ar.hes-goals.io Open in urlscan Pro
104.21.16.40 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ar.hes-goals.io/
Effective URL:
https://ar.hes-goals.io/
Submission: On September 23 via manual (September 23rd 2024, 5:38:16 pm UTC) from US — Scanned from DE

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 4 countries across 6 domains to perform 12 HTTP transactions. The main IP is 104.21.16.40, located in and belongs to CLOUDFLARENET, US. The main domain is ar.hes-goals.io.
TLS certificate: Issued by WE1 on September 1st 2024. Valid for: 3 months.

This is the only time ar.hes-goals.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 6	104.21.16.40 104.21.16.40	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	109.200.199.110 109.200.199.110	49544 (I3DNET) (I3DNET)
3	109.200.209.143 109.200.209.143	49544 (I3DNET) (I3DNET)
1	2a00:1d26:c77... 2a00:1d26:c771::11	49544 (I3DNET) (I3DNET)
1	2a01:9580:477... 2a01:9580:4771::12	49544 (I3DNET) (I3DNET)
1	5.200.15.242 5.200.15.242	49544 (I3DNET) (I3DNET)
12	7

6 104.21.16.40 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ar.hes-goals.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.200.199.110 (Settimo Milanese, Italy)

ASN49544 (I3DNET, NL)

richinfo.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 109.200.209.143 (Newark, United States)

ASN49544 (I3DNET, NL)

7ool.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1d26:c771::11 (Newark, United States)

ASN49544 (I3DNET, NL)

us.convers.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:9580:4771::12 (Settimo Milanese, Italy)

ASN49544 (I3DNET, NL)

cdn.adx1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.200.15.242 (Rotterdam, Netherlands)

ASN49544 (I3DNET, NL)

8961.xml.4armn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	hes-goals.io 1 redirects ar.hes-goals.io	30 KB
3	7ool.net 7ool.net — Cisco Umbrella Rank: 265325	45 KB
1	4armn.com 8961.xml.4armn.com	77 B
1	adx1.com cdn.adx1.com — Cisco Umbrella Rank: 78303	446 B
1	convers.link us.convers.link — Cisco Umbrella Rank: 362803	316 B
1	richinfo.co richinfo.co — Cisco Umbrella Rank: 210356	23 KB
12	6

	Domain	Requested by
6	ar.hes-goals.io	1 redirects ar.hes-goals.io
3	7ool.net	richinfo.co
1	8961.xml.4armn.com	7ool.net
1	cdn.adx1.com	richinfo.co
1	us.convers.link	richinfo.co
1	richinfo.co	ar.hes-goals.io
12	6

This site contains no links.

Subject Issuer	Validity	Valid
hes-goals.io WE1	`2024-09-01` - `2024-11-30`	3 months	crt.sh
richinfo.co R10	`2024-09-22` - `2024-12-21`	3 months	crt.sh
7ool.net R10	`2024-08-13` - `2024-11-11`	3 months	crt.sh
*.convers.link R11	`2024-07-27` - `2024-10-25`	3 months	crt.sh
*.adx1.com R10	`2024-07-26` - `2024-10-24`	3 months	crt.sh
8961.xml.4armn.com R10	`2024-09-06` - `2024-12-05`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://ar.hes-goals.io/
Frame ID: F2B4D8ACE56354401FC45EF017C7BBAE
Requests: 20 HTTP requests in this frame

Frame: https://ar.hes-goals.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js
Frame ID: A70B804D778F66A336C164CF377820BC
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Welcome to Hesgoal

Page URL History Show full URLs

http://ar.hes-goals.io/ HTTP 307
https://ar.hes-goals.io/ Page URL

Page Statistics

12
Requests

92 %
HTTPS

33 %
IPv6

6
Domains

6
Subdomains

7
IPs

4
Countries

98 kB
Transfer

252 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ar.hes-goals.io/ HTTP 307
https://ar.hes-goals.io/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://ar.hes-goals.io/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://ar.hes-goals.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js

12 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
ar.hes-goals.io/
Redirect Chain

http://ar.hes-goals.io/
https://ar.hes-goals.io/

41 KB
23 KB

229ms
200ms

Document
text/html

104.21.16.40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ar.hes-goals.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.16.40 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e60b82308f9a6269c53e7a5e515caee48c2f4bed4aa1987caca500bbc5746e53

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 9goals.live drama-tv.live live.golato.io king-shoot.live koora-lives.io kora-live-tv.io live-yalla.io yacine-app.com yacine-tv.io yalla-kora.tv yalla-lives.net yalla-lives.tv v.shoot-yalla.pro yalla-shoote.tv kora.yalla-shoots.tv top.yalla-games.net yalla-shoot-tv.vip
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM 9goals.live drama-tv.live live.golato.io king-shoot.live koora-lives.io kora-live-tv.io live-yalla.io yacine-app.com yacine-tv.io yalla-kora.tv yalla-lives.net yalla-lives.tv v.shoot-yalla.pro yalla-shoote.tv kora.yalla-shoots.tv top.yalla-games.net yalla-shoot-tv.vip
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 8c7c4e9b0e55973f-FRA
content-encoding: br
content-security-policy: frame-ancestors 9goals.live drama-tv.live live.golato.io king-shoot.live koora-lives.io kora-live-tv.io live-yalla.io yacine-app.com yacine-tv.io yalla-kora.tv yalla-lives.net yalla-lives.tv v.shoot-yalla.pro yalla-shoote.tv kora.yalla-shoots.tv top.yalla-games.net yalla-shoot-tv.vip
content-type: text/html
date: Mon, 23 Sep 2024 17:38:12 GMT
last-modified: Thu, 06 Jun 2024 16:31:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6lFTJ8U%2FQaR4RG0mtypLiSxMWoFAv6t4ROB%2Ba0%2BYcBqQbYKLf%2F6bkl%2Bg%2B8SsJNf28PI0WXeBLzWBHkXnS3lRKXHRkR4jnvppz0RVESHz12FDg%2FQ0HHEJReD6inzLYbW%2FD7c%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOW-FROM 9goals.live drama-tv.live live.golato.io king-shoot.live koora-lives.io kora-live-tv.io live-yalla.io yacine-app.com yacine-tv.io yalla-kora.tv yalla-lives.net yalla-lives.tv v.shoot-yalla.pro yalla-shoote.tv kora.yalla-shoots.tv top.yalla-games.net yalla-shoot-tv.vip
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ar.hes-goals.io/
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 200 speculation
ar.hes-goals.io/cdn-cgi/ 128 B
536 B 16ms
15ms Other
application/speculationrules+json 104.21.16.40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ar.hes-goals.io/cdn-cgi/speculation
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.16.40 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://ar.hes-goals.io
Referer: https://ar.hes-goals.io/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ua9n%2BEVAHrDWuZ0vMqXd08xxZYSd1BeRmFuOIGe3zMH94bkKi1wI8AHAvDtLlHGD2WtcbfQoaibZegkOkchXwkz5YS28VATFVvjKdE4nyIKqQvvXchXGyJTVvakKBXbBxSk%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c7c4e9c68ac973f-FRA
access-control-allow-origin: https://ar.hes-goals.io
content-length: 128
date: Mon, 23 Sep 2024 17:38:12 GMT
content-type: application/speculationrules+json
vary: Origin, Accept-Encoding
server: cloudflare

GET
H2 200 richads-pu-ob.js Show response
richinfo.co/richpartners/pops/js/ 61 KB
23 KB 69ms
15ms Script
application/x-javascript 109.200.199.110
I3DNET

General

Check archive.org

Show headers Download Go to

Full URL: https://richinfo.co/richpartners/pops/js/richads-pu-ob.js
Requested by: Host: ar.hes-goals.io
URL: https://ar.hes-goals.io/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.200.199.110 Settimo Milanese, Italy, ASN49544 (I3DNET, NL),
Reverse DNS
Software: openresty/1.21.4.1 /
Resource Hash: 585df346ecf1ce4f159275267f798cd3fbe7fbb13815b0e4ea7e3dfeae721e84

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ar.hes-goals.io/

Response headers

x-amz-id-2: 2jOyMJbeJ4AS8ImFpfxjjUw/zKLuvwUw9+BGjIDai3NnHwCSw7p3+Agr64+SwrHj72TXoh4LGFQ=
content-encoding: gzip
etag: W/"7d9651c009b6d833bbdea4f05870006d"
x-amz-request-id: 9GM8GE3MRFYBNPDN
date: Mon, 23 Sep 2024 17:38:12 GMT
content-type: application/x-javascript
last-modified: Thu, 29 Aug 2024 15:57:17 GMT
server: openresty/1.21.4.1
x-amz-server-side-encryption: AES256

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c39c8d0dcda1f17ae8bca626b1872322d8ed90480596814699e3bd4a4fa290aa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 940845055bdf034966722f912fa2a1aa56fdd3e64591d4745a0ee053ba4c8726

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57787303796f1e3ac797cc338df55f604885d714794887fed21d01b9fed9799e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: af9c5327457622eaf9ade23e161a42e323a2aa3fadefc2b24de4da02bc280449

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0b7aada9e1e5c89ef3052d1c0f0bde589361a0518474504406f3837b78ec50c2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ddbe1fdf8396b6508783ebf1be8d34069e0a5e87df4df7e430ea79efde174e3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e2f8abb76c1c27bfbc0eb9872a2ff01761f612f1ac09446ba6e7c4697bd6e245

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 706 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3f0df70633344700d448a55250681622efa844b9d37a8044f27f10fb8537ae09

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 561bf896d48f10ffddc4a5f5e06223a60765a2db34218d80fc26c7aa914affe0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 872 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e508ba88a55e7a3cb0ec8a7730caba97725d5cf9741a243d59bae6e36d3b3863

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H3

200

main.js Show response
ar.hes-goals.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/ Frame A70B
Redirect Chain

https://ar.hes-goals.io/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://ar.hes-goals.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js?

8 KB
4 KB

28ms
27ms

Script
application/javascript

104.21.16.40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ar.hes-goals.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js?

Requested by

Host: ar.hes-goals.io
URL: https://ar.hes-goals.io/

Protocol

Server

104.21.16.40 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec70954d5da833768440a6fcb8d785e0ab559d6e8b87055fc83237ecde887ff2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rj02lP2S%2Bs3c8wgUW2cXkl5rvH6hKPOs4kMhNnjyk2X0B4yXdMrQtt1ULeS3wdKonAMNWkApSiIxkrwMp0rwCEpsQrNU%2B%2BZcrlzuBSXDsNpmzEHlbp742u1Vmxd92ThGsnY%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8c7c4e9cb949973f-FRA
alt-svc: h3=":443"; ma=86400
date: Mon, 23 Sep 2024 17:38:12 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare

Redirect headers

cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js?
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h8AFcnNUNwSewVPhAjQcE4dW%2FrCiRc3SyCqkkuQ9wrOMdCrxJ9zmmnovC3YS%2FkcjI568%2Fil%2FKnPzqnR60fkPFLmjgtnXbBFuZUTNNfUzdkbcAD1q%2BhFkVMkyNW5QvKrFZDg%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c7c4e9c9905973f-FRA
access-control-allow-origin: *
content-length: 0
date: Mon, 23 Sep 2024 17:38:12 GMT
vary: Accept-Encoding
server: cloudflare

POST
H3 200 8c7c4e9b0e55973f Show response
ar.hes-goals.io/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame A70B 0
913 B 35ms
30ms XHR
text/plain 104.21.16.40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ar.hes-goals.io/cdn-cgi/challenge-platform/h/g/jsd/r/8c7c4e9b0e55973f
Requested by: Host: ar.hes-goals.io
URL: https://ar.hes-goals.io/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.16.40 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LgcJ3VxlgUTw9eMVdr5BQfOD1BgvXis7kF2o9B4o5qjr3smMESXT2epXXBqrNKU3Z7trdMYcGkE%2Bk%2FEir9qNwB4KX13NmS3tdKGKsCjH4O0vEqfch27lfufYVA416RbJNxs%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c7c4e9d3a30973f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Mon, 23 Sep 2024 17:38:12 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare

GET
H2 200 pu-ob.js Show response
7ool.net/richpartners/pops/js/ 46 KB
17 KB 303ms
91ms Script
application/x-javascript 109.200.209.143
I3DNET

General

Check archive.org

Show headers Download Go to

Full URL: https://7ool.net/richpartners/pops/js/pu-ob.js
Requested by: Host: richinfo.co
URL: https://richinfo.co/richpartners/pops/js/richads-pu-ob.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.200.209.143 Newark, United States, ASN49544 (I3DNET, NL),
Reverse DNS
Software: openresty/1.21.4.1 /
Resource Hash: 6d7f57be01ebc67f1e00dd55156ac0c898453ec4c1f345454558311a7df91378

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ar.hes-goals.io/

Response headers

x-amz-id-2: UU076FtElQ4tiD6CIGLiHoIfaWbRI1KBeXTDow5GrplEkusfVrqqJ9nNI1ubXKvgpqXaA48gd8qD6v+5dwACaAqPyXrf+j01
content-encoding: gzip
etag: W/"6ffabec4290a76154425808d40c0b9bc"
x-amz-request-id: 0J1SKRS4339J5QY8
date: Mon, 23 Sep 2024 17:38:12 GMT
content-type: application/x-javascript
last-modified: Thu, 29 Aug 2024 15:57:17 GMT
server: openresty/1.21.4.1
x-amz-server-side-encryption: AES256

GET
H2 200 fp.js Show response
7ool.net/richpartners/pops/js/ 30 KB
11 KB 93ms
93ms Script
application/x-javascript 109.200.209.143
I3DNET

General

Check archive.org

Show headers Download Go to

Full URL: https://7ool.net/richpartners/pops/js/fp.js
Requested by: Host: richinfo.co
URL: https://richinfo.co/richpartners/pops/js/richads-pu-ob.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.200.209.143 Newark, United States, ASN49544 (I3DNET, NL),
Reverse DNS
Software: openresty/1.21.4.1 /
Resource Hash: 8c6f5f092a4b4ab3a3d709a1e4ab59581c69cc6ab2de919f8d526edeb738d9a8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ar.hes-goals.io/

Response headers

x-amz-id-2: n1mx7ZHTikckMOfp5gChTo3bob6G4Yuwt0UM85ubATtYhOsAWyu1FWIJsbYKFztsh3PKYc8Lz6s=
content-encoding: gzip
etag: W/"9a03b4f00a9a0e2e99f616cf76a3ec12"
x-amz-request-id: SYJ1PE57ZP8FA3XC
date: Mon, 23 Sep 2024 17:38:13 GMT
content-type: application/x-javascript
last-modified: Thu, 29 Aug 2024 15:57:17 GMT
server: openresty/1.21.4.1
x-amz-server-side-encryption: AES256

GET
H2 200 info Show response
us.convers.link/users/ 242 B
316 B 368ms
91ms Script
application/json 2a00:1d26:c771::11
I3DNET

General

Check archive.org

Show headers Download Go to

Full URL: https://us.convers.link/users/info?callback=userinfo_rp_pu
Requested by: Host: richinfo.co
URL: https://richinfo.co/richpartners/pops/js/richads-pu-ob.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:1d26:c771::11 Newark, United States, ASN49544 (I3DNET, NL),
Reverse DNS
Software: openresty/1.21.4.1 /
Resource Hash: 7bb79c5a9b722d2a5c4c08562928514b2334e6b4dca61c676bd3e3713631f00c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ar.hes-goals.io/

Response headers

content-encoding: gzip
date: Mon, 23 Sep 2024 17:38:13 GMT
content-type: application/json;charset=UTF-8
server: openresty/1.21.4.1

GET
H2 200 md5.js Show response
7ool.net/richpartners/pops/js/ 47 KB
17 KB 96ms
96ms Script
application/x-javascript 109.200.209.143
I3DNET

General

Check archive.org

Show headers Download Go to

Full URL: https://7ool.net/richpartners/pops/js/md5.js
Requested by: Host: richinfo.co
URL: https://richinfo.co/richpartners/pops/js/richads-pu-ob.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.200.209.143 Newark, United States, ASN49544 (I3DNET, NL),
Reverse DNS
Software: openresty/1.21.4.1 /
Resource Hash: ce83db32028f370ef58605bf13bedbf32a82f34677f7fd62e17a10d8790910c5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ar.hes-goals.io/

Response headers

x-amz-id-2: GA01Xlw1wT8YJT/VVHX0OMTDtD22aRrqSW4eHLkFDtU9H91XaB9wEwSa9FX+mxc6j7ZW//W9dpQ=
content-encoding: gzip
etag: W/"957f14b329cbf0159c40d4d8a5620041"
x-amz-request-id: F5Z2D8TVEQ455Y6Q
date: Mon, 23 Sep 2024 17:38:13 GMT
content-type: application/x-javascript
last-modified: Thu, 29 Aug 2024 15:57:17 GMT
server: openresty/1.21.4.1
x-amz-server-side-encryption: AES256

GET
H2 200 b7c8d38522c8754dd5640ca0945dbba2.json Show response
cdn.adx1.com/publisher-config/ 281 B
446 B 595ms
466ms Fetch
application/octet-stream 2a01:9580:4771::12
I3DNET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adx1.com/publisher-config/b7c8d38522c8754dd5640ca0945dbba2.json
Requested by: Host: richinfo.co
URL: https://richinfo.co/richpartners/pops/js/richads-pu-ob.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:9580:4771::12 Settimo Milanese, Italy, ASN49544 (I3DNET, NL),
Reverse DNS
Software: /
Resource Hash: 3f8f7eb991dd5b1c3b16808c5bd500b049e9513b5c863cc7a21e8b2dd34c991d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
accept: application/json
Referer: https://ar.hes-goals.io/

Response headers

accept-ranges: bytes
access-control-allow-origin: https://ar.hes-goals.io
content-length: 281
etag: "9c5b002877486e4ac577c5da09af8a46"
content-type: application/octet-stream
access-control-allow-credentials: true

GET
H3 404 favicon.ico
ar.hes-goals.io/ 552 B
577 B 152ms
151ms Other
text/html 104.21.16.40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ar.hes-goals.io/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.16.40 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a980b60a8922f510d2da527e74ec9443a57dcc65444dbd6a3ae87dceb28090eb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ar.hes-goals.io/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: MISS
speculation-rules: "/cdn-cgi/speculation"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aFurlN8N8IQQm5NPlYX0M911FV9faN93uDalyx%2F8jLMswqk61%2BzWmC%2BmD6MlMqXFMKkTnq%2BT%2BeqOKiV%2BQZI4QGrHQNRNJhXtDI8Rc62t6iwA5G3rD%2BAiwcvbx16CEb%2FUN8c%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c7c4ea36b03973f-FRA
date: Mon, 23 Sep 2024 17:38:13 GMT
content-type: text/html
vary: Accept-Encoding
server: cloudflare

GET
H2 204 / Show response
8961.xml.4armn.com/ 0
77 B 373ms
316ms XHR
text/plain 5.200.15.242
I3DNET

General

Check archive.org

Show headers Download Go to

Full URL: https://8961.xml.4armn.com/?ip=2a02:6ea0:c71b:0:1012:f85e:50dc:c364&country=DEU&useragent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/129.0.0.0%20Safari/537.36&pubid=927389&siteid=347213&domain=ar.hes-goals.io&user_id=24700f9f1986800ab4fcc880530dd0ed&lang=de-DE&source=1
Requested by: Host: 7ool.net
URL: https://7ool.net/richpartners/pops/js/pu-ob.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.200.15.242 Rotterdam, Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://ar.hes-goals.io/

Response headers

access-control-allow-origin: https://ar.hes-goals.io
access-control-allow-credentials: true

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hes-goals.io/	1970-01-21 08:30:49	Name: cf_clearance Value: Bd3TpRQyYi0eETaWjeAZR8yzmEi.G3HUg8DHjxW0iMY-1727113092-1.2.1.1-2nRkjERppcI.h_nPCXaL6mqGPl3UBRqP4bk.I_SuYZNMqPT7lMyP5rlw3F5BwIDWWZe1YKcl4tWiid2cfr75Chabu3k5A_R2i2bEII.yiYUhABBXvwuFICKDTtXHvbwDUndYsnemmXxni2Dc1A8yQNU1KJq5HhrIdYIYbTqsrWgeXHh9wAEo3FStGA6KZPT6JypOnyuJ96.ciu4l5ctXaq9KS.ecdfpEBTElxhkA_SHoX4cEy14GFhkkJo5vFdNq8nsA5PQQg8RGn0wN5oGYggQsUS.5YeDnE9iJtxHtpHZkzfK_9Ae9wAT6zFjeBhy.GA0gwbqYvv67zpXWttTjg7rSGFjn_.kr_LeQ.rQUpFO5.aR1UpO5ZwgkiJG7G7NA
ar.hes-goals.io/	1970-01-20 23:46:39	Name: RP_ADVERTISER_POP_LIMIT Value: 4
ar.hes-goals.io/	1970-01-20 23:46:39	Name: RP_ADVERTISER_POP_INTERVAL_IN_SECONDS Value: 60
ar.hes-goals.io/	1970-01-20 23:46:39	Name: RP_ADVERTISER_POP_DELAY_IN_SECONDS Value: 15
ar.hes-goals.io/	1970-01-20 23:46:39	Name: RP_ADVERTISER_POP_RESET_LIMIT Value: false
ar.hes-goals.io/	1970-01-20 23:46:39	Name: RP_ADVERTISER_POP_TYPE Value: POP_UP

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	error	URL: https://ar.hes-goals.io/(Line 93) Message: Error: <svg> attribute width: Expected length, "auto".
network	error	URL: https://ar.hes-goals.io/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 9goals.live drama-tv.live live.golato.io king-shoot.live koora-lives.io kora-live-tv.io live-yalla.io yacine-app.com yacine-tv.io yalla-kora.tv yalla-lives.net yalla-lives.tv v.shoot-yalla.pro yalla-shoote.tv kora.yalla-shoots.tv top.yalla-games.net yalla-shoot-tv.vip
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM 9goals.live drama-tv.live live.golato.io king-shoot.live koora-lives.io kora-live-tv.io live-yalla.io yacine-app.com yacine-tv.io yalla-kora.tv yalla-lives.net yalla-lives.tv v.shoot-yalla.pro yalla-shoote.tv kora.yalla-shoots.tv top.yalla-games.net yalla-shoot-tv.vip
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7ool.net
8961.xml.4armn.com
ar.hes-goals.io
cdn.adx1.com
richinfo.co
us.convers.link
104.21.16.40
109.200.199.110
109.200.209.143
2a00:1d26:c771::11
2a01:9580:4771::12
5.200.15.242
0b7aada9e1e5c89ef3052d1c0f0bde589361a0518474504406f3837b78ec50c2
0ddbe1fdf8396b6508783ebf1be8d34069e0a5e87df4df7e430ea79efde174e3
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
3f0df70633344700d448a55250681622efa844b9d37a8044f27f10fb8537ae09
3f8f7eb991dd5b1c3b16808c5bd500b049e9513b5c863cc7a21e8b2dd34c991d
561bf896d48f10ffddc4a5f5e06223a60765a2db34218d80fc26c7aa914affe0
57787303796f1e3ac797cc338df55f604885d714794887fed21d01b9fed9799e
585df346ecf1ce4f159275267f798cd3fbe7fbb13815b0e4ea7e3dfeae721e84
6d7f57be01ebc67f1e00dd55156ac0c898453ec4c1f345454558311a7df91378
7bb79c5a9b722d2a5c4c08562928514b2334e6b4dca61c676bd3e3713631f00c
8c6f5f092a4b4ab3a3d709a1e4ab59581c69cc6ab2de919f8d526edeb738d9a8
940845055bdf034966722f912fa2a1aa56fdd3e64591d4745a0ee053ba4c8726
a980b60a8922f510d2da527e74ec9443a57dcc65444dbd6a3ae87dceb28090eb
af9c5327457622eaf9ade23e161a42e323a2aa3fadefc2b24de4da02bc280449
c39c8d0dcda1f17ae8bca626b1872322d8ed90480596814699e3bd4a4fa290aa
ce83db32028f370ef58605bf13bedbf32a82f34677f7fd62e17a10d8790910c5
e2f8abb76c1c27bfbc0eb9872a2ff01761f612f1ac09446ba6e7c4697bd6e245
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e508ba88a55e7a3cb0ec8a7730caba97725d5cf9741a243d59bae6e36d3b3863
e60b82308f9a6269c53e7a5e515caee48c2f4bed4aa1987caca500bbc5746e53
ec70954d5da833768440a6fcb8d785e0ab559d6e8b87055fc83237ecde887ff2

ar.hes-goals.io Open in urlscan Pro 104.21.16.40 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

12 Requests

92 %HTTPS

33 %IPv6

6 Domains

6 Subdomains

7 IPs

4 Countries

98 kBTransfer

252 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

6 Cookies

2 Console Messages

Security Headers

Indicators

ar.hes-goals.io Open in urlscan Pro
104.21.16.40 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

92 %
HTTPS

33 %
IPv6

6
Domains

6
Subdomains

7
IPs

4
Countries

98 kB
Transfer

252 kB
Size

6
Cookies

12 HTTP transactions
10 data transactions