAkeJKjcC4ggdN8bkZxLChIA
.analytics.yahoo.com/	1970-01-20 17:26:14	Name: IDSYNC Value: 18gs~298d
.pubmatic.com/	1970-01-20 08:42:04	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 17:26:14	Name: KADUSERCOOKIE Value: 8BA12CE6-22FA-4A8F-9420-4CCFD2F15DF4
.agkn.com/	1970-01-20 17:26:14	Name: ab Value: 0001%3Asu6NZoyj4%2BHErMnNRFBKreNwbV7PCeUx
.casalemedia.com/	1970-01-20 17:26:14	Name: CMID Value: Y7V8g5F4ryzFjW5B-5vrUQAA
.casalemedia.com/	1970-01-20 10:50:14	Name: CMPS Value: 1102
.casalemedia.com/	1970-01-20 10:50:14	Name: CMPRO Value: 1102
.pubmatic.com/	1970-01-20 09:23:50	Name: KRTBCOOKIE_1051 Value: 22884-18072662257301422927
.pubmatic.com/	1970-01-20 09:23:50	Name: PugT Value: 1672838274
.bluekai.com/	1970-01-20 13:01:16	Name: bku Value: CH999/BX+V1bTrx3
.bluekai.com/	1970-01-20 13:01:16	Name: bkpa Value: KJy9qQYHd02pSUHknpx01MAdSVx21EQyBp/tBM/0BEzp1eW61M/81MzZzZPASU/2ScH6zc1k16Wk1ARk1AjCn7H0SVJCqsjNztkFqi8Mqt6k1AjonZNC5sBGJEBszYDpHs/pJE/t5uDpHYD0Ba2YuN2PPDkW9yewwHd0
.krxd.net/	1970-01-20 12:59:50	Name: _kuid_ Value: PTG8pByZ
.tribalfusion.com/	1970-01-20 10:50:14	Name: ANON_ID Value: aAnQwvqO2cfU2OqnvlbZdxiGe3CrCa87tOYVWMP2WQD0kZbRegyOig6AGZaTUusbejhheChliRN7uu0EadPsEPfY92GXeJiuyu2AB7CUFN1aT0hCsHbZaKZcniAVJZawxkU28xiPfsgnqjZccZbdDSLGPuoa3Dy3bOxY9ZayHnaZdoBxDlRfn56lJEqpPjZbTyZbS01qZbFWx0WHi

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.googletagservices.com/dcm/impl_v92.js(Line 99) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.googletagservices.com/dcm/impl_v92.js(Line 111) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5470d64aa34e1c47c445da06338616a3.safeframe.googlesyndication.com
a.tribalfusion.com
a4.tribalfusion.com
aa.agkn.com
ad.doubleclick.net
adservice.google.com
adservice.google.de
affiliatesys.interwetten.com
ajax.googleapis.com
beacon.krxd.net
cdn.ampproject.org
cdn.doubleverify.com
cdnx.tribalfusion.com
cm.g.doubleclick.net
code.createjs.com
dpm.demdex.net
dsum-sec.casalemedia.com
extreme-ip-lookup.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
image6.pubmatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
public-prod-dspcookiematching.dmxleo.com
rtb0.doubleverify.com
rtbc-eu3.doubleverify.com
s.tribalfusion.com
s0.2mdn.net
securepubads.g.doubleclick.net
simage2.pubmatic.com
ssl.connextra.com
stats.g.doubleclick.net
sync.search.spotxchange.com
tags.bluekai.com
tags.expo9.exponential.com
tpc.googlesyndication.com
ups.analytics.yahoo.com
us-u.openx.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.xscores.com
xscores.com
104.18.12.14
109.236.91.3
142.250.180.226
142.250.185.134
142.250.201.194
176.9.34.173
18.198.164.240
185.64.189.110
185.64.189.115
185.80.39.216
185.94.180.125
188.65.124.66
195.201.128.7
2001:4860:4802:32::178
2606:4700::6812:18ad
2606:4700::6812:ddb
2a00:1450:4001:801::2001
2a00:1450:4001:809::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:811::200a
2a00:1450:4001:827::2002
2a00:1450:4001:829::2002
2a00:1450:400c:c06::9c
2a00:1450:400d:803::2006
2a00:1450:400d:806::2002
2a00:1450:400d:807::2002
2a00:1450:400d:807::2008
2a00:1450:400d:808::2001
2a00:1450:400d:80a::2004
2a00:1450:400d:80a::200a
2a00:1450:400d:80c::2001
2a00:1450:400d:80c::2003
2a00:1450:400d:80e::2002
2a02:26f0:11a::217:9a8a
2a02:26f0:3500:11::215:14dc
2a02:26f0:6c00::210:bac0
3.126.56.137
34.149.12.213
34.98.64.218
52.208.157.7
52.50.220.58
69.173.144.165
69.192.160.219
96.16.144.106
04fc8a54f49993b1ec621ff6a5e07354952566f83d397f41b34ac68ffdd79811
09e2cde841d20eb7a050856760dc680b5643fa8c1c5068b4c271969b087a31f9
0b2183fee2e5f7dc4b4b0caed38102dd6fd22145d8e8ebf7459919e5ce3484e0
0c103ae844c36c58f5947f4ffac0ef3edf1d447d0650fe33437071d3e13645ca
0cecc9a403e88c4966a093e58384636f80897b90d6369c045cf91e115cf9d43e
0d7a118bfb318d490e11513e33ab5987792f8a034c036f95be4d51c1d59326ca
0fb78ab6edaa1856259461519a4970a5dfb0ada10c46f3f5029c5e5cbed9e8b6
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
182e4ce4dfd537795577b12b9b19a57422a8b21815f5dd92ef8acb3fd872a19c
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
1afa262e624f1634b15d619047f0addeb94a4f964711ae7d89997559ab75e77f
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1d895af5c6bdee70d72b67ceb2f53495dbe9382a614e179371e61b0a94e3ed27
221a36a8ea26b8426847000fe0ba2a00a8308ee1d4cf51b3f34fdf1f2326075b
27860bbd92fc2f77d8f4c4b0c01ab7649cc8002ad183240e7289338d217b0566
29016cb89d023a202d69a898e0e8080e63998a400edbd281233f6f0cc0ec3d8d
2b47c82f71b00acfdc66f8ddbf6c423b79616d8f5f30de08aa6ec8460ca6aade
2c01657ae56c438f2defb6a0d3b0aa533d578eb1c484ff7d7ffeb70fed43c3d9
2cd5d4ec27efd3b78be46074e908cdae1f7b6fdd9c4b09e5613be6473e8a7fbb
302413f255a856fa0b7d20c08eb423008caf60984d55d048581b4b7194b1740b
312c637682273a8a661f9941fd7d8cae7ccc058f9a9a2b35ebeee038c80c82ac
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
38a48e47b475a766c44799a882ea41baa48273087bfbb708063fc3cf61965794
3b643dfe54d43b150b4e41b81aced56c4322a7c4c081483777c20ce15798bd68
403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb
42d979d54a12b76d10c5f34709c774b14aedcbf25f268f332a7e9163011b658b
4632d2b022177296c064744f1f91399baf42b20c374ea34e364efb59fe8c5a15
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
471c6845b9b92e9ade5a83127d1a693fa80a74655cdbe4e4d820fa77de860213
4804c2aedacd4aeaa883f9ee68a46db16fca0019e321d2991ccc16531d57f7aa
4b8627a66dc1214cc828e7554cfce628fd7e287fb90d10596cc7a542a0b77717
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fb5e2957e56de42e571ef78aefe8acca2518d9035612896ac8c8185bbf86894
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
511f3ce594c53b71fe2a9ebe659b5760538e8f0fa8e996e13ee5e3aa0557e468
513d282e2ea5b31d712c51b824be9505d93b859159d08e26595c92ea9c79f4b3
53006077baf39fc60073c294987659d314e89d1a6dad48918d7520e7c2b5f044
55952431c4aaff28a5e805fc8ab9aa18ddaa3bce69f1c55793e449b508f0d4db
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57924c930348d111e0e217f84872ee5470f49ae2a30aff2b7d9f5fade1a2e0fe
57f031cf2b8305844b9744296d7de36c01f5e53e2d2ef61198cb641b2ee0b34f
5b8ad56d1d4e22dba3ee5f7d21111fa5b14c3c69d4bb2cb4ffee22d3862d50d1
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6226883dfc94ab839c2f91e3eba4e812d36512a5a0e1ae2a50021f9964a6be7c
6282c106a3f19f0225f74e66e53ba4e468fdf86bcc80c9ffa7efbf91a4ed1849
641ff06cb9a0fa47fd9c40779d2c65cc836c05bb12b679ae59e86803dd81bf44
69f04517e8026c40b59c45b86cce990587bd1480ed65a966767c49f3afb9683b
74170df6f7e911f514014b731654b91a37f73e63bac0841f55d5ee9a463f3fb1
788e78a6cdcc3c33d2139d288faae5e11a52be02900fa6230308867859053362
7bc7443e12f0c6ac90dc11455835608b5ca6f4b96fd8bf091ccbf2999e7afbf9
7e2d45fa140f6240dc23d273d6cccaf61639819f77bc027e733a8b1db90bcc39
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
80271754c60af1d6768c448b145131cecd30913b15fc3e363d52a5cc3737a3cb
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8acf96115cb55ad61bfdc24b7918a946d1b983ac14062a584dbbe8744021430a
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
982f6727aa2fdb0cd453fa35a27ae5b97216e195443aaf2d5d21f83311b83135
9985ce069228442c8d25e513cc3e181fd2e5cd600f7103d793d4ac7267dd8d3b
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
a41fd753285dab05bc5ccd15cf23f44ec9c00a81c3a58db161816621875d3459
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a94a2d7b13788571f53a1edf1f4c9b85e38cc3b455ee89d06ecad97786878257
a9e5066fc66528c496cbe35fb7df215e3ffb26ad7fe74ef207a14935aa5a5375
adf379f80ce276b9dc4030667cf06a2b68c7bc10908a9cc4d492b8b96aa15997
adff4b1f3a190d08f08a3fa52fad4599d349bc85a6b9539138e0476f49d1405f
aead5e8d42441f9f2d8270a1d1c0d4101b7d0d1b1874fa20b90b628606faa0c5
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1afa58ba922a027077434c3c3d3aaa70dc9c5882d273c3de0ea7fc97663398e
b245c431e6569826e79c97d269a24d1a367fdc1b0f773e6f86da54a8e8bfb066
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b55616e4eada60d4e94a044efa03f45c3550056a0e93a55a993b0b85a7e7689b
b824c13d278f1b790024b8318a26f9f66169cb7339c90f25d330a75c5e322764
ba9a887bf04873c8dc786fdb1e63e06fd932f2788ab8d14c0d07640010c5363f
c0e84e667672bf1c1c675beab334b374919c2a76172ddf890e48ac57b182f5ee
c104ec098bbe63627860a2d0144e9864c4db095e1e4f1e9f38119affa80bc39c
c1d977389d61203d8224ac592fd37b7cc745f67b3f3bebb02d10ac40e0dd5123
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
c9406a92f81fad251295cd64386a8bb62ee7503f589ae1b96893faae2f4fcb18
cf83cef3b7b9352ab261c6ba4202e97f7fc55c093b1fd2ef781a7ef91ef75cae
d32ffa0a631dca8367608eabc4b892f1bbd0457df475283e0fd519f927645ff4
d5299ea507fd5eb7d812f8e182900512abcc20e03e9c3ce496ff9e6555184257
d640896cce366cd04e49e772ff67aa65bda3709ac95f7d7b273ccc31617b4a3b
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
d8b1280df015b12fd4ea4138faad855238e57f1819a6d2b854d0fd9879532805
d9ebddedcebd351bb4e992c15921ef1378358eb1e02a8bae03d249506f2cd11a
dee15017d1842b24ead7034d3466aae2e072ac71be529e00ab8fcd876e4d1270
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e3af54006103468bdacbce80cc404c9225fb57bdfb718c91d23dfaff116849a8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e5254992d29b548bc6b934ba3c3b6f07ae9da486e9a09289d8d48a894a41953a
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e78577781db1d3c245393da81e1317a82e7db5b0593add887ac4974bdebe7a9d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa868a96d117a28e0d2d0e338e2b248179d0247cd5e4bfa73363d8001e03a82
f2eebcf367bba45b0ef7722b742b7fc777a8577ee0ae017ee35da322c78dbe66
f2f8c7997f52d388163a69b8832524663fd4b607f83cdb13ed9c6e928ad71fac
f5a6507f5b2184bb886fc7fab40237e061a70095eb2848d4966d7d9747dd6d96
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f8917df2e8cde1e6a0f4050a2223786b329402d0a33ce4efbd92491b53bb2a21
f92c8e68b176ac57a1a248e0440d4fc09ac02953ffb095e0f1c8a89d65ea1ec8
fccbc9fc071f43a50a96ffb7fd285f802365e44ade74d69ca587631dff22c656

www.xscores.com Open in urlscan Pro 195.201.128.7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

144 Requests

92 %HTTPS

52 %IPv6

31 Domains

48 Subdomains

35 IPs

10 Countries

1791 kBTransfer

4294 kBSize

27 Cookies

50 Outgoing links

Page URL History

Redirected requests

144 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.xscores.com Open in urlscan Pro
195.201.128.7 Public Scan

Screenshot
Live screenshot

Full Image

144
Requests

92 %
HTTPS

52 %
IPv6

31
Domains

48
Subdomains

35
IPs

10
Countries

1791 kB
Transfer

4294 kB
Size

27
Cookies

144 HTTP transactions
5 data transactions