heroesneverlose.com Open in urlscan Pro
23.226.8.98 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://heroesneverlose.com/
Submission: On August 05 via manual (August 5th 2022, 1:04:53 am UTC) from US — Scanned from DE

Summary HTTP 159 Redirects Links 48 Behaviour Indicators

Summary

This website contacted 24 IPs in 7 countries across 21 domains to perform 159 HTTP transactions. The main IP is 23.226.8.98, located in Hong Kong and belongs to UDOMAIN-AS-AP UDomain Web Hosting Company Ltd, HK. The main domain is heroesneverlose.com.

This is the only time heroesneverlose.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Target (Retail)

Domain & IP information

	IP Address	AS Autonomous System
18	23.226.8.98 23.226.8.98	23881 (UDOMAIN-A...) (UDOMAIN-AS-AP UDomain Web Hosting Company Ltd)
3	2606:4700:303... 2606:4700:3035::6815:248e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	47.253.50.2 47.253.50.2	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
10	2a02:26f0:350... 2a02:26f0:3500:58e::9b6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
43	35.215.138.177 35.215.138.177	15169 (GOOGLE) (GOOGLE)
16	151.101.66.180 151.101.66.180	54113 (FASTLY) (FASTLY)
1	23.35.236.247 23.35.236.247	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	183.131.207.66 183.131.207.66	136190 (CHINATELE...) (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA)
7	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1	151.101.194.132 151.101.194.132	54113 (FASTLY) (FASTLY)
1 2	52.205.53.141 52.205.53.141	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
1	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
4	2a02:26f0:350... 2a02:26f0:3500:585::4469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	213.254.244.105 213.254.244.105	36062 (DOUBLE-VE...) (DOUBLE-VERIFY)
5	188.114.96.12 188.114.96.12	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
159	24

18 23.226.8.98 (Hong Kong)

ASN23881 (UDOMAIN-AS-AP UDomain Web Hosting Company Ltd, HK)

heroesneverlose.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3035::6815:248e (United States)

ASN13335 (CLOUDFLARENET, US)

bd51static.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.253.50.2 (United States)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

sdk.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:26f0:3500:58e::9b6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

target.scene7.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 35.215.138.177 (Central, Hong Kong)

ASN15169 (GOOGLE, US)
PTR: 177.138.215.35.bc.googleusercontent.com

www.168xykai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 151.101.66.180 (United States)

ASN54113 (FASTLY, US)

api.target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.targetimg1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
taglocker.target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gsp.target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.247 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 183.131.207.66 (China)

ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN)

collect-v6.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.132 (United States)

ASN54113 (FASTLY, US)

staging-ps.ispot.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.205.53.141 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-53-141.compute-1.amazonaws.com

idx.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

5aeab1945e94cf3389005b1eff28f292.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)

as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:3500:585::4469 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 213.254.244.105 (United States)

ASN36062 (DOUBLE-VERIFY, US)

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpsc-frc.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 188.114.96.12 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

api.api68.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	168xykai.com www.168xykai.com	786 KB
18	heroesneverlose.com heroesneverlose.com	1 MB
14	googlesyndication.com 5aeab1945e94cf3389005b1eff28f292.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 160 pagead2.googlesyndication.com — Cisco Umbrella Rank: 124	243 KB
10	targetimg1.com assets.targetimg1.com — Cisco Umbrella Rank: 10846 Failed	422 KB
10	scene7.com target.scene7.com — Cisco Umbrella Rank: 4394	301 KB
8	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 475 tps.doubleverify.com — Cisco Umbrella Rank: 487 tpsc-frc.doubleverify.com — Cisco Umbrella Rank: 10313	220 KB
7	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 222	144 KB
6	target.com api.target.com — Cisco Umbrella Rank: 7392 redsky.target.com Failed redoak.target.com Failed typeahead.target.com Failed taglocker.target.com — Cisco Umbrella Rank: 15067 gsp.target.com — Cisco Umbrella Rank: 10840 Failed	2 KB
5	api68.com api.api68.com — Cisco Umbrella Rank: 601264	6 KB
5	51.la sdk.51.la — Cisco Umbrella Rank: 56638 collect-v6.51.la — Cisco Umbrella Rank: 56553	15 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 187	115 KB
3	bd51static.com bd51static.com	4 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 98 www.google.com — Cisco Umbrella Rank: 10	2 KB
2	liadm.com 1 redirects idx.liadm.com — Cisco Umbrella Rank: 3114	687 B
2	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 401	806 B
1	casalemedia.com as-sec.casalemedia.com — Cisco Umbrella Rank: 1330	578 B
1	google.de adservice.google.de — Cisco Umbrella Rank: 8117	792 B
1	ispot.tv staging-ps.ispot.tv — Cisco Umbrella Rank: 260835	430 B
1	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 592	33 KB
0	rlcdn.com Failed api.rlcdn.com Failed
0	adsrvr.org Failed match.adsrvr.org Failed
159	21

	Domain	Requested by
43	www.168xykai.com	heroesneverlose.com www.168xykai.com
18	heroesneverlose.com	heroesneverlose.com
10	assets.targetimg1.com	heroesneverlose.com
10	target.scene7.com	heroesneverlose.com
7	tpc.googlesyndication.com	5aeab1945e94cf3389005b1eff28f292.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
7	securepubads.g.doubleclick.net	www.googletagservices.com heroesneverlose.com 5aeab1945e94cf3389005b1eff28f292.safeframe.googlesyndication.com
5	api.api68.com	www.168xykai.com
4	pagead2.googlesyndication.com	heroesneverlose.com tpc.googlesyndication.com
4	cdn.doubleverify.com	5aeab1945e94cf3389005b1eff28f292.safeframe.googlesyndication.com heroesneverlose.com
4	collect-v6.51.la	heroesneverlose.com
3	5aeab1945e94cf3389005b1eff28f292.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	gsp.target.com	heroesneverlose.com
3	www.googletagservices.com	heroesneverlose.com 5aeab1945e94cf3389005b1eff28f292.safeframe.googlesyndication.com
3	bd51static.com	heroesneverlose.com
2	tpsc-frc.doubleverify.com	cdn.doubleverify.com
2	tps.doubleverify.com	cdn.doubleverify.com
2	idx.liadm.com	1 redirects heroesneverlose.com
2	gum.criteo.com	1 redirects heroesneverlose.com
2	taglocker.target.com	heroesneverlose.com
1	www.google.com	tpc.googlesyndication.com
1	as-sec.casalemedia.com	heroesneverlose.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	staging-ps.ispot.tv	heroesneverlose.com
1	js-sec.indexww.com	heroesneverlose.com
1	api.target.com	heroesneverlose.com
1	sdk.51.la	heroesneverlose.com
0	api.rlcdn.com Failed	heroesneverlose.com
0	match.adsrvr.org Failed	heroesneverlose.com
0	typeahead.target.com Failed	heroesneverlose.com
0	redoak.target.com Failed	heroesneverlose.com
0	redsky.target.com Failed	heroesneverlose.com
159	32

This site contains links to these domains. Also see Links.

Domain
weeklyad.target.com
www.target.com
www.cvs.com
corporate.target.com
help.target.com
roundel.com
www.bullseyeshop.com
investors.target.com
partners.target.com
plus.target.com
contactus.target.com
security.target.com
www.pinterest.com
www.facebook.com
www.instagram.com
www.twitter.com
www.youtube.com
www.tiktok.com
814146.com
es-csqz.com
disizm.com
gracemanpeter.com
birthl.com
huawenes.com
shangmsh.com
yangletou.com
trip92.com
bebsns.com
palmbeachstylist.com
azz1664blanc.com
dsn151.com

Subject Issuer	Validity	Valid
*.scene7.com DigiCert SHA2 Secure Server CA	`2022-01-23` - `2023-01-24`	a year	crt.sh
www.168xykai.com R3	`2022-06-21` - `2022-09-19`	3 months	crt.sh
opus.target.com GlobalSign Atlas R3 OV TLS CA 2022 Q2	`2022-05-18` - `2023-06-19`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.ispot.tv R3	`2022-07-18` - `2022-10-16`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-24` - `2023-06-23`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.doubleverify.com DigiCert SHA2 Secure Server CA	`2021-12-23` - `2022-12-23`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh

This page contains 10 frames:

Primary Page: http://heroesneverlose.com/
Frame ID: 7B7A45A22FCAA575E3F44045338E59A9
Requests: 82 HTTP requests in this frame

Frame: https://www.168xykai.com/webapp/html/aozxy5/index.html
Frame ID: 4669A3A616AAD338DCCA3C3D6836A7B9
Requests: 28 HTTP requests in this frame

Frame: https://5aeab1945e94cf3389005b1eff28f292.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 286E85D289043B998FF6C264E8850754
Requests: 1 HTTP requests in this frame

Frame: https://5aeab1945e94cf3389005b1eff28f292.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8E5F63392723472705B893218E512D29
Requests: 7 HTTP requests in this frame

Frame: https://5aeab1945e94cf3389005b1eff28f292.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D8588171DDC8D78A83BE839C91D42048
Requests: 7 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements2957.js
Frame ID: 2D3D4770804F589E812D5728E0F0AA0C
Requests: 3 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements2957.js
Frame ID: 485A1AE3366F9DB1DAC1C3D38EDBC1F3
Requests: 3 HTTP requests in this frame

Frame: https://www.168xykai.com/webapp/js/lib/video/SSC/azxy5_index.html
Frame ID: 019E39A3CF451F7F36D69CF6C46EB9C8
Requests: 20 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C6DD1D61EE8973E11E2CE8CDAE5FA85E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D47805BF2A05390137F652C7E21D5871
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

澳洲幸运5|澳洲五查询|澳洲5记录|澳洲幸运官网开奖|Target : Expect More. Pay Less.

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

159
Requests

70 %
HTTPS

48 %
IPv6

21
Domains

32
Subdomains

24
IPs

7
Countries

3399 kB
Transfer

9908 kB
Size

17
Cookies

48 Outgoing links

These are links going to different origins than the main page.

URL: https://weeklyad.target.com/
Title: Weekly Ad

Search URL Search Domain Scan URL

URL: https://www.target.com/yr/crush?lnk=acct_nav_crush
Title: Favorites

Search URL Search Domain Scan URL

URL: https://www.target.com/account/orders
Title: Orders

Search URL Search Domain Scan URL

URL: https://www.target.com/yr/crush
Title: Favorites

Search URL Search Domain Scan URL

URL: https://www.cvs.com/immunizations/covid-19-vaccine
Title: COVID-19 vaccines now available Make an appointment for your free vaccine through CVS Pharmacy® at Target. No cost with insurance or through a federal program for the uninsured.

Search URL Search Domain Scan URL

URL: https://corporate.target.com/corporate-responsibility/sustainability-strategy
Title: Target ForwardLet’s move toward a more equitable & regenerative future together. Explore our sustainability strategy.

Search URL Search Domain Scan URL

URL: https://corporate.target.com/about/purpose-history/our-commitments
Title: Our commitmentsLearn more about our commitments to ethics, human rights & more across our business.

Search URL Search Domain Scan URL

URL: https://www.target.com/c/target-privacy-policy/-/N-4sr7p
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://help.target.com/help/subcategoryarticle?childcat=Current+promotions&parentcat=Promotions+%26+Coupons&searchQuery=search+help
Title: *See offer details. Restrictions apply. Pricing, promotions and availability may vary by location and at Target.com

Search URL Search Domain Scan URL

URL: https://corporate.target.com/careers/
Title: Careers

Search URL Search Domain Scan URL

URL: https://corporate.target.com/#?lnk=fnav_t_spc_1_7
Title: News & Blog

Search URL Search Domain Scan URL

URL: https://corporate.target.com/about/products-services/Target-Brands
Title: Target Brands

Search URL Search Domain Scan URL

URL: https://roundel.com/?utm_source=Referral&utm_medium=Targetwebsite&utm_campaign=advertisewithus
Title: Advertise with Us

Search URL Search Domain Scan URL

URL: https://www.bullseyeshop.com/
Title: Bullseye Shop

Search URL Search Domain Scan URL

URL: https://corporate.target.com/about/purpose-history/our-commitments/target-coronavirus-hub
Title: Target's Coronavirus Response

Search URL Search Domain Scan URL

URL: https://corporate.target.com/corporate-responsibility
Title: Corporate Responsibility

Search URL Search Domain Scan URL

URL: https://corporate.target.com/press
Title: Pressroom

Search URL Search Domain Scan URL

URL: https://investors.target.com/investors?c=65828&p=irol-IRHome
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://partners.target.com/
Title: Affiliates & Partners

Search URL Search Domain Scan URL

URL: https://corporate.target.com/about/products-services/suppliers#?lnk=fnav_t_spc_1_16
Title: Suppliers

Search URL Search Domain Scan URL

URL: https://plus.target.com/
Title: TargetPlus

Search URL Search Domain Scan URL

URL: https://help.target.com/help
Title: Target Help

Search URL Search Domain Scan URL

URL: https://help.target.com/help/productrecallpage?childcat=Product+recalls&parentcat=news+%26+safety&searchQuery=search+help
Title: Recalls

Search URL Search Domain Scan URL

URL: https://contactus.target.com/ContactUs?Con=ContactUs&searchQuery=search+help
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://help.target.com/help/subcategoryarticle?parentcat=Compliance&childcat=Accessibility&lnk=fnav_t_spc_1_21
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://security.target.com/
Title: Security & Fraud

Search URL Search Domain Scan URL

URL: https://help.target.com/help/subcategoryarticle?childcat=Size+charts&parentcat=Product+Support+%26+Services&searchQuery=search+help
Title: Size Charts

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/target

Search URL Search Domain Scan URL

URL: https://www.facebook.com/target

Search URL Search Domain Scan URL

URL: https://www.instagram.com/target

Search URL Search Domain Scan URL

URL: https://www.twitter.com/Target

Search URL Search Domain Scan URL

URL: https://www.youtube.com/target

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@target

Search URL Search Domain Scan URL

URL: https://help.target.com/help/subcategoryarticle?childcat=CA+Transparency+in+Supply+Chains+Act&parentcat=Compliance
Title: CA Supply Chain

Search URL Search Domain Scan URL

URL: http://help.target.com/help/productrecallpage?childcat=Product+recalls&parentcat=news+%26+safety&searchQuery=search+help
Title: Recalls

Search URL Search Domain Scan URL

URL: http://814146.com/
Title: 168极速赛车官方网站

Search URL Search Domain Scan URL

URL: http://es-csqz.com/
Title: 幸运飞飞艇官网开奖网址

Search URL Search Domain Scan URL

URL: http://disizm.com/
Title: 168极速赛车在线开奖官方网站

Search URL Search Domain Scan URL

URL: http://gracemanpeter.com/
Title: 澳洲幸运8开奖直播结

Search URL Search Domain Scan URL

URL: http://birthl.com/
Title: 澳洲5历史开奖记录官方网app

Search URL Search Domain Scan URL

URL: http://huawenes.com/
Title: 幸运飞艇168官方开奖网

Search URL Search Domain Scan URL

URL: http://shangmsh.com/
Title: 澳洲幸运8历史查询

Search URL Search Domain Scan URL

URL: http://yangletou.com/
Title: 一分钟极速赛车官网

Search URL Search Domain Scan URL

URL: http://trip92.com/
Title: 幸运飞艇开奖历史号码

Search URL Search Domain Scan URL

URL: http://bebsns.com/
Title: 极速赛车开奖历史记录

Search URL Search Domain Scan URL

URL: http://palmbeachstylist.com/
Title: 澳洲幸运10

Search URL Search Domain Scan URL

URL: http://azz1664blanc.com/
Title: 澳洲幸运5分彩开奖记录

Search URL Search Domain Scan URL

URL: https://dsn151.com/
Title: 彩票官网

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49

https://gum.criteo.com/sync?c=347&r=3&a=1 HTTP 302
https://gum.criteo.com/sync?s=1&c=347&r=3&a=1

Request Chain 90

http://idx.liadm.com/idex/ie/any HTTP 308
https://idx.liadm.com/idex/ie/any

159 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
heroesneverlose.com/ 383 KB
75 KB 664ms
201ms Document
text/html 23.226.8.98
UDOMAIN-AS-AP UDo...

General

Check archive.org

Show headers Download Go to

Full URL: http://heroesneverlose.com/
Protocol: HTTP/1.1
Server: 23.226.8.98 , Hong Kong, ASN23881 (UDOMAIN-AS-AP UDomain Web Hosting Company Ltd, HK),
Reverse DNS
Software: nginx /
Resource Hash: a9dd42bf071ee7b8446dc6ec88643c23bdf86f75aa1bef96cd40c0cb9fa04ff0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Fri, 05 Aug 2022 01:04:45 GMT
ETag: W/"61d94a6c-5fdc5"
Last-Modified: Sat, 08 Jan 2022 08:25:16 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK ssx.mod0df9.js Show response
heroesneverlose.com/images/ 979 B
1 KB 1274ms
199ms Script
application/javascript 23.226.8.98
UDOMAIN-AS-AP UDo...

General

Check archive.org

Show headers Download Go to

Full URL: http://heroesneverlose.com/images/ssx.mod0df9.js?async
Requested by: Host: heroesneverlose.com
URL: http://heroesneverlose.com/
Protocol: HTTP/1.1
Server: 23.226.8.98 , Hong Kong, ASN23881 (UDOMAIN-AS-AP UDomain Web Hosting Company Ltd, HK),
Reverse DNS
Software: nginx /
Resource Hash: 046792693897976abb56b2c35ff75cb9d23967689c13490f197c7283280d00d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 05 Aug 2022 01:04:46 GMT
Last-Modified: Fri, 07 Jan 2022 10:47:04 GMT
Server: nginx
ETag: "61d81a28-3d3"
Content-Type: application/javascript
Cache-Control: max-age=43200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 979
Expires: Fri, 05 Aug 2022 13:04:46 GMT

GET
H/1.1 200
OK web.4aadc855.js Show response
heroesneverlose.com/images/ 167 KB
52 KB 386ms
194ms Script
application/javascript 23.226.8.98
UDOMAIN-AS-AP UDo...

General

Check archive.org

Show headers Download Go to

Full URL: http://heroesneverlose.com/images/web.4aadc855.js
Requested by: Host: heroesneverlose.com
URL: http://heroesneverlose.com/
Protocol: HTTP/1.1
Server: 23.226.8.98 , Hong Kong, ASN23881 (UDOMAIN-AS-AP UDomain Web Hosting Company Ltd, HK),
Reverse DNS
Software: nginx /
Resource Hash: 1a0a0635fb1e006c86a6829a8819d9f16c5d092bed071dd1b1936dc93ded8b7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 05 Aug 2022 01:04:46 GMT
Content-Encoding: gzip
Last-Modified: Tue, 14 Dec 2021 01:13:18 GMT
Server: nginx
ETag: W/"61b7efae-29ac5"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 05 Aug 2022 13:04:46 GMT

GET
H/1.1 200
OK nicollet.0cbdb86d.js Show response
heroesneverlose.com/images/ 174 KB
51 KB 428ms
230ms Script
application/javascript 23.226.8.98
UDOMAIN-AS-AP UDo...

General

Check archive.org

Show headers Download Go to

Full URL: http://heroesneverlose.com/images/nicollet.0cbdb86d.js
Requested by: Host: heroesneverlose.com
URL: http://heroesneverlose.com/
Protocol: HTTP/1.1
Server: 23.226.8.98 , Hong Kong, ASN23881 (UDOMAIN-AS-AP UDomain Web Hosting Company Ltd, HK),
Reverse DNS
Software: nginx /
Resource Hash: 39132c14b5a679cded4d3716ce574c2fd7f7dfe195567b667f6a7ca8e09d7f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 05 Aug 2022 01:04:46 GMT
Content-Encoding: gzip
Last-Modified: Tue, 14 Dec 2021 01:13:18 GMT
Server: nginx
ETag: W/"61b7efae-2b82c"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 05 Aug 2022 13:04:46 GMT

GET
H/1.1 200
OK vendor.c5fc56c9.js Show response
heroesneverlose.com/images/ 855 KB
302 KB 407ms
208ms Script
application/javascript 23.226.8.98
UDOMAIN-AS-AP UDo...

General

Check archive.org

Show headers Download Go to

Full URL: http://heroesneverlose.com/images/vendor.c5fc56c9.js
Requested by: Host: heroesneverlose.com
URL: http://heroesneverlose.com/
Protocol: HTTP/1.1
Server: 23.226.8.98 , Hong Kong, ASN23881 (UDOMAIN-AS-AP UDomain Web Hosting Company Ltd, HK),
Reverse DNS
Software: nginx /
Resource Hash: 478d0bbd46898117c0c6c969a2b02f15892f485fdf1189e615596593231b6523

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 05 Aug 2022 01:04:46 GMT
Content-Encoding: gzip
Last-Modified: Tue, 14 Dec 2021 01:13:19 GMT
Server: nginx
ETag: W/"61b7efaf-d5ce5"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 05 Aug 2022 13:04:46 GMT

GET
H/1.1 200
OK client.b33bca79.js Show response
heroesneverlose.com/images/ 1 MB
428 KB 435ms
237ms Script
application/javascript 23.226.8.98
UDOMAIN-AS-AP UDo...

General

Check archive.org

Show headers Download Go to

Full URL: http://heroesneverlose.com/images/client.b33bca79.js
Requested by: Host: heroesneverlose.com
URL: http://heroesneverlose.com/
Protocol: HTTP/1.1
Server: 23.226.8.98 , Hong Kong, ASN23881 (UDOMAIN-AS-AP UDomain Web Hosting Company Ltd, HK),
Reverse DNS
Software: nginx /
Resource Hash: 90f756d8c92a5128c97bd2f9529d12aa9a389114a0a9f46440ac2ba052483626

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 05 Aug 2022 01:04:46 GMT
Content-Encoding: gzip
Last-Modified: Mon, 03 Jan 2022 20:45:13 GMT
Server: nginx
ETag: W/"61d36059-171461"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 05 Aug 2022 13:04:46 GMT

GET
H/1.1 200
OK default_axiom_axiom-advanced-returns_axiom-batch_brands_gift-card_gift-card-balance_home_order-track_cf849c24.98d69e40.js Show response
heroesneverlose.com/images/ 52 KB
11 KB 471ms
270ms Script
application/javascript 23.226.8.98
UDOMAIN-AS-AP UDo...

General

Check archive.org

Show headers Download Go to

Full URL: http://heroesneverlose.com/images/default_axiom_axiom-advanced-returns_axiom-batch_brands_gift-card_gift-card-balance_home_order-track_cf849c24.98d69e40.js
Requested by: Host: heroesneverlose.com
URL: http://heroesneverlose.com/
Protocol: HTTP/1.1
Server: 23.226.8.98 , Hong Kong, ASN23881 (UDOMAIN-AS-AP UDomain Web Hosting Company Ltd, HK),
Reverse DNS
Software: nginx /
Resource Hash: e79c6e8abe5bbf62f7bdb994e8ce35dac5fa4970f8201a4b3695cb7083cffb88

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 05 Aug 2022 01:04:46 GMT
Content-Encoding: gzip
Last-Modified: Tue, 14 Dec 2021 01:13:14 GMT
Server: nginx
ETag: W/"61b7efaa-cf71"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 05 Aug 2022 13:04:46 GMT

GET
H/1.1 200
OK home.6dadbe60.js Show response
heroesneverlose.com/images/ 17 KB
6 KB 576ms
194ms Script
application/javascript 23.226.8.98
UDOMAIN-AS-AP UDo...

General

Check archive.org

Show headers Download Go to

Full URL: http://heroesneverlose.com/images/home.6dadbe60.js
Requested by: Host: heroesneverlose.com
URL: http://heroesneverlose.com/
Protocol: HTTP/1.1
Server: 23.226.8.98 , Hong Kong, ASN23881 (UDOMAIN-AS-AP UDomain Web Hosting Company Ltd, HK),
Reverse DNS
Software: nginx /
Resource Hash: 54c871fcad054977c3ae7fa603a999d734dd3260d04cdbc2b997366e5c9a9410

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 05 Aug 2022 01:04:46 GMT
Content-Encoding: gzip
Last-Modified: Tue, 14 Dec 2021 01:13:15 GMT
Server: nginx
ETag: W/"61b7efab-4575"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 05 Aug 2022 13:04:46 GMT

GET
H/1.1 200
OK vendors_aisles-products-container_bia-carousel_brands_cart-routing-page_choose-options-content_choos_8ac81c83.11550f16.js Show response
heroesneverlose.com/images/ 17 KB
4 KB 673ms
199ms Script
application/javascript 23.226.8.98
UDOMAIN-AS-AP UDo...

General

Check archive.org

Show headers Download Go to

Full URL: http://heroesneverlose.com/images/vendors_aisles-products-container_bia-carousel_brands_cart-routing-page_choose-options-content_choos_8ac81c83.11550f16.js
Requested by: Host: heroesneverlose.com
URL: http://heroesneverlose.com/
Protocol: HTTP/1.1
Server: 23.226.8.98 , Hong Kong, ASN23881 (UDOMAIN-AS-AP UDomain Web Hosting Company Ltd, HK),
Reverse DNS
Software: nginx /
Resource Hash: 01a93dfbac49ab4011cc775caeaacb982c7c4d99fd58881a5ca39e5f3666c5cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 05 Aug 2022 01:04:46 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Dec 2021 23:01:40 GMT
Server: nginx
ETag: W/"61b13954-4589"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 05 Aug 2022 13:04:46 GMT

GET
H/1.1 200
OK vendors_aisles-products-container_beautyarcontainer_bia-carousel_bundle-filmstrip-exp-2367_cart-rout_f770c74d.003e5fd6.js Show response
heroesneverlose.com/images/ 38 KB
13 KB 772ms
194ms Script
application/javascript 23.226.8.98
UDOMAIN-AS-AP UDo...

General

Check archive.org

Show headers Download Go to

Full URL: http://heroesneverlose.com/images/vendors_aisles-products-container_beautyarcontainer_bia-carousel_bundle-filmstrip-exp-2367_cart-rout_f770c74d.003e5fd6.js
Requested by: Host: heroesneverlose.com
URL: http://heroesneverlose.com/
Protocol: HTTP/1.1
Server: 23.226.8.98 , Hong Kong, ASN23881 (UDOMAIN-AS-AP UDomain Web Hosting Company Ltd, HK),
Reverse DNS
Software: nginx /
Resource Hash: 809620cef78af3e67e7f6c3deb2919aa90d07347178bae77791a723624981ede

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 05 Aug 2022 01:04:46 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Dec 2021 23:01:40 GMT
Server: nginx
ETag: W/"61b13954-9639"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 05 Aug 2022 13:04:46 GMT

GET
H/1.1 200
OK vendors_aisles-products-container_bia-carousel_choose-options-content_content_custom-plp_deal-detail_51e04b4a.e233ea5c.js Show response
heroesneverlose.com/images/ 10 KB
3 KB 873ms
199ms Script
application/javascript 23.226.8.98
UDOMAIN-AS-AP UDo...

General

Check archive.org

Show headers Download Go to

Full URL: http://heroesneverlose.com/images/vendors_aisles-products-container_bia-carousel_choose-options-content_content_custom-plp_deal-detail_51e04b4a.e233ea5c.js
Requested by: Host: heroesneverlose.com
URL: http://heroesneverlose.com/
Protocol: HTTP/1.1
Server: 23.226.8.98 , Hong Kong, ASN23881 (UDOMAIN-AS-AP UDomain Web Hosting Company Ltd, HK),
Reverse DNS
Software: nginx /
Resource Hash: 69306c3dd976f4d8e0c29cbddd3c9ca2264ed87e829001dcd2628d4e1a030786

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 05 Aug 2022 01:04:46 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Dec 2021 23:01:40 GMT
Server: nginx
ETag: W/"61b13954-28ec"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 05 Aug 2022 13:04:46 GMT

GET
H/1.1 200
OK vendors_ar-filmstrip_bulk-box_content_delivery-hub-search-modal_exp-1705_lazy-recs-component_order-l_1a340b4b.1723a01c.js Show response
heroesneverlose.com/images/ 20 KB
6 KB 960ms
192ms Script
application/javascript 23.226.8.98
UDOMAIN-AS-AP UDo...

General

Check archive.org

Show headers Download Go to

Full URL: http://heroesneverlose.com/images/vendors_ar-filmstrip_bulk-box_content_delivery-hub-search-modal_exp-1705_lazy-recs-component_order-l_1a340b4b.1723a01c.js
Requested by: Host: heroesneverlose.com
URL: http://heroesneverlose.com/
Protocol: HTTP/1.1
Server: 23.226.8.98 , Hong Kong, ASN23881 (UDOMAIN-AS-AP UDomain Web Hosting Company Ltd, HK),
Reverse DNS
Software: nginx /
Resource Hash: 733daa7484751548c4eec2749ef727cf72da020952bd868f6b7c78fb7564be88

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 05 Aug 2022 01:04:46 GMT
Content-Encoding: gzip
Last-Modified: Wed, 11 Aug 2021 19:47:26 GMT
Server: nginx
ETag: W/"6114294e-50e4"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 05 Aug 2022 13:04:46 GMT

GET
H/1.1 200
OK content.f787458e.js Show response
heroesneverlose.com/images/ 417 KB
120 KB 969ms
196ms Script
application/javascript 23.226.8.98
UDOMAIN-AS-AP UDo...

General

Check archive.org

Show headers Download Go to

Full URL: http://heroesneverlose.com/images/content.f787458e.js
Requested by: Host: heroesneverlose.com
URL: http://heroesneverlose.com/
Protocol: HTTP/1.1
Server: 23.226.8.98 , Hong Kong, ASN23881 (UDOMAIN-AS-AP UDomain Web Hosting Company Ltd, HK),
Reverse DNS
Software: nginx /
Resource Hash: ddbbac1ac090468fa41ce9b50b5c4bd86435866bd7cc1a0ead560ca55733e56f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 05 Aug 2022 01:04:46 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Dec 2021 18:32:53 GMT
Server: nginx
ETag: W/"61bb8655-685fa"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 05 Aug 2022 13:04:46 GMT

GET
H/1.1 200
OK default_ar-filmstrip_bulk-box_exp-1705_lazy-recs-component_recently-viewed_sapphire-2527-personalize_46dcc199.f96801dc.js Show response
heroesneverlose.com/images/ 22 KB
8 KB 1018ms
198ms Script
application/javascript 23.226.8.98
UDOMAIN-AS-AP UDo...

General

Check archive.org

Show headers Download Go to

Full URL: http://heroesneverlose.com/images/default_ar-filmstrip_bulk-box_exp-1705_lazy-recs-component_recently-viewed_sapphire-2527-personalize_46dcc199.f96801dc.js
Requested by: Host: heroesneverlose.com
URL: http://heroesneverlose.com/
Protocol: HTTP/1.1
Server: 23.226.8.98 , Hong Kong, ASN23881 (UDOMAIN-AS-AP UDomain Web Hosting Company Ltd, HK),
Reverse DNS
Software: nginx /
Resource Hash: afe7c81e459667fb7addee71da365e8941bfa065e63438018d861351cfc0d33d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 05 Aug 2022 01:04:46 GMT
Content-Encoding: gzip
Last-Modified: Fri, 12 Nov 2021 18:03:43 GMT
Server: nginx
ETag: W/"618eac7f-57d2"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 05 Aug 2022 13:04:46 GMT

GET
H/1.1 200
OK default_sapphire-2527-personalized-ugc-home_sapphire-2528-personalized-ugc-category_ugc-content.30e5b312.js Show response
heroesneverlose.com/images/ 15 KB
5 KB 1072ms
199ms Script
application/javascript 23.226.8.98
UDOMAIN-AS-AP UDo...

General

Check archive.org

Show headers Download Go to

Full URL: http://heroesneverlose.com/images/default_sapphire-2527-personalized-ugc-home_sapphire-2528-personalized-ugc-category_ugc-content.30e5b312.js
Requested by: Host: heroesneverlose.com
URL: http://heroesneverlose.com/
Protocol: HTTP/1.1
Server: 23.226.8.98 , Hong Kong, ASN23881 (UDOMAIN-AS-AP UDomain Web Hosting Company Ltd, HK),
Reverse DNS
Software: nginx /
Resource Hash: 0a81ea919d1a25e409516fd6518af325fde9d7718e6dc84c38fb696c607ef0d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 05 Aug 2022 01:04:46 GMT
Content-Encoding: gzip
Last-Modified: Fri, 03 Dec 2021 01:46:56 GMT
Server: nginx
ETag: W/"61a97710-3b52"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 05 Aug 2022 13:04:46 GMT

GET
H/1.1 200
OK ugc-content.d57b9380.js Show response
heroesneverlose.com/images/ 57 KB
17 KB 1153ms
193ms Script
application/javascript 23.226.8.98
UDOMAIN-AS-AP UDo...

General

Check archive.org

Show headers Download Go to

Full URL: http://heroesneverlose.com/images/ugc-content.d57b9380.js
Requested by: Host: heroesneverlose.com
URL: http://heroesneverlose.com/
Protocol: HTTP/1.1
Server: 23.226.8.98 , Hong Kong, ASN23881 (UDOMAIN-AS-AP UDomain Web Hosting Company Ltd, HK),
Reverse DNS
Software: nginx /
Resource Hash: 9bb440bbe7f4688873a86d4b9c1dc1db13cc57210b365b269a38febbc8510ce3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 05 Aug 2022 01:04:46 GMT
Content-Encoding: gzip
Last-Modified: Tue, 14 Dec 2021 01:13:16 GMT
Server: nginx
ETag: W/"61b7efac-e3c8"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 05 Aug 2022 13:04:46 GMT

GET
H/1.1 200
OK 2er.js Show response
bd51static.com/ 1 KB
1 KB 39ms
17ms Script
application/javascript 2606:4700:3035::6815:248e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://bd51static.com/2er.js
Requested by: Host: heroesneverlose.com
URL: http://heroesneverlose.com/
Protocol: HTTP/1.1
Server: 2606:4700:3035::6815:248e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c3c6f6caa770ec53b05be3f22fe90bbe8f46545e2e554b1815b41658b491412

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 05 Aug 2022 01:04:45 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 28052
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Thu, 16 Dec 2021 08:57:28 GMT
Server: cloudflare
ETag: W/"61baff78-456"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uLqU1aHUZmBaUIFhi7HOYKuntu%2FPa85G6K%2BxkEjejVX7%2BgzPrHRglg%2Fqy3jGnMB%2F8BLZROIoDzLk5XEJNfCaU3M9XNA36iuYbB%2BvF%2B2MANCv0U3XtzDNb0MUXoRo9GgXwsufmfVnfJ2TQhDlhA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=43200
CF-RAY: 735b9ede8833bb91-FRA
Expires: Fri, 05 Aug 2022 05:17:13 GMT

GET
H/1.1 200
OK 0zq.js Show response
bd51static.com/ 554 B
1 KB 38ms
17ms Script
application/javascript 2606:4700:3035::6815:248e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://bd51static.com/0zq.js
Requested by: Host: heroesneverlose.com
URL: http://heroesneverlose.com/
Protocol: HTTP/1.1
Server: 2606:4700:3035::6815:248e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e282ece85fdead2331e1d46c6ae38d8c3a82efa65496425b75de473ff1ae310

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 05 Aug 2022 01:04:45 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 2290
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Thu, 16 Dec 2021 08:54:31 GMT
Server: cloudflare
ETag: W/"61bafec7-22a"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S4l8Yc2nv1ZxK843nZ5xHO9D%2Bkq7jHcPFY8WBvuDD8hxvs1B1gKQjat917Y58L3S2hQZQ%2F6388hhWS%2Bkfx1A7uM8UQBY8hxBfNcweE5ov8baWCH4WvIl21KMIpm%2B1Lu4NvSqZQG3%2BKZkFzJkNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=43200
CF-RAY: 735b9ede8e0f9bbe-FRA
Expires: Fri, 05 Aug 2022 12:26:34 GMT

GET
H/1.1 200
OK 000zq.js Show response
bd51static.com/ 554 B
1 KB 37ms
15ms Script
application/javascript 2606:4700:3035::6815:248e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://bd51static.com/000zq.js
Requested by: Host: heroesneverlose.com
URL: http://heroesneverlose.com/
Protocol: HTTP/1.1
Server: 2606:4700:3035::6815:248e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e7c94d6bc1fa1836b7656846998a9924de3741de5c9980fc08087a28020915c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 05 Aug 2022 01:04:45 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 30037
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Thu, 16 Dec 2021 08:56:35 GMT
Server: cloudflare
ETag: W/"61baff43-22a"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k%2BS04vU9Gh2%2Bpnh%2BcrzynvbwcqAZTV8PaqWuJTPD1v0mjmtX7GTc60liSaOFH5RGGIacC26f2A94mIRwsTdPgQp66OspwtPktC6GjJPxObD1SvHWi99xWgZMO6JVeQJL7ozdSxAA9qKcj1Nrhw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=43200
CF-RAY: 735b9ede8abf5b32-FRA
Expires: Fri, 05 Aug 2022 04:44:08 GMT

GET
H/1.1 200
OK main.js Show response
heroesneverlose.com/ 1 KB
908 B 1218ms
199ms Script
application/javascript 23.226.8.98
UDOMAIN-AS-AP UDo...

General

Check archive.org

Show headers Download Go to

Full URL: http://heroesneverlose.com/main.js
Requested by: Host: heroesneverlose.com
URL: http://heroesneverlose.com/
Protocol: HTTP/1.1
Server: 23.226.8.98 , Hong Kong, ASN23881 (UDOMAIN-AS-AP UDomain Web Hosting Company Ltd, HK),
Reverse DNS
Software: nginx /
Resource Hash: c939f66194c0917a84cf4bc054dd45a575f9b7b219b4127fe3915681c8bfd81f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 05 Aug 2022 01:04:46 GMT
Content-Encoding: gzip
Last-Modified: Sat, 30 Apr 2022 03:56:40 GMT
Server: nginx
ETag: W/"626cb378-485"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 05 Aug 2022 13:04:46 GMT

GET
H/1.1 200
OK js-sdk-pro.min.js Show response
sdk.51.la/ 34 KB
13 KB 204ms
99ms Script
application/javascript 47.253.50.2
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: http://sdk.51.la/js-sdk-pro.min.js
Requested by: Host: heroesneverlose.com
URL: http://heroesneverlose.com/
Protocol: HTTP/1.1
Server: 47.253.50.2 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: openresty /
Resource Hash: d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 05 Aug 2022 01:04:47 GMT
Content-Encoding: gzip
Last-Modified: Fri, 15 Jul 2022 04:05:56 GMT
Server: openresty
ETag: W/"62d0e7a4-861a"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=1296000
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H2 200 Wellness_Grid_Desktop-211209-1639077974803
target.scene7.com/is/image/Target/ 164 KB
164 KB 250ms
186ms Image
image/jpeg 2a02:26f0:3500:58e::9b6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://target.scene7.com/is/image/Target/Wellness_Grid_Desktop-211209-1639077974803?wid=2160&qlt=80&fmt=pjpeg

Requested by

Host: heroesneverlose.com
URL: http://heroesneverlose.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:58e::9b6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

01f555cd17b43727b8cc4cd18dedd0e733f66e5dddee1a28b002f6cf694e8836

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 01:04:47 GMT
last-modified: Thu, 09 Dec 2021 19:26:18 GMT
server: Unknown
etag: "43542a7f07fc0406649f7f1d7f144cb5"
strict-transport-security: max-age=86400
content-type: image/jpeg
access-control-allow-origin: *
content-length: 167522
expires: Fri, 05 Aug 2022 11:04:47 GMT

GET
H2 200 Wellness_SB_AIM_Djpgcopy_T-211222-1640196459617
target.scene7.com/is/image/Target/ 20 KB
20 KB 176ms
112ms Image
image/jpeg 2a02:26f0:3500:58e::9b6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://target.scene7.com/is/image/Target/Wellness_SB_AIM_Djpgcopy_T-211222-1640196459617?wid=526&qlt=80&fmt=pjpeg

Requested by

Host: heroesneverlose.com
URL: http://heroesneverlose.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:58e::9b6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

d2d6d7749d15f49caeb37cfc4170ce1d61e823627a36e7f349defd2429089646

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 01:04:47 GMT
last-modified: Wed, 22 Dec 2021 18:07:42 GMT
server: Unknown
etag: "cb744562c6ea8715497b5ac6a367f87c"
strict-transport-security: max-age=86400
content-type: image/jpeg
access-control-allow-origin: *
content-length: 20563
expires: Fri, 05 Aug 2022 11:04:47 GMT

GET
H2 200 Wellness_SB_AIM_Djpg_T-211222-1640196471023
target.scene7.com/is/image/Target/ 20 KB
20 KB 252ms
189ms Image
image/jpeg 2a02:26f0:3500:58e::9b6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://target.scene7.com/is/image/Target/Wellness_SB_AIM_Djpg_T-211222-1640196471023?wid=526&qlt=80&fmt=pjpeg

Requested by

Host: heroesneverlose.com
URL: http://heroesneverlose.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:58e::9b6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

2dd509be95d1bc89631a970c86f557f2c482ec5c42a8c3ec815b57dbd9358bea

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 01:04:47 GMT
last-modified: Wed, 22 Dec 2021 18:08:00 GMT
server: Unknown
etag: "161947fee68471a29e44483156f0f8d8"
strict-transport-security: max-age=86400
content-type: image/jpeg
access-control-allow-origin: *
content-length: 20323
expires: Fri, 05 Aug 2022 11:04:47 GMT

GET
H2 200 Wellness_SB_Fitness_Djpg-211227-1640624407360
target.scene7.com/is/image/Target/ 16 KB
16 KB 178ms
115ms Image
image/jpeg 2a02:26f0:3500:58e::9b6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://target.scene7.com/is/image/Target/Wellness_SB_Fitness_Djpg-211227-1640624407360?wid=526&qlt=80&fmt=pjpeg

Requested by

Host: heroesneverlose.com
URL: http://heroesneverlose.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:58e::9b6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

0cf298905a6876b2243e3e4c09127a089c1728d910bf171ac8bf1c5d4b954df8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 01:04:47 GMT
last-modified: Mon, 27 Dec 2021 17:00:10 GMT
server: Unknown
etag: "c14c736fe1a6949b034dabe8684e83f0"
strict-transport-security: max-age=86400
content-type: image/jpeg
access-control-allow-origin: *
content-length: 16090
expires: Fri, 05 Aug 2022 11:04:47 GMT

GET
H2 200 Wellness_SB_Nutrition_Djpg_T-211222-1640196488253
target.scene7.com/is/image/Target/ 26 KB
26 KB 260ms
197ms Image
image/jpeg 2a02:26f0:3500:58e::9b6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://target.scene7.com/is/image/Target/Wellness_SB_Nutrition_Djpg_T-211222-1640196488253?wid=526&qlt=80&fmt=pjpeg

Requested by

Host: heroesneverlose.com
URL: http://heroesneverlose.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:58e::9b6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

03b314f0ccde18fc10dee3b6359c0fd3cba040c776d9c9a2adc95b74531566d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 01:04:47 GMT
last-modified: Wed, 22 Dec 2021 18:08:15 GMT
server: Unknown
etag: "5dc4d78f7746f02c7bc3777f5eb6a551"
strict-transport-security: max-age=86400
content-type: image/jpeg
access-control-allow-origin: *
content-length: 26139
expires: Fri, 05 Aug 2022 11:04:47 GMT

GET
H2 200 index.html Show response
www.168xykai.com/webapp/html/aozxy5/ Frame 4669 34 KB
8 KB 601ms
190ms Document
text/html 35.215.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.168xykai.com/webapp/html/aozxy5/index.html

Requested by

Host: heroesneverlose.com
URL: http://heroesneverlose.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.215.138.177 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

84b939d80ed9f3f746372a752072f8f1f277c73e726b52c09341e42425b84b7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://heroesneverlose.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Fri, 05 Aug 2022 01:04:47 GMT
etag: W/"621587ca-891d"
last-modified: Wed, 23 Feb 2022 01:03:06 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ 736 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc3b0b231b86320752165cde270fb8d7ecce1f2e40b1fb8a64965c30da33e131

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=US-ASCII

GET 99ecc614-958b-457a-be15-01e00c53057A.woff2
assets.targetimg1.com/ui/fonts/ 0
0

GET 3420ab8a-6ccf-4c75-9da7-efe26f1cedAA.woff2
assets.targetimg1.com/ui/fonts/ 0
0

GET 273cae72-9365-49ab-b24f-5d8e2d5e733A.woff2
assets.targetimg1.com/ui/fonts/ 0
0

GET 273cae72-9365-49ab-b24f-5d8e2d5e733A.woff
assets.targetimg1.com/ui/fonts/ 0
0

GET 99ecc614-958b-457a-be15-01e00c53057A.woff
assets.targetimg1.com/ui/fonts/ 0
0

GET 3420ab8a-6ccf-4c75-9da7-efe26f1cedAA.woff
assets.targetimg1.com/ui/fonts/ 0
0

OPTIONS
H2 403 MEDALLIA
api.target.com/guest_global_content/v1/structured_content/ Frame 0
0 683ms
395ms Preflight 151.101.66.180
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.target.com/guest_global_content/v1/structured_content/MEDALLIA

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.180 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains;

Request headers

Accept: */*
Access-Control-Request-Headers: x-api-key
Access-Control-Request-Method: GET
Origin: http://heroesneverlose.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

accept-ranges: bytes
content-length: 0
date: Fri, 05 Aug 2022 01:04:48 GMT
strict-transport-security: max-age=16000000; includeSubDomains;
via: HTTP/1.1 Go-Proxy (Go-Proxy/2.12.3), HTTP/1.1 haproxy (api-platform), 1.1 varnish
x-api-id: ec6e8ff0b5c04a9d00dd593537454017d0ba9ef141b11593b54cdb733bcf2f73
x-b3-sampled: 0
x-b3-spanid: ce0281cd3a1a177f
x-b3-traceid: f45c0efc5bf1f7e3a5f0435d5efece58
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra19171-FRA
x-timer: S1659661488.910828,VS0,VE388

GET 99ecc614-958b-457a-be15-01e00c53057A.woff2
assets.targetimg1.com/ui/fonts/ 0
0

GET 52404
redsky.target.com/v3/stores/nearby/ 0
0

GET
H2 200 vendors~shipt-tip-drawer.4adba80b.js Show response
assets.targetimg1.com/ui/ 48 KB
12 KB 27ms
12ms Script
application/javascript 151.101.66.180
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.targetimg1.com/ui/vendors~shipt-tip-drawer.4adba80b.js

Requested by

Host: heroesneverlose.com
URL: http://heroesneverlose.com/images/client.b33bca79.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.180 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

beda50ffb37380e9bc0b802c16c12befd80cc200158460be51dea369d46f1e59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

clientgeo: DE
date: Fri, 05 Aug 2022 01:04:47 GMT
content-encoding: br
last-modified: Tue, 14 Dec 2021 01:13:22 GMT
server: UploadServer
age: 528207
etag: "a9c9c14ff36b76c9ddb62d721e0be71c"
clientip: 178.162.209.134
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 11689

GET
H2 200 shipt-tip-drawer.eb049671.js Show response
assets.targetimg1.com/ui/ 45 KB
12 KB 23ms
9ms Script
application/javascript 151.101.66.180
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.targetimg1.com/ui/shipt-tip-drawer.eb049671.js

Requested by

Host: heroesneverlose.com
URL: http://heroesneverlose.com/images/client.b33bca79.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.180 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

31b9ee97691d5c575c28a17402684407a2783e32d14b7683769046ab290c6a60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

clientgeo: DE
date: Fri, 05 Aug 2022 01:04:47 GMT
content-encoding: br
last-modified: Tue, 14 Dec 2021 01:13:21 GMT
server: UploadServer
age: 2666961
etag: "a4aad1c7208faf9c8df34dd6249b6eb8"
clientip: 178.162.209.134
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 12665

GET
H2 200 vendors~lazy-footer.71ad5748.js Show response
assets.targetimg1.com/ui/ 73 KB
20 KB 11ms
7ms Script
application/javascript 151.101.66.180
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.targetimg1.com/ui/vendors~lazy-footer.71ad5748.js

Requested by

Host: heroesneverlose.com
URL: http://heroesneverlose.com/images/client.b33bca79.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.180 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

78c32fe5f5d69190c29668c1e72dceaf733f582165a1e89f58ff7d66108862ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

clientgeo: DE
date: Fri, 05 Aug 2022 01:04:47 GMT
content-encoding: br
last-modified: Tue, 14 Dec 2021 01:13:23 GMT
server: UploadServer
age: 836567
etag: "97d8d34d4bc250692e56c97280c4c6c9"
clientip: 178.162.209.134
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 20094

GET
H2 200 lazy-footer.e1809ae3.js Show response
assets.targetimg1.com/ui/ 842 B
695 B 10ms
7ms Script
application/javascript 151.101.66.180
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.targetimg1.com/ui/lazy-footer.e1809ae3.js

Requested by

Host: heroesneverlose.com
URL: http://heroesneverlose.com/images/client.b33bca79.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.180 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

a6dd77ecea1a7beda91ec84889673721d83a12a946879fc4c4cba442ab2ecf14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

clientgeo: DE
date: Fri, 05 Aug 2022 01:04:47 GMT
content-encoding: br
last-modified: Thu, 21 Oct 2021 17:28:32 GMT
server: UploadServer
age: 2585216
etag: "3aec0ddbe604ae22b5050cf4a9184da5"
clientip: 178.162.209.134
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 476

GET
H2 200 crush-redirect-handler.f40ba832.js Show response
assets.targetimg1.com/ui/ 3 KB
1 KB 11ms
10ms Script
application/javascript 151.101.66.180
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.targetimg1.com/ui/crush-redirect-handler.f40ba832.js

Requested by

Host: heroesneverlose.com
URL: http://heroesneverlose.com/images/client.b33bca79.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.180 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

91ace93a65853b38d31565f87bc6c7cb45a675f938b771fc72bdb05804968c89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

clientgeo: DE
date: Fri, 05 Aug 2022 01:04:47 GMT
content-encoding: br
last-modified: Wed, 08 Dec 2021 23:01:45 GMT
server: UploadServer
age: 676238
etag: "a189653da55c87300ea703c71e2378aa"
clientip: 178.162.209.134
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1418

GET
H/1.1 200
OK 189336-210459012582455.js Show response
js-sec.indexww.com/ht/p/ 109 KB
33 KB 36ms
7ms Script
text/javascript 23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/189336-210459012582455.js
Requested by: Host: heroesneverlose.com
URL: http://heroesneverlose.com/images/client.b33bca79.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 1658f2df4d6ecec829a89fd58160c8c607b0be2b041799df9c06e11fffa7014b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 05 Aug 2022 01:04:47 GMT
Content-Encoding: gzip
Last-Modified: Fri, 05 Aug 2022 00:11:53 GMT
Server: Apache
ETag: "da3241-1b206-5e5735032cb08"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=589
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 33120
Expires: Fri, 05 Aug 2022 01:14:36 GMT

GET MEDALLIA
api.target.com/guest_global_content/v1/structured_content/ 0
0

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ 83 KB
29 KB 34ms
21ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: heroesneverlose.com
URL: http://heroesneverlose.com/images/vendor.c5fc56c9.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

456536908f305f1887be5fe66066f4d05797a90ee08265fec1b9c2afd3afec47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 05 Aug 2022 01:04:47 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "1294 / 731 of 1000 / last-modified: 1659651030"
Vary: Accept-Encoding
Report-To: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Content-Length: 28612
X-XSS-Protection: 0
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="ads-gpt-scs"
Expires: Fri, 05 Aug 2022 01:04:47 GMT

GET
H2 200 atdfm.72dbf2eb.js Show response
assets.targetimg1.com/ui/ 25 KB
12 KB 9ms
9ms Script
application/javascript 151.101.66.180
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.targetimg1.com/ui/atdfm.72dbf2eb.js

Requested by

Host: heroesneverlose.com
URL: http://heroesneverlose.com/images/client.b33bca79.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.180 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

b172da75fa18117aa61bec83dda67860e78a53340456a940eaf3167c0a205a48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

clientgeo: DE
date: Fri, 05 Aug 2022 01:04:47 GMT
content-encoding: br
last-modified: Thu, 18 Nov 2021 22:14:54 GMT
server: UploadServer
age: 1159020
etag: "4c13ec0dcb47b5b7f909ede46849f2c6"
clientip: 178.162.209.134
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 11932

GET v1
redoak.target.com/content-publish/pages/ 0
0

GET v2
typeahead.target.com/autocomplete/TypeAheadSearch/ 0
0

GET
H2 200 tp-rules-react.json Show response
taglocker.target.com/tag-locker-config/ 105 B
378 B 23ms
7ms Fetch
application/json 151.101.66.180
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://taglocker.target.com/tag-locker-config/tp-rules-react.json
Requested by: Host: heroesneverlose.com
URL: http://heroesneverlose.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.180 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 16e939f8b7ed5985fd8f6ce1937f481917afc14c52ee75c1546213e52f510a78

Request headers

Accept: application/json
Referer: http://heroesneverlose.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

clientgeo: DE
date: Fri, 05 Aug 2022 01:04:47 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1620226525
age: 2410
x-guploader-uploadid: ADPycdsAOWfWOqVQ1gzG6EcBF1uK8oxrS9FUbjklgzDm2yvWuJcJiJPrQquq596VuUPvzMnHLfwcRuYCeHQf7U4p-d9x5jVM6NrT
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 106
via: 1.1 varnish
x-served-by: cache-fra19171-FRA
last-modified: Wed, 05 May 2021 14:55:30 GMT
server: UploadServer
x-timer: S1659661488.682775,VS0,VE0
etag: "451e7f9a4a8d7585a743e0abff41795b"
clientip: 178.162.209.134
vary: Accept-Encoding,Origin
x-goog-hash: crc32c=oRvWIQ==, md5=RR5/mkqNdYWnQ+Cr/0F5Ww==
x-goog-generation: 1620226530739747
access-control-allow-origin: http://heroesneverlose.com
expires: Tue, 02 Aug 2022 00:57:43 GMT
cache-control: public, max-age=3600
x-goog-stored-content-length: 105
accept-ranges: bytes
content-type: application/json
x-cache-hits: 14

GET
H2 200 rules-react.json Show response
taglocker.target.com/tag-locker-config/ 5 KB
1 KB 22ms
6ms Fetch
application/json 151.101.66.180
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://taglocker.target.com/tag-locker-config/rules-react.json
Requested by: Host: heroesneverlose.com
URL: http://heroesneverlose.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.180 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: c1aa9f948b6d1336bbcc6970af451432da85643c3136a7c5ebee7ddb61af9c64

Request headers

Accept: application/json
Referer: http://heroesneverlose.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

clientgeo: DE
date: Fri, 05 Aug 2022 01:04:47 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1620226525
age: 3373
x-guploader-uploadid: ADPycds7R3lH1PBNfXKoX_uFXcxRE-XMk4m1ApQh7Fhh6ryqi31navcFn9Ft5OzkopW9Qa0JjUuFGn3wCvGf8sJ6huHtrCgkMc-Q
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 651
via: 1.1 varnish
x-served-by: cache-fra19171-FRA
last-modified: Wed, 05 May 2021 14:55:30 GMT
server: UploadServer
x-timer: S1659661488.682569,VS0,VE0
etag: "f6a75d588a7a84649133f69c8a1d62aa"
clientip: 178.162.209.134
vary: Accept-Encoding,Origin
x-goog-hash: crc32c=xdwMsQ==, md5=9qddWIp6hGSRM/acih1iqg==
x-goog-generation: 1620226530747805
access-control-allow-origin: http://heroesneverlose.com
expires: Tue, 14 Jun 2022 02:10:03 GMT
cache-control: public, max-age=3600
x-goog-stored-content-length: 5455
accept-ranges: bytes
content-type: application/json
x-cache-hits: 17

GET
H2

200

sync Show response
gum.criteo.com/
Redirect Chain

https://gum.criteo.com/sync?c=347&r=3&a=1
https://gum.criteo.com/sync?s=1&c=347&r=3&a=1

59 B
377 B

18ms
17ms

Fetch
application/json

2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?s=1&c=347&r=3&a=1

Requested by

Host: heroesneverlose.com
URL: http://heroesneverlose.com/

Protocol

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

7f10f3ea7a7df40b7b87f48e2cc894f78d8e3af1c5af340190cc413589420f29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 01:04:47 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: http://heroesneverlose.com
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3930
strict-transport-security: max-age=31536000; preload;

Redirect headers

date: Fri, 05 Aug 2022 01:04:47 GMT
location: /sync?s=1&c=347&r=3&a=1
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
access-control-allow-origin: http://heroesneverlose.com
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 7026
content-length: 152

GET v1
redoak.target.com/content-publish/pages/ 0
0

GET
H2 404 ssx.mod.js
assets.targetimg1.com/ssx/ 0
0 362ms
362ms Script
text/plain 151.101.66.180
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.targetimg1.com/ssx/ssx.mod.js?seed=AECMFjR-AQAAhggUdc5Uq1I2H4xPHGnEHy94eOfqvC0XodhG72TWirfXhLs0&X-GyJwza5Z--z=q

Requested by

Host: heroesneverlose.com
URL: http://heroesneverlose.com/images/ssx.mod0df9.js?async

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.180 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

clientgeo: DE
date: Fri, 05 Aug 2022 01:04:48 GMT
age: 0
accept-ranges: bytes
clientip: 178.162.209.134
vary: Accept-Encoding
content-type: text/plain; charset=UTF-8
strict-transport-security: max-age=31536000; includeSubDomains
x-ssx-hop: 1
content-length: 0

GET
H/1.1 404
Not Found 02af86f652c55c872fd6.worker.js
heroesneverlose.com/assets/ 548 B
696 B 198ms
197ms Other
text/html 23.226.8.98
UDOMAIN-AS-AP UDo...

General

Check archive.org

Show headers Download Go to

Full URL: http://heroesneverlose.com/assets/02af86f652c55c872fd6.worker.js
Requested by: Host: heroesneverlose.com
URL: http://heroesneverlose.com/
Protocol: HTTP/1.1
Server: 23.226.8.98 , Hong Kong, ASN23881 (UDOMAIN-AS-AP UDomain Web Hosting Company Ltd, HK),
Reverse DNS
Software: nginx /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 05 Aug 2022 01:04:47 GMT
Server: nginx
Connection: keep-alive
Content-Length: 548
Content-Type: text/html

GET 99ecc614-958b-457a-be15-01e00c53057A.woff
assets.targetimg1.com/ui/fonts/ 0
0

GET preferred_stores
api.target.com/location_fulfillment_aggregations/v1/ 0
0

POST client_tokens
gsp.target.com/gsp/oauth_tokens/v2/ 0
0

OPTIONS
H2 403 client_tokens
gsp.target.com/gsp/oauth_tokens/v2/ Frame 0
0 22ms
7ms Preflight 151.101.66.180
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://gsp.target.com/gsp/oauth_tokens/v2/client_tokens

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.180 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.target.com https://.targetimg1.com https://.tgtneptune.com https://.scene7.com; style-src 'self' 'unsafe-inline'; script-src 'self' https://.target.com https://.targetimg1.com https://cdn.userreplay.net https://.scene7.com 'unsafe-inline'; img-src 'self' data: https://.target.com https://.targetimg1.com https://.scene7.com; frame-src 'self' https://.target.com https://.targetimg1.com https://.scene7.com; frame-ancestors 'self' https://.target.com https://.targetimg1.com https://.scene7.com; connect-src 'self' https://.target.com https://.targetimg1.com https://ur-ikoley.userreplay.net https://cdn.userreplay.net https://.scene7.com https://.zeronaught.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://heroesneverlose.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: no-store
clientgeo: DE
clientip: 178.162.209.134
content-length: 0
content-security-policy: default-src 'self' https://*.target.com https://*.targetimg1.com https://*.tgtneptune.com https://*.scene7.com; style-src 'self' 'unsafe-inline'; script-src 'self' https://*.target.com https://*.targetimg1.com https://cdn.userreplay.net https://*.scene7.com 'unsafe-inline'; img-src 'self' data: https://*.target.com https://*.targetimg1.com https://*.scene7.com; frame-src 'self' https://*.target.com https://*.targetimg1.com https://*.scene7.com; frame-ancestors 'self' https://*.target.com https://*.targetimg1.com https://*.scene7.com; connect-src 'self' https://*.target.com https://*.targetimg1.com https://ur-ikoley.userreplay.net https://cdn.userreplay.net https://*.scene7.com https://*.zeronaught.com;
date: Fri, 05 Aug 2022 01:04:47 GMT
referrer-policy: no-referrer-when-downgrade
retry-after: 0
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

POST
H/1.1 200 collect Show response
collect-v6.51.la/v6/ 0
401 B 607ms
302ms XHR
text/plain 183.131.207.66
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to

Full URL: http://collect-v6.51.la/v6/collect?dt=4
Requested by: Host: heroesneverlose.com
URL: http://heroesneverlose.com/
Protocol: HTTP/1.1
Server: 183.131.207.66 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: CloudWAF /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Access-Control-Allow-Origin: http://heroesneverlose.com
Date: Fri, 05 Aug 2022 01:04:48 GMT
Access-Control-Allow-Credentials: true
Server: CloudWAF
Connection: keep-alive
Content-Length: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

POST
H/1.1 200 collect Show response
collect-v6.51.la/v6/ 0
400 B 597ms
299ms XHR
text/plain 183.131.207.66
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to

Full URL: http://collect-v6.51.la/v6/collect?dt=4
Requested by: Host: heroesneverlose.com
URL: http://heroesneverlose.com/
Protocol: HTTP/1.1
Server: 183.131.207.66 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: CloudWAF /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Access-Control-Allow-Origin: http://heroesneverlose.com
Date: Fri, 05 Aug 2022 01:04:48 GMT
Access-Control-Allow-Credentials: true
Server: CloudWAF
Connection: keep-alive
Content-Length: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

POST
H/1.1 200 collect Show response
collect-v6.51.la/v6/ 0
401 B 602ms
310ms XHR
text/plain 183.131.207.66
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to

Full URL: http://collect-v6.51.la/v6/collect?dt=4
Requested by: Host: heroesneverlose.com
URL: http://heroesneverlose.com/
Protocol: HTTP/1.1
Server: 183.131.207.66 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: CloudWAF /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Access-Control-Allow-Origin: http://heroesneverlose.com
Date: Fri, 05 Aug 2022 01:04:48 GMT
Access-Control-Allow-Credentials: true
Server: CloudWAF
Connection: keep-alive
Content-Length: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

POST
H/1.1 200 collect Show response
collect-v6.51.la/v6/ 0
401 B 609ms
307ms XHR
text/plain 183.131.207.66
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to

Full URL: http://collect-v6.51.la/v6/collect?dt=4
Requested by: Host: heroesneverlose.com
URL: http://heroesneverlose.com/
Protocol: HTTP/1.1
Server: 183.131.207.66 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: CloudWAF /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Access-Control-Allow-Origin: http://heroesneverlose.com
Date: Fri, 05 Aug 2022 01:04:48 GMT
Access-Control-Allow-Credentials: true
Server: CloudWAF
Connection: keep-alive
Content-Length: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H2 200 pk10.css
www.168xykai.com/webapp/css/ Frame 4669 21 KB
4 KB 192ms
189ms Stylesheet
text/css 35.215.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.168xykai.com/webapp/css/pk10.css

Requested by

Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/html/aozxy5/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.215.138.177 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

ce537293741ba0dbc920bd27a9bcfb575ce7382ea545f812071851932bf5a8f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.168xykai.com/webapp/html/aozxy5/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 01:04:47 GMT
content-encoding: gzip
last-modified: Wed, 23 Feb 2022 01:02:48 GMT
server: nginx
etag: W/"621587b8-53fc"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Fri, 05 Aug 2022 13:04:47 GMT

GET
H2 200 common.css
www.168xykai.com/webapp/css/ Frame 4669 4 KB
1 KB 193ms
189ms Stylesheet
text/css 35.215.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.168xykai.com/webapp/css/common.css

Requested by

Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/html/aozxy5/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.215.138.177 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

eb16c5bca8654e4bc4ea5ea9798ab144aa2cc4fac9eb172424065ac0e6827801

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.168xykai.com/webapp/html/aozxy5/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 01:04:47 GMT
content-encoding: gzip
last-modified: Wed, 10 Feb 2021 10:25:40 GMT
server: nginx
etag: W/"6023b4a4-f5c"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Fri, 05 Aug 2022 13:04:47 GMT

GET
H2 200 public.css
www.168xykai.com/webapp/css/ Frame 4669 22 KB
5 KB 193ms
190ms Stylesheet
text/css 35.215.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.168xykai.com/webapp/css/public.css

Requested by

Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/html/aozxy5/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.215.138.177 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

5256fc07502ba8b4af3949b231c9bece358850eb090c6c547e187ef423527f78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.168xykai.com/webapp/html/aozxy5/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 01:04:47 GMT
content-encoding: gzip
last-modified: Wed, 23 Feb 2022 01:43:46 GMT
server: nginx
etag: W/"62159152-59ac"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Fri, 05 Aug 2022 13:04:47 GMT

GET
H2 200 ssc_index_add.css
www.168xykai.com/webapp/css/ Frame 4669 21 KB
5 KB 194ms
190ms Stylesheet
text/css 35.215.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.168xykai.com/webapp/css/ssc_index_add.css

Requested by

Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/html/aozxy5/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.215.138.177 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

257c2ba09ca5560c8c0a7b2772beb6e040fcda0dee139896a1901bb0080ea725

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.168xykai.com/webapp/html/aozxy5/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 01:04:47 GMT
content-encoding: gzip
last-modified: Wed, 23 Feb 2022 01:02:48 GMT
server: nginx
etag: W/"621587b8-55a8"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Fri, 05 Aug 2022 13:04:47 GMT

GET
H2 200 ssc_newVersion.css
www.168xykai.com/webapp/css/ Frame 4669 22 KB
4 KB 380ms
377ms Stylesheet
text/css 35.215.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.168xykai.com/webapp/css/ssc_newVersion.css

Requested by

Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/html/aozxy5/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.215.138.177 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

55d8170581789fd2baf42f160038645f58d3d1af667c0ce888880af5dde1e25e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.168xykai.com/webapp/html/aozxy5/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 01:04:47 GMT
content-encoding: gzip
last-modified: Wed, 23 Feb 2022 01:02:48 GMT
server: nginx
etag: W/"621587b8-5771"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Fri, 05 Aug 2022 13:04:47 GMT

GET
H2 200 jquery-1.9.1.js Show response
www.168xykai.com/webapp/js/lib/ Frame 4669 91 KB
36 KB 382ms
379ms Script
application/javascript 35.215.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.168xykai.com/webapp/js/lib/jquery-1.9.1.js

Requested by

Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/html/aozxy5/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.215.138.177 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

7196db5ce1154dda0f62614999dfd169a0e5fa9db634c12c308f9f9b22cb6f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.168xykai.com/webapp/html/aozxy5/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 01:04:47 GMT
content-encoding: gzip
last-modified: Wed, 10 Feb 2021 10:25:40 GMT
server: nginx
etag: W/"6023b4a4-16b57"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Fri, 05 Aug 2022 13:04:47 GMT

GET
H2 200 Sortable.min.js Show response
www.168xykai.com/webapp/js/lib/ Frame 4669 0
201 B 569ms
566ms Script
application/javascript 35.215.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.168xykai.com/webapp/js/lib/Sortable.min.js

Requested by

Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/html/aozxy5/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.215.138.177 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.168xykai.com/webapp/html/aozxy5/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 01:04:47 GMT
last-modified: Wed, 10 Feb 2021 10:25:40 GMT
server: nginx
etag: "6023b4a4-0"
strict-transport-security: max-age=31536000
content-type: application/javascript
cache-control: max-age=43200
accept-ranges: bytes
content-length: 0
expires: Fri, 05 Aug 2022 13:04:47 GMT

GET
H2 200 jquery.async.js Show response
www.168xykai.com/webapp/js/lib/ Frame 4669 902 B
1 KB 570ms
567ms Script
application/javascript 35.215.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.168xykai.com/webapp/js/lib/jquery.async.js

Requested by

Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/html/aozxy5/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.215.138.177 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

9b52ff42b1430595e38ae165b5a8ac6719c0bfddf9407ef9bc720dc30f2d3e5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.168xykai.com/webapp/html/aozxy5/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 01:04:47 GMT
last-modified: Wed, 10 Feb 2021 10:25:40 GMT
server: nginx
etag: "6023b4a4-386"
strict-transport-security: max-age=31536000
content-type: application/javascript
cache-control: max-age=43200
accept-ranges: bytes
content-length: 902
expires: Fri, 05 Aug 2022 13:04:47 GMT

GET
H2 200 drawLines.js Show response
www.168xykai.com/webapp/js/lib/ Frame 4669 24 KB
9 KB 570ms
567ms Script
application/javascript 35.215.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.168xykai.com/webapp/js/lib/drawLines.js

Requested by

Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/html/aozxy5/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.215.138.177 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

8a3eec9c6525ce4aad8b37e0a188f4716a8fcdec24ee894d2f8ffec447872fbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.168xykai.com/webapp/html/aozxy5/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 01:04:47 GMT
content-encoding: gzip
last-modified: Wed, 10 Feb 2021 10:25:40 GMT
server: nginx
etag: W/"6023b4a4-613b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Fri, 05 Aug 2022 13:04:47 GMT

GET
H2 200 pk10BaseTrend.js Show response
www.168xykai.com/webapp/js/lib/ Frame 4669 7 KB
2 KB 570ms
567ms Script
application/javascript 35.215.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.168xykai.com/webapp/js/lib/pk10BaseTrend.js

Requested by

Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/html/aozxy5/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.215.138.177 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

441c3db4288867eb549306e2797b1075d745408c6674660096a9ed695435391e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.168xykai.com/webapp/html/aozxy5/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 01:04:47 GMT
content-encoding: gzip
last-modified: Wed, 10 Feb 2021 10:25:40 GMT
server: nginx
etag: W/"6023b4a4-1a2d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Fri, 05 Aug 2022 13:04:47 GMT

GET
H2 200 date.js Show response
www.168xykai.com/webapp/js/lib/ Frame 4669 8 KB
3 KB 570ms
567ms Script
application/javascript 35.215.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.168xykai.com/webapp/js/lib/date.js

Requested by

Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/html/aozxy5/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.215.138.177 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

5de11f7b517d7f89c70ea78a8fe23a2f86bd848c8eb098003623b9faaff42d2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.168xykai.com/webapp/html/aozxy5/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 01:04:47 GMT
content-encoding: gzip
last-modified: Wed, 10 Feb 2021 10:25:40 GMT
server: nginx
etag: W/"6023b4a4-1edd"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Fri, 05 Aug 2022 13:04:47 GMT

GET
H2 200 iscroll.js Show response
www.168xykai.com/webapp/js/lib/ Frame 4669 19 KB
7 KB 570ms
568ms Script
application/javascript 35.215.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.168xykai.com/webapp/js/lib/iscroll.js

Requested by

Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/html/aozxy5/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.215.138.177 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

3b294972fe3c686a14d4195e17abc43199da904d959c9ffa128b3649b6bd925c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.168xykai.com/webapp/html/aozxy5/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 01:04:47 GMT
content-encoding: gzip
last-modified: Wed, 10 Feb 2021 10:25:40 GMT
server: nginx
etag: W/"6023b4a4-4db3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Fri, 05 Aug 2022 13:04:47 GMT

GET
H2 200 config.js Show response
www.168xykai.com/webapp/js/lib/ Frame 4669 9 KB
3 KB 570ms
568ms Script
application/javascript 35.215.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.168xykai.com/webapp/js/lib/config.js

Requested by

Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/html/aozxy5/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.215.138.177 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

a78ee11327bd03c29b067ce5302c92e172971221bf34d152414c2a9fdda9a3f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.168xykai.com/webapp/html/aozxy5/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 01:04:47 GMT
content-encoding: gzip
last-modified: Fri, 25 Feb 2022 23:59:20 GMT
server: nginx
etag: W/"62196d58-22c5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Fri, 05 Aug 2022 13:04:47 GMT

GET
H2 200 tools.js Show response
www.168xykai.com/webapp/js/local/tools/ Frame 4669 100 KB
17 KB 570ms
568ms Script
application/javascript 35.215.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.168xykai.com/webapp/js/local/tools/tools.js

Requested by

Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/html/aozxy5/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.215.138.177 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

9799dd932883288a3c6e2d4dba933ba58903621a0ca026a1b935d6c1d282d89a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.168xykai.com/webapp/html/aozxy5/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 01:04:47 GMT
content-encoding: gzip
last-modified: Wed, 23 Mar 2022 12:27:02 GMT
server: nginx
etag: W/"623b1216-18fe7"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Fri, 05 Aug 2022 13:04:47 GMT

GET
H2 200 head_aozxy5.js Show response
www.168xykai.com/webapp/js/local/ssc/ Frame 4669 338 B
551 B 570ms
569ms Script
application/javascript 35.215.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.168xykai.com/webapp/js/local/ssc/head_aozxy5.js

Requested by

Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/html/aozxy5/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.215.138.177 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

a4cd3a4af2595491fd9ea98f5faeb959eb00bf0d04c9dfb358dca7685a27ab97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.168xykai.com/webapp/html/aozxy5/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 01:04:47 GMT
last-modified: Wed, 10 Feb 2021 10:25:42 GMT
server: nginx
etag: "6023b4a6-152"
strict-transport-security: max-age=31536000
content-type: application/javascript
cache-control: max-age=43200
accept-ranges: bytes
content-length: 338
expires: Fri, 05 Aug 2022 13:04:47 GMT

GET
H2 200 index.js Show response
www.168xykai.com/webapp/js/local/ssc/ Frame 4669 79 KB
17 KB 570ms
569ms Script
application/javascript 35.215.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.168xykai.com/webapp/js/local/ssc/index.js

Requested by

Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/html/aozxy5/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.215.138.177 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

ae8b3e11044bfe4ada3cbe02de1e3a8b9f7476b4cb8cf6e8a29074e423d254e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.168xykai.com/webapp/html/aozxy5/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 01:04:47 GMT
content-encoding: gzip
last-modified: Fri, 07 Jan 2022 06:15:08 GMT
server: nginx
etag: W/"61d7da6c-13afa"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Fri, 05 Aug 2022 13:04:47 GMT

POST client_tokens
gsp.target.com/gsp/oauth_tokens/v2/ 0
0

OPTIONS
H2 403 client_tokens
gsp.target.com/gsp/oauth_tokens/v2/ Frame 0
0 7ms
7ms Preflight 151.101.66.180
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://gsp.target.com/gsp/oauth_tokens/v2/client_tokens

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.180 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.target.com https://.targetimg1.com https://.tgtneptune.com https://.scene7.com; style-src 'self' 'unsafe-inline'; script-src 'self' https://.target.com https://.targetimg1.com https://cdn.userreplay.net https://.scene7.com 'unsafe-inline'; img-src 'self' data: https://.target.com https://.targetimg1.com https://.scene7.com; frame-src 'self' https://.target.com https://.targetimg1.com https://.scene7.com; frame-ancestors 'self' https://.target.com https://.targetimg1.com https://.scene7.com; connect-src 'self' https://.target.com https://.targetimg1.com https://ur-ikoley.userreplay.net https://cdn.userreplay.net https://.scene7.com https://.zeronaught.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://heroesneverlose.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: no-store
clientgeo: DE
clientip: 178.162.209.134
content-length: 0
content-security-policy: default-src 'self' https://*.target.com https://*.targetimg1.com https://*.tgtneptune.com https://*.scene7.com; style-src 'self' 'unsafe-inline'; script-src 'self' https://*.target.com https://*.targetimg1.com https://cdn.userreplay.net https://*.scene7.com 'unsafe-inline'; img-src 'self' data: https://*.target.com https://*.targetimg1.com https://*.scene7.com; frame-src 'self' https://*.target.com https://*.targetimg1.com https://*.scene7.com; frame-ancestors 'self' https://*.target.com https://*.targetimg1.com https://*.scene7.com; connect-src 'self' https://*.target.com https://*.targetimg1.com https://ur-ikoley.userreplay.net https://cdn.userreplay.net https://*.scene7.com https://*.zeronaught.com;
date: Fri, 05 Aug 2022 01:04:47 GMT
referrer-policy: no-referrer-when-downgrade
retry-after: 0
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 pubads_impl_2022080101.js Show response
securepubads.g.doubleclick.net/gpt/ 381 KB
130 KB 73ms
15ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080101.js

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

sffe /

Resource Hash

a5910455615630589802ca15818aa163322871e6468f06a3660c53d6ab2936bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 20:11:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17578
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132749
x-xss-protection: 0
last-modified: Mon, 01 Aug 2022 16:11:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 04 Aug 2023 20:11:49 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 41 B
691 B 71ms
23ms XHR
application/json 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=heroesneverlose.com

Requested by

Host: heroesneverlose.com
URL: http://heroesneverlose.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

0a51a3cbb5360477da05fb14837f3aec71db6b3ae7e6ff842ce6d63a0b038a31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Aug 2022 01:04:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55
x-xss-protection: 0
expires: Fri, 05 Aug 2022 01:04:47 GMT

GET
H2 200 / Show response
staging-ps.ispot.tv/TC-3298-1/ 146 B
430 B 51ms
6ms Fetch
application/json 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://staging-ps.ispot.tv/TC-3298-1/
Requested by: Host: heroesneverlose.com
URL: http://heroesneverlose.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 49202c9fb4ab79e72dbefe0e23a3add692bc3aaa753e8fe6c8057ae6e5168e6f

Request headers

Accept: application/json
Referer: http://heroesneverlose.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin: http://heroesneverlose.com
date: Fri, 05 Aug 2022 01:04:47 GMT
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 146
retry-after: 0
content-type: application/json

POST access_invalidate
gsp.target.com/gsp/oauth_tokens/v2/tokens/ 0
0

OPTIONS
H2 403 access_invalidate
gsp.target.com/gsp/oauth_tokens/v2/tokens/ Frame 0
0 8ms
8ms Preflight 151.101.66.180
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://gsp.target.com/gsp/oauth_tokens/v2/tokens/access_invalidate?preserve_refresh_token=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.180 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.target.com https://.targetimg1.com https://.tgtneptune.com https://.scene7.com; style-src 'self' 'unsafe-inline'; script-src 'self' https://.target.com https://.targetimg1.com https://cdn.userreplay.net https://.scene7.com 'unsafe-inline'; img-src 'self' data: https://.target.com https://.targetimg1.com https://.scene7.com; frame-src 'self' https://.target.com https://.targetimg1.com https://.scene7.com; frame-ancestors 'self' https://.target.com https://.targetimg1.com https://.scene7.com; connect-src 'self' https://.target.com https://.targetimg1.com https://ur-ikoley.userreplay.net https://cdn.userreplay.net https://.scene7.com https://.zeronaught.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://heroesneverlose.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: no-store
clientgeo: DE
clientip: 178.162.209.134
content-length: 0
content-security-policy: default-src 'self' https://*.target.com https://*.targetimg1.com https://*.tgtneptune.com https://*.scene7.com; style-src 'self' 'unsafe-inline'; script-src 'self' https://*.target.com https://*.targetimg1.com https://cdn.userreplay.net https://*.scene7.com 'unsafe-inline'; img-src 'self' data: https://*.target.com https://*.targetimg1.com https://*.scene7.com; frame-src 'self' https://*.target.com https://*.targetimg1.com https://*.scene7.com; frame-ancestors 'self' https://*.target.com https://*.targetimg1.com https://*.scene7.com; connect-src 'self' https://*.target.com https://*.targetimg1.com https://ur-ikoley.userreplay.net https://cdn.userreplay.net https://*.scene7.com https://*.zeronaught.com;
date: Fri, 05 Aug 2022 01:04:47 GMT
referrer-policy: no-referrer-when-downgrade
retry-after: 0
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 GUEST_b3cea7ef-22bf-4cdf-92bb-e100a10ec623
target.scene7.com/is/content/Target/ 545 B
704 B 10ms
9ms Image
image/svg+xml 2a02:26f0:3500:58e::9b6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://target.scene7.com/is/content/Target/GUEST_b3cea7ef-22bf-4cdf-92bb-e100a10ec623

Requested by

Host: heroesneverlose.com
URL: http://heroesneverlose.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:58e::9b6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

a8c98f1872e0c0a4932d4d5c978f666c1b99f0e90a6ed000f4d5aed5a6dff76d

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 01:04:47 GMT
last-modified: Mon, 16 Aug 2021 07:02:34 GMT
server: Unknown
strict-transport-security: max-age=86400
content-type: image/svg+xml
access-control-allow-origin: *
accept-ranges: bytes
content-length: 545
expires: Fri, 05 Aug 2022 10:35:06 GMT

GET
H2 200 GUEST_adf88fa5-9437-443e-8ddd-674dde6c3a82
target.scene7.com/is/content/Target/ 545 B
704 B 13ms
12ms Image
image/svg+xml 2a02:26f0:3500:58e::9b6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://target.scene7.com/is/content/Target/GUEST_adf88fa5-9437-443e-8ddd-674dde6c3a82

Requested by

Host: heroesneverlose.com
URL: http://heroesneverlose.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:58e::9b6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

a8c98f1872e0c0a4932d4d5c978f666c1b99f0e90a6ed000f4d5aed5a6dff76d

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 01:04:47 GMT
last-modified: Mon, 16 Aug 2021 07:02:34 GMT
server: Unknown
strict-transport-security: max-age=86400
content-type: image/svg+xml
access-control-allow-origin: *
accept-ranges: bytes
content-length: 545
expires: Fri, 05 Aug 2022 08:11:51 GMT

GET
H2 200 GUEST_1e7d1a3c-3927-49e3-8ef7-bac2397fb36c
target.scene7.com/is/content/Target/ 946 B
1 KB 16ms
15ms Image
image/svg+xml 2a02:26f0:3500:58e::9b6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://target.scene7.com/is/content/Target/GUEST_1e7d1a3c-3927-49e3-8ef7-bac2397fb36c

Requested by

Host: heroesneverlose.com
URL: http://heroesneverlose.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:58e::9b6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

44914fe79fff029aba62ab355d38c487ca9fd57b9e041bd435930b578d772c21

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 01:04:47 GMT
last-modified: Mon, 16 Aug 2021 07:02:43 GMT
server: Unknown
strict-transport-security: max-age=86400
content-type: image/svg+xml
access-control-allow-origin: *
accept-ranges: bytes
content-length: 946
expires: Fri, 05 Aug 2022 10:24:47 GMT

GET
H2 200 GUEST_77400a3e-7081-4c52-8feb-7126a78353e1
target.scene7.com/is/content/Target/ 2 KB
2 KB 18ms
18ms Image
image/svg+xml 2a02:26f0:3500:58e::9b6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://target.scene7.com/is/content/Target/GUEST_77400a3e-7081-4c52-8feb-7126a78353e1

Requested by

Host: heroesneverlose.com
URL: http://heroesneverlose.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:58e::9b6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

36fb5f6d85fee772ec2776fa91b23eab9185e1bda2bf535d5cd05cd930f24bdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 01:04:47 GMT
last-modified: Mon, 23 Aug 2021 18:12:49 GMT
server: Unknown
strict-transport-security: max-age=86400
content-type: image/svg+xml
access-control-allow-origin: *
accept-ranges: bytes
content-length: 1762
expires: Fri, 05 Aug 2022 04:28:57 GMT

GET
H2 200 GUEST_ca8f1d56-9000-4407-be78-2c33be983dab
target.scene7.com/is/content/Target/ 50 KB
51 KB 21ms
21ms Image
image/svg+xml 2a02:26f0:3500:58e::9b6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://target.scene7.com/is/content/Target/GUEST_ca8f1d56-9000-4407-be78-2c33be983dab

Requested by

Host: heroesneverlose.com
URL: http://heroesneverlose.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:58e::9b6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

93c66c5b66764b601d7d5d701a4dd3eba2fa449b3d8a6fb559f66eca70af3f28

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 01:04:47 GMT
last-modified: Mon, 16 Aug 2021 07:03:09 GMT
server: Unknown
strict-transport-security: max-age=86400
content-type: image/svg+xml
access-control-allow-origin: *
accept-ranges: bytes
content-length: 51602
expires: Fri, 05 Aug 2022 10:53:23 GMT

GET rid
match.adsrvr.org/track/ 0
0

GET
H2

200

any Show response
idx.liadm.com/idex/ie/
Redirect Chain

http://idx.liadm.com/idex/ie/any
https://idx.liadm.com/idex/ie/any

54 B
388 B

298ms
98ms

XHR
application/json

52.205.53.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://idx.liadm.com/idex/ie/any

Requested by

Host: heroesneverlose.com
URL: http://heroesneverlose.com/

Protocol

Server

52.205.53.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-205-53-141.compute-1.amazonaws.com

Software

Resource Hash

cff2fddd0382a2f4113ce84ee9e019eb1e60da60f02cd1dbc968d93f9142e17c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 01:04:48 GMT
request-time: 1
vary: Origin
content-type: application/json
access-control-allow-origin: null
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
trace-id: 43038bdb732e938e
content-length: 54

Redirect headers

Date: Fri, 05 Aug 2022 01:04:48 GMT
Location: https://idx.liadm.com/idex/ie/any
Vary: Origin
Access-Control-Allow-Origin: http://heroesneverlose.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
trace-id: a51d474b190797b4
Content-Length: 0

GET identity
api.rlcdn.com/api/ 0
0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 118ms
32ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=heroesneverlose.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Aug 2022 01:04:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 109ms
23ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=heroesneverlose.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Aug 2022 01:04:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 50 KB
13 KB 131ms
130ms XHR
text/plain 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=543097662989081&correlator=3351141276881257&eid=31068367%2C44768686%2C44770639&output=ldjh&gdfp_req=1&vrg=2022080101&ptt=17&impl=fifs&iu_parts=7079046%2Ctgt%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=320x50%7C1200x75%7C1200x100%7C1000x75%7C1000x100%2C320x50%7C1000x450%7C1200x450&fluid=height%2Cheight&ifi=1&adks=4090763119%2C2485956694&sfv=1-0-38&fsapi=false&prev_scp=adp%3D1%26as%3Dhomeclpu%26au%3D%252F7079046%252Ftgt%252Fhomepage%26pflag%3Dno%26pos%3Dclpu%26pt%3Dhome%26storeId%3D3909%7Cadp%3D1%26as%3Dhomemega%26au%3D%252F7079046%252Ftgt%252Fhomepage%26pflag%3Dno%26pos%3Dmega%26pt%3Dhome%26storeId%3D3909&cust_params=n_cat%3Dhomepage%26s_t%3D%26cat%3D%26fly%3D01826B888D450101770FB580DAF2540B%26item%3D%26pt%3Dhome&sc=0&cookie_enabled=1&abxe=1&dt=1659661488021&lmt=1641630316&dlt=1659661485818&idt=2166&adxs=-12245933%2C-12245933&adys=-12245933%2C-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fheroesneverlose.com%2F&frm=20&vis=1&psz=0x0%7C0x0&msz=0x0%7C0x0&fws=132%2C132&ohw=1600%2C1600&ga_vid=1689984205.1659661488&ga_sid=1659661488&ga_hid=1198289019&ga_fc=false

Requested by

Host: heroesneverlose.com
URL: http://heroesneverlose.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

b0816bb80a66a7967879cc703d051c9f286517ed7a6445798661f60c646905bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 01:04:48 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13018
x-xss-protection: 0
google-lineitem-id: 6070492963,5936703507
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138399352270,138383093210
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://heroesneverlose.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
5aeab1945e94cf3389005b1eff28f292.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 286E 6 KB
4 KB 115ms
22ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5aeab1945e94cf3389005b1eff28f292.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://heroesneverlose.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 05 Aug 2022 01:04:48 GMT
expires: Sat, 05 Aug 2023 01:04:48 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 headerstats Show response
as-sec.casalemedia.com/ 0
578 B 90ms
20ms XHR
text/plain 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=557845&u=http%3A%2F%2Fheroesneverlose.com%2F&v=3
Requested by: Host: heroesneverlose.com
URL: http://heroesneverlose.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://heroesneverlose.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 01:04:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=thsmq7%2B7nH%2BlsrTBSFwHEI9XIdc48mlzrYd7%2Fe%2FGtep2COKEiU5r2zul8eB%2F5r9ncPQm%2BQTgTv0Ehcch7D7Pi0Csvgw1DFg6ZzonA5bWvf1RKUPCvTxmRFH8WGghswEQdc9sl12izPk%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: http://heroesneverlose.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 735b9eecab80bbce-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 container.html Show response
5aeab1945e94cf3389005b1eff28f292.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8E5F 6 KB
3 KB 35ms
23ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5aeab1945e94cf3389005b1eff28f292.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://heroesneverlose.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 05 Aug 2022 01:04:48 GMT
expires: Sat, 05 Aug 2023 01:04:48 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
5aeab1945e94cf3389005b1eff28f292.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D858 6 KB
3 KB 31ms
23ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5aeab1945e94cf3389005b1eff28f292.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://heroesneverlose.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 05 Aug 2022 01:04:48 GMT
expires: Sat, 05 Aug 2023 01:04:48 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame D858 22 KB
7 KB 63ms
22ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 5aeab1945e94cf3389005b1eff28f292.safeframe.googlesyndication.com
URL: https://5aeab1945e94cf3389005b1eff28f292.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5aeab1945e94cf3389005b1eff28f292.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 16:27:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31052
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 04 Aug 2023 16:27:16 GMT

GET
H2 200 9141390626556433895
tpc.googlesyndication.com/simgad/ Frame D858 134 KB
134 KB 80ms
40ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9141390626556433895?

Requested by

Host: 5aeab1945e94cf3389005b1eff28f292.safeframe.googlesyndication.com
URL: https://5aeab1945e94cf3389005b1eff28f292.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a40727c72c67fe20e3ff90b0518c2ba07cd617e996ea02023f53260e9680bf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5aeab1945e94cf3389005b1eff28f292.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 08:26:39 GMT
x-content-type-options: nosniff
age: 59889
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 137532
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 13:46:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 04 Aug 2023 08:26:39 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D858 139 KB
43 KB 64ms
25ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5aeab1945e94cf3389005b1eff28f292.safeframe.googlesyndication.com
URL: https://5aeab1945e94cf3389005b1eff28f292.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e30a952eadc89f735e92201acd81796193eebddb8926d345c6ce092126c9257a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5aeab1945e94cf3389005b1eff28f292.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 01:04:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43822
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1659527892023609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 05 Aug 2022 01:04:48 GMT

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame D858 8 KB
4 KB 67ms
7ms Script
application/javascript 2a02:26f0:3500:585::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?t2te=0&seltag=1&adsrv=104&cmp=DV503696&ctx=21728514&sadv=24321326&ord=2948394446&litm=5936703507&scrt=138383093210&splc=/7079046/tgt/homepage&adu=107197886&unit=0x0&dvp_qtpid=&dvp_qtsid=&btreg=5936703507138383093210&btadsrv=5936703507138383093210&spos=mega&c1=home&c2=&c3=homemega&c4=
Requested by: Host: 5aeab1945e94cf3389005b1eff28f292.safeframe.googlesyndication.com
URL: https://5aeab1945e94cf3389005b1eff28f292.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:585::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 3a70d2ef9aae305829fcb5dfc6d77bf98e0d4d9c0661e67cc6f9d4967cc324e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5aeab1945e94cf3389005b1eff28f292.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 05 Aug 2022 01:04:48 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Aug 2022 15:02:52 GMT
Server: Microsoft-IIS/10.0
ETag: "0360f080a6d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3315

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 8E5F 22 KB
7 KB 62ms
23ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 5aeab1945e94cf3389005b1eff28f292.safeframe.googlesyndication.com
URL: https://5aeab1945e94cf3389005b1eff28f292.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5aeab1945e94cf3389005b1eff28f292.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 16:27:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31052
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 04 Aug 2023 16:27:16 GMT

GET
H2 200 1719481324014379757
tpc.googlesyndication.com/simgad/ Frame 8E5F 48 KB
49 KB 62ms
24ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1719481324014379757?

Requested by

Host: 5aeab1945e94cf3389005b1eff28f292.safeframe.googlesyndication.com
URL: https://5aeab1945e94cf3389005b1eff28f292.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a31e281994395e4e4faba085781b664794fcdb4ca396a12ebbb7f14396e79642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5aeab1945e94cf3389005b1eff28f292.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 05:05:36 GMT
x-content-type-options: nosniff
age: 417552
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49363
x-xss-protection: 0
last-modified: Wed, 20 Jul 2022 16:47:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 31 Jul 2023 05:05:36 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8E5F 139 KB
43 KB 92ms
55ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5aeab1945e94cf3389005b1eff28f292.safeframe.googlesyndication.com
URL: https://5aeab1945e94cf3389005b1eff28f292.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e30a952eadc89f735e92201acd81796193eebddb8926d345c6ce092126c9257a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5aeab1945e94cf3389005b1eff28f292.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 01:04:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43822
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1659527892023609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 05 Aug 2022 01:04:48 GMT

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 8E5F 8 KB
4 KB 66ms
8ms Script
application/javascript 2a02:26f0:3500:585::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?t2te=0&seltag=1&adsrv=104&cmp=DV503696&ctx=21728514&sadv=24321326&ord=2948394446&litm=6070492963&scrt=138399352270&splc=/7079046/tgt/homepage&adu=107197886&unit=0x0&dvp_qtpid=&dvp_qtsid=&btreg=6070492963138399352270&btadsrv=6070492963138399352270&spos=clpu&c1=home&c2=&c3=homeclpu&c4=
Requested by: Host: 5aeab1945e94cf3389005b1eff28f292.safeframe.googlesyndication.com
URL: https://5aeab1945e94cf3389005b1eff28f292.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:585::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 3a70d2ef9aae305829fcb5dfc6d77bf98e0d4d9c0661e67cc6f9d4967cc324e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5aeab1945e94cf3389005b1eff28f292.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 05 Aug 2022 01:04:48 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Aug 2022 15:02:52 GMT
Server: Microsoft-IIS/10.0
ETag: "0360f080a6d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3315

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D858 0
0 62ms
62ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssdDCLdkN3WmkUNpgQGpB7q0eO4YBCKro89zk3ZpHFkmvGm3sU7kuR7RVKz_MLlvwV0pgJVpzlIY_WnKbapdjmqdU_jQ5ph_vx7YgK58dQK2WW3h2EctQ7It-PwPkLPdOekhqZE_JMRG5flIw66621KeEyjwvF1TvGBu7UBmOmuIOWLa9HDZIrGyjcSjz46HmV541CwTgv-1004xXThWo0bonLmtuXUokL5-qHEYQ6kSdBlIf3DBPvFs7aZ0_qo1yZLNGeCSoMNFtD4mkDMsljlc9_B3nAJX4kB1Ls9X5wk11OKHUgr3-OIXbNZPAtat6SLujnwdm4&sai=AMfl-YRn0sYwXOMEmwGI1N53VPiOlMHrBsN1aV9-7fQmZ4e-RNgdc4m9ewvI_pleJTfK1Zy13AXA3SZXYDLfIMLqfKPsELbX-4nP3HcxBBxw&sig=Cg0ArKJSzOjkEzmOTUS_EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 5aeab1945e94cf3389005b1eff28f292.safeframe.googlesyndication.com
URL: https://5aeab1945e94cf3389005b1eff28f292.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5aeab1945e94cf3389005b1eff28f292.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Aug 2022 01:04:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 05 Aug 2022 01:04:48 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8E5F 0
0 65ms
61ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss3qlQpfQuKgti9x5NgFbDMWuqWl9qLA5OXH3_yynJ63LxipEqzP5j2Fhsf9a-QBmfd9MnV5tvaxDrbBWjh9NLakwUz-S6JMWnU2DFTAK05IsJTnHLTtlHlymQqY1gGgCBhsOoBwTWqndYMuXPvd1CgkNEjNSK8w-7X3MBkaxsg8skoU3DWddU7o4T6OOO61De9RIcduYUziGd4bXNpEQXDo_XzT0JFBmRKlj70tMtksKKhNMfHjUjzvOwaA8ghgHI_Hc4SMUAGo4O3V9WLZxbZfKAwp5MAVs3BezcrS-oG4-jIX1j8EWp9C-AHgr0RmxeTGbo5CEo&sai=AMfl-YQRT8yBd65Ivl367zE2K6l9O4Ch6QcbphmI7M_1O6m5q17OzPGkjZ1UxBfn_oNZFDuTEOZHyl2lHXS7yV-5ryvZO9nF-JIeAS2mkVBb&sig=Cg0ArKJSzD4ZYnQ652psEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 5aeab1945e94cf3389005b1eff28f292.safeframe.googlesyndication.com
URL: https://5aeab1945e94cf3389005b1eff28f292.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5aeab1945e94cf3389005b1eff28f292.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Aug 2022 01:04:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 05 Aug 2022 01:04:48 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D858 0
0 78ms
50ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuNtRh5HFzd42opNMaHVOoFgpbe-uFGchbEiVeHn0yayCXnbmurTqKalAvOWxjMinQ6EvXTpd8aPS1YUvjDEkITSctXZiHEfVfPxAUgdNws6D_cvm0zxmQ9oKPtCRN0J_j1j_ZBd8nuChvdgyr2Y7KP-QdVXphlyVSXbKyFhZl-uBSb_ksGXHO2f9xRPncNZ-B0iBRXc0j5wECWRyAb41n42x4g5TW_mBIZDcmbjne_dV1V4l8mg6eBCCHiyb2VAg7O8Cs9GOJKOOXf0WoIiNYKEvUmdPYcJqayOnCw9cblIalFE0GJBeSLxXYm0KGn_USImprFTdkxHA&sai=AMfl-YT9zUN6-YMMq56TmnMSFmmS9DHqaxeBU4kEfRngAF3qj91-NWlXDe1D-jdwVswmt3nkaBmLksxdpOSfrPDIuoA3bIyYAgaPH_LLq3JG&sig=Cg0ArKJSzAy47VrWc6koEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5aeab1945e94cf3389005b1eff28f292.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Aug 2022 01:04:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 05 Aug 2022 01:04:48 GMT

GET
H/1.1 200
OK dv-measurements2957.js Show response
cdn.doubleverify.com/ Frame 2D3D 552 KB
106 KB 7ms
7ms Script
application/javascript 2a02:26f0:3500:585::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements2957.js
Requested by: Host: heroesneverlose.com
URL: http://heroesneverlose.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:585::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 030a96c1203bd334b8e044fd89f18eeab5aca04c4651872c9d2233b42dc542b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5aeab1945e94cf3389005b1eff28f292.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 05 Aug 2022 01:04:48 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Aug 2022 13:55:27 GMT
Server: Microsoft-IIS/10.0
ETag: "8031fe8477a6d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 107853

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8E5F 0
0 49ms
49ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu8MDWYzIqh8i6pSludcnDJ17jnmCIHtzgux462kI3XnAZoFT0Hu_MaffKS7RwthQko4jilUqWn_LkAem4JVOAjCUWRJPlRrKvRvzoxZ-e8j46uI6KTmgCHa7p7clOmjcsRpJrfuB0co85XcoDQPIHB4-JcbG8EJuXAZiejFRW3qSBA3pZG7y_6DjdjwyNxTHpTbd6eGdQaUVeL7F_1mVuLZppGE-F5jT6WTbIPaS3KaezbQmuj84RVS16uXPPCq4g0MiM_KWewTtOT4DNKdHCc7Oybj5iD6rhO3tM5RPVaN5-Egz5pXdJ5qOxMSb-RrmIv9YGIKrDIQA&sai=AMfl-YRsCn3UaBl4bHLjEWoAd5KwI009IZH-pE6N0WqSR3HPdV1d8lfzBe0sUecVR97sM5fVW7Hm3K4HxqGXehLaGekcD3oOnpsuRPW6DTob&sig=Cg0ArKJSzMRW9744WaKGEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5aeab1945e94cf3389005b1eff28f292.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Aug 2022 01:04:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 05 Aug 2022 01:04:48 GMT

GET
H/1.1 200
OK dv-measurements2957.js Show response
cdn.doubleverify.com/ Frame 485A 552 KB
106 KB 12ms
7ms Script
application/javascript 2a02:26f0:3500:585::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements2957.js
Requested by: Host: heroesneverlose.com
URL: http://heroesneverlose.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:585::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 030a96c1203bd334b8e044fd89f18eeab5aca04c4651872c9d2233b42dc542b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5aeab1945e94cf3389005b1eff28f292.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 05 Aug 2022 01:04:48 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Aug 2022 13:55:27 GMT
Server: Microsoft-IIS/10.0
ETag: "8031fe8477a6d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 107853

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 2D3D 694 B
681 B 189ms
11ms Script
text/javascript 213.254.244.105
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=60&ttfrms=27&brid=3&brver=104.0.5112.79&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEATbpTauTau96C%406D%3F6G6C%3D%40D6%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEATbpTauTau96C%406D%3F6G6C%3D%40D6%5D4%40%3ETar9EEADTbpTauTaud2623%60hcd6hc47bbgh__d3%60677ag7aha%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=59&ddur=69&uid=1659661488445320&jsCallback=dvCallback_1659661488445360&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F104.0.5112.79%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=0&winw=0&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=2957&tgjsver=2957&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2F5aeab1945e94cf3389005b1eff28f292.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&sfe=1&fcifrms=5&brh=2&sdf=2050&dvp_epl=233&noc=4&nav_pltfrm=Win32&ctx=21728514&cmp=DV503696&btreg=5936703507138383093210&btadsrv=5936703507138383093210&adsrv=104&unit=0x0&seltag=1&sadv=24321326&ord=2948394446&litm=5936703507&scrt=138383093210&splc=/7079046/tgt/homepage&adu=107197886&spos=mega&c1=home&c3=homemega&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&t2te=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=617364.8648391447&dvp_tukv=26777050505.70236&dvp_uuid=5270248022.008813&dvp_strhd=0.3000011444091797&dvpx_strhd=0.3000011444091797&dvp_tuid=768067533452
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2957.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.105 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: 261db910c7663cdae9f781c2293426c058a4780fd9d7b1f81be4a2fd68fad828

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5aeab1945e94cf3389005b1eff28f292.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 05 Aug 2022 01:04:47 GMT
Content-Encoding: br
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 08/04/2022 01:04:48

GET
H2 200 haomaimg.png
www.168xykai.com/webapp/img/ Frame 4669 178 KB
179 KB 192ms
191ms Image
image/png 35.215.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.168xykai.com/webapp/img/haomaimg.png

Requested by

Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/css/public.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.215.138.177 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

2cd69edba71483d88d9663a598f00d975a52b3a8a8422e7c9d50fd1ac3f0464b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.168xykai.com/webapp/css/public.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 01:04:48 GMT
last-modified: Wed, 10 Feb 2021 10:25:40 GMT
server: nginx
etag: "6023b4a4-2c891"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 182417
expires: Sun, 04 Sep 2022 01:04:48 GMT

GET
H2 200 px10obj.png
www.168xykai.com/webapp/img/cltj_img/ Frame 4669 3 KB
3 KB 387ms
387ms Image
image/png 35.215.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.168xykai.com/webapp/img/cltj_img/px10obj.png

Requested by

Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/css/pk10.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.215.138.177 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

124aeafaabb57da5126971cd6c763b317cde9003ff1690e447a494952f156139

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.168xykai.com/webapp/css/pk10.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 01:04:48 GMT
last-modified: Wed, 10 Feb 2021 10:25:40 GMT
server: nginx
etag: "6023b4a4-b3a"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2874
expires: Sun, 04 Sep 2022 01:04:48 GMT

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 485A 694 B
681 B 28ms
14ms Script
text/javascript 213.254.244.105
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=210&ttfrms=8&brid=3&brver=104.0.5112.79&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEATbpTauTau96C%406D%3F6G6C%3D%40D6%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEATbpTauTau96C%406D%3F6G6C%3D%40D6%5D4%40%3ETar9EEADTbpTauTaud2623%60hcd6hc47bbgh__d3%60677ag7aha%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=64&ddur=67&uid=1659661488618778&jsCallback=dvCallback_1659661488618843&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F104.0.5112.79%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=0&winw=0&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=2957&tgjsver=2957&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2F5aeab1945e94cf3389005b1eff28f292.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&sfe=1&fcifrms=5&brh=2&sdf=2050&dvp_epl=233&noc=4&nav_pltfrm=Win32&ctx=21728514&cmp=DV503696&btreg=6070492963138399352270&btadsrv=6070492963138399352270&adsrv=104&unit=0x0&seltag=1&sadv=24321326&ord=2948394446&litm=6070492963&scrt=138399352270&splc=/7079046/tgt/homepage&adu=107197886&spos=clpu&c1=home&c3=homeclpu&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&t2te=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=58915269845.69369&dvp_tukv=28694985737.823353&dvp_uuid=5666955197.728205&dvp_strhd=0.10000038146972656&dvpx_strhd=0.10000038146972656&dvp_tuid=164460743336
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2957.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.105 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: beff211ee70ad52616d3693fa0179ee6ce0588e6744a4fa34e4276a7d6dff0d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5aeab1945e94cf3389005b1eff28f292.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 05 Aug 2022 01:04:48 GMT
Content-Encoding: br
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 08/04/2022 01:04:48

GET
H2 200 azxy5_index.html Show response
www.168xykai.com/webapp/js/lib/video/SSC/ Frame 019E 5 KB
1 KB 251ms
251ms Document
text/html 35.215.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.168xykai.com/webapp/js/lib/video/SSC/azxy5_index.html

Requested by

Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/html/aozxy5/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.215.138.177 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

a68414d4126341df887b34672dad89ae3657328127e341736328f0124eabf8a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.168xykai.com/webapp/html/aozxy5/index.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Fri, 05 Aug 2022 01:04:48 GMT
etag: W/"621587b8-1302"
last-modified: Wed, 23 Feb 2022 01:02:48 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H2 200 icon-168index.png
www.168xykai.com/webapp/img/cltj_img/ Frame 4669 28 KB
28 KB 251ms
251ms Image
image/png 35.215.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.168xykai.com/webapp/img/cltj_img/icon-168index.png

Requested by

Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/css/ssc_newVersion.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.215.138.177 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

cba1227e78513169698e2b0cf72cd24505429292ecdcb849a8f8f33b9ae5e1d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.168xykai.com/webapp/css/ssc_newVersion.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 01:04:48 GMT
last-modified: Wed, 10 Feb 2021 10:25:40 GMT
server: nginx
etag: "6023b4a4-7031"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 28721
expires: Sun, 04 Sep 2022 01:04:48 GMT

GET
H2 200 getNoAdvertisingDomain.do Show response
api.api68.com/parameters/ Frame 4669 698 B
814 B 615ms
578ms XHR
text/html 188.114.96.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.api68.com/parameters/getNoAdvertisingDomain.do
Requested by: Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/js/lib/jquery-1.9.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9aa12cc36090af70707717a1453c986e1f453196f2d56ffe841a4a07ff2fa1c4

Request headers

Accept: */*
Referer: https://www.168xykai.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 01:04:49 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OY9Q%2BAvEzTBHm9diD3Ep7HnFhy27oqZwPMRT5eZeW0uTufDvoYdDcwHUhoo2owSYLwWMv2p1C7%2FbxwLO4g%2FOjErzet2vJZGtEGiSH4Nl24Waktrx9t6zhecJrSZkl1zE"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=UTF-8
access-control-allow-origin: https://www.168xykai.com
access-control-expose-headers: Set-Cookie
access-control-allow-credentials: true
content-disposition: inline;filename=f.txt
cf-ray: 735b9ef0eef592b9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 head.html Show response
www.168xykai.com/webapp/html/public/ Frame 4669 1 KB
809 B 240ms
240ms XHR
text/html 35.215.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.168xykai.com/webapp/html/public/head.html

Requested by

Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/js/lib/jquery-1.9.1.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.215.138.177 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

dd52e302a990d06a8fc622322474888af94376f4ca6c245503a580de99e7d328

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: text/html, */*; q=0.01
Referer: https://www.168xykai.com/webapp/html/aozxy5/index.html
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 01:04:48 GMT
content-encoding: gzip
last-modified: Fri, 25 Feb 2022 20:21:08 GMT
server: nginx
etag: W/"62193a34-50a"
vary: Accept-Encoding
content-type: text/html
strict-transport-security: max-age=31536000

GET
H2 200 footer.html Show response
www.168xykai.com/webapp/html/public/ Frame 4669 193 B
345 B 240ms
240ms XHR
text/html 35.215.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.168xykai.com/webapp/html/public/footer.html

Requested by

Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/js/lib/jquery-1.9.1.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.215.138.177 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

310decd547d1d8e6b28dd54d81215476ed3d42373a3cced655a076eae80fc2b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: text/html, */*; q=0.01
Referer: https://www.168xykai.com/webapp/html/aozxy5/index.html
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 01:04:48 GMT
last-modified: Wed, 23 Mar 2022 13:46:46 GMT
server: nginx
etag: "623b24c6-c1"
strict-transport-security: max-age=31536000
content-type: text/html
accept-ranges: bytes
content-length: 193

GET
H2 200 getBaseCQShiCai.do Show response
api.api68.com/CQShiCai/ Frame 4669 955 B
743 B 604ms
585ms XHR
text/html 188.114.96.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.api68.com/CQShiCai/getBaseCQShiCai.do?issue=&lotCode=10010
Requested by: Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/js/lib/jquery-1.9.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32a504ae3bef1319bfc9f409ba37c6144aa84b90e5c9a1f5c67fb79ad407f7ad

Request headers

Accept: */*
Referer: https://www.168xykai.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 01:04:49 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l4Asa7WrRQUUfkp305wgRQYGUdwLxQRMJEHQvZBPFfZeuXtamCf%2BE9zLjV7Ax7TxxgLY3%2Bis6%2BP6eVbY7v0NuNEbTgBDWMZL2QBfM7qfcgLDHJrprYSS9w3XYknJ%2Fq1d"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=UTF-8
access-control-allow-origin: https://www.168xykai.com
access-control-expose-headers: Set-Cookie
access-control-allow-credentials: true
content-disposition: inline;filename=f.txt
cf-ray: 735b9ef0eef792b9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 getBaseCQShiCaiList.do Show response
api.api68.com/CQShiCai/ Frame 4669 44 KB
3 KB 619ms
601ms XHR
text/html 188.114.96.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.api68.com/CQShiCai/getBaseCQShiCaiList.do?date=&lotCode=10010
Requested by: Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/js/lib/jquery-1.9.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba0f0f9e279a33ac129d8d101567c203540e09bd83e276cb1e5456972906a708

Request headers

Accept: */*
Referer: https://www.168xykai.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 01:04:49 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BuCPaMtxy9Eof3BsR9EAmkQG4cm%2BwDZyBAgHMSkJLMOsBAjqgAUcihtKzDKD6oYC7WuEbRu1GVvKBy%2F3OpMJ%2FmKj8x5T%2BjNM1RZhSGs9llMe1m1dNHoX17fczAUKMWK0"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=UTF-8
access-control-allow-origin: https://www.168xykai.com
access-control-expose-headers: Set-Cookie
access-control-allow-credentials: true
content-disposition: inline;filename=f.txt
cf-ray: 735b9ef0eef892b9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style.css
www.168xykai.com/webapp/js/lib/video/SSC/css/ Frame 019E 10 KB
2 KB 190ms
189ms Stylesheet
text/css 35.215.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.168xykai.com/webapp/js/lib/video/SSC/css/style.css

Requested by

Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/js/lib/video/SSC/azxy5_index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.215.138.177 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

b2bdceccb2ac9fa71b5b159abea0b97cfbb05e8094d26bd6c88bf995fa559dd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.168xykai.com/webapp/js/lib/video/SSC/azxy5_index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 01:04:49 GMT
content-encoding: gzip
last-modified: Wed, 10 Feb 2021 10:25:40 GMT
server: nginx
etag: W/"6023b4a4-28b6"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Fri, 05 Aug 2022 13:04:49 GMT

GET
H2 200 animateTool.css
www.168xykai.com/webapp/js/lib/video/SSC/css/ Frame 019E 14 KB
2 KB 190ms
190ms Stylesheet
text/css 35.215.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.168xykai.com/webapp/js/lib/video/SSC/css/animateTool.css

Requested by

Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/js/lib/video/SSC/azxy5_index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.215.138.177 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

ef3b65f6b8dbb36ca310c2bc5f03f8ca3b1eb3ae8a005fdef82c00c37e0a71e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.168xykai.com/webapp/js/lib/video/SSC/azxy5_index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 01:04:49 GMT
content-encoding: gzip
last-modified: Wed, 10 Feb 2021 10:25:40 GMT
server: nginx
etag: W/"6023b4a4-3893"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Fri, 05 Aug 2022 13:04:49 GMT

GET
H2 200 bodybg.jpg
www.168xykai.com/webapp/js/lib/video/SSC/img/cqssc/ Frame 019E 189 KB
190 KB 203ms
203ms Image
image/jpeg 35.215.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.168xykai.com/webapp/js/lib/video/SSC/img/cqssc/bodybg.jpg

Requested by

Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/js/lib/video/SSC/azxy5_index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.215.138.177 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

db2c5fdb33aa677a6314280930b5aa54d9ad5abcd7add88ad86c47def48a862e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.168xykai.com/webapp/js/lib/video/SSC/azxy5_index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 01:04:49 GMT
last-modified: Wed, 10 Feb 2021 10:25:40 GMT
server: nginx
etag: "6023b4a4-2f502"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 193794
expires: Sun, 04 Sep 2022 01:04:49 GMT

GET
H2 200 jquery-1.9.1.js Show response
www.168xykai.com/webapp/js/lib/video/SSC/js/ Frame 019E 91 KB
36 KB 195ms
194ms Script
application/javascript 35.215.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.168xykai.com/webapp/js/lib/video/SSC/js/jquery-1.9.1.js

Requested by

Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/js/lib/video/SSC/azxy5_index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.215.138.177 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

7196db5ce1154dda0f62614999dfd169a0e5fa9db634c12c308f9f9b22cb6f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.168xykai.com/webapp/js/lib/video/SSC/azxy5_index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 01:04:49 GMT
content-encoding: gzip
last-modified: Wed, 10 Feb 2021 10:25:40 GMT
server: nginx
etag: W/"6023b4a4-16b57"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Fri, 05 Aug 2022 13:04:49 GMT

GET
H2 200 victor1.0.js Show response
www.168xykai.com/webapp/js/lib/video/SSC/js/ Frame 019E 6 KB
2 KB 200ms
199ms Script
application/javascript 35.215.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.168xykai.com/webapp/js/lib/video/SSC/js/victor1.0.js

Requested by

Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/js/lib/video/SSC/azxy5_index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.215.138.177 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

e0db7104e68f976000d4ed77d3fbb3a2dc3a35089f414acf0f3a8007c004b4dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.168xykai.com/webapp/js/lib/video/SSC/azxy5_index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 01:04:49 GMT
content-encoding: gzip
last-modified: Wed, 10 Feb 2021 10:25:40 GMT
server: nginx
etag: W/"6023b4a4-1824"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Fri, 05 Aug 2022 13:04:49 GMT

GET
H2 200 bg_icon.png
www.168xykai.com/webapp/img/ Frame 4669 15 KB
15 KB 192ms
191ms Image
image/png 35.215.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.168xykai.com/webapp/img/bg_icon.png

Requested by

Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/css/public.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.215.138.177 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

a5c7914a21f1db358506caaf95ff6d1838769e4c303e6cfa5ebbacdb0b97643b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.168xykai.com/webapp/css/public.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 01:04:49 GMT
last-modified: Wed, 10 Feb 2021 10:25:40 GMT
server: nginx
etag: "6023b4a4-3c2a"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 15402
expires: Sun, 04 Sep 2022 01:04:49 GMT

GET
H2 200 azxy5_logo.png
www.168xykai.com/webapp/js/lib/video/SSC/img/cqssc/ Frame 019E 47 KB
47 KB 192ms
189ms Image
image/png 35.215.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.168xykai.com/webapp/js/lib/video/SSC/img/cqssc/azxy5_logo.png

Requested by

Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/js/lib/video/SSC/css/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.215.138.177 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

fb6dfea4c610618282f804dab352cf68c725bc08149331834c201db06e38c28f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.168xykai.com/webapp/js/lib/video/SSC/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 01:04:49 GMT
last-modified: Wed, 10 Feb 2021 10:25:40 GMT
server: nginx
etag: "6023b4a4-bb48"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 47944
expires: Sun, 04 Sep 2022 01:04:49 GMT

GET
H2 200 afterbg.png
www.168xykai.com/webapp/js/lib/video/SSC/img/cqssc/ Frame 019E 2 KB
2 KB 196ms
194ms Image
image/png 35.215.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.168xykai.com/webapp/js/lib/video/SSC/img/cqssc/afterbg.png

Requested by

Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/js/lib/video/SSC/css/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.215.138.177 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

29887eb2dd4264e6a8a865e87d28ed36e8afcac723cb3c739269b2136f08fd49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.168xykai.com/webapp/js/lib/video/SSC/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 01:04:49 GMT
last-modified: Wed, 10 Feb 2021 10:25:40 GMT
server: nginx
etag: "6023b4a4-8e0"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2272
expires: Sun, 04 Sep 2022 01:04:49 GMT

GET
H2 200 big.png
www.168xykai.com/webapp/js/lib/video/SSC/img/cqssc/ Frame 019E 3 KB
3 KB 197ms
194ms Image
image/png 35.215.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.168xykai.com/webapp/js/lib/video/SSC/img/cqssc/big.png

Requested by

Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/js/lib/video/SSC/css/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.215.138.177 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

ad86d9749d863cbcb78bdce34259742a44f340e9edce031bec692e87909350f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.168xykai.com/webapp/js/lib/video/SSC/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 01:04:49 GMT
last-modified: Wed, 10 Feb 2021 10:25:40 GMT
server: nginx
etag: "6023b4a4-cf0"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 3312
expires: Sun, 04 Sep 2022 01:04:49 GMT

GET
H2 200 small.png
www.168xykai.com/webapp/js/lib/video/SSC/img/cqssc/ Frame 019E 3 KB
3 KB 197ms
194ms Image
image/png 35.215.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.168xykai.com/webapp/js/lib/video/SSC/img/cqssc/small.png

Requested by

Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/js/lib/video/SSC/css/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.215.138.177 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

d6f9a132bc1e9cdc507ddba4c551ca97583a4d71c9297ba144cb5d5eae64a230

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.168xykai.com/webapp/js/lib/video/SSC/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 01:04:49 GMT
last-modified: Wed, 10 Feb 2021 10:25:40 GMT
server: nginx
etag: "6023b4a4-b9d"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2973
expires: Sun, 04 Sep 2022 01:04:49 GMT

GET
H2 200 before.png
www.168xykai.com/webapp/js/lib/video/SSC/img/cqssc/ Frame 019E 2 KB
2 KB 197ms
195ms Image
image/png 35.215.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.168xykai.com/webapp/js/lib/video/SSC/img/cqssc/before.png

Requested by

Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/js/lib/video/SSC/css/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.215.138.177 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

4894767b9192be6a125f7e8e87d0164664edc0eb7dc6c1513a8c4c8a4a223656

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.168xykai.com/webapp/js/lib/video/SSC/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 01:04:49 GMT
last-modified: Wed, 10 Feb 2021 10:25:40 GMT
server: nginx
etag: "6023b4a4-854"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2132
expires: Sun, 04 Sep 2022 01:04:49 GMT

GET
H2 200 2.png
www.168xykai.com/webapp/js/lib/video/SSC/img/cqssc/num/ Frame 019E 16 KB
16 KB 198ms
195ms Image
image/png 35.215.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.168xykai.com/webapp/js/lib/video/SSC/img/cqssc/num/2.png

Requested by

Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/js/lib/video/SSC/css/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.215.138.177 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

56658ec0fa8c8a58a1fbdc69619d6312321ecc5efb0d81d05b13460931912a61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.168xykai.com/webapp/js/lib/video/SSC/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 01:04:49 GMT
last-modified: Wed, 10 Feb 2021 10:25:40 GMT
server: nginx
etag: "6023b4a4-40bb"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 16571
expires: Sun, 04 Sep 2022 01:04:49 GMT

GET
H2 200 1.png
www.168xykai.com/webapp/js/lib/video/SSC/img/cqssc/num/ Frame 019E 16 KB
16 KB 198ms
197ms Image
image/png 35.215.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.168xykai.com/webapp/js/lib/video/SSC/img/cqssc/num/1.png

Requested by

Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/js/lib/video/SSC/css/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.215.138.177 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

b8cf97611df463cfb4bb0e7b5c21613fb270f65bfa506e66f15c813fb0bed102

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.168xykai.com/webapp/js/lib/video/SSC/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 01:04:49 GMT
last-modified: Wed, 10 Feb 2021 10:25:40 GMT
server: nginx
etag: "6023b4a4-3eda"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 16090
expires: Sun, 04 Sep 2022 01:04:49 GMT

GET
H2 200 0.png
www.168xykai.com/webapp/js/lib/video/SSC/img/cqssc/num/ Frame 019E 16 KB
17 KB 200ms
198ms Image
image/png 35.215.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.168xykai.com/webapp/js/lib/video/SSC/img/cqssc/num/0.png

Requested by

Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/js/lib/video/SSC/css/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.215.138.177 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

a1bb8cc3048fb0bed1c0f32defcfe7186503f168ef2946fae99666dd092e6588

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.168xykai.com/webapp/js/lib/video/SSC/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 01:04:49 GMT
last-modified: Wed, 10 Feb 2021 10:25:40 GMT
server: nginx
etag: "6023b4a4-411e"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 16670
expires: Sun, 04 Sep 2022 01:04:49 GMT

GET
H2 200 9.png
www.168xykai.com/webapp/js/lib/video/SSC/img/cqssc/num/ Frame 019E 16 KB
17 KB 202ms
200ms Image
image/png 35.215.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.168xykai.com/webapp/js/lib/video/SSC/img/cqssc/num/9.png

Requested by

Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/js/lib/video/SSC/css/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.215.138.177 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

aa7597e82c88be1b4278646cfebc7526fa3e13bc4de86b9db54fc1ede0a9f195

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.168xykai.com/webapp/js/lib/video/SSC/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 01:04:49 GMT
last-modified: Wed, 10 Feb 2021 10:25:40 GMT
server: nginx
etag: "6023b4a4-419d"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 16797
expires: Sun, 04 Sep 2022 01:04:49 GMT

GET
H2 200 6.png
www.168xykai.com/webapp/js/lib/video/SSC/img/cqssc/num/ Frame 019E 16 KB
17 KB 202ms
201ms Image
image/png 35.215.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.168xykai.com/webapp/js/lib/video/SSC/img/cqssc/num/6.png

Requested by

Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/js/lib/video/SSC/css/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.215.138.177 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

bf410a3c461cdae4f4074ec3a3cc7d89b382eab47aa3bf235105a43641c65427

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.168xykai.com/webapp/js/lib/video/SSC/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 01:04:49 GMT
last-modified: Wed, 10 Feb 2021 10:25:40 GMT
server: nginx
etag: "6023b4a4-4192"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 16786
expires: Sun, 04 Sep 2022 01:04:49 GMT

GET
H2 200 single.png
www.168xykai.com/webapp/js/lib/video/SSC/img/cqssc/ Frame 019E 4 KB
4 KB 203ms
202ms Image
image/png 35.215.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.168xykai.com/webapp/js/lib/video/SSC/img/cqssc/single.png

Requested by

Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/js/lib/video/SSC/css/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.215.138.177 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

e76bfde20adeb8f53980d30a21512d1bbfc0ec8f05b0a097fcee7fb9ca5f9151

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.168xykai.com/webapp/js/lib/video/SSC/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 01:04:49 GMT
last-modified: Wed, 10 Feb 2021 10:25:40 GMT
server: nginx
etag: "6023b4a4-e4d"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 3661
expires: Sun, 04 Sep 2022 01:04:49 GMT

GET
H2 200 double.png
www.168xykai.com/webapp/js/lib/video/SSC/img/cqssc/ Frame 019E 4 KB
4 KB 204ms
203ms Image
image/png 35.215.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.168xykai.com/webapp/js/lib/video/SSC/img/cqssc/double.png

Requested by

Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/js/lib/video/SSC/css/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.215.138.177 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

baa6725275065ad9e4afc41f19132568d13e4f775ebfccdf86b2e5c65ec87297

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.168xykai.com/webapp/js/lib/video/SSC/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 01:04:49 GMT
last-modified: Wed, 10 Feb 2021 10:25:40 GMT
server: nginx
etag: "6023b4a4-e17"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 3607
expires: Sun, 04 Sep 2022 01:04:49 GMT

GET
H2 200 trybtn.png
www.168xykai.com/webapp/js/lib/video/SSC/img/cqssc/ Frame 019E 24 KB
24 KB 379ms
378ms Image
image/png 35.215.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.168xykai.com/webapp/js/lib/video/SSC/img/cqssc/trybtn.png

Requested by

Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/js/lib/video/SSC/css/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.215.138.177 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

bc3695817c215070652a970608689809e46a982bc4ecd1e2ada303e7168ea466

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.168xykai.com/webapp/js/lib/video/SSC/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 01:04:49 GMT
last-modified: Wed, 10 Feb 2021 10:25:40 GMT
server: nginx
etag: "6023b4a4-5f46"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 24390
expires: Sun, 04 Sep 2022 01:04:49 GMT

GET
H2 200 vulebtn.png
www.168xykai.com/webapp/js/lib/video/SSC/img/cqssc/ Frame 019E 32 KB
32 KB 381ms
381ms Image
image/png 35.215.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.168xykai.com/webapp/js/lib/video/SSC/img/cqssc/vulebtn.png

Requested by

Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/js/lib/video/SSC/css/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.215.138.177 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

6614b921e301a58dc279b449d0ca214c61ca0e1fdad9d1be0bb94d42d5010ce0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.168xykai.com/webapp/js/lib/video/SSC/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 01:04:49 GMT
last-modified: Wed, 10 Feb 2021 10:25:40 GMT
server: nginx
etag: "6023b4a4-7e1b"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 32283
expires: Sun, 04 Sep 2022 01:04:49 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 81ms
28ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022080101&st=env

Requested by

Host: heroesneverlose.com
URL: http://heroesneverlose.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2dfaa8e7fed2feff52bd56039a13dc68bdf35b9d2d96ae6a30af848fd26de2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Aug 2022 01:04:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10572
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 55ms
26ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 01:04:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 05 Aug 2022 01:04:49 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C6DD 13 KB
5 KB 14ms
13ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://heroesneverlose.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 21163
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 04 Aug 2022 19:12:06 GMT
expires: Fri, 04 Aug 2023 19:12:06 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D478 783 B
1 KB 59ms
24ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

956a6cfe6fae862c8a5f09f71475b000abd8ce71c268378b79f436079665ae14

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ukWWNOPmPOlnNBmmiqAgcA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://heroesneverlose.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-ukWWNOPmPOlnNBmmiqAgcA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 05 Aug 2022 01:04:49 GMT
expires: Fri, 05 Aug 2022 01:04:49 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 queryDoubleNumber.do Show response
api.api68.com/CQShiCai/ Frame 4669 643 B
898 B 602ms
591ms XHR
text/html 188.114.96.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.api68.com/CQShiCai/queryDoubleNumber.do?date=&lotCode=10010
Requested by: Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/js/lib/jquery-1.9.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f68347f1a5ad976ad210da5bf5150367c71dc55a8581f28b191776f966db365b

Request headers

Accept: */*
Referer: https://www.168xykai.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 01:04:50 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B0JDhKFcrwj1MhB7vWhC13ySCKYCnT%2FEprVZGKmt8tI8CibHvWLjFIz0S0LqYbGD%2BjuLpRPND84N8uyQhUiTOnkO%2FxTGbNYO3DYjZ27TpxEY7lX%2FC8OHygUhUF8YLusb"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=UTF-8
access-control-allow-origin: https://www.168xykai.com
access-control-expose-headers: Set-Cookie
access-control-allow-credentials: true
content-disposition: inline;filename=f.txt
cf-ray: 735b9ef72c709b3d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js Show response
pagead2.googlesyndication.com/bg/ Frame C6DD 36 KB
14 KB 40ms
14ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5246966c574e067829ca9285d57987f752ce56a6c7d213108b3f4bb8deae7e8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 18:15:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24535
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14146
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Aug 2023 18:15:54 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D478 0
0 47ms
47ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022080101&jk=543097662989081&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C6DD 0
9 B 13ms
12ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?lvIePA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 01:04:49 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 51ms
51ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022080101&jk=543097662989081&bg=!-vml-b3NAAZGjrx1Zo47ACkAdvg8WudcHvRMp5x23beLn5UjLLOeFNTow1QGqAVL737Xw-5njcC36gIAAABLUgAAAAFoAQcKADkfnLlr--xBruzul9A0Ye_t_Z9Nz_yxLNFQKfAb7ckpL_7eMdpD4C4SpHj5GlvN-rgW2RzV2AV7vY2ZAtrjigJy38t-L3OiaOBwEltchDuFdO1WmAbSR1wdh7KSWOUhMRm_T6mNNaq7LxWp3AT9SMNtBs1xffJyilbOepCytkZBIS13uC0dWXSmDsq1HNoHyl6iSZta2xALH-O8lgF4YCeYVN_yG0fTusL3Gd-a6CVCuLcMuq3CmCVWON021wro2TIYpiUVF-6eicH0c1H0L_q5iz8KO-oHIP-MLkcBGMYcp6nxGcRe3XJoa8iNJglmCu7GNrmhevJwEoAIBWrwXQqy8UYGBTzANPMawCLDtanrg8t2U8V5PxkArHcemahG0BP7ci-HhQ6VUmJ6-ktDdLNIxDjI2AeyLP8igGvGFOCZ6EL9LTGieYB6770yLYFWT-_MP-t5e5kXBc-I5GDNOVMxQ0xL6WVTe5AP-FuuQHEYXCHm4XVv1GlviYRiFaV1feLoWZMLmM2Z0xAW5XJ8SANt7kkkguyunfNJzFkP_l87y2uXkLZmNkZClyGbBzg2HlE81mMIEIyD-YfSUVmYQD957bqglcPOKJ-3CoPUJ7P8EU6fX3JY9mVW8JEqvrvFg0CF9U4qcc528wxPguMn3ADoc8aUJrOQfePc8K8WHDjgsWw1z3aM04EtGh8n0MoE-s2Q-Ryc3avLz9NW69H7aX49lNTBzLRFB0ZLBSgnD1n8QQv1qlPKsrz7uc6epntITQ8uESozcEt9no-UQL8O1Z97GKaJiF8i2t5Ql_yN3MdFXSiC6KWRhtEOQMFsp9uQsWPZS0bg8PUnwSoIukqXLufompqwYKj55wQApNUzHPSn4d-LdRmdFAkC6hEwPWr59snx21QgBp4Er5McHHSzYnC8dWNnZmo9_4BhQ3JCbPq7wPgN9cqKXuLSfw_ULLbRY2CIliq86IAtx1K_488eV8YW2C6BWxODEZyb2XAEK3yqlhN65sOFfzitKC1GHZKXvY94Gl9yapn0q6-N-Um39YUTT1cQjO0F
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3 200 getShiCaiDailyDragonCount.do Show response
api.api68.com/CQShiCai/ Frame 4669 257 B
664 B 296ms
295ms XHR
text/html 188.114.96.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.api68.com/CQShiCai/getShiCaiDailyDragonCount.do?date=&lotCode=10010
Requested by: Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/js/lib/jquery-1.9.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e59eae01368ffa1b2cd435416eb231c13781b0e34da6d8af418f63fb3820d08

Request headers

Accept: */*
Referer: https://www.168xykai.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 01:04:51 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4OzMGGLs8VLkCuN8JjRyUdXRevs%2BoI4dDKuKlwlOsxGUHQHmkgfg3MzhF6aVqRm1Qrnhnr8TvfRCwErz%2BFguwFRgZhE%2FQ8F5%2F1TKXpA5hGGUmCAQD04o1AZun1yb6mDX"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=UTF-8
access-control-allow-origin: https://www.168xykai.com
access-control-expose-headers: Set-Cookie
access-control-allow-credentials: true
content-disposition: inline;filename=f.txt
cf-ray: 735b9efd580f9b3d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 vendors~aisles-products-container~bia-carousel~choose-options-content~custom-plp~deal-details-contai~977bdf03.027dae72.js Show response
assets.targetimg1.com/ui/ 22 KB
3 KB 7ms
7ms Script
application/javascript 151.101.66.180
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.targetimg1.com/ui/vendors~aisles-products-container~bia-carousel~choose-options-content~custom-plp~deal-details-contai~977bdf03.027dae72.js

Requested by

Host: heroesneverlose.com
URL: http://heroesneverlose.com/images/client.b33bca79.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.180 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

5ef5f1815c9e6c51df20644d8ec8df92a15136db6292345aa1984e3cf0382005

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

clientgeo: DE
date: Fri, 05 Aug 2022 01:04:50 GMT
content-encoding: br
last-modified: Wed, 08 Dec 2021 23:01:44 GMT
server: UploadServer
age: 5017099
etag: "ce86f49afb678dba3c14eeadff40968d"
clientip: 178.162.209.134
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 3351

GET
H2 200 product-grid.127ab4f0.js Show response
assets.targetimg1.com/ui/ 916 KB
165 KB 9ms
8ms Script
application/javascript 151.101.66.180
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.targetimg1.com/ui/product-grid.127ab4f0.js

Requested by

Host: heroesneverlose.com
URL: http://heroesneverlose.com/images/client.b33bca79.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.180 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

1aed9325345db549cfa775f5991cbd99ff99ff9716aa1e22ff008b2f66136325

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

clientgeo: DE
date: Fri, 05 Aug 2022 01:04:50 GMT
content-encoding: br
last-modified: Mon, 03 Jan 2022 08:19:22 GMT
server: UploadServer
age: 2585216
etag: "f62aeb3c29fa46ae7168d6f3c79b6e37"
clientip: 178.162.209.134
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 169090

GET
H2 200 pdp.5f90b300.js Show response
assets.targetimg1.com/ui/ 1 MB
196 KB 10ms
10ms Script
application/javascript 151.101.66.180
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.targetimg1.com/ui/pdp.5f90b300.js

Requested by

Host: heroesneverlose.com
URL: http://heroesneverlose.com/images/client.b33bca79.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.180 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

985e168d77e2d6aeae05b7e7de106a6326882657d7741f8d5e38fdedec5fa805

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

clientgeo: DE
date: Fri, 05 Aug 2022 01:04:51 GMT
content-encoding: br
last-modified: Wed, 15 Dec 2021 17:30:37 GMT
server: UploadServer
age: 3204549
etag: "29a5ddbaf0c5af25259d1abdfd9756ce"
clientip: 178.162.209.134
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 200158

POST
H/1.1 204
No Content event.png
tpsc-frc.doubleverify.com/ Frame 2D3D 0
210 B 35ms
11ms Ping
text/plain 213.254.244.105
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-frc.doubleverify.com/event.png?impid=0d07b45bfd7a4bab9ce75296c5813c09&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=190&eoid=12&msrjs=2957&sdf=2050&vit=2&isvelg=1&rmi=16&tltms=69&tetms=8&msltms=21&vltms=190&sei=289&vetms=132&engms=1&engisel=1&dvp_dtcov=2&msrcanlm=264&msrcannum=2&ismms=37&isumms=37&nvr=2&isgmmims=37&isgmv4mims=37&elmtp=4&isbxdms=3038&b0=3104&dvp_vsosnmr=3&lftb=3104&sftb=3104&naral=256&vct=512&vphgt=1200&vpwdth=1600&chgt=0&cwdth=0&invcs=true&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=36&dvp_dpr=1&dvp_itg=HEAD:1,META:1,TITLE:1,SCRIPT:9,STYLE:2,BODY:1,SPAN:1,DIV:5,A:1,PICTURE:1,SOURCE:2,IMG:1,IFRAME:15,&ttfurm=3350&cbust=1659661491770467
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2957.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.105 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5aeab1945e94cf3389005b1eff28f292.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Fri, 05 Aug 2022 01:04:51 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Expires: 08/04/2022 01:04:51

POST
H/1.1 204
No Content event.png
tpsc-frc.doubleverify.com/ Frame 485A 0
210 B 29ms
8ms Ping
text/plain 213.254.244.105
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-frc.doubleverify.com/event.png?impid=a00c4e318fc94f56be134e1aad469f37&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=29&eoid=12&msrjs=2957&sdf=2050&vit=2&isvelg=1&rmi=16&tltms=67&tetms=7&msltms=16&vltms=29&sei=289&vetms=125&engms=1&engisel=1&dvp_dtcov=2&msrcanlm=264&msrcannum=2&ismms=11&isumms=11&nvr=2&isgmmims=11&isgmv4mims=11&elmtp=4&isbxdms=3011&b0=3184&dvp_vsosnmr=3&lftb=3184&sftb=3184&naral=256&vct=512&vphgt=1200&vpwdth=1600&chgt=0&cwdth=0&invcs=true&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=10&dvp_dpr=1&dvp_itg=HEAD:1,META:1,TITLE:1,SCRIPT:9,STYLE:2,BODY:1,SPAN:1,DIV:5,A:1,PICTURE:1,SOURCE:3,IMG:1,IFRAME:15,&ttfurm=3162&cbust=1659661491773346
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2957.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.105 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5aeab1945e94cf3389005b1eff28f292.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Fri, 05 Aug 2022 01:04:51 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Expires: 08/04/2022 01:04:51

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: assets.targetimg1.com
URL: https://assets.targetimg1.com/ui/fonts/99ecc614-958b-457a-be15-01e00c53057A.woff2

Domain: assets.targetimg1.com
URL: https://assets.targetimg1.com/ui/fonts/3420ab8a-6ccf-4c75-9da7-efe26f1cedAA.woff2

Domain: assets.targetimg1.com
URL: https://assets.targetimg1.com/ui/fonts/273cae72-9365-49ab-b24f-5d8e2d5e733A.woff2

Domain: assets.targetimg1.com
URL: https://assets.targetimg1.com/ui/fonts/273cae72-9365-49ab-b24f-5d8e2d5e733A.woff

Domain: assets.targetimg1.com
URL: https://assets.targetimg1.com/ui/fonts/99ecc614-958b-457a-be15-01e00c53057A.woff

Domain: assets.targetimg1.com
URL: https://assets.targetimg1.com/ui/fonts/3420ab8a-6ccf-4c75-9da7-efe26f1cedAA.woff

Domain: assets.targetimg1.com
URL: https://assets.targetimg1.com/ui/fonts/99ecc614-958b-457a-be15-01e00c53057A.woff2

Domain: redsky.target.com
URL: https://redsky.target.com/v3/stores/nearby/52404?key=ff457966e64d5e877fdbad070f276d18ecec4a01&limit=1&within=100&unit=mile

Domain: api.target.com
URL: https://api.target.com/guest_global_content/v1/structured_content/MEDALLIA

Domain: redoak.target.com
URL: https://redoak.target.com/content-publish/pages/v1?url=/c/-/-/N-4nav

Domain: typeahead.target.com
URL: https://typeahead.target.com/autocomplete/TypeAheadSearch/v2?q=&ctgryVal=0%7CALL%7Cmatchallpartial%7Call+categories&channel=web&visitor_id=01826B888D450101770FB580DAF2540B

Domain: redoak.target.com
URL: https://redoak.target.com/content-publish/pages/v1?url=/c/-/-/N-4nav

Domain: assets.targetimg1.com
URL: https://assets.targetimg1.com/ui/fonts/99ecc614-958b-457a-be15-01e00c53057A.woff

Domain: api.target.com
URL: https://api.target.com/location_fulfillment_aggregations/v1/preferred_stores?zipcode=52404&key=ff457966e64d5e877fdbad070f276d18ecec4a01

Domain: gsp.target.com
URL: https://gsp.target.com/gsp/oauth_tokens/v2/client_tokens

Domain: gsp.target.com
URL: https://gsp.target.com/gsp/oauth_tokens/v2/client_tokens

Domain: gsp.target.com
URL: https://gsp.target.com/gsp/oauth_tokens/v2/tokens/access_invalidate?preserve_refresh_token=false

Domain: match.adsrvr.org
URL: http://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=189336

Domain: api.rlcdn.com
URL: http://api.rlcdn.com/api/identity?pid=2&rt=envelope

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Target (Retail)

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.criteo.com/	1970-01-20 14:22:37	Name: uid Value: 0c71e60c-3cb4-413c-80d4-7937996023a4
heroesneverlose.com/	1970-01-20 14:37:01	Name: __51uvsct__JWt5y7kp2GoqVv83 Value: 1
heroesneverlose.com/	1970-01-20 14:37:01	Name: __51vcke__JWt5y7kp2GoqVv83 Value: 45924d72-7bc1-54cf-a464-731fe33c2c9c
heroesneverlose.com/	1970-01-20 14:37:01	Name: __51vuft__JWt5y7kp2GoqVv83 Value: 1659661487812
heroesneverlose.com/	1969-12-31 23:59:59	Name: __vtins__JWu0PIT6g30HpM4D Value: %7B%22sid%22%3A%20%229c08707f-844d-5a6e-9324-0b3e67fda4f7%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201659663287822%2C%20%22ct%22%3A%201659661487822%7D
heroesneverlose.com/	1970-01-20 14:37:01	Name: __51uvsct__JWu0PIT6g30HpM4D Value: 1
heroesneverlose.com/	1970-01-20 14:37:01	Name: __51vcke__JWu0PIT6g30HpM4D Value: 66ed2a49-51f5-5bc2-bf57-98eb4d848dc3
heroesneverlose.com/	1970-01-20 14:37:01	Name: __51vuft__JWu0PIT6g30HpM4D Value: 1659661487824
heroesneverlose.com/	1969-12-31 23:59:59	Name: __vtins__JWt5y7kp2GoqVv83 Value: %7B%22sid%22%3A%20%22f53fe625-3d52-5fd7-b0a9-9f0cc5ad15ed%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2024%2C%20%22dr%22%3A%2024%2C%20%22expires%22%3A%201659663287832%2C%20%22ct%22%3A%201659661487832%7D
heroesneverlose.com/	1969-12-31 23:59:59	Name: __vtins__JWtzv9REIOATXrd1 Value: %7B%22sid%22%3A%20%223540308e-2c96-543c-acd9-46a76dd1362c%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201659663287839%2C%20%22ct%22%3A%201659661487839%7D
heroesneverlose.com/	1970-01-20 14:37:01	Name: __51uvsct__JWtzv9REIOATXrd1 Value: 1
heroesneverlose.com/	1970-01-20 14:37:01	Name: __51vcke__JWtzv9REIOATXrd1 Value: dfb17390-425b-5877-a268-e4075e6c31cc
heroesneverlose.com/	1970-01-20 14:37:01	Name: __51vuft__JWtzv9REIOATXrd1 Value: 1659661487840
.ispot.tv/	1970-01-20 14:37:01	Name: pt Value: v2:1a778f8ddc05f7eb6b9091fea62c3447d45e277d6852f826888108c44a0da84d\|d6a0528e77ad7506e7b44fe09801d9ca25ab835786c94172c17d18f41c5fa2f9
.heroesneverlose.com/	1970-01-20 14:22:37	Name: __gads Value: ID=24e1c44b387e6831:T=1659661488:S=ALNI_MYKvSV7wPeZZOvIBj0QGy9BbPzlMQ
.doubleclick.net/	1970-01-20 14:22:37	Name: IDE Value: AHWqTUkZXv1RWlmOUn7sezFixh7b2ybCnHcjl-KwG7MUQBe4C2bCyf337AImG_jtiBE
.liadm.com/	1970-01-20 14:37:01	Name: lidid Value: 7bf38b02-14fc-491c-98c5-c23deaf1651b

40 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: http://heroesneverlose.com/ Message: Access to font at 'https://assets.targetimg1.com/ui/fonts/273cae72-9365-49ab-b24f-5d8e2d5e733A.woff2' from origin 'http://heroesneverlose.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://assets.targetimg1.com/ui/fonts/273cae72-9365-49ab-b24f-5d8e2d5e733A.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://heroesneverlose.com/ Message: Access to font at 'https://assets.targetimg1.com/ui/fonts/99ecc614-958b-457a-be15-01e00c53057A.woff2' from origin 'http://heroesneverlose.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://assets.targetimg1.com/ui/fonts/99ecc614-958b-457a-be15-01e00c53057A.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://heroesneverlose.com/ Message: Access to font at 'https://assets.targetimg1.com/ui/fonts/3420ab8a-6ccf-4c75-9da7-efe26f1cedAA.woff2' from origin 'http://heroesneverlose.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://assets.targetimg1.com/ui/fonts/3420ab8a-6ccf-4c75-9da7-efe26f1cedAA.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://heroesneverlose.com/ Message: Access to font at 'https://assets.targetimg1.com/ui/fonts/273cae72-9365-49ab-b24f-5d8e2d5e733A.woff' from origin 'http://heroesneverlose.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://assets.targetimg1.com/ui/fonts/273cae72-9365-49ab-b24f-5d8e2d5e733A.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://heroesneverlose.com/ Message: Access to font at 'https://assets.targetimg1.com/ui/fonts/3420ab8a-6ccf-4c75-9da7-efe26f1cedAA.woff' from origin 'http://heroesneverlose.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://assets.targetimg1.com/ui/fonts/3420ab8a-6ccf-4c75-9da7-efe26f1cedAA.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://heroesneverlose.com/ Message: Access to font at 'https://assets.targetimg1.com/ui/fonts/99ecc614-958b-457a-be15-01e00c53057A.woff' from origin 'http://heroesneverlose.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://assets.targetimg1.com/ui/fonts/99ecc614-958b-457a-be15-01e00c53057A.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://heroesneverlose.com/ Message: Access to font at 'https://assets.targetimg1.com/ui/fonts/99ecc614-958b-457a-be15-01e00c53057A.woff2' from origin 'http://heroesneverlose.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://assets.targetimg1.com/ui/fonts/99ecc614-958b-457a-be15-01e00c53057A.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://heroesneverlose.com/ Message: Access to fetch at 'https://redsky.target.com/v3/stores/nearby/52404?key=ff457966e64d5e877fdbad070f276d18ecec4a01&limit=1&within=100&unit=mile' from origin 'http://heroesneverlose.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://redsky.target.com/v3/stores/nearby/52404?key=ff457966e64d5e877fdbad070f276d18ecec4a01&limit=1&within=100&unit=mile Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://heroesneverlose.com/ Message: Access to font at 'https://assets.targetimg1.com/ui/fonts/99ecc614-958b-457a-be15-01e00c53057A.woff' from origin 'http://heroesneverlose.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://assets.targetimg1.com/ui/fonts/99ecc614-958b-457a-be15-01e00c53057A.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://heroesneverlose.com/ Message: Access to fetch at 'https://typeahead.target.com/autocomplete/TypeAheadSearch/v2?q=&ctgryVal=0%7CALL%7Cmatchallpartial%7Call+categories&channel=web&visitor_id=01826B888D450101770FB580DAF2540B' from origin 'http://heroesneverlose.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://typeahead.target.com/autocomplete/TypeAheadSearch/v2?q=&ctgryVal=0%7CALL%7Cmatchallpartial%7Call+categories&channel=web&visitor_id=01826B888D450101770FB580DAF2540B Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://heroesneverlose.com/ Message: Access to fetch at 'https://redoak.target.com/content-publish/pages/v1?url=/c/-/-/N-4nav' from origin 'http://heroesneverlose.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://redoak.target.com/content-publish/pages/v1?url=/c/-/-/N-4nav Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://heroesneverlose.com/ Message: Access to fetch at 'https://redoak.target.com/content-publish/pages/v1?url=/c/-/-/N-4nav' from origin 'http://heroesneverlose.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://redoak.target.com/content-publish/pages/v1?url=/c/-/-/N-4nav Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://heroesneverlose.com/ Message: Access to XMLHttpRequest at 'https://gsp.target.com/gsp/oauth_tokens/v2/client_tokens' from origin 'http://heroesneverlose.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://gsp.target.com/gsp/oauth_tokens/v2/client_tokens Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://heroesneverlose.com/ Message: Access to XMLHttpRequest at 'https://gsp.target.com/gsp/oauth_tokens/v2/client_tokens' from origin 'http://heroesneverlose.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://gsp.target.com/gsp/oauth_tokens/v2/client_tokens Message: Failed to load resource: net::ERR_FAILED
network	error	URL: http://heroesneverlose.com/assets/02af86f652c55c872fd6.worker.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
javascript	error	URL: http://heroesneverlose.com/ Message: Access to XMLHttpRequest at 'https://gsp.target.com/gsp/oauth_tokens/v2/tokens/access_invalidate?preserve_refresh_token=false' from origin 'http://heroesneverlose.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://gsp.target.com/gsp/oauth_tokens/v2/tokens/access_invalidate?preserve_refresh_token=false Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://heroesneverlose.com/ Message: Access to XMLHttpRequest at 'http://api.rlcdn.com/api/identity?pid=2&rt=envelope' from origin 'http://heroesneverlose.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: http://api.rlcdn.com/api/identity?pid=2&rt=envelope Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://heroesneverlose.com/ Message: Access to XMLHttpRequest at 'http://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=189336' from origin 'http://heroesneverlose.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: http://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=189336 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://heroesneverlose.com/ Message: Access to fetch at 'https://api.target.com/location_fulfillment_aggregations/v1/preferred_stores?zipcode=52404&key=ff457966e64d5e877fdbad070f276d18ecec4a01' from origin 'http://heroesneverlose.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://api.target.com/location_fulfillment_aggregations/v1/preferred_stores?zipcode=52404&key=ff457966e64d5e877fdbad070f276d18ecec4a01 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://assets.targetimg1.com/ssx/ssx.mod.js?seed=AECMFjR-AQAAhggUdc5Uq1I2H4xPHGnEHy94eOfqvC0XodhG72TWirfXhLs0&X-GyJwza5Z--z=q Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: http://heroesneverlose.com/ Message: Access to fetch at 'https://api.target.com/guest_global_content/v1/structured_content/MEDALLIA' from origin 'http://heroesneverlose.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://api.target.com/guest_global_content/v1/structured_content/MEDALLIA Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5aeab1945e94cf3389005b1eff28f292.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
api.api68.com
api.rlcdn.com
api.target.com
as-sec.casalemedia.com
assets.targetimg1.com
bd51static.com
cdn.doubleverify.com
collect-v6.51.la
gsp.target.com
gum.criteo.com
heroesneverlose.com
idx.liadm.com
js-sec.indexww.com
match.adsrvr.org
pagead2.googlesyndication.com
redoak.target.com
redsky.target.com
sdk.51.la
securepubads.g.doubleclick.net
staging-ps.ispot.tv
taglocker.target.com
target.scene7.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-frc.doubleverify.com
typeahead.target.com
www.168xykai.com
www.google.com
www.googletagservices.com
api.rlcdn.com
api.target.com
assets.targetimg1.com
gsp.target.com
match.adsrvr.org
redoak.target.com
redsky.target.com
typeahead.target.com
104.18.18.126
151.101.194.132
151.101.66.180
172.217.18.2
183.131.207.66
188.114.96.12
213.254.244.105
23.226.8.98
23.35.236.247
2606:4700:3035::6815:248e
2a00:1450:4001:806::2002
2a00:1450:4001:808::2001
2a00:1450:4001:808::2004
2a00:1450:4001:812::2002
2a00:1450:4001:827::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:831::2002
2a02:2638:1::13
2a02:26f0:3500:585::4469
2a02:26f0:3500:58e::9b6
35.215.138.177
47.253.50.2
52.205.53.141
01a93dfbac49ab4011cc775caeaacb982c7c4d99fd58881a5ca39e5f3666c5cb
01f555cd17b43727b8cc4cd18dedd0e733f66e5dddee1a28b002f6cf694e8836
030a96c1203bd334b8e044fd89f18eeab5aca04c4651872c9d2233b42dc542b1
03b314f0ccde18fc10dee3b6359c0fd3cba040c776d9c9a2adc95b74531566d5
046792693897976abb56b2c35ff75cb9d23967689c13490f197c7283280d00d2
0a51a3cbb5360477da05fb14837f3aec71db6b3ae7e6ff842ce6d63a0b038a31
0a81ea919d1a25e409516fd6518af325fde9d7718e6dc84c38fb696c607ef0d6
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0cf298905a6876b2243e3e4c09127a089c1728d910bf171ac8bf1c5d4b954df8
124aeafaabb57da5126971cd6c763b317cde9003ff1690e447a494952f156139
1658f2df4d6ecec829a89fd58160c8c607b0be2b041799df9c06e11fffa7014b
16e939f8b7ed5985fd8f6ce1937f481917afc14c52ee75c1546213e52f510a78
1a0a0635fb1e006c86a6829a8819d9f16c5d092bed071dd1b1936dc93ded8b7d
1aed9325345db549cfa775f5991cbd99ff99ff9716aa1e22ff008b2f66136325
1e59eae01368ffa1b2cd435416eb231c13781b0e34da6d8af418f63fb3820d08
257c2ba09ca5560c8c0a7b2772beb6e040fcda0dee139896a1901bb0080ea725
261db910c7663cdae9f781c2293426c058a4780fd9d7b1f81be4a2fd68fad828
29887eb2dd4264e6a8a865e87d28ed36e8afcac723cb3c739269b2136f08fd49
2cd69edba71483d88d9663a598f00d975a52b3a8a8422e7c9d50fd1ac3f0464b
2dd509be95d1bc89631a970c86f557f2c482ec5c42a8c3ec815b57dbd9358bea
310decd547d1d8e6b28dd54d81215476ed3d42373a3cced655a076eae80fc2b5
31b9ee97691d5c575c28a17402684407a2783e32d14b7683769046ab290c6a60
32a504ae3bef1319bfc9f409ba37c6144aa84b90e5c9a1f5c67fb79ad407f7ad
36fb5f6d85fee772ec2776fa91b23eab9185e1bda2bf535d5cd05cd930f24bdd
39132c14b5a679cded4d3716ce574c2fd7f7dfe195567b667f6a7ca8e09d7f98
3a70d2ef9aae305829fcb5dfc6d77bf98e0d4d9c0661e67cc6f9d4967cc324e2
3b294972fe3c686a14d4195e17abc43199da904d959c9ffa128b3649b6bd925c
3e7c94d6bc1fa1836b7656846998a9924de3741de5c9980fc08087a28020915c
441c3db4288867eb549306e2797b1075d745408c6674660096a9ed695435391e
44914fe79fff029aba62ab355d38c487ca9fd57b9e041bd435930b578d772c21
456536908f305f1887be5fe66066f4d05797a90ee08265fec1b9c2afd3afec47
478d0bbd46898117c0c6c969a2b02f15892f485fdf1189e615596593231b6523
4894767b9192be6a125f7e8e87d0164664edc0eb7dc6c1513a8c4c8a4a223656
49202c9fb4ab79e72dbefe0e23a3add692bc3aaa753e8fe6c8057ae6e5168e6f
4e282ece85fdead2331e1d46c6ae38d8c3a82efa65496425b75de473ff1ae310
5246966c574e067829ca9285d57987f752ce56a6c7d213108b3f4bb8deae7e8b
5256fc07502ba8b4af3949b231c9bece358850eb090c6c547e187ef423527f78
54c871fcad054977c3ae7fa603a999d734dd3260d04cdbc2b997366e5c9a9410
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55d8170581789fd2baf42f160038645f58d3d1af667c0ce888880af5dde1e25e
56658ec0fa8c8a58a1fbdc69619d6312321ecc5efb0d81d05b13460931912a61
5de11f7b517d7f89c70ea78a8fe23a2f86bd848c8eb098003623b9faaff42d2e
5ef5f1815c9e6c51df20644d8ec8df92a15136db6292345aa1984e3cf0382005
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6614b921e301a58dc279b449d0ca214c61ca0e1fdad9d1be0bb94d42d5010ce0
69306c3dd976f4d8e0c29cbddd3c9ca2264ed87e829001dcd2628d4e1a030786
7196db5ce1154dda0f62614999dfd169a0e5fa9db634c12c308f9f9b22cb6f90
733daa7484751548c4eec2749ef727cf72da020952bd868f6b7c78fb7564be88
78c32fe5f5d69190c29668c1e72dceaf733f582165a1e89f58ff7d66108862ad
7c3c6f6caa770ec53b05be3f22fe90bbe8f46545e2e554b1815b41658b491412
7f10f3ea7a7df40b7b87f48e2cc894f78d8e3af1c5af340190cc413589420f29
809620cef78af3e67e7f6c3deb2919aa90d07347178bae77791a723624981ede
84b939d80ed9f3f746372a752072f8f1f277c73e726b52c09341e42425b84b7c
8a3eec9c6525ce4aad8b37e0a188f4716a8fcdec24ee894d2f8ffec447872fbb
90f756d8c92a5128c97bd2f9529d12aa9a389114a0a9f46440ac2ba052483626
91ace93a65853b38d31565f87bc6c7cb45a675f938b771fc72bdb05804968c89
93c66c5b66764b601d7d5d701a4dd3eba2fa449b3d8a6fb559f66eca70af3f28
956a6cfe6fae862c8a5f09f71475b000abd8ce71c268378b79f436079665ae14
9799dd932883288a3c6e2d4dba933ba58903621a0ca026a1b935d6c1d282d89a
985e168d77e2d6aeae05b7e7de106a6326882657d7741f8d5e38fdedec5fa805
9aa12cc36090af70707717a1453c986e1f453196f2d56ffe841a4a07ff2fa1c4
9b52ff42b1430595e38ae165b5a8ac6719c0bfddf9407ef9bc720dc30f2d3e5f
9bb440bbe7f4688873a86d4b9c1dc1db13cc57210b365b269a38febbc8510ce3
a1bb8cc3048fb0bed1c0f32defcfe7186503f168ef2946fae99666dd092e6588
a31e281994395e4e4faba085781b664794fcdb4ca396a12ebbb7f14396e79642
a40727c72c67fe20e3ff90b0518c2ba07cd617e996ea02023f53260e9680bf55
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4cd3a4af2595491fd9ea98f5faeb959eb00bf0d04c9dfb358dca7685a27ab97
a5910455615630589802ca15818aa163322871e6468f06a3660c53d6ab2936bb
a5c7914a21f1db358506caaf95ff6d1838769e4c303e6cfa5ebbacdb0b97643b
a68414d4126341df887b34672dad89ae3657328127e341736328f0124eabf8a9
a6dd77ecea1a7beda91ec84889673721d83a12a946879fc4c4cba442ab2ecf14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a78ee11327bd03c29b067ce5302c92e172971221bf34d152414c2a9fdda9a3f5
a8c98f1872e0c0a4932d4d5c978f666c1b99f0e90a6ed000f4d5aed5a6dff76d
a9dd42bf071ee7b8446dc6ec88643c23bdf86f75aa1bef96cd40c0cb9fa04ff0
aa7597e82c88be1b4278646cfebc7526fa3e13bc4de86b9db54fc1ede0a9f195
ad86d9749d863cbcb78bdce34259742a44f340e9edce031bec692e87909350f9
ae8b3e11044bfe4ada3cbe02de1e3a8b9f7476b4cb8cf6e8a29074e423d254e9
afe7c81e459667fb7addee71da365e8941bfa065e63438018d861351cfc0d33d
b0816bb80a66a7967879cc703d051c9f286517ed7a6445798661f60c646905bb
b172da75fa18117aa61bec83dda67860e78a53340456a940eaf3167c0a205a48
b2bdceccb2ac9fa71b5b159abea0b97cfbb05e8094d26bd6c88bf995fa559dd8
b2dfaa8e7fed2feff52bd56039a13dc68bdf35b9d2d96ae6a30af848fd26de2e
b8cf97611df463cfb4bb0e7b5c21613fb270f65bfa506e66f15c813fb0bed102
ba0f0f9e279a33ac129d8d101567c203540e09bd83e276cb1e5456972906a708
baa6725275065ad9e4afc41f19132568d13e4f775ebfccdf86b2e5c65ec87297
bc3695817c215070652a970608689809e46a982bc4ecd1e2ada303e7168ea466
bc3b0b231b86320752165cde270fb8d7ecce1f2e40b1fb8a64965c30da33e131
beda50ffb37380e9bc0b802c16c12befd80cc200158460be51dea369d46f1e59
beff211ee70ad52616d3693fa0179ee6ce0588e6744a4fa34e4276a7d6dff0d3
bf410a3c461cdae4f4074ec3a3cc7d89b382eab47aa3bf235105a43641c65427
c1aa9f948b6d1336bbcc6970af451432da85643c3136a7c5ebee7ddb61af9c64
c939f66194c0917a84cf4bc054dd45a575f9b7b219b4127fe3915681c8bfd81f
cba1227e78513169698e2b0cf72cd24505429292ecdcb849a8f8f33b9ae5e1d9
ce537293741ba0dbc920bd27a9bcfb575ce7382ea545f812071851932bf5a8f9
cff2fddd0382a2f4113ce84ee9e019eb1e60da60f02cd1dbc968d93f9142e17c
d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27
d2d6d7749d15f49caeb37cfc4170ce1d61e823627a36e7f349defd2429089646
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d6f9a132bc1e9cdc507ddba4c551ca97583a4d71c9297ba144cb5d5eae64a230
db2c5fdb33aa677a6314280930b5aa54d9ad5abcd7add88ad86c47def48a862e
dd52e302a990d06a8fc622322474888af94376f4ca6c245503a580de99e7d328
ddbbac1ac090468fa41ce9b50b5c4bd86435866bd7cc1a0ead560ca55733e56f
e0db7104e68f976000d4ed77d3fbb3a2dc3a35089f414acf0f3a8007c004b4dc
e30a952eadc89f735e92201acd81796193eebddb8926d345c6ce092126c9257a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e76bfde20adeb8f53980d30a21512d1bbfc0ec8f05b0a097fcee7fb9ca5f9151
e79c6e8abe5bbf62f7bdb994e8ce35dac5fa4970f8201a4b3695cb7083cffb88
eb16c5bca8654e4bc4ea5ea9798ab144aa2cc4fac9eb172424065ac0e6827801
ef3b65f6b8dbb36ca310c2bc5f03f8ca3b1eb3ae8a005fdef82c00c37e0a71e6
f68347f1a5ad976ad210da5bf5150367c71dc55a8581f28b191776f966db365b
fb6dfea4c610618282f804dab352cf68c725bc08149331834c201db06e38c28f

heroesneverlose.com Open in urlscan Pro 23.226.8.98 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

159 Requests

70 %HTTPS

48 %IPv6

21 Domains

32 Subdomains

24 IPs

7 Countries

3399 kBTransfer

9908 kBSize

17 Cookies

48 Outgoing links

Redirected requests

159 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

heroesneverlose.com Open in urlscan Pro
23.226.8.98 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

159
Requests

70 %
HTTPS

48 %
IPv6

21
Domains

32
Subdomains

24
IPs

7
Countries

3399 kB
Transfer

9908 kB
Size

17
Cookies

159 HTTP transactions
1 data transactions