goheels.com Open in urlscan Pro
18.119.68.163 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://goheels.com/
Effective URL:
https://goheels.com/
Submission: On January 25 via api (January 25th 2024, 5:48:51 am UTC) from US — Scanned from DE

Summary HTTP 300 Redirects Links 106 Behaviour Indicators

Summary

This website contacted 44 IPs in 4 countries across 29 domains to perform 300 HTTP transactions. The main IP is 18.119.68.163, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is goheels.com. The Cisco Umbrella rank of the primary domain is 218731.
TLS certificate: Issued by Amazon RSA 2048 M02 on November 10th 2023. Valid for: a year.

This is the only time goheels.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6 65	18.119.68.163 18.119.68.163	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
4	2600:9000:225... 2600:9000:2250:ca00:2:8531:afc0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	13.32.27.51 13.32.27.51	16509 (AMAZON-02) (AMAZON-02)
10	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
33	108.138.24.192 108.138.24.192	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:440... 2606:4700:4400::6812:2b5a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	108.138.6.136 108.138.6.136	16509 (AMAZON-02) (AMAZON-02)
1	18.245.31.9 18.245.31.9	16509 (AMAZON-02) (AMAZON-02)
4	18.245.47.29 18.245.47.29	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:10:... 2606:4700:10::6816:545	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	162.19.138.117 162.19.138.117	16276 (OVH) (OVH)
1	34.120.133.55 34.120.133.55	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	65.9.66.68 65.9.66.68	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
32	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
1	18.245.31.66 18.245.31.66	16509 (AMAZON-02) (AMAZON-02)
1	2.23.78.67 2.23.78.67	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:10:... 2606:4700:10::6816:34ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	162.19.138.118 162.19.138.118	16276 (OVH) (OVH)
2	54.246.229.145 54.246.229.145	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	13.32.99.59 13.32.99.59	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::ac43:17ea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
30	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
8	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
4	63.32.16.169 63.32.16.169	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:831::2006	15169 (GOOGLE) (GOOGLE)
1	52.217.125.65 52.217.125.65	16509 (AMAZON-02) (AMAZON-02)
5	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
26	18.66.122.103 18.66.122.103	16509 (AMAZON-02) (AMAZON-02)
1	3.5.29.82 3.5.29.82	14618 (AMAZON-AES) (AMAZON-AES)
10 10	108.138.24.43 108.138.24.43	16509 (AMAZON-02) (AMAZON-02)
2	44.233.137.117 44.233.137.117	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	23.37.51.81 23.37.51.81	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	147.154.54.13 147.154.54.13	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
300	44

65 18.119.68.163 (Columbus, United States) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-119-68-163.us-east-2.compute.amazonaws.com

goheels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2250:ca00:2:8531:afc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.transcend.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.27.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-51.fra56.r.cloudfront.net

htlbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 108.138.24.192 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-24-192.fra56.r.cloudfront.net

dxbhsrqyrr690.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::6812:2b5a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.confiant-integrations.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.6.136 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-6-136.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.31.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-9.fra56.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.245.47.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-47-29.fra56.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:545 (United States)

ASN13335 (CLOUDFLARENET, US)

id.hadron.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.19.138.117 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.66.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-68.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.31.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-66.fra56.r.cloudfront.net

ats.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.23.78.67 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-78-67.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:34ad (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.hadronid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.246.229.145 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-229-145.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-59.fra60.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)

a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.184.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 63.32.16.169 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-16-169.eu-west-1.compute.amazonaws.com

protected-by.clarium.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.125.65 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

ams-pageview-public.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 18.66.122.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-103.fra60.r.cloudfront.net

images.sidearmdev.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.5.29.82 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: s3-1-w.amazonaws.com

ams-depr-public.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 108.138.24.43 (United States) 10 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-138-24-43.fra56.r.cloudfront.net

d141rwalb2fvgk.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.233.137.117 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-233-137-117.us-west-2.compute.amazonaws.com

prod.tahoe-analytics.publishers.advertising.a2z.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.37.51.81 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-51-81.deploy.static.akamaitechnologies.com

img.en25.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.154.54.13 (Ashburn, United States) 1 redirects

ASN31898 (ORACLE-BMC-31898, US)

t.goheels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
67	goheels.com 7 redirects goheels.com — Cisco Umbrella Rank: 218731 t.goheels.com — Cisco Umbrella Rank: 554159	878 KB
62	googlesyndication.com 67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 157 pagead2.googlesyndication.com — Cisco Umbrella Rank: 110	629 KB
43	cloudfront.net 10 redirects dxbhsrqyrr690.cloudfront.net d141rwalb2fvgk.cloudfront.net	26 MB
29	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 ad.doubleclick.net — Cisco Umbrella Rank: 163 stats.g.doubleclick.net — Cisco Umbrella Rank: 79	378 KB
26	sidearmdev.com images.sidearmdev.com — Cisco Umbrella Rank: 22920	875 KB
15	google.com www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 2616	37 KB
8	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 314 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 591 aax.amazon-adsystem.com — Cisco Umbrella Rank: 395	79 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com	510 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	390 KB
5	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 425 cdn.id5-sync.com — Cisco Umbrella Rank: 857	58 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	401 KB
4	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 336	392 KB
4	clarium.io protected-by.clarium.io — Cisco Umbrella Rank: 1486	977 B
4	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1005 bcp.crwdcntrl.net — Cisco Umbrella Rank: 898	24 KB
4	ad.gt id.hadron.ad.gt — Cisco Umbrella Rank: 1664 a.ad.gt — Cisco Umbrella Rank: 1857	5 KB
4	transcend.io cdn.transcend.io — Cisco Umbrella Rank: 5511	143 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6518	625 B
2	a2z.com prod.tahoe-analytics.publishers.advertising.a2z.com — Cisco Umbrella Rank: 5055	374 B
2	amazonaws.com ams-pageview-public.s3.amazonaws.com — Cisco Umbrella Rank: 9228 ams-depr-public.s3.amazonaws.com — Cisco Umbrella Rank: 40587	891 B
2	rlcdn.com api.rlcdn.com — Cisco Umbrella Rank: 1011 ats.rlcdn.com — Cisco Umbrella Rank: 4345	35 KB
2	confiant-integrations.net cdn.confiant-integrations.net — Cisco Umbrella Rank: 1463	119 KB
2	htlbid.com htlbid.com — Cisco Umbrella Rank: 7889	127 KB
1	en25.com img.en25.com — Cisco Umbrella Rank: 6460	3 KB
1	privacymanager.io geo.privacymanager.io — Cisco Umbrella Rank: 1860	609 B
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 914	271 B
1	hadronid.net cdn.hadronid.net — Cisco Umbrella Rank: 1798	10 KB
1	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1157	17 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	1 KB
300	29

	Domain	Requested by
65	goheels.com	6 redirects goheels.com cdn.transcend.io
33	dxbhsrqyrr690.cloudfront.net	goheels.com cdn.transcend.io
30	pagead2.googlesyndication.com	goheels.com 67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com tpc.googlesyndication.com cdn.transcend.io www.googletagservices.com pagead2.googlesyndication.com
27	tpc.googlesyndication.com	securepubads.g.doubleclick.net goheels.com 67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com cdn.transcend.io
26	images.sidearmdev.com	cdn.transcend.io
14	securepubads.g.doubleclick.net	cdn.transcend.io goheels.com www.googletagservices.com
10	d141rwalb2fvgk.cloudfront.net	10 redirects
10	www.google.com	goheels.com cdn.transcend.io www.gstatic.com www.google.com 67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com
8	ad.doubleclick.net	goheels.com
6	www.googletagservices.com	securepubads.g.doubleclick.net 67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com goheels.com
5	region1.analytics.google.com	cdn.transcend.io
5	67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com	cdn.transcend.io
5	www.googletagmanager.com	cdn.transcend.io
4	s0.2mdn.net	67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com
4	protected-by.clarium.io	67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com
4	googleads.g.doubleclick.net	67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com
4	aax.amazon-adsystem.com	cdn.transcend.io
4	www.gstatic.com	cdn.transcend.io www.google.com www.gstatic.com
4	fonts.gstatic.com	fonts.googleapis.com www.google.com
4	cdn.transcend.io	goheels.com cdn.transcend.io
3	www.google-analytics.com	cdn.transcend.io
3	www.google.de
3	stats.g.doubleclick.net	cdn.transcend.io
3	id5-sync.com	cdn.transcend.io
3	id.hadron.ad.gt	cdn.transcend.io
3	c.amazon-adsystem.com	cdn.transcend.io
2	t.goheels.com	1 redirects
2	prod.tahoe-analytics.publishers.advertising.a2z.com	cdn.transcend.io
2	bcp.crwdcntrl.net	cdn.transcend.io
2	cdn.id5-sync.com	cdn.transcend.io
2	tags.crwdcntrl.net	cdn.transcend.io
2	cdn.confiant-integrations.net	cdn.transcend.io
2	htlbid.com	goheels.com
1	img.en25.com	cdn.transcend.io
1	ams-depr-public.s3.amazonaws.com	cdn.transcend.io
1	ams-pageview-public.s3.amazonaws.com	goheels.com
1	a.ad.gt	cdn.transcend.io
1	geo.privacymanager.io	cdn.transcend.io
1	lb.eu-1-id5-sync.com	cdn.transcend.io
1	cdn.hadronid.net	cdn.transcend.io
1	secure.cdn.fastclick.net	cdn.transcend.io
1	ats.rlcdn.com	cdn.transcend.io
1	api.rlcdn.com	cdn.transcend.io
1	config.aps.amazon-adsystem.com	cdn.transcend.io
1	fonts.googleapis.com	goheels.com
300	45

This site contains links to these domains. Also see Links.

Domain
goheels.evenue.net
www.espn.com
stats.statbroadcast.com
www.statbroadcast.com
www.facebook.com
twitter.com
instagram.com
bit.ly
move.unc.edu
www.townofchapelhill.org
maps.unc.edu
revelxp.com
ramsclub.com
www.carolinafever.co
bands.web.unc.edu
gotarheels.wixsite.com
getaccn.com
affiliateresources.learfieldimgcollege.com
www.unc.edu
unc.peopleadmin.com
shop.goheels.com
seatgeek.com
www.nike.com
theacc.com
sidearmsports.com
www.sidearmsports.com
learfield.com

Subject Issuer	Validity	Valid
goheels.com Amazon RSA 2048 M02	`2023-11-10` - `2024-12-08`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
transcend.io Amazon RSA 2048 M02	`2023-06-20` - `2024-07-18`	a year	crt.sh
htlbid.com Amazon RSA 2048 M01	`2023-09-21` - `2024-10-18`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
confiant-integrations.net GTS CA 1P5	`2024-01-17` - `2024-04-16`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-12-30` - `2024-12-04`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-01-21` - `2025-02-19`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-28` - `2024-02-27`	a year	crt.sh
*.id5-sync.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2023-10-03` - `2024-10-03`	a year	crt.sh
hadronid.net GTS CA 1P5	`2023-12-03` - `2024-03-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.eu-1-id5-sync.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
*.privacymanager.io Amazon RSA 2048 M01	`2023-07-27` - `2024-08-24`	a year	crt.sh
a.ad.gt E1	`2023-12-12` - `2024-03-11`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
protected-by.clarium.io Amazon RSA 2048 M02	`2023-11-16` - `2024-12-15`	a year	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-07-03`	9 months	crt.sh
www.google.de GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
images.sidearmdev.com Amazon RSA 2048 M01	`2023-07-19` - `2024-08-17`	a year	crt.sh
prod.tahoe-analytics.publishers.advertising.a2z.com Amazon RSA 2048 M02	`2024-01-22` - `2025-02-20`	a year	crt.sh
*.en25.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-21` - `2024-05-20`	a year	crt.sh

This page contains 20 frames:

Primary Page: https://goheels.com/
Frame ID: 0490B413F9AD9C7EB1040BD8D520956B
Requests: 193 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc8MZoUAAAAAM62lHHFbc2suq4sN7ubpuaDH8Kh&co=aHR0cHM6Ly9nb2hlZWxzLmNvbTo0NDM.&hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=lymt9mfsmsvo
Frame ID: 612C2C1CD766C2B704D17D8C2632BD10
Requests: 8 HTTP requests in this frame

Frame: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: ED02A40E1490A32646304071277A4C37
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstZjWjaZcHbaTnUxx37P3rSDjmR0De-ytGjfFjCVx3jhVi7pIg1PL2DWXwdZPW8pKDT05VoaCDAL_SD3lwdT-OwQn5UKcg5UWmb-qm3cJTKIedbV06fOFbNAayRGfQNz7FEZuKDYKxCPgC1yV6_J5Xs1541bad3mUFgbw1WcmOZjF-Y080p1mzsTQ7dGDxk2lP-JWAWs73_ocWz5uAuQ9Opsxxc7e5NrAhy_nnjnTGHcyMEeYIBFCJR-sR1dhmcB1eRgEsnSSKfsmTts2h4GD0s7OQwuslYt6Ofm53lxNqdgT1hvB9biMNWlzJxNZCD_A_Wu20A&sai=AMfl-YTWe8qpsILXAJe2pTWlw1KFOHbRLu3kZZw_8nD2nXMJVlrElK9vUCJsB2m7liNrbFmCJ47vVcgO2t7c2UnZQiLO12C_5-HXl2Oi3MCDPAIfe19Q05H4Xu5k9AApQaHDeAZpJl55oJIFV7oARh7CAvw&sig=Cg0ArKJSzHU31Ao8OF1UEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: B7699ECC362250C42C6FDE467DB3C23F
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstDA46lx3--4Hm_I63NpLUM5uGRdDu8LaFn8zvbkoKqX7bemVY2a7vnblGDC1b95R1_47SKm-mWfAxXLlS0aLyh3-y-8kHJGVkOvmkfSmJbPTKduZ7NB-ze7StRZ1OxvOQWu3qjZzOghZyDXX3yLyjNXc15t74bRJiNEXHOHPULIL3Gz9nw8XsB4nOFG7prdzvbrscaX2SOxGLowVGGBAm-lEZUH8yI2atcDg111IVUpFibo4UamO8z76TlJLCeDzaGDNN-7dy_xSaIDTFWxUnCxZVeM3QW3nQp0Pdnlu2EE-WEtchFlUMK-Fa-TLwOcUjDvBBp&sai=AMfl-YTlQi2ym7va33JJpng1Qr6b-FJ3RRrizBrAZafcnmD8XVNKAtFYyFQCDVnEGgf6PAVE86-RqGS2vwUWUaaYTjOLzD7ivtn6YfQzO3B0a71HebrINJa-Nf9vMISZI0snWIy7CA7f-I8Ci6mojCsFISU&sig=Cg0ArKJSzAU1zU-yesFWEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 43F5166EBF6E76EA12BB4394802D796C
Requests: 8 HTTP requests in this frame

Frame: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9135928B84238C3392A47C8D54169403
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARi5v53cATAB&v=APEucNXXCzTQa6zY-ZouviH2xjuJZW5M9PEH1KXxeBBv8j7GEjX7JqjBNPF41dPLDCYmy8b3fMN6nSA8pJfdHL9O5AJnoGiT3w
Frame ID: BD791A9C00382191FB94953BED08D64B
Requests: 1 HTTP requests in this frame

Frame: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F35C5DD66F17C89FBF0CC23B37F83F65
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARju3Z3cATAB&v=APEucNWvzaX-KRkhmKuMJeCT1Nk4HBfvLBwfz-YcSlrurCIW-3WPwxVV5IlvJF2OBTBVjPpyBG5DMsIdnSfvAicNCEI1sz3qrQ
Frame ID: 7AC0AEB58860ECFFADC67F92EF67F819
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: F53D5F067BA3EAC9862166A7341EC2E8
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 5828741813A838C5470431E12012E1FE
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 37F5009527DBAF89BDC5AF19A302A5FC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E76357E3DB99AD9F9996FB96833B91C2
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuZgP6UILW7gKBl6ZfjhXyuN-X1D6_v0ZffdSEVavagWlS53gj73q1agMGmB8hiQtneol_3r5aBzo2Z7mYDQqPY2q-sDF0rPSL-z3inGcFeW-Xq6dSEm0X9ZurVLRsqf8NQr4EzET1lUcJQWhVp-eRm8EXeP4IBbrswYmRwyj05SfzI4hWwkhHYRw1FxC5e3zz3khM-bIx_2oVkpxYASOwbVy3DbYwXpOdcTgO4m02We0bZvGHkq1K0TwY1wewAjGGxN18RIEEy70sczGNaCvbljkA-nrLfAPpsgpDZT3hkHo0EYFskNjHL29V_u1RPV1qiEYiN&sai=AMfl-YT2Yby35ZP5B2QXKc9YDs0rWJIkkTKlF3FGYFtyEqvbF7cmkPTpy2GMFmH0vIpHFXib8gbStPRZe1wnu2F7PsY9w78GSztqQvaB8pWi5COBciArGDxiaEIZWg6qbA&sig=Cg0ArKJSzDdV7hVjrXK_EAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 42840CB4085F960CCDF82454B131E1CF
Requests: 7 HTTP requests in this frame

Frame: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DCB73A5C82FF0867D9AE9A789643850E
Requests: 14 HTTP requests in this frame

Frame: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D8F3A3C8F02A6DA739E0E9BBD8F25DC4
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARi5v53cATAB&v=APEucNXG01ZM59tJ6to7cTGPfvbF6ZEceBee2R6A-X0RzqLG9-HCGF3fbhzaPxpQ0BQtO9h_eKOWaGcQuw6Odg0J2OuKamTNEw
Frame ID: 3489AFF8EC53A92B26F6A560B8B23424
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIyE0QIQivniAhj799P7ATAB&v=APEucNXw4PtZf4cVUlpiRAYW4euc-yHSbD2yI0bZofVuDdA-Ca4pdz4WjLOCnlm6Lue0AEw7hI4ZQK0YW1S_UHqht5jKr5MPSQ
Frame ID: 1BB812B34262F24EDA0A1B75B7E94B0F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: FB10A7E0F2298E521BF899F6F7C320C3
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 6EA2C8C4A7EE512B48BE05078F2BBA7A
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

University of North Carolina Athletics - Official Athletics WebsiteUniversity of North Carolina Athletics - Official Athletics WebsiteLearfieldSidearm

Page URL History Show full URLs

http://goheels.com/ HTTP 308
https://goheels.com/ Page URL

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

300
Requests

94 %
HTTPS

48 %
IPv6

29
Domains

45
Subdomains

44
IPs

4
Countries

32139 kB
Transfer

39866 kB
Size

16
Cookies

106 Outgoing links

These are links going to different origins than the main page.

URL: https://goheels.evenue.net/cgi-bin/ncommerce3/SEGetEventList?groupCode=WB-IND&linkID=unc&shopperContext=&caller=&appCode=

Search URL Search Domain Scan URL

URL: https://www.espn.com/watch/player/_/eventCalendarId/401603987?gameId=401603987&sourceLang=en&om-navmethod=espn%3Aglobalsearch%3Aresults

Search URL Search Domain Scan URL

URL: http://stats.statbroadcast.com/broadcast/?id=493501

Search URL Search Domain Scan URL

URL: https://www.statbroadcast.com/events/schedule.php?gid=unc

Search URL Search Domain Scan URL

URL: https://www.espn.com/watch/player?id=80e32086-670f-4af6-814e-4f5cd83cd939

Search URL Search Domain Scan URL

URL: https://www.espn.com/watch/player/_/id/e4bed769-ff0f-498a-9d7a-94e36891a2d3

Search URL Search Domain Scan URL

URL: https://www.facebook.com/TarHeels/

Search URL Search Domain Scan URL

URL: https://twitter.com/DiamondHeels

Search URL Search Domain Scan URL

URL: https://instagram.com/carolinabaseball

Search URL Search Domain Scan URL

URL: https://bit.ly/3lHIQpo

Search URL Search Domain Scan URL

URL: https://twitter.com/UNC_Basketball

Search URL Search Domain Scan URL

URL: https://instagram.com/UNC_Basketball

Search URL Search Domain Scan URL

URL: https://twitter.com/UNCTrack_Field

Search URL Search Domain Scan URL

URL: https://instagram.com/tarheeltrack

Search URL Search Domain Scan URL

URL: https://www.facebook.com/CarolinaFencing/

Search URL Search Domain Scan URL

URL: https://twitter.com/UNCFencing

Search URL Search Domain Scan URL

URL: https://instagram.com/uncFencing

Search URL Search Domain Scan URL

URL: https://www.facebook.com/TarHeelFootball

Search URL Search Domain Scan URL

URL: https://twitter.com/UNCFootball

Search URL Search Domain Scan URL

URL: https://instagram.com/uncfootball

Search URL Search Domain Scan URL

URL: https://goheels.evenue.net/cgi-bin/ncommerce3/SEGetGroupList?groupCode=FB&linkID=unc&shopperContext=&caller=&appCode=

Search URL Search Domain Scan URL

URL: https://www.facebook.com/UNCMensGolf/

Search URL Search Domain Scan URL

URL: https://twitter.com/UNCmensGolf

Search URL Search Domain Scan URL

URL: https://instagram.com/uncmensgolf

Search URL Search Domain Scan URL

URL: https://www.facebook.com/UNCMensLacrosse/

Search URL Search Domain Scan URL

URL: https://twitter.com/UNCMensLacrosse

Search URL Search Domain Scan URL

URL: https://instagram.com/uncmenslacrosse

Search URL Search Domain Scan URL

URL: https://twitter.com/UNCmenssoccer

Search URL Search Domain Scan URL

URL: https://instagram.com/uncmenssoccer

Search URL Search Domain Scan URL

URL: https://www.facebook.com/UNCswimdive/

Search URL Search Domain Scan URL

URL: https://twitter.com/uncswimdive

Search URL Search Domain Scan URL

URL: https://instagram.com/uncswimdive

Search URL Search Domain Scan URL

URL: https://www.facebook.com/CarolinaTennis/

Search URL Search Domain Scan URL

URL: https://twitter.com/carolinatennis

Search URL Search Domain Scan URL

URL: https://instagram.com/https://www.instagram.com/tarheeltennis/?hl=en

Search URL Search Domain Scan URL

URL: https://instagram.com/https://www.instagram.com/unctrack_field/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/UNCWrestling/

Search URL Search Domain Scan URL

URL: https://twitter.com/UNCWrestling

Search URL Search Domain Scan URL

URL: https://instagram.com/UNCWrestling

Search URL Search Domain Scan URL

URL: https://twitter.com/uncwbb

Search URL Search Domain Scan URL

URL: https://instagram.com/uncwbb

Search URL Search Domain Scan URL

URL: https://www.facebook.com/UNCFieldHockey/

Search URL Search Domain Scan URL

URL: https://twitter.com/UNCFieldHockey

Search URL Search Domain Scan URL

URL: https://instagram.com/uncfieldhockey

Search URL Search Domain Scan URL

URL: https://twitter.com/uncwomensgolf

Search URL Search Domain Scan URL

URL: https://instagram.com/uncwomensgolf

Search URL Search Domain Scan URL

URL: https://www.facebook.com/UNCGymnastics/

Search URL Search Domain Scan URL

URL: https://twitter.com/uncgymnastics

Search URL Search Domain Scan URL

URL: https://instagram.com/uncgymnastics

Search URL Search Domain Scan URL

URL: https://goheels.evenue.net/cgi-bin/ncommerce3/SEGetEventList?groupCode=WG-FS&linkID=unc&shopperContext=&caller=&appCode=

Search URL Search Domain Scan URL

URL: https://www.facebook.com/uncwlax/

Search URL Search Domain Scan URL

URL: https://twitter.com/uncwlax

Search URL Search Domain Scan URL

URL: https://instagram.com/uncwlax

Search URL Search Domain Scan URL

URL: https://www.facebook.com/UNCRowing/

Search URL Search Domain Scan URL

URL: https://twitter.com/uncrowing

Search URL Search Domain Scan URL

URL: https://instagram.com/uncrowing

Search URL Search Domain Scan URL

URL: https://twitter.com/uncwomenssoccer

Search URL Search Domain Scan URL

URL: https://instagram.com/uncwomenssoccer

Search URL Search Domain Scan URL

URL: https://www.facebook.com/UNCSoftball/

Search URL Search Domain Scan URL

URL: https://twitter.com/UNCSoftball

Search URL Search Domain Scan URL

URL: https://instagram.com/UNCSoftball

Search URL Search Domain Scan URL

URL: https://www.facebook.com/UNCWTennis/

Search URL Search Domain Scan URL

URL: https://twitter.com/UNC_wtennis

Search URL Search Domain Scan URL

URL: https://instagram.com/UNC_wtennis

Search URL Search Domain Scan URL

URL: https://www.facebook.com/UNCVolleyball/

Search URL Search Domain Scan URL

URL: https://twitter.com/UNCVolleyball

Search URL Search Domain Scan URL

URL: https://instagram.com/UNCVolleyball

Search URL Search Domain Scan URL

URL: https://move.unc.edu/events/
Title: Parking

Search URL Search Domain Scan URL

URL: https://www.townofchapelhill.org/government/departments-services/transit/tar-heel-express
Title: Tar Heel Express

Search URL Search Domain Scan URL

URL: https://maps.unc.edu/
Title: Directions/Maps

Search URL Search Domain Scan URL

URL: https://revelxp.com/university-of-north-carolina
Title: Tailgate Packages

Search URL Search Domain Scan URL

URL: https://ramsclub.com/kidsclub/
Title: Kids Club

Search URL Search Domain Scan URL

URL: https://ramsclub.com/
Title: The Rams Club

Search URL Search Domain Scan URL

URL: https://www.carolinafever.co/
Title: Carolina Fever

Search URL Search Domain Scan URL

URL: https://bands.web.unc.edu/?SITE=UNC&DB_OEM_ID=3350
Title: Band

Search URL Search Domain Scan URL

URL: https://gotarheels.wixsite.com/uncspiritprogram
Title: Spirit Program

Search URL Search Domain Scan URL

URL: http://www.statbroadcast.com/events/statmonitr.php?gid=unc
Title: Live Stats

Search URL Search Domain Scan URL

URL: https://getaccn.com/
Title: ACC Network

Search URL Search Domain Scan URL

URL: https://www.espn.com/search/_/o/watch/q/north%20carolina%20tar%20heels
Title: Live Video: ACCN Extra & WatchESPN

Search URL Search Domain Scan URL

URL: https://affiliateresources.learfieldimgcollege.com/north-carolina-tar-heels/
Title: Tar Heel Sports Network

Search URL Search Domain Scan URL

URL: http://www.unc.edu/
Title: The University

Search URL Search Domain Scan URL

URL: https://unc.peopleadmin.com/postings/search?utf8=%E2%9C%93&query=&query_v0_posted_at_date=&1826%5B%5D=3&query_organizational_tier_3_id%5B%5D=any&query_organizational_tier_2_id%5B%5D=1365&commit=Search
Title: Job Opportunities

Search URL Search Domain Scan URL

URL: https://ramsclub.com/membership/#annual-memberships
Title: Membership

Search URL Search Domain Scan URL

URL: https://ramsclub.com/opportunities-to-give/
Title: Special Projects

Search URL Search Domain Scan URL

URL: https://ramsclub.com/about-us/
Title: About Us

Search URL Search Domain Scan URL

URL: https://ramsclub.com/contact-us/
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://shop.goheels.com/
Title: Shop

Search URL Search Domain Scan URL

URL: https://shop.goheels.com/north-carolina-tar-heels/jordan-brand/t-12217217+br-791243+z-9925-4148543118?_s=bm-unc_top_nav_jordanbrand&utm_source=unc&utm_medium=referral&utm_term=top_nav
Title: Jordan Brand

Search URL Search Domain Scan URL

URL: https://shop.goheels.com/north-carolina-tar-heels/nike/t-89761695+br-4173+z-8875-791309139?_s=bm-unc_top_nav_nike&utm_source=unc&utm_medium=referral&utm_term=top_nav
Title: Nike

Search URL Search Domain Scan URL

URL: https://shop.goheels.com/c-14032?_s=bm-unc_top_nav_nil&utm_source=unc&utm_medium=referral&utm_term=top_nav
Title: NIL

Search URL Search Domain Scan URL

URL: https://shop.goheels.com/north-carolina-tar-heels/jerseys/t-90435051+d-86661223+z-86-839180881?_s=bm-unc_top_nav_jerseys&utm_source=unc&utm_medium=referral&utm_term=top_nav
Title: Jerseys

Search URL Search Domain Scan URL

URL: https://shop.goheels.com/north-carolina-tar-heels/men/t-90877295+ga-67+z-87711-3826501590?_s=bm-unc_top_nav_mens&utm_source=unc&utm_medium=referral&utm_term=top_nav
Title: Men

Search URL Search Domain Scan URL

URL: https://shop.goheels.com/north-carolina-tar-heels/women/t-34216184+ga-24+z-958700-3930261060?_s=bm-unc_top_nav_womens&utm_source=unc&utm_medium=referral&utm_term=top_nav
Title: Women

Search URL Search Domain Scan URL

URL: https://shop.goheels.com/north-carolina-tar-heels/kids/t-12210528+ga-47+z-972621-2557842949?_s=bm-unc_top_nav_youth&utm_source=unc&utm_medium=referral&utm_term=top_nav
Title: Youth

Search URL Search Domain Scan URL

URL: https://goheels.evenue.net/cgi-bin/ncommerce3/SEGetGroupList?groupCode=GS&linkID=unc&shopperContext=&caller=&appCode=
Title: Buy Tickets

Search URL Search Domain Scan URL

URL: https://goheels.evenue.net/signin?&continue=https%3A%2F%2Fgoheels.evenue.net%2Fwww%2Fev_unc%2Fss%2Fevenue%2F%23MyAccount%3FsiteId%3Dev_unc%26locale%3Den_US%26linkID%3Dunc
Title: My Account

Search URL Search Domain Scan URL

URL: https://seatgeek.com/promo/north-carolina-tar-heels?aid=16103&pid=integration&rid=21&utm_medium=partnership&utm_source=unc_sponsorship&utm_campaign=integration
Title: SeatGeek: Buy & Sell

Search URL Search Domain Scan URL

URL: https://www.nike.com/jordan
Title: Carolina X Jordan

Search URL Search Domain Scan URL

URL: https://www.unc.edu/
Title: The University

Search URL Search Domain Scan URL

URL: https://theacc.com/

Search URL Search Domain Scan URL

URL: https://www.nike.com/

Search URL Search Domain Scan URL

URL: https://sidearmsports.com/terms-of-service
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.sidearmsports.com/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://sidearmsports.com/accessibility-statement
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://learfield.com/
Title: Learfield

Search URL Search Domain Scan URL

URL: https://sidearmsports.com/
Title: Sidearm

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://goheels.com/ HTTP 308
https://goheels.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://goheels.com/images/2024/1/6/CI_VisitOBX_1400x1400__2_.png HTTP 302
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/2024/1/6/CI_VisitOBX_1400x1400__2_.png

Request Chain 9

https://goheels.com/images/2023/12/13/HoldingCourt_1400x1400.png HTTP 302
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/2023/12/13/HoldingCourt_1400x1400.png

Request Chain 15

https://goheels.com/images/2024/1/6/CI_VisitOBX_1400x1400__2_.png HTTP 302
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/2024/1/6/CI_VisitOBX_1400x1400__2_.png

Request Chain 16

https://goheels.com/images/2023/12/13/HoldingCourt_1400x1400.png HTTP 302
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/2023/12/13/HoldingCourt_1400x1400.png

Request Chain 194

https://goheels.com/images/sng_2023/parallax_logo.svg HTTP 302
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/sng_2023/parallax_logo.svg

Request Chain 200

https://d141rwalb2fvgk.cloudfront.net/images/logos/Boston-College.png HTTP 302
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/Boston-College.png

Request Chain 201

https://d141rwalb2fvgk.cloudfront.net/images/logos/Columbia.png HTTP 302
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/Columbia.png

Request Chain 202

https://d141rwalb2fvgk.cloudfront.net/images/logos/Georgia.png HTTP 302
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/Georgia.png

Request Chain 203

https://d141rwalb2fvgk.cloudfront.net/images/logos/Louisville.png HTTP 302
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/Louisville.png

Request Chain 204

https://d141rwalb2fvgk.cloudfront.net/images/logos/WakeForest100419.png HTTP 302
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/WakeForest100419.png

Request Chain 205

https://d141rwalb2fvgk.cloudfront.net/images/logos/Miami.png HTTP 302
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/Miami.png

Request Chain 206

https://d141rwalb2fvgk.cloudfront.net/images/logos/Penn-State.png HTTP 302
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/Penn-State.png

Request Chain 207

https://d141rwalb2fvgk.cloudfront.net/images/logos/Oregon.png HTTP 302
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/Oregon.png

Request Chain 208

https://d141rwalb2fvgk.cloudfront.net/images/logos/Duke.png HTTP 302
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/Duke.png

Request Chain 209

https://d141rwalb2fvgk.cloudfront.net/images/logos/Virginia-Tech.png HTTP 302
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/Virginia-Tech.png

Request Chain 245

https://t.goheels.com/visitor/v200/svrGP?pps=3&siteid=1107655&ref=https%3A%2F%2Fgoheels.com%2F&ref2=elqNone&tzo=-60&ms=66&optin=disabled&firstPartyCookieDomain=t.goheels.com HTTP 302
https://t.goheels.com/visitor/v200/svrGP?pps=3&siteid=1107655&ref=https%3A%2F%2Fgoheels.com%2F&ref2=elqNone&tzo=-60&ms=66&optin=disabled&elq1pcGUID=7F01980172C242B5AB9BB8DB99656077

300 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
goheels.com/
Redirect Chain

http://goheels.com/
https://goheels.com/

70 KB
16 KB

458ms
253ms

Document
text/html

18.119.68.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://goheels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.119.68.163 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-119-68-163.us-east-2.compute.amazonaws.com

Software

Resource Hash

655d70a2e61a0b944bf95f7e15ff5574b5b2f62ca09a65efa25b398aabb4821f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 25 Jan 2024 05:48:42 GMT
strict-transport-security: max-age=15724800
vary: Accept-Encoding
x-cache-status: STALE
x-redis-cache: HIT

Redirect headers

Connection: keep-alive
Content-Length: 164
Content-Type: text/html
Date: Thu, 25 Jan 2024 05:48:42 GMT
Location: https://goheels.com

GET
H2 200 css2
fonts.googleapis.com/ 8 KB
1 KB 37ms
17ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Bebas+Neue&family=Montserrat:ital,wght@0,400;0,700;1,400;1,700&display=swap

Requested by

Host: goheels.com
URL: https://goheels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a45c4c421915de7c8f195e44addf1e3caa9de522c9b7fc2efe9d7ee582a3c376

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 25 Jan 2024 05:48:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 25 Jan 2024 05:48:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Jan 2024 05:48:42 GMT

GET
H2 200 index.5122ccf8.mjs Show response
goheels.com/ 1 MB
361 KB 113ms
112ms Script
application/javascript 18.119.68.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://goheels.com/index.5122ccf8.mjs

Requested by

Host: goheels.com
URL: https://goheels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.119.68.163 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-119-68-163.us-east-2.compute.amazonaws.com

Software

Resource Hash

f8517dc4ecdbfc27a5b5b1608220bba2b1b3716afdbd652f7cc449dedd535246

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Referer: https://goheels.com/
Origin: https://goheels.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:42 GMT
strict-transport-security: max-age=15724800
content-encoding: gzip
last-modified: Tue, 16 Jan 2024 18:03:01 GMT
etag: W/"11d141-18d1370e008"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536

GET
H2 200 index-7be64fb4.css
goheels.com/assets/ 745 KB
120 KB 215ms
215ms Stylesheet
text/css 18.119.68.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://goheels.com/assets/index-7be64fb4.css

Requested by

Host: goheels.com
URL: https://goheels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.119.68.163 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-119-68-163.us-east-2.compute.amazonaws.com

Software

Resource Hash

7be64fb4ca2a84a43c85eb4c8d414027b24259ca4fdc2abf1e03cac18e2ec589

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:42 GMT
strict-transport-security: max-age=15724800
content-encoding: gzip
last-modified: Tue, 16 Jan 2024 18:03:01 GMT
etag: W/"ba467-18d1370e008"
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536

GET
H2 200 airgap.js Show response
cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/ 148 KB
49 KB 32ms
7ms Script
application/javascript 2600:9000:2250:ca00:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Requested by

Host: goheels.com
URL: https://goheels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:ca00:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

56323dab17575f653889b430af9022d72ba38a3994c02de96f0031ebf61f0a14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:42 GMT
content-encoding: br
via: 1.1 4b07e670df891a80bcae1d5be052af3c.cloudfront.net (CloudFront)
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P2
x-content-type-options: nosniff
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
x-frame-options: SAMEORIGIN
cache-control: max-age=60,s-maxage=86400
x-amz-cf-id: tPtUSz_AKnHt0W15aaO1CGAXvoEysCLqTjezCwMq9n6GGtz9TrONsQ==
x-xss-protection: 1; mode=block

GET
H2 200 htlbid.css
htlbid.com/v3/goheels.com/ 9 KB
1 KB 451ms
416ms Stylesheet
text/css 13.32.27.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://htlbid.com/v3/goheels.com/htlbid.css
Requested by: Host: goheels.com
URL: https://goheels.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-51.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4ca28568b27f36e9e2c60aa394d02a96d4388aa4297afce264c8184f0751c7f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:44 GMT
content-encoding: br
via: 1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront)
last-modified: Tue, 23 Jan 2024 18:51:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
etag: W/"947c128bebc86ff4dc19ecd19b03c8b8"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css
cache-control: max-age=600
x-amz-cf-id: 9YPO9Fhf9lJR-v9ZkHjibbw_zIur8jBWXTJ8ewPkbDc1w4SXatainQ==

GET
H2 200 htlbid.js Show response
htlbid.com/v3/goheels.com/ 505 KB
125 KB 14ms
13ms Script
application/javascript 13.32.27.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://htlbid.com/v3/goheels.com/htlbid.js
Requested by: Host: goheels.com
URL: https://goheels.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-51.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 37f74cff2d44658ef8c0c1d779627fcc0f60998cff2c4df9edb6e2965c67e936

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:43 GMT
content-encoding: br
via: 1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront)
last-modified: Tue, 23 Jan 2024 18:51:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 523
x-amz-server-side-encryption: AES256
etag: W/"dff1349dec9cc507cc1be405319fb7d2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=600
x-amz-cf-id: OtGUjagfuhOotNCxqVcm0QVb4nlGijR1fC5aE8CNqDz-TckG-0Et5Q==

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 40ms
17ms Script
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6Lc8MZoUAAAAAM62lHHFbc2suq4sN7ubpuaDH8Kh

Requested by

Host: goheels.com
URL: https://goheels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3850b192ebac3c91f692946ba196721fec831d7d6f66dd1d7bd83e7a3a22ba46

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 25 Jan 2024 05:48:43 GMT

GET
H2 200 heading_argyle.svg
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/sng_2023/ 11 KB
11 KB 41ms
7ms Image
image/svg+xml 108.138.24.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/sng_2023/heading_argyle.svg
Requested by: Host: goheels.com
URL: https://goheels.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.24.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-24-192.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c4b1101eab6487d75d0ce1b1ec78628ed586edc7065a32adc0b0a51554600a00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 07:48:10 GMT
via: 1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
last-modified: Tue, 15 Aug 2023 17:55:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 79232
x-amz-server-side-encryption: AES256
x-amz-meta-cb-modifiedtime: Tue, 15 Aug 2023 17:54:27 GMT
vary: Origin
etag: "566f8e87bbf1f6f6859bfb60c3a8ce50"
content-type: image/svg+xml
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 11074
x-amz-cf-id: mnCzCaDIPomJ_QWqdY3dOYLGyOeNSKfYW_vdoD4s36uuBtn8tOAZdg==

GET
H2

200

CI_VisitOBX_1400x1400__2_.png
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/2024/1/6/
Redirect Chain

https://goheels.com/images/2024/1/6/CI_VisitOBX_1400x1400__2_.png
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/2024/1/6/CI_VisitOBX_1400x1400__2_.png

413 KB
414 KB

7ms
7ms

Image
image/png

108.138.24.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/2024/1/6/CI_VisitOBX_1400x1400__2_.png
Requested by: Host: goheels.com
URL: https://goheels.com/
Protocol: H2
Server: 108.138.24.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-24-192.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7300c6887a83738ac31c0dfd6df292b2f14c552ef7379cdd8eaf3a01c1d2976d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 02:36:48 GMT
via: 1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
last-modified: Sat, 06 Jan 2024 13:53:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 12441
x-amz-server-side-encryption: AES256
etag: "2c72000d7b8f383f0c687dfe07e4d09c"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 422847
x-amz-cf-id: mexQeMST3qqlXRrTx8VgFzkpr3TI0r5m5tMQnq322Hb3uIoQpbWRZw==

Redirect headers

date: Thu, 25 Jan 2024 05:48:42 GMT
strict-transport-security: max-age=0;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-cache-status: MISS
content-type: text/html; charset=utf-8
location: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/2024/1/6/CI_VisitOBX_1400x1400__2_.png
access-control-allow-origin: *
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,tenant,x-sidearm-auth
content-length: 243
x-xss-protection: 1; mode=block

GET
H2

200

HoldingCourt_1400x1400.png
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/2023/12/13/
Redirect Chain

https://goheels.com/images/2023/12/13/HoldingCourt_1400x1400.png
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/2023/12/13/HoldingCourt_1400x1400.png

2 MB
2 MB

8ms
7ms

Image
image/png

108.138.24.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/2023/12/13/HoldingCourt_1400x1400.png
Requested by: Host: goheels.com
URL: https://goheels.com/
Protocol: H2
Server: 108.138.24.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-24-192.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e0b464d91fcd1e4748cdd7c9aad2a3e13732c24357e82d15114593a3f4612e0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 08:13:21 GMT
via: 1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
last-modified: Wed, 13 Dec 2023 16:50:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 77723
x-amz-server-side-encryption: AES256
etag: "4d45790dbfc13a60f164d6c1e2d7af0d"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 1940612
x-amz-cf-id: HKkIJjRvY5oHE-lo41xglkTGHRoYgSUy2H8zs6x1n_wguURjuG3bug==

Redirect headers

date: Thu, 25 Jan 2024 05:48:42 GMT
strict-transport-security: max-age=0;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-cache-status: MISS
content-type: text/html; charset=utf-8
location: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/2023/12/13/HoldingCourt_1400x1400.png
access-control-allow-origin: *
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,tenant,x-sidearm-auth
content-length: 242
x-xss-protection: 1; mode=block

GET
H2 200 ui.js Show response
cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/ 312 KB
86 KB 22ms
7ms Script
text/javascript 2600:9000:2250:ca00:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/ui.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:ca00:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

bbfa8686291c557b01d6bb51a30370f3e213c68968498457c1c448e773c6a933

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://goheels.com/
Origin: https://goheels.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: IZy6BIZyNU6R9rszfQ8q1TX1xcqXF.Ak
content-encoding: gzip
via: 1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
date: Thu, 25 Jan 2024 04:13:35 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P2
age: 5708
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 12 Jan 2024 19:12:42 GMT
server: AmazonS3
etag: W/"ea1e1a27b8f884b7bfbe96400cc39566-1"
x-frame-options: SAMEORIGIN
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=60,s-maxage=86400
vary: Accept-Encoding
x-amz-cf-id: kxppUOThBt7UCCWcAKk_nwfh0Ki1eLyN8tbwDpM0TtgVKH0vZXdgVw==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 218 KB
76 KB 37ms
15ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K3TH4CC

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

82dc955429a3a9cc249280f8b3892ee3b01e0d5f5067c3fe4b9f3e1126531492

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77048
x-xss-protection: 0
last-modified: Thu, 25 Jan 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 25 Jan 2024 05:48:43 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 145 KB
53 KB 44ms
21ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TW6R675

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a155388591e9c5456b1724d2ece6592b3ca6ea3d5524bfa1f2c1f01edcfe7623

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54028
x-xss-protection: 0
last-modified: Thu, 25 Jan 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 25 Jan 2024 05:48:43 GMT

GET
H2 200 sidearm-icons.svg
goheels.com/ 107 KB
38 KB 145ms
144ms Other
image/svg+xml 18.119.68.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://goheels.com/sidearm-icons.svg

Requested by

Host: goheels.com
URL: https://goheels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.119.68.163 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-119-68-163.us-east-2.compute.amazonaws.com

Software

Resource Hash

e8a08f092d451e222bc83e53a54bcfc3f09630b2694a11068bf6c7826ce297b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:43 GMT
strict-transport-security: max-age=15724800
content-encoding: gzip
last-modified: Tue, 16 Jan 2024 18:02:57 GMT
etag: W/"1ac0a-18d1370d068"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536

GET
H2 200 heading_argyle.svg
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/sng_2023/ 11 KB
11 KB 7ms
6ms Image
image/svg+xml 108.138.24.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/sng_2023/heading_argyle.svg
Requested by: Host: goheels.com
URL: https://goheels.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.24.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-24-192.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c4b1101eab6487d75d0ce1b1ec78628ed586edc7065a32adc0b0a51554600a00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 07:48:10 GMT
via: 1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
last-modified: Tue, 15 Aug 2023 17:55:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 79233
x-amz-server-side-encryption: AES256
x-amz-meta-cb-modifiedtime: Tue, 15 Aug 2023 17:54:27 GMT
vary: Origin
etag: "566f8e87bbf1f6f6859bfb60c3a8ce50"
content-type: image/svg+xml
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 11074
x-amz-cf-id: 7urfecl9-uv7iFjRFKzFcPS_8rwW9Y2PebxB-U9qkc1tY6qlyVj8IA==

GET
H2

200

CI_VisitOBX_1400x1400__2_.png
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/2024/1/6/
Redirect Chain

https://goheels.com/images/2024/1/6/CI_VisitOBX_1400x1400__2_.png
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/2024/1/6/CI_VisitOBX_1400x1400__2_.png

413 KB
414 KB

8ms
8ms

Image
image/png

108.138.24.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/2024/1/6/CI_VisitOBX_1400x1400__2_.png
Requested by: Host: goheels.com
URL: https://goheels.com/
Protocol: H2
Server: 108.138.24.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-24-192.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7300c6887a83738ac31c0dfd6df292b2f14c552ef7379cdd8eaf3a01c1d2976d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 02:36:48 GMT
via: 1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
last-modified: Sat, 06 Jan 2024 13:53:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 12442
x-amz-server-side-encryption: AES256
etag: "2c72000d7b8f383f0c687dfe07e4d09c"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 422847
x-amz-cf-id: LG6QMXLBocf2bAPM75amYI5Pop6SrvGJW_urUGNIw-857yLDNugFmA==

Redirect headers

date: Thu, 25 Jan 2024 05:48:43 GMT
strict-transport-security: max-age=0;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-cache-status: MISS
content-type: text/html; charset=utf-8
location: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/2024/1/6/CI_VisitOBX_1400x1400__2_.png
access-control-allow-origin: *
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,tenant,x-sidearm-auth
content-length: 243
x-xss-protection: 1; mode=block

GET
H2

200

HoldingCourt_1400x1400.png
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/2023/12/13/
Redirect Chain

https://goheels.com/images/2023/12/13/HoldingCourt_1400x1400.png
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/2023/12/13/HoldingCourt_1400x1400.png

2 MB
2 MB

8ms
8ms

Image
image/png

108.138.24.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/2023/12/13/HoldingCourt_1400x1400.png
Requested by: Host: goheels.com
URL: https://goheels.com/
Protocol: H2
Server: 108.138.24.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-24-192.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e0b464d91fcd1e4748cdd7c9aad2a3e13732c24357e82d15114593a3f4612e0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 08:13:21 GMT
via: 1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
last-modified: Wed, 13 Dec 2023 16:50:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 77723
x-amz-server-side-encryption: AES256
etag: "4d45790dbfc13a60f164d6c1e2d7af0d"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 1940612
x-amz-cf-id: iAY6oJQcxowDqyJZwRuHYHihLUDgCB-9tSZF9-74QMeonMq835ZLfg==

Redirect headers

date: Thu, 25 Jan 2024 05:48:43 GMT
strict-transport-security: max-age=0;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-cache-status: MISS
content-type: text/html; charset=utf-8
location: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/2023/12/13/HoldingCourt_1400x1400.png
access-control-allow-origin: *
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,tenant,x-sidearm-auth
content-length: 242
x-xss-protection: 1; mode=block

GET
H2 200 JTUSjIg69CK48gW7PXoo9Wlhyw.woff2
fonts.gstatic.com/s/bebasneue/v14/ 13 KB
14 KB 34ms
14ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/bebasneue/v14/JTUSjIg69CK48gW7PXoo9Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Bebas+Neue&family=Montserrat:ital,wght@0,400;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02f5dfc0c21e92f3c724260f035833e627513a1b91230cc490a1ea756c95e5e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://goheels.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:29:36 GMT
x-content-type-options: nosniff
age: 109147
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13820
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 21:28:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 23:29:36 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
33 KB 27ms
7ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Bebas+Neue&family=Montserrat:ital,wght@0,400;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://goheels.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:30:27 GMT
x-content-type-options: nosniff
age: 109096
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 23:30:27 GMT

GET
H2 200 Sports Show response
goheels.com/api/v2/ 65 KB
6 KB 120ms
120ms XHR
application/json 18.119.68.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://goheels.com/api/v2/Sports
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.119.68.163 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-119-68-163.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 80cd1ce5e4cbd996022f7d4b29b93a0c15477468c63f8ffeb4a17e12a00f8c4c

Request headers

Accept: application/json, text/plain, */*
Referer: https://goheels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
tenant: unc

Response headers

access-control-allow-origin: *
date: Thu, 25 Jan 2024 05:48:43 GMT
content-encoding: gzip
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,tenant,x-sidearm-auth
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/json; charset=utf-8

GET
H2 200 cm.css
cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/ 17 KB
4 KB 7ms
7ms Stylesheet
text/css 2600:9000:2250:ca00:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/cm.css

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:ca00:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

16070eb3c98c0e3c3df709cbb09bd0eb647919d6bbea8277c3cca3d0f3816f4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: C6JY_MKi9Mz8E3kCbZI_IXjsQhRt6Gj9
content-encoding: gzip
via: 1.1 4b07e670df891a80bcae1d5be052af3c.cloudfront.net (CloudFront)
date: Wed, 24 Jan 2024 08:22:50 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P2
age: 77154
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 12 Jan 2024 19:12:42 GMT
server: AmazonS3
etag: W/"b8298542e7d97216a37c6f9aec07ea15-1"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=60,s-maxage=86400
x-amz-cf-id: I8BmaYuPS1QLpTCULLvNwumuaV8yFxTKIeAtqdtYNVznDWSTzIRVgg==

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ 506 KB
204 KB 29ms
8ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__de.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91088a015cd36dabb6639d0b6d08fadc57be7f1b85011f5f882d4e7a8611df31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://goheels.com/
Origin: https://goheels.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 18:50:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39465
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 207845
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 05:00:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Jan 2025 18:50:58 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 97 KB
29 KB 73ms
52ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc55125206dde9aa6d9b60ba54d8cadd6187eb12840c12ecadd8243fe5be75cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29488
x-xss-protection: 0
server: cafe
etag: 808 / 19747 / m202401180101 / config-hash: 6260326267526195180
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 05:48:43 GMT

GET
H2 200 config.js Show response
cdn.confiant-integrations.net/2kt3krDemHkTVlwJHFGF_ERt-HI/gpt_and_prebid/ 117 KB
26 KB 167ms
128ms Script
text/javascript 2606:4700:4400::6812:2b5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/2kt3krDemHkTVlwJHFGF_ERt-HI/gpt_and_prebid/config.js
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2b5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6345670ae2e15b60b94e5fe1e0000f40cec730434566acabaf5bb586c89cc8e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:43 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 25 Jan 2024 04:11:29 GMT
server: cloudflare
x-amz-request-id: NQ6M72JZXXJA0FVR
etag: W/"864043456eba0a46b0f6c2905851f832"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900, stale-while-revalidate=3600
cf-ray: 84ae3a932e209956-FRA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 0TY0uEcfAnIrM4FgFbn1fIQDKdY7LCVoXEJt/CElFof9QK6elu8x1y+tGYJE67wz68QfqMQE6+8=

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 283 KB
71 KB 30ms
6ms Script
application/javascript 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 21e2cc1be6bb33e75287ef99dd7ba094e114326e221a1550b9f9e21de7a1b51c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:00:01 GMT
content-encoding: gzip
via: 1.1 9ef1b108656dc6d0707b168b862883dc.cloudfront.net (CloudFront), 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
last-modified: Tue, 23 Jan 2024 20:58:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 2922
x-amz-server-side-encryption: AES256
etag: W/"bfb1a1567d75287f0c63152bfd796b6d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: hHkC5mGQysx19_RYk3jf6i728y5RERbPLD9TEy7pKJocADlKB8FyzQ==

GET
H2 200 en.json Show response
cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/translations/ 11 KB
3 KB 7ms
7ms Fetch
application/json 2600:9000:2250:ca00:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/translations/en.json

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:ca00:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d4a162492eca0a9563167750e059e166fede6966f1a64a8e9d1ab9f9e3545711

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: v5lIgZfeuxqW_fL2fdVvkCaTk70iXWz3
content-encoding: gzip
via: 1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
date: Wed, 24 Jan 2024 11:03:37 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P2
age: 67507
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 12 Jan 2024 19:12:42 GMT
server: AmazonS3
etag: W/"6c8ad1cf05673571a904fddbd588d00e-1"
x-frame-options: SAMEORIGIN
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=60,s-maxage=86400
vary: Accept-Encoding
x-amz-cf-id: LKC3Ts58H6yzAozuFi4Jq4h0sNVKFYEAGLCEJ4vFEv_LfUd4zSfSPw==

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 612C 44 KB
28 KB 27ms
26ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc8MZoUAAAAAM62lHHFbc2suq4sN7ubpuaDH8Kh&co=aHR0cHM6Ly9nb2hlZWxzLmNvbTo0NDM.&hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=lymt9mfsmsvo

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c445f08766d9ad73e73e540b2f74cdeaf3837da1933db1433d33944c670678c4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tAY1XB7_rB6tcmxYLpdb1w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://goheels.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-tAY1XB7_rB6tcmxYLpdb1w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 25 Jan 2024 05:48:43 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 gameday.ashx Show response
goheels.com/services/ 51 B
401 B 167ms
167ms XHR
application/json 18.119.68.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://goheels.com/services/gameday.ashx?type=active-gamedays&sport_id=0

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.119.68.163 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-119-68-163.us-east-2.compute.amazonaws.com

Software

Resource Hash

39e789f2cc73f811f3a0a9246ea9f45ef2db06993c56ca700c72ef747906ac65

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://goheels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
tenant: unc

Response headers

date: Thu, 25 Jan 2024 05:48:43 GMT
strict-transport-security: max-age=0;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-cache-status: STALE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,tenant,x-sidearm-auth
content-length: 51
x-xss-protection: 1; mode=block

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 29ms
6ms XHR
application/javascript 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
date: Wed, 24 Jan 2024 06:58:29 GMT
x-amz-cf-pop: FRA56-P6
age: 82215
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: 1jQHV5xOi9Aw5liYhhfFHDM-oulW-iQzG_x5xTW1IfbznwRV92JBhA==

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/ 430 KB
135 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dd0b5724f4bbac4bd58de274236fce36135ce302364b3b8ff5c4c3631e81139

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 15:04:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53046
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138095
x-xss-protection: 0
server: cafe
etag: 16105826302836755247
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 23 Jan 2025 15:04:37 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ Frame 612C 55 KB
24 KB 23ms
9ms Stylesheet
text/css 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc8MZoUAAAAAM62lHHFbc2suq4sN7ubpuaDH8Kh&co=aHR0cHM6Ly9nb2hlZWxzLmNvbTo0NDM.&hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=lymt9mfsmsvo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 04:25:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4974
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 05:00:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 Jan 2025 04:25:49 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ Frame 612C 506 KB
203 KB 23ms
10ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91088a015cd36dabb6639d0b6d08fadc57be7f1b85011f5f882d4e7a8611df31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 18:50:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39465
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 207845
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 05:00:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Jan 2025 18:50:58 GMT

GET
H2 200 49d1d053-156d-46ed-9d18-8370d1d949e8 Show response
config.aps.amazon-adsystem.com/configs/ 564 B
831 B 43ms
6ms Script
application/javascript 18.245.31.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/49d1d053-156d-46ed-9d18-8370d1d949e8
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.31.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-31-9.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: 21720e2f91c5c7bf7e33a21866c37cb57396fff99c0778c8fa4df542c63a9876

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:06:05 GMT
via: 1.1 f99e0a5708c6297d4aa91b3e4794707e.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P8
age: 2558
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 564
x-amz-cf-id: nbCfifBR2JutoJERj85BCfM7dPD8EH2x-PNNIg-KyF6fN38Y1VoxCQ==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 3 KB
3 KB 8ms
8ms XHR
application/json 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fgoheels.com&pubid=49d1d053-156d-46ed-9d18-8370d1d949e8
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 4f189adefe2d93c9e2a696025a78cb29e4dc4da578617387cc263233401be773

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 04:49:30 GMT
via: 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
age: 3553
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://goheels.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 3200
x-amz-cf-id: D0_ECpEPojHHs7prSDp6AWJDHiwr-rnn9lhL5OnnnIPAV0TLFcaUEw==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
354 B 81ms
46ms XHR
text/javascript 18.245.47.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fgoheels.com%2F&pid=4oyPrPqWT2qPr&cb=0&ws=1600x1200&v=24.117.1925&t=1100&slots=%5B%7B%22sd%22%3A%22htlad-1-gpt%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F21708449227%2FUNC%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A5%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&pubid=49d1d053-156d-46ed-9d18-8370d1d949e8&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.47.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-47-29.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:42 GMT
via: 1.1 e47c87f8fd9c4c08ac7559d0bcc2b4c2.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P9
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://goheels.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: SQv5MQKFyT9EqAbEyO6xshD0Wkd0w4gI2lEV5zs2lmuppNArqB3jjg==

GET
H2 200 pbhid Show response
id.hadron.ad.gt/api/v1/ 227 B
341 B 52ms
20ms Fetch
application/json 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/api/v1/pbhid?partner_id=550&_it=prebid
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b75da130700a81088f31bf0322e5738ddace83fd6c37cf3738af9e1eb43812dc

Request headers

Referer: https://goheels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 25 Jan 2024 05:48:43 GMT
content-encoding: gzip
server: cloudflare
allow: POST, OPTIONS, GET
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cf-ray: 84ae3a94089dbb5c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

POST
H2 200 prebid Show response
id5-sync.com/api/config/ 136 B
413 B 22ms
7ms Fetch
application/json 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

1f597bb435c56e101a33d6b0589102c5216b67006df57bc86c42035aac1ff85f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://goheels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://goheels.com
date: Thu, 25 Jan 2024 05:48:43 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 451 envelope Show response
api.rlcdn.com/api/identity/ 0
251 B 49ms
16ms Fetch 34.120.133.55
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity/envelope?pid=13773
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 55.133.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://goheels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 25 Jan 2024 05:48:43 GMT
via: 1.1 google
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://goheels.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 0

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 21ms
6ms Script
text/javascript 65.9.66.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-68.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 04:06:49 GMT
content-encoding: gzip
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 6115
x-amz-server-side-encryption: AES256
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: rwZ63suLAUwGYkfMQJxj5veGOlnV9YULMsXM18FUuCNgeNbrpAw05Q==

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 114 KB
29 KB 36ms
21ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7bf4f406f5a9bf165c21dfebea2257eab80882e23e887a24756956daac44373

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:43 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 08 Jan 2024 11:20:59 GMT
server: cloudflare
x-amz-request-id: 98V47QQRQBB1H96A
age: 354
etag: W/"3732dd6fc229ed015d7d7eddf157953f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 84ae3a93fb299a17-FRA
x-amz-id-2: LLVA+vqa0Oh0heny89/8P0nfxp+zIdnneOaCpgIwTJSOykl2BIpgwhWBjtwGdEQ0xHXNPNef+1nKJEDhB6C52g==

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 137 KB
28 KB 60ms
60ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2944138713192369&correlator=2466785794076320&eid=31080256&output=ldjh&gdfp_req=1&vrg=202401180101&ptt=17&impl=fifs&iu_parts=21708449227%2CUNC&enc_prev_ius=%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1&prev_iu_szs=150x50%2C150x50%2C50x50%2C150x50&ifi=1&didk=356144529~303353385~302699615~302492128&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1706161723525&lmt=1706161723&adxs=824%2C277%2C318%2C995&adys=82%2C166%2C284%2C166&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fgoheels.com%2F&vis=1&psz=150x0%7C150x0%7C50x0%7C150x0&msz=150x0%7C150x0%7C50x0%7C150x0&fws=4%2C4%2C0%2C0&ohw=150%2C50%2C0%2C0&ga_vid=1970315308.1706161724&ga_sid=1706161724&ga_hid=1549886769&ga_fc=false&a3p=EjQKCnB1YmNpZC5vcmcSJDVhNGU1NTE2LWQ1YWYtNGQ3NS1iNDZmLTgzMWRhMjg0ODc4N1gBEhwKDWNyd2RjbnRybC5uZXQY7LCn-dMxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjssKf50zFIAFICCGQ.&dlt=1706161722775&idt=689&prev_scp=pos%3Dnews_sponsorlogo%26htl_refresh%3D1%7Cpos%3Dquicklinks_sponsorlogo%26htl_refresh%3D1%7Cpos%3Dpodcasts_sponsorlogo%26htl_refresh%3D1%7Cpos%3Dvideos_sponsorlogo%26htl_refresh%3D1&cust_params=htlbidid%3D28996%26is_testing%3Dno&adks=3834413431%2C1570619603%2C3539089915%2C1565439538&frm=20

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fa24a9c3d60e385befb8a15808b7064c8dfbea342abf4fc8d63a14f18d30c024

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:43 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28807
x-xss-protection: 0
google-lineitem-id: 6474407750,-2,-2,6392571290
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138460820790,-2,-2,138448866896
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://goheels.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame ED02 6 KB
3 KB 48ms
14ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://goheels.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 25 Jan 2024 05:48:43 GMT
expires: Fri, 24 Jan 2025 05:48:43 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
354 B 52ms
52ms XHR
text/javascript 18.245.47.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fgoheels.com%2F&pid=4oyPrPqWT2qPr&cb=1&ws=1600x1200&v=24.117.1925&t=1100&slots=%5B%7B%22sd%22%3A%22htlad-4-gpt%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F21708449227%2FUNC%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A5%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&pubid=49d1d053-156d-46ed-9d18-8370d1d949e8&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.47.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-47-29.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:43 GMT
via: 1.1 e47c87f8fd9c4c08ac7559d0bcc2b4c2.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P9
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://goheels.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: TaZFuEwopdp3K7zIGyuYf-B_sa2H4LDz2r--9jOIJ_d4jEEFHjrhGQ==

GET
H2 200 ats.js Show response
ats.rlcdn.com/ 110 KB
35 KB 38ms
6ms Script
text/javascript 18.245.31.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.31.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-31-66.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a2aa2577c105dab138246b4e0a1f575b3c92c30d5aced108d3f73897bd46823f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: x5VtTe.o38AhKNl9GXJ.IeIaII4uy0GZ
content-encoding: br
via: 1.1 383422f03bfc9d77974d0ac637421c22.cloudfront.net (CloudFront)
date: Wed, 24 Jan 2024 07:48:51 GMT
last-modified: Thu, 19 Oct 2023 08:25:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P8
age: 79193
x-amz-server-side-encryption: AES256
etag: W/"b248cc9d0fdeb36bdeb7efabad1132ee"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: ca3BnMvjTijhwJ_jJoEMfRAdkEKmwY6_tZaQbwR0wGJp4JdWdIU0lw==

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 54 KB
17 KB 499ms
161ms Script
application/javascript 2.23.78.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.78.67 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-23-78-67.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:44 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Thu, 25 Jan 2024 06:03:44 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ 39 KB
12 KB 6ms
6ms Script
text/javascript 65.9.66.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-68.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 02:12:53 GMT
content-encoding: gzip
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:42 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 12950
x-amz-server-side-encryption: AES256
etag: W/"6e8b1f94eaf615b7d0953ad4e8d8bb85"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: ToaoXoHAjNW6LA5LIovID4ky-zIAt56ppOcQ_wiWV7WDBhc6sbkF4Q==

GET
H2 200 hadron.js Show response
cdn.hadronid.net/ 55 KB
10 KB 53ms
27ms Script
application/javascript 2606:4700:10::6816:34ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fgoheels.com%2F&ref=&_it=amazon&partner_id=550
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:34ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:43 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 29 Nov 2023 15:31:45 GMT
server: cloudflare
x-amz-request-id: 01C975WVAA3JDKHJ
age: 4930
etag: W/"13043c1bbaf21ccc6e8ed474a744d3f2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 84ae3a944e411e14-FRA
x-amz-id-2: hxb2Br8vf2uBBniSeqakgjztWKIPtATtD6bN1gV+n3Vg6mNMl2rDRQL+gF8pDyHWIII6UuGjSsI=

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 113 KB
28 KB 17ms
17ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d351ad9e0491a3bb72ba3995d0dfe67f6af54bbf7d97e18f43ff203ffc5efe1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:43 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 08 Jan 2024 11:20:59 GMT
server: cloudflare
x-amz-request-id: 1CQC38MJPPQ523JP
age: 117
etag: W/"9692928e9024f20ea54c02122b35d5bb"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 84ae3a941b589a17-FRA
x-amz-id-2: UM0mLSZC4tczj5gdEFHl9kjDr9lHxw7USwG0+ozmdzVfR8AfpfQPbU6BtlcDqeYCdl+r53qReb40TpTX/Mw4nw==

GET
H3 200 qMev7i6X24vl5sjxzUkBtmX7wXFxxkn-xHhhygtdWMk.js Show response
www.google.com/js/bg/ Frame 612C 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/qMev7i6X24vl5sjxzUkBtmX7wXFxxkn-xHhhygtdWMk.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8c7afee2e97db8be5e6c8f1cd4901b665fbc17171c649fec47861ca0b5d58c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc8MZoUAAAAAM62lHHFbc2suq4sN7ubpuaDH8Kh&co=aHR0cHM6Ly9nb2hlZWxzLmNvbTo0NDM.&hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=lymt9mfsmsvo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:31:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55035
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6914
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 10:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Jan 2025 14:31:28 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 612C 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 19:56:54 GMT
x-content-type-options: nosniff
age: 208309
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 29 Jan 2024 19:56:54 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 612C 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 05:31:50 GMT
x-content-type-options: nosniff
age: 260213
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Jan 2025 05:31:50 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 612C 15 KB
15 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 09:09:14 GMT
x-content-type-options: nosniff
age: 160769
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 09:09:14 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 612C 102 B
135 B 16ms
15ms Other
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f187dc8de7fe50f1f8825c3500b64080cc78ac39df7efd31a4b1bc562be9ca3d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc8MZoUAAAAAM62lHHFbc2suq4sN7ubpuaDH8Kh&co=aHR0cHM6Ly9nb2hlZWxzLmNvbTo0NDM.&hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=lymt9mfsmsvo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 25 Jan 2024 05:48:43 GMT

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
271 B 30ms
7ms Fetch
application/json 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

6fa4095867a7f2f36b7ed5b7dbdf8fa26642bf56372f1420bb014e95e11d5949

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://goheels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://goheels.com
date: Thu, 25 Jan 2024 05:48:43 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
226 B 8ms
7ms XHR
text/plain 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://goheels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://goheels.com
date: Thu, 25 Jan 2024 05:48:43 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 wrap.js Show response
cdn.confiant-integrations.net/gptprebidnative/202401231116/ 301 KB
93 KB 24ms
23ms Script
application/javascript 2606:4700:4400::6812:2b5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/gptprebidnative/202401231116/wrap.js
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2b5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d8c79ebdea546edefa4fb60d5a18dd6214fd12652cfc82f82b2c437b4f0eaa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 23 Jan 2024 16:17:53 GMT
server: cloudflare
x-amz-request-id: JW4S9K28RRF8YKCT
age: 42224
etag: W/"4e46991deac7ea453158c3b56a903369"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 84ae3a944ec69956-FRA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: Vo4hdmPRNrx3nCb7BlRQoJTU4YrqRdX97UxrSPS5+HEpBS6YPyqeQ3VqL0ynumppS3Jbxhrke25NMMve0kromA==

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
333 B 95ms
32ms XHR
application/json 54.246.229.145
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.229.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-229-145.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 60d5a0a66007f36ff4bb86267d49e6865f664822367a73770b39551e5cd04803

Request headers

Referer: https://goheels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 05:48:43 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://goheels.com
cache-control: no-cache
x-server: 10.45.20.146
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 92 KB
42 KB 483ms
483ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2944138713192369&correlator=1365836619144068&eid=31080256&output=ldjh&gdfp_req=1&vrg=202401180101&ptt=17&impl=fifs&iu_parts=21708449227%2CUNC&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C728x90%7C970x90&ifi=5&didk=1622125026&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1706161723644&lmt=1706161723&adxs=315&adys=8&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fgoheels.com%2F&vis=1&psz=970x0&msz=970x0&fws=0&ohw=0&ga_vid=1970315308.1706161724&ga_sid=1706161724&ga_hid=1549886769&ga_fc=false&a3p=EjQKCnB1YmNpZC5vcmcSJDVhNGU1NTE2LWQ1YWYtNGQ3NS1iNDZmLTgzMWRhMjg0ODc4N1gBEhwKDWNyd2RjbnRybC5uZXQY7LCn-dMxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjssKf50zFIAFICCGQ.&dlt=1706161722775&idt=689&prev_scp=pos%3Dtop%26viewability%3Dhigh%26htl_refresh%3D1&cust_params=htlbidid%3D28996%26is_testing%3Dno&adks=594400745&frm=20

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1c5e3bd5182f40a40b6f2b72b40473f3a871cfcdfd8eb2948a0350adc5cf8e20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43367
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://goheels.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 signingday.ashx Show response
goheels.com/services/ 2 B
351 B 114ms
113ms XHR
application/json 18.119.68.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://goheels.com/services/signingday.ashx?type=active-signingdays&sport_id=0

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.119.68.163 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-119-68-163.us-east-2.compute.amazonaws.com

Software

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://goheels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
tenant: unc

Response headers

date: Thu, 25 Jan 2024 05:48:43 GMT
strict-transport-security: max-age=0;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-cache-status: STALE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,tenant,x-sidearm-auth
content-length: 2
x-xss-protection: 1; mode=block

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 91 KB
42 KB 349ms
349ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2944138713192369&correlator=2803214914768584&eid=31080256&output=ldjh&gdfp_req=1&vrg=202401180101&ptt=17&impl=fifs&iu_parts=21708449227%2CUNC&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=6&didk=359666826&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1706161723691&lmt=1706161723&adxs=103&adys=225&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fgoheels.com%2F&vis=1&psz=300x0&msz=300x0&fws=0&ohw=0&ga_vid=1970315308.1706161724&ga_sid=1706161724&ga_hid=1549886769&ga_fc=false&a3p=EjQKCnB1YmNpZC5vcmcSJDVhNGU1NTE2LWQ1YWYtNGQ3NS1iNDZmLTgzMWRhMjg0ODc4N1gBEhwKDWNyd2RjbnRybC5uZXQY7LCn-dMxSABSAghkEhsKDGlkNS1zeW5jLmNvbRiJsqf50zFIAFICCGo.&dlt=1706161722775&idt=689&prev_scp=pos%3Dmiddle1%26htl_refresh%3D1&cust_params=htlbidid%3D28996%26is_testing%3Dno&adks=2274927268&frm=20

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25f5efa3c86cb727fb7fba576d382fca21c54adffc0189a81f25bba8ae6a5560

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43004
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://goheels.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B769 0
0 44ms
44ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstZjWjaZcHbaTnUxx37P3rSDjmR0De-ytGjfFjCVx3jhVi7pIg1PL2DWXwdZPW8pKDT05VoaCDAL_SD3lwdT-OwQn5UKcg5UWmb-qm3cJTKIedbV06fOFbNAayRGfQNz7FEZuKDYKxCPgC1yV6_J5Xs1541bad3mUFgbw1WcmOZjF-Y080p1mzsTQ7dGDxk2lP-JWAWs73_ocWz5uAuQ9Opsxxc7e5NrAhy_nnjnTGHcyMEeYIBFCJR-sR1dhmcB1eRgEsnSSKfsmTts2h4GD0s7OQwuslYt6Ofm53lxNqdgT1hvB9biMNWlzJxNZCD_A_Wu20A&sai=AMfl-YTWe8qpsILXAJe2pTWlw1KFOHbRLu3kZZw_8nD2nXMJVlrElK9vUCJsB2m7liNrbFmCJ47vVcgO2t7c2UnZQiLO12C_5-HXl2Oi3MCDPAIfe19Q05H4Xu5k9AApQaHDeAZpJl55oJIFV7oARh7CAvw&sig=Cg0ArKJSzHU31Ao8OF1UEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: goheels.com
URL: https://goheels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 25 Jan 2024 05:48:43 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame B769 23 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 23:36:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22327
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 16165788300067284045
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Feb 2024 23:36:36 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame B769 3 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 18:37:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40259
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Feb 2024 18:37:44 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame B769 205 KB
65 KB 53ms
28ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66337
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706100845105677"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Jan 2024 05:48:43 GMT

GET
H2 200 3420694172749768324
tpc.googlesyndication.com/simgad/ Frame B769 3 KB
4 KB 8ms
8ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3420694172749768324

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18684dbf1716096c79fb6ab18fed529bb4387c01eb6c4e445b648ed8386d650e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 23 Jan 2025 21:25:21 GMT
date: Wed, 24 Jan 2024 21:25:21 GMT
x-content-type-options: nosniff
age: 30202
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3479
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 20:44:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 43F5 0
0 40ms
40ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstDA46lx3--4Hm_I63NpLUM5uGRdDu8LaFn8zvbkoKqX7bemVY2a7vnblGDC1b95R1_47SKm-mWfAxXLlS0aLyh3-y-8kHJGVkOvmkfSmJbPTKduZ7NB-ze7StRZ1OxvOQWu3qjZzOghZyDXX3yLyjNXc15t74bRJiNEXHOHPULIL3Gz9nw8XsB4nOFG7prdzvbrscaX2SOxGLowVGGBAm-lEZUH8yI2atcDg111IVUpFibo4UamO8z76TlJLCeDzaGDNN-7dy_xSaIDTFWxUnCxZVeM3QW3nQp0Pdnlu2EE-WEtchFlUMK-Fa-TLwOcUjDvBBp&sai=AMfl-YTlQi2ym7va33JJpng1Qr6b-FJ3RRrizBrAZafcnmD8XVNKAtFYyFQCDVnEGgf6PAVE86-RqGS2vwUWUaaYTjOLzD7ivtn6YfQzO3B0a71HebrINJa-Nf9vMISZI0snWIy7CA7f-I8Ci6mojCsFISU&sig=Cg0ArKJSzAU1zU-yesFWEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: goheels.com
URL: https://goheels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 25 Jan 2024 05:48:43 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame 43F5 23 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 23:36:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22327
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 16165788300067284045
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Feb 2024 23:36:36 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 43F5 3 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 18:37:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40259
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Feb 2024 18:37:44 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 43F5 205 KB
65 KB 38ms
18ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66337
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706100845105677"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Jan 2024 05:48:43 GMT

GET
H2 200 3662570694141717319
tpc.googlesyndication.com/simgad/ Frame 43F5 4 KB
5 KB 9ms
9ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3662570694141717319

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb05ab9444118abaa6b2b93767511d8275ef87a41c509860978dc19aece4b91e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 23 Jan 2025 15:54:33 GMT
date: Wed, 24 Jan 2024 15:54:33 GMT
x-content-type-options: nosniff
age: 50050
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4569
x-xss-protection: 0
last-modified: Tue, 03 Oct 2023 14:41:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
332 B 31ms
31ms XHR
application/json 54.246.229.145
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.229.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-229-145.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 90ffa440ba4b53877c1531667d26b31f5d30481400f45cba900caea2a60dd243

Request headers

Referer: https://goheels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 05:48:43 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://goheels.com
cache-control: no-cache
x-server: 10.45.11.231
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
DATA 200
OK truncated
/ Frame B769 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 97a80e42aec4074a8e8f6f1a224618e006b89d9b8b2ec8ced34d8e43fbb78dfb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 43F5 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6838b8d3c9fcd51d0b3bc7d0154c382df782c7ac68d0cd7e642de17a8806bb2d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 / Show response
geo.privacymanager.io/ 30 B
609 B 38ms
6ms Fetch
application/json 13.32.99.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-59.fra60.r.cloudfront.net
Software: /
Resource Hash: e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 02:04:45 GMT
via: 1.1 d9523e44e96d2539081596bb1d268d44.cloudfront.net (CloudFront), 1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3, FRA60-P3
age: 13438
x-amzn-requestid: 422766ba-3f7c-4d47-aef7-a3b1819b484e
x-amzn-trace-id: Root=1-65b1c1bd-793988cb182c4d3e5a57096d;Sampled=0;lineage=06620786:0
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-apigw-id: SEs1lEepjoEECbg=
content-length: 30
x-amz-cf-id: -xmfIllPxPnapZG_tOfGBGdeQGBb9UMMv14mi--u4y_j3jK4DQG1aw==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

POST
H2 200 1083.json Show response
id5-sync.com/g/v2/ 251 B
528 B 21ms
7ms Fetch
application/json 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/1083.json

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

64bb56a1318223b54a9665804bcafac13b9c3119a154097bac737edf06814cb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://goheels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://goheels.com
date: Thu, 25 Jan 2024 05:48:43 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 200 hadron.json Show response
id.hadron.ad.gt/v1/ 96 B
283 B 100ms
100ms XHR
application/json 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=550&sync=0&domain=goheels.com&url=https://goheels.com/
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d10c8ef98e5eab49585e8bc3707663375d0f8453b598d6f8ab63d093ff0b8132

Request headers

Referer: https://goheels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 25 Jan 2024 05:48:43 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: private,max-age=30
access-control-allow-credentials: true
debug: NON-OPTIONS
access-control-allow-headers: authorization
cf-ray: 84ae3a961a1ebb5c-FRA

OPTIONS
H2 200 hadron.json
id.hadron.ad.gt/v1/ Frame 0
0 105ms
105ms Preflight
application/json 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=550&sync=0&domain=goheels.com&url=https://goheels.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://goheels.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
allow: POST, OPTIONS, GET
cache-control: max-age=31536000 public, no-transform
cf-cache-status: DYNAMIC
cf-ray: 84ae3a9569a3bb5c-FRA
content-length: 0
content-type: application/json
date: Thu, 25 Jan 2024 05:48:43 GMT
debug: OPTIONS block
expires: Fri, 24 Jan 2025 05:48:43 GMT
server: cloudflare

GET
H2 200 FeaturePage Show response
goheels.com/api/v2/ 2 B
276 B 109ms
109ms XHR
application/json 18.119.68.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://goheels.com/api/v2/FeaturePage?sportId=0
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.119.68.163 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-119-68-163.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept: application/json, text/plain, */*
Referer: https://goheels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
tenant: unc

Response headers

access-control-allow-origin: *
date: Thu, 25 Jan 2024 05:48:43 GMT
content-encoding: gzip
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,tenant,x-sidearm-auth
x-cache-status: STALE
vary: Accept-Encoding
content-type: application/json; charset=utf-8

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 43F5 0
0 55ms
41ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuIwsyPs8P88QSyqQ1fLdb1waQEW-Fy5dPfUa8HLR1l-OsWpIoQqnBoYqJ5gU5-uhh9RAZ-8xwH0plTGRKxjs1hg6_heHA6pc7TBrbBaFLpIZN3kai9h480GZg4p3bistviJQJP9IYmCyWcfo1TY7JY6dw7PliySUD3syNfAbkvGCZ7VXQMZKWnGcJzOZHM4x8BwA0e3573TDWHSMLyYS_GXnQ5PTetP2U3vD8TS5tTeoRSz7COzmds-oOqbl2rNfe4PfruNln0GZeOeuB7eTGnc4s5Sa4h2VMVfF03qZNV1G-bTofyY4NVWMZ4Foh0JIVgu2llf5w&sai=AMfl-YTGnK_dEAel9wEOqsHfYfBo4wVBfyiqf03WSMMwiRTvUHbc4oorW5POnvp686TFW4AEVryKOZscoD6gvjLayf-1qGs6bk0TUaldjQIDtD-KEkg4ZJ8vjXUgJHO2qKVeLvqdcgonX6dNtYAmo-NtuQA&sig=Cg0ArKJSzEEjaHq_gsitEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 25 Jan 2024 05:48:43 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B769 0
0 41ms
41ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuP8di5N4EVZlr8FvDiOR_c6n3eXU1fb-h9zxb-PUTQaAWazrfDzr9ZqqEo_VvemOjpUZihRBNG4W_mYFYou-422ICocrWIEqTHU2cPN29e8LlkPodoF1-_A_cW9bJN1TkWmipug3_KBhlDwgnfaVmP5Y0CYY0eVJbKKMsAnyR6rxxJpV-euHy8dxTFZ9HCMNNsOia08R7hfAvUKoQaPF_0s8bCpiArfvxWamFfxuRE-VUyhsNzJ1CeQMh0cWriHgEI800MLZn9EWq_EISFks_sk2-7QiCKhecG8MPxK9TDX23a8Uu0RP-FvHqCZaRHJuu11dP-PjM&sai=AMfl-YRljlZTWHHXII3A-rgbOg_Ws14QTnSSCw8zgDNKFFflu3CcF6G1c2dZlAinIXcGPLy5nUX5kthARpF5UCj1_s4op_g3zmqW2yol3kF0EQm2UucOLSKnvOblRXRXG8-4BeeR8Vtx2SLep7WfZ_HN1M4&sig=Cg0ArKJSzPYtF_mwUA6wEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 25 Jan 2024 05:48:43 GMT

GET
H2 200 Home.83ed251c.mjs Show response
goheels.com/ 30 KB
7 KB 113ms
113ms Script
application/javascript 18.119.68.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://goheels.com/Home.83ed251c.mjs

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.119.68.163 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-119-68-163.us-east-2.compute.amazonaws.com

Software

Resource Hash

808cf2f35a92b5b2b00865a88a0baf26e093a9150227109ebc16f693dbb94621

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Referer
Origin: https://goheels.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:43 GMT
strict-transport-security: max-age=15724800
content-encoding: gzip
last-modified: Tue, 16 Jan 2024 18:03:01 GMT
etag: W/"76c3-18d1370e008"
x-cache-status: STALE
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536

GET
H2 200 PromoRotator.26330e8f.mjs Show response
goheels.com/ 5 KB
2 KB 109ms
109ms Script
application/javascript 18.119.68.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://goheels.com/PromoRotator.26330e8f.mjs

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.119.68.163 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-119-68-163.us-east-2.compute.amazonaws.com

Software

Resource Hash

abf5d3424408d60f2a3ac56719d7fd820ab4d0292ce8f311ab9e29b69c158334

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Referer
Origin: https://goheels.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:43 GMT
strict-transport-security: max-age=15724800
content-encoding: gzip
last-modified: Tue, 16 Jan 2024 18:03:01 GMT
etag: W/"12b9-18d1370e008"
x-cache-status: STALE
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536

GET
H2 200 SlideshowComponent.es.cfcd3a26.mjs Show response
goheels.com/ 951 B
749 B 116ms
116ms Script
application/javascript 18.119.68.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://goheels.com/SlideshowComponent.es.cfcd3a26.mjs

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.119.68.163 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-119-68-163.us-east-2.compute.amazonaws.com

Software

Resource Hash

2adc62720097d13e065c3164cf9789be6bd4a8fd82e86cd95a4c2e1a82fe6beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Referer
Origin: https://goheels.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:43 GMT
strict-transport-security: max-age=15724800
content-encoding: gzip
last-modified: Tue, 16 Jan 2024 18:03:01 GMT
etag: W/"3b7-18d1370e008"
x-cache-status: STALE
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536

GET
H2 200 PromotionsComponent.es.d0fbca08.mjs Show response
goheels.com/ 7 KB
3 KB 114ms
114ms Script
application/javascript 18.119.68.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://goheels.com/PromotionsComponent.es.d0fbca08.mjs

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.119.68.163 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-119-68-163.us-east-2.compute.amazonaws.com

Software

Resource Hash

ace4ed400d26a0697f7412924a7472123e326e66eb08b1b340a92931d63629d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Referer
Origin: https://goheels.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:43 GMT
strict-transport-security: max-age=15724800
content-encoding: gzip
last-modified: Tue, 16 Jan 2024 18:03:01 GMT
etag: W/"1cf8-18d1370e008"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536

GET
H2 200 PromoRotator-e39ced54.css
goheels.com/assets/ 10 KB
2 KB 107ms
107ms Stylesheet
text/css 18.119.68.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://goheels.com/assets/PromoRotator-e39ced54.css

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.119.68.163 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-119-68-163.us-east-2.compute.amazonaws.com

Software

Resource Hash

e39ced543e4d68d8501e978ff8fd46dc03dced3944e5ec24194b3f08a52ccb3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:43 GMT
strict-transport-security: max-age=15724800
content-encoding: gzip
last-modified: Tue, 16 Jan 2024 18:03:01 GMT
etag: W/"29c8-18d1370e008"
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536

GET
H2 200 PodcastsComponent.es.9d439200.mjs Show response
goheels.com/ 920 B
735 B 110ms
110ms Script
application/javascript 18.119.68.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://goheels.com/PodcastsComponent.es.9d439200.mjs

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.119.68.163 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-119-68-163.us-east-2.compute.amazonaws.com

Software

Resource Hash

b24d09378d1a41112a05ecbb4d5a6e065db1614d54bed17633dea72c2c73950c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Referer
Origin: https://goheels.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:43 GMT
strict-transport-security: max-age=15724800
content-encoding: gzip
last-modified: Tue, 16 Jan 2024 18:03:01 GMT
etag: W/"398-18d1370e008"
x-cache-status: STALE
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536

GET
H2 200 AllAccessComponent.es.08aa91ec.mjs Show response
goheels.com/ 3 KB
1 KB 1387ms
1387ms Script
application/javascript 18.119.68.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://goheels.com/AllAccessComponent.es.08aa91ec.mjs

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.119.68.163 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-119-68-163.us-east-2.compute.amazonaws.com

Software

Resource Hash

13da52d79bfea60a55c894edb352805dac9a129013ee658392965220f567cac4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Referer
Origin: https://goheels.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:45 GMT
strict-transport-security: max-age=15724800
content-encoding: gzip
last-modified: Tue, 16 Jan 2024 18:03:01 GMT
etag: W/"c0a-18d1370e008"
x-cache-status: STALE
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536

GET
H2 200 StoriesComponent.es.c319635a.mjs Show response
goheels.com/ 1 KB
784 B 111ms
110ms Script
application/javascript 18.119.68.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://goheels.com/StoriesComponent.es.c319635a.mjs

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.119.68.163 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-119-68-163.us-east-2.compute.amazonaws.com

Software

Resource Hash

ce8c9ccdc473d7b04bbbb69f3ddf561c234278ca3984d0de4ac1596cad0c0203

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Referer
Origin: https://goheels.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:43 GMT
strict-transport-security: max-age=15724800
content-encoding: gzip
last-modified: Tue, 16 Jan 2024 18:03:01 GMT
etag: W/"43a-18d1370e008"
x-cache-status: STALE
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536

GET
H2 200 Home-ad2d1e47.css
goheels.com/assets/ 18 KB
4 KB 138ms
138ms Stylesheet
text/css 18.119.68.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://goheels.com/assets/Home-ad2d1e47.css

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.119.68.163 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-119-68-163.us-east-2.compute.amazonaws.com

Software

Resource Hash

ad2d1e4762e5f376ef80755fe49d1673b9ca82e4a78b2081bf30cbee814acdc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:43 GMT
strict-transport-security: max-age=15724800
content-encoding: gzip
last-modified: Tue, 16 Jan 2024 18:03:01 GMT
etag: W/"4983-18d1370e008"
x-cache-status: MISS
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536

GET
H2 200 550 Show response
a.ad.gt/api/v1/u/matches/ 12 KB
4 KB 402ms
361ms Script
application/javascript 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/550?_it=amazon
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26334c349db9af44eec7d43ca59f7fabc098b8b1a750041db959a366ee1d9950

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:44 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Thu, 25 Jan 2024 05:38:47 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cross-origin-resource-policy: cross-origin
cf-ray: 84ae3a96ff5171ac-FRA

GET
H2 200 container.html Show response
67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9135 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://goheels.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 25 Jan 2024 05:48:43 GMT
expires: Fri, 24 Jan 2025 05:48:43 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame BD79 0
342 B 69ms
43ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARi5v53cATAB&v=APEucNXXCzTQa6zY-ZouviH2xjuJZW5M9PEH1KXxeBBv8j7GEjX7JqjBNPF41dPLDCYmy8b3fMN6nSA8pJfdHL9O5AJnoGiT3w

Requested by

Host: 67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com
URL: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 25 Jan 2024 05:48:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame 9135 23 KB
9 KB 29ms
8ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js

Requested by

Host: goheels.com
URL: https://goheels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 23:30:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22714
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 16165788300067284045
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Feb 2024 23:30:10 GMT

GET
H2 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/ Frame 9135 8 KB
4 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: goheels.com
URL: https://goheels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 23:30:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22714
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3206
x-xss-protection: 0
server: cafe
etag: 12640889860211258669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Feb 2024 23:30:10 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 9135 0
0 85ms
48ms Fetch
image/gif 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsuosVJ6a7_nJQql9yJVyyNkEutkHEVL5qNTJ9XKi71tkJCK4_qHxmrAejGPQL7I6UZ_xNU1BYKJZkkrc0FFmUjs3rEAosvrKKQXC9SbeXjjLD6IkYXHLBr5GITS5QELNhxlFs7jk5AdUCH4U_N1zWmfk-Y6Nc8VxS26DJPr2TJvytPunQYgYTv1VYo5U_g_FkstNLJW13npyyTkdst-kl69ZBCJlyea0W-iWMgKyOd0vDtTwMtdQuT7hPdqRBSo4P4NjYCsShA3MljGCHSl7n755JHdCDgvdRw0mF5ojght0ilWRYCas3lNdLfr-5JIf1oFR1rP3KWDQF7ZKvZwcnHBXlBWF3wOZSd1gAtnxRGisHmx7SBuGzcJ6xWaZzeLxgIKVeEmuykTaAl7JQcKdyGeHLYL_D9X0ElJuljXuOlD4D3CSE_pgrXDnQWDHb0oTrn_NJxt1YSOSvGbHn9tPPdqRDv7ow8qT5_lb6enpP14bH_WKXVHoDW5bjz-JWuk2GtqFNBw74FmGSgpVvmmQTZbFCWs_qr8T5ZAeX4y0Mtm2Xc2g54M_o78RPqdoT0YJ15k9JTvwYBbwv5-mnC7JFigQlRX8tOQpwsZprQip4U7ZRzrGnCSY1OGuVx951ZDLL19U174K5Ij2GcJDIEKadEk2ttYCt85HgZssUuVTSzgz9BqQaeNWFfyrBWk4_yqeSyfbkd-9SmTNMJgNZ0YGe0Z8HWaJRFJ48Xrg3EKJY57ATXGkgWyuRuvBrlp_dkdpJ5nf47KHoq9Lalydl9B5DTjHLnXWQVuHSMp3uQXkCamyDcFD-ycZ4dwsoRRgDd4QlJolc79SkhqrtVfwd3q1fRPyhdUjc0FEXFNo6XxJiqn1HNGIrPCkqjt39IUc0Hg5rBntl5d1HgTv6CruVPkZ9TkCsX2V3dXGTli2e01HxshkL8am1V7tmgCeojeMLTTNdo92rPGpspfgIzbt46YmOyJcMdrpBWCVz8jfI5ZF_rWsDsmO3TIKzL8TaQOcxvGgZt5IBtlhRvm4VaD3IFHimoU8NsK1AKHmB19K5oNQiMXGioIxQ3sogNqA1Tizg8dmh9KX_frvq16HaO8XR4Pg9HOYVeRLjxeYNeHW4SUjKXVhtzSEpnYb5stW9baScpD-0xvE8vmZ_cz58N1T86O_h_HYY96gW4akqkeW5S0RDDofKmnLhaffaO49alICVKNeQEhkZyyP0LI8oPlTL33GtYmSsKNfLOzta9CX7NTvAUH9muRxN1eP0w5iGRBXO5fdHCfF-1q7hXbCqNcuI2-I8-XR_kVvQ-U5yWF-Cp9BaRSvkAhAWVLIwzyWx4kqZRWaIjxk0-4J_N3mpql2kdqGlsveDAkBnOpK-JWMe2P-UFAJYjD2i8cyisyBXk6WASwwNAyEJvpCDk5HIaacYU0fyen-Q4q9FHru9YlSg&sai=AMfl-YRKoywpZtqYKR_H2Qqe5gsML-F9PTgX4Wsd-5bI74i47RDNyCZoO47dHynMz42hsEmatIWA3lkkj7QBYNGhOtWVRCh-gidDCcbzCfsxGxvvS24V0Z6uYklA7OuWwAV3qFKzNoYgASIRpdSJBbOLuo1wXoi5LggqjRqJBL9d700e39uwTnbOjeBuQlbUCrlKTqxeq4zGSUWrNUseh_yqpiSJxedrwJL-qSrkG7ouvLfLcPtmVSxcGk-JvoM9cbHL4hEEd2kvCvmSf6iLd6aOZD3dovzJ_iDJtuDd3Dg3mLL8thKGYd5Q1NFdKZd8jio13107oXjCQJcLFG8T_RpAZAk67t_FxoonLn0tGdZvM6XsBkhd2eKkAITYw-MqRq0_gC_8t0D8BxRpbh2rZQyOSjpbY3MWqkpF58YqIW4ynuk&sig=Cg0ArKJSzGhX3F8nCzyaEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9maXZlcnIuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20240122.99794&arae=0&ftch=1&adurl=

Requested by

Host: goheels.com
URL: https://goheels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 25 Jan 2024 05:48:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 9135 41 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: goheels.com
URL: https://goheels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:39:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 108527
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 23:39:57 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 9135 3 KB
1 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Host: 67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com
URL: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 18:37:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40260
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Feb 2024 18:37:44 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 9135 20 KB
8 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com
URL: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 23:41:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22007
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Feb 2024 23:41:57 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9135 42 B
174 B 56ms
39ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C8owtO3fzbfTLPB6_5rpI8BCwScVKLsMwhwAaPzZXNWRcgJ333azi2oeE9fWkWByMypt46V2cV4g34tab8b5KqSLW2qklgkvr4hUUQpNgouUbsXEg

Requested by

Host: 67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com
URL: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 05:48:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 9135 0
0 15ms
14ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR2qxk-goTDsKeWK2PbABrTKoJ-QcwRxRuiki2h16PWY4pVoy9UgHkOdDrFbsdgimixDk_-
Requested by: Host: 67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com
URL: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9135 205 KB
65 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com
URL: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66337
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706100845105677"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Jan 2024 05:48:44 GMT

GET
H2 200 pixel
protected-by.clarium.io/ Frame 9135 68 B
245 B 95ms
30ms Image
image/png 63.32.16.169
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_Mmt0M2tyRGVtSGtUVmx3SkhGR0ZfRVJ0LUhJLzI2OTkxODY4Mjg6MzAweDI1MA==&v=5&s=v31hkvijmo2&id=eyJkZnAiOnsiYWQiOjQ1NzMxNTI4NzEsImMiOm51bGwsImwiOjAsIm8iOjI2OTkxODY4MjgsIkEiOiIvMjE3MDg0NDkyMjcvVU5DIiwieSI6MjIxMjQ2LCJjbyI6MCwicyI6Imh0bGFkLTQtZ3B0In19&cb=7668086&h=goheels.com&d=eyJ3aCI6Ik1tdDBNMnR5UkdWdFNHdFVWbXgzU2toR1IwWmZSVkowTFVoSkx6STJPVGt4T0RZNE1qZzZNekF3ZURJMU1BPT0iLCJ3ZCI6eyJvIjoyNjk5MTg2ODI4LCJ3IjoiMzAwIiwiaCI6IjI1MCJ9LCJ3ciI6Mn0=
Requested by: Host: 67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com
URL: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.16.169 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-16-169.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Thu, 25 Jan 2024 05:48:44 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.18.0 (Ubuntu)
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 16372568333802491740
s0.2mdn.net/simgad/ Frame 9135 68 KB
68 KB 42ms
7ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/16372568333802491740

Requested by

Host: 67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com
URL: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dac605bdaa0279febb4e4a9df2ba16289b31409b9d39c221735e17412cefd3c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 22 Jan 2025 19:18:08 GMT
date: Tue, 23 Jan 2024 19:18:08 GMT
x-content-type-options: nosniff
age: 124236
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69364
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 13:52:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 container.html Show response
67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F35C 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://goheels.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 25 Jan 2024 05:48:43 GMT
expires: Fri, 24 Jan 2025 05:48:43 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7AC0 0
54 B 44ms
44ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARju3Z3cATAB&v=APEucNWvzaX-KRkhmKuMJeCT1Nk4HBfvLBwfz-YcSlrurCIW-3WPwxVV5IlvJF2OBTBVjPpyBG5DMsIdnSfvAicNCEI1sz3qrQ

Requested by

Host: 67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com
URL: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 25 Jan 2024 05:48:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame F35C 23 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js

Requested by

Host: goheels.com
URL: https://goheels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 23:30:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22714
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 16165788300067284045
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Feb 2024 23:30:10 GMT

GET
H2 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/ Frame F35C 8 KB
3 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: goheels.com
URL: https://goheels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 23:30:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22714
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3206
x-xss-protection: 0
server: cafe
etag: 12640889860211258669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Feb 2024 23:30:10 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame F35C 0
0 49ms
48ms Fetch
image/gif 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsuucLzpCRh7A2gBq9I0rk4pse5dkHVhsdL4LivAWju1hCqz-GuG1CFHHUWhOtDQtIK2ZfLCkf6HyAhfhlETFBanW94PjygajyqLTGop7x6LqKsfwsc-Gbjw9vCD7gDRe7B3jm1nfDcKI5KMW1ce0JO0Jp9rlb1j_b2LtBkh9bQnWAVurLWPDmZ1GdRfJsPU3kGWEfxGcU6G2u2foSMsZ4cQrlCFkR5O3eDlukSsOLwWGWw5W4wsNOt47TSexifClkquEP4niGcoVwEUxindepuv_SMDFRRGGeDxxjks0rUovnXAsICCYxQtz7TuNll_UtzNd4wQS7za_ke4Rc8GlN73E0f0y1Awn9fS55EDqkRnVnezJSZ_H7BmildnkwloYlBDrH6CHrUTwdI1jfKxMnzmKrXGUytxiuQy6vFFhwYezByenOQjiBMKWdV7kKKzVTzTi5f5jSCKyPN4bULm9mj6n6oKNg7xwLhspiy8-1q7WpCL5jo0lUG4dAYWGFZOCNUtkD1cWt4YO1MEhDLVLo8f-2aKuf8MoTShZtmXPCNe5YQH79NteR9JXtEe7jrb44x_B5NRwrpMqh_jP8nha0IuE1P0MkXHpZ1evbwi8Qgq6UnsPyif8fHx1yJBpF2P3A5rp2B-pgfUOKXbXBqU-osGioc_ebBGp7Arp869GsXSewkoCjTJ09EybRZmJrhNfU9nOZSmpWpc8mOqhFVqXIFZ4eR01FHJHLYVWd2zZaW_XgKHthmw86XHblIwudnzjkFQM3kom9wQt5H7jr-47z0wCvSr8BzytHw2MdyX0DgmUlKDYDszZ_g89kC9YzvDhE1fSkWGjJH_ssLXKFOizD_Ld8tTgQfPDpBQw4gIHSXMbw0NlhpTN6DW6YGqnjB4mK1LAxYLtAKdiQha4pMOwQRGQ_vGnEFsfv8MLDrtPXztU_ev4B8BeOJUPVvZPJhT6clFmRnUBOdWfrJSN_MSLAaTcfCtZJg7wDAZ13_DnY9PlLldmT_xr9z4uSc1BSE4NRSrDYQqjvnIA8QCnwt6oXYKy4zNvNBIaZgcY26iGu04hZRgN0vujULdPZdc7c4t1dsvkSsjvjcrfLz9QLwWbn4enKzxwbjeNo_Qk-wkB8-gCUrHOe1DbOEzFjJc0lAuCNi8s-SPHiwjJhUbDqfFjTyxn8xUN1B_eyEElTfj_azWt_5g_HkibR-J5PEaGDRGDJmN6_uuDM-vYixU-9vmWUnYNpHg67OlZ9dIL4cmYqbhq_60FVTgG8BIcNbXgUb2llTyemEfDougkN-6Rg33HYEEV-D3r9R_ukjPZl3znpcKCYs37VM6iIaYQg8yxvelerJtKlZScSayzP4k6f9pM07B9epPSpKPTeH4n8Wdj_Dh0c4PtgI0BYc_HCUAuMmXQHOl5dSGGdij6pjdAB8h20wldDZ-H2wp6nKh8Wi3ihP3zmnrzmMi5m-t&sai=AMfl-YT__nfEdvpe2bu-uf5rTKsNj5pwK5kIbBdbdZFSPYAUsT28Bif5KM26vX1McJIdd4OXE41mdslA9hT_lJYAI6DVADquJErCCC4YKGQLZnB-S8JbZcBavGOWMTVCQ29BxKIkQFuUKaAPFKK0_VW9LWaC2iMTdcgSgNyPyNzExjbaqxTY4YOitN4hOISK6SUb4GazJLexGG6F5gf2PB4ZkYe4LS2RmgCta4GzcyJo0zNjSDDVRrOP_S0tQQ1Dps4kPY50Mb5VcQm6YxGHrjuGVm_IvlD7NBLCYVcTKfAXMnIXQRWx-VjEjWZFoL5jcfVD8Q9-ZVyMjIVeuKp66O2L-ph4WR2zpgrD_IuyN_iuxdQQWAlcd5vUDl2203yXJxS5hvm4AJc2XetrIJjlDocPc31b4h-tr-97v8jTlks&sig=Cg0ArKJSzOqcxy3QtgL0EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9maXZlcnIuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20240122.82508&arae=0&ftch=1&adurl=

Requested by

Host: goheels.com
URL: https://goheels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 25 Jan 2024 05:48:44 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Thu, 25 Jan 2024 05:48:44 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame F35C 41 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: goheels.com
URL: https://goheels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:39:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 108527
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 23:39:57 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame F35C 3 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Host: 67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com
URL: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 18:37:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40260
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Feb 2024 18:37:44 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame F35C 20 KB
8 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com
URL: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 23:41:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22007
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Feb 2024 23:41:57 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame F35C 42 B
108 B 39ms
39ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Ass_JF5zOh_mtlV8_kzOvOU3GIE5A22ONZuxIJXN_7e42mS74efucvJ9CVA5ZJj3HF2xGIbiTOap3Pnvpt7m85zIJWL_bE15NgIowHtxkNkvQuO4Q

Requested by

Host: 67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com
URL: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 05:48:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame F35C 0
0 15ms
14ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSqx-nNNh_UDKWk1uNYgEdvsjY_X9JTsjYGdevRvmo2IkgnyjFLOFL9n23aodPCpaltQT6F
Requested by: Host: 67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com
URL: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame F35C 205 KB
62 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: 67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com
URL: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6039c0e8da2c0af4d0ddac49d03558864cbc9ba84fc3b20eee6b331eee12a2e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:35:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 786
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63000
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-7
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 06:35:38 GMT

GET
H2 200 pixel
protected-by.clarium.io/ Frame F35C 68 B
244 B 29ms
29ms Image
image/png 63.32.16.169
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_Mmt0M2tyRGVtSGtUVmx3SkhGR0ZfRVJ0LUhJLzI2OTkxODY4Mjg6NzI4eDkw&v=5&s=v31hkvijmsm&id=eyJkZnAiOnsiYWQiOjQ1NzMxNTI4NzEsImMiOm51bGwsImwiOjAsIm8iOjI2OTkxODY4MjgsIkEiOiIvMjE3MDg0NDkyMjcvVU5DIiwieSI6MjIxMjQ2LCJjbyI6MCwicyI6Imh0bGFkLTEtZ3B0In19&cb=3217455&h=goheels.com&d=eyJ3aCI6Ik1tdDBNMnR5UkdWdFNHdFVWbXgzU2toR1IwWmZSVkowTFVoSkx6STJPVGt4T0RZNE1qZzZOekk0ZURrdyIsIndkIjp7Im8iOjI2OTkxODY4MjgsInciOiI3MjgiLCJoIjoiOTAifSwid3IiOjJ9
Requested by: Host: 67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com
URL: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.16.169 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-16-169.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Thu, 25 Jan 2024 05:48:44 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.18.0 (Ubuntu)
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 708190053744100429
s0.2mdn.net/simgad/ Frame F35C 43 KB
43 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/708190053744100429

Requested by

Host: 67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com
URL: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f5aeb5b3fcdc65cd0be6b7c92c90c3463099d05f9560e059a3d0681fa363529

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 23 Jan 2025 00:01:30 GMT
date: Wed, 24 Jan 2024 00:01:30 GMT
x-content-type-options: nosniff
age: 107234
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43707
x-xss-protection: 0
last-modified: Wed, 23 Mar 2022 17:15:32 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 9135 0
0 43ms
41ms Fetch
image/gif 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsuosVJ6a7_nJQql9yJVyyNkEutkHEVL5qNTJ9XKi71tkJCK4_qHxmrAejGPQL7I6UZ_xNU1BYKJZkkrc0FFmUjs3rEAosvrKKQXC9SbeXjjLD6IkYXHLBr5GITS5QELNhxlFs7jk5AdUCH4U_N1zWmfk-Y6Nc8VxS26DJPr2TJvytPunQYgYTv1VYo5U_g_FkstNLJW13npyyTkdst-kl69ZBCJlyea0W-iWMgKyOd0vDtTwMtdQuT7hPdqRBSo4P4NjYCsShA3MljGCHSl7n755JHdCDgvdRw0mF5ojght0ilWRYCas3lNdLfr-5JIf1oFR1rP3KWDQF7ZKvZwcnHBXlBWF3wOZSd1gAtnxRGisHmx7SBuGzcJ6xWaZzeLxgIKVeEmuykTaAl7JQcKdyGeHLYL_D9X0ElJuljXuOlD4D3CSE_pgrXDnQWDHb0oTrn_NJxt1YSOSvGbHn9tPPdqRDv7ow8qT5_lb6enpP14bH_WKXVHoDW5bjz-JWuk2GtqFNBw74FmGSgpVvmmQTZbFCWs_qr8T5ZAeX4y0Mtm2Xc2g54M_o78RPqdoT0YJ15k9JTvwYBbwv5-mnC7JFigQlRX8tOQpwsZprQip4U7ZRzrGnCSY1OGuVx951ZDLL19U174K5Ij2GcJDIEKadEk2ttYCt85HgZssUuVTSzgz9BqQaeNWFfyrBWk4_yqeSyfbkd-9SmTNMJgNZ0YGe0Z8HWaJRFJ48Xrg3EKJY57ATXGkgWyuRuvBrlp_dkdpJ5nf47KHoq9Lalydl9B5DTjHLnXWQVuHSMp3uQXkCamyDcFD-ycZ4dwsoRRgDd4QlJolc79SkhqrtVfwd3q1fRPyhdUjc0FEXFNo6XxJiqn1HNGIrPCkqjt39IUc0Hg5rBntl5d1HgTv6CruVPkZ9TkCsX2V3dXGTli2e01HxshkL8am1V7tmgCeojeMLTTNdo92rPGpspfgIzbt46YmOyJcMdrpBWCVz8jfI5ZF_rWsDsmO3TIKzL8TaQOcxvGgZt5IBtlhRvm4VaD3IFHimoU8NsK1AKHmB19K5oNQiMXGioIxQ3sogNqA1Tizg8dmh9KX_frvq16HaO8XR4Pg9HOYVeRLjxeYNeHW4SUjKXVhtzSEpnYb5stW9baScpD-0xvE8vmZ_cz58N1T86O_h_HYY96gW4akqkeW5S0RDDofKmnLhaffaO49alICVKNeQEhkZyyP0LI8oPlTL33GtYmSsKNfLOzta9CX7NTvAUH9muRxN1eP0w5iGRBXO5fdHCfF-1q7hXbCqNcuI2-I8-XR_kVvQ-U5yWF-Cp9BaRSvkAhAWVLIwzyWx4kqZRWaIjxk0-4J_N3mpql2kdqGlsveDAkBnOpK-JWMe2P-UFAJYjD2i8cyisyBXk6WASwwNAyEJvpCDk5HIaacYU0fyen-Q4q9FHru9YlSg&sai=AMfl-YRKoywpZtqYKR_H2Qqe5gsML-F9PTgX4Wsd-5bI74i47RDNyCZoO47dHynMz42hsEmatIWA3lkkj7QBYNGhOtWVRCh-gidDCcbzCfsxGxvvS24V0Z6uYklA7OuWwAV3qFKzNoYgASIRpdSJBbOLuo1wXoi5LggqjRqJBL9d700e39uwTnbOjeBuQlbUCrlKTqxeq4zGSUWrNUseh_yqpiSJxedrwJL-qSrkG7ouvLfLcPtmVSxcGk-JvoM9cbHL4hEEd2kvCvmSf6iLd6aOZD3dovzJ_iDJtuDd3Dg3mLL8thKGYd5Q1NFdKZd8jio13107oXjCQJcLFG8T_RpAZAk67t_FxoonLn0tGdZvM6XsBkhd2eKkAITYw-MqRq0_gC_8t0D8BxRpbh2rZQyOSjpbY3MWqkpF58YqIW4ynuk&sig=Cg0ArKJSzGhX3F8nCzyaEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9maXZlcnIuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=154&vt=11&dtpt=153&dett=2&cstd=0&cisv=r20240122.99794&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: goheels.com
URL: https://goheels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 9135 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8e741985501bcd867706c40668d44b5100be12880a23dc6275888aa92d335211

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame F53D 38 KB
13 KB 7ms
6ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: goheels.com
URL: https://goheels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 115172
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 23 Jan 2024 21:49:12 GMT
expires: Wed, 22 Jan 2025 21:49:12 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK 1x1-pixel.png
ams-pageview-public.s3.amazonaws.com/ 68 B
448 B 322ms
115ms Image
image/png 52.217.125.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ams-pageview-public.s3.amazonaws.com/1x1-pixel.png?id=83ab45ad23db
Requested by: Host: goheels.com
URL: https://goheels.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.125.65 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 05:48:45 GMT
Last-Modified: Mon, 26 Oct 2020 16:52:19 GMT
Server: AmazonS3
x-amz-request-id: GVWY1BF24N5ZJT2X
ETag: "91e42db1c66c0b276abf6234dc50b2eb"
Content-Type: image/png
Cache-Control: no-store
Accept-Ranges: bytes
Content-Length: 68
x-amz-id-2: cIiUtUcO3I7vOfGjISa/2T8w+PelXkLTbpRS5Y/FslfjaRUTlKzkWqyKpVC5Cnu+/ZP08ibsCVs=

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame F35C 0
0 42ms
42ms Fetch
image/gif 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsuucLzpCRh7A2gBq9I0rk4pse5dkHVhsdL4LivAWju1hCqz-GuG1CFHHUWhOtDQtIK2ZfLCkf6HyAhfhlETFBanW94PjygajyqLTGop7x6LqKsfwsc-Gbjw9vCD7gDRe7B3jm1nfDcKI5KMW1ce0JO0Jp9rlb1j_b2LtBkh9bQnWAVurLWPDmZ1GdRfJsPU3kGWEfxGcU6G2u2foSMsZ4cQrlCFkR5O3eDlukSsOLwWGWw5W4wsNOt47TSexifClkquEP4niGcoVwEUxindepuv_SMDFRRGGeDxxjks0rUovnXAsICCYxQtz7TuNll_UtzNd4wQS7za_ke4Rc8GlN73E0f0y1Awn9fS55EDqkRnVnezJSZ_H7BmildnkwloYlBDrH6CHrUTwdI1jfKxMnzmKrXGUytxiuQy6vFFhwYezByenOQjiBMKWdV7kKKzVTzTi5f5jSCKyPN4bULm9mj6n6oKNg7xwLhspiy8-1q7WpCL5jo0lUG4dAYWGFZOCNUtkD1cWt4YO1MEhDLVLo8f-2aKuf8MoTShZtmXPCNe5YQH79NteR9JXtEe7jrb44x_B5NRwrpMqh_jP8nha0IuE1P0MkXHpZ1evbwi8Qgq6UnsPyif8fHx1yJBpF2P3A5rp2B-pgfUOKXbXBqU-osGioc_ebBGp7Arp869GsXSewkoCjTJ09EybRZmJrhNfU9nOZSmpWpc8mOqhFVqXIFZ4eR01FHJHLYVWd2zZaW_XgKHthmw86XHblIwudnzjkFQM3kom9wQt5H7jr-47z0wCvSr8BzytHw2MdyX0DgmUlKDYDszZ_g89kC9YzvDhE1fSkWGjJH_ssLXKFOizD_Ld8tTgQfPDpBQw4gIHSXMbw0NlhpTN6DW6YGqnjB4mK1LAxYLtAKdiQha4pMOwQRGQ_vGnEFsfv8MLDrtPXztU_ev4B8BeOJUPVvZPJhT6clFmRnUBOdWfrJSN_MSLAaTcfCtZJg7wDAZ13_DnY9PlLldmT_xr9z4uSc1BSE4NRSrDYQqjvnIA8QCnwt6oXYKy4zNvNBIaZgcY26iGu04hZRgN0vujULdPZdc7c4t1dsvkSsjvjcrfLz9QLwWbn4enKzxwbjeNo_Qk-wkB8-gCUrHOe1DbOEzFjJc0lAuCNi8s-SPHiwjJhUbDqfFjTyxn8xUN1B_eyEElTfj_azWt_5g_HkibR-J5PEaGDRGDJmN6_uuDM-vYixU-9vmWUnYNpHg67OlZ9dIL4cmYqbhq_60FVTgG8BIcNbXgUb2llTyemEfDougkN-6Rg33HYEEV-D3r9R_ukjPZl3znpcKCYs37VM6iIaYQg8yxvelerJtKlZScSayzP4k6f9pM07B9epPSpKPTeH4n8Wdj_Dh0c4PtgI0BYc_HCUAuMmXQHOl5dSGGdij6pjdAB8h20wldDZ-H2wp6nKh8Wi3ihP3zmnrzmMi5m-t&sai=AMfl-YT__nfEdvpe2bu-uf5rTKsNj5pwK5kIbBdbdZFSPYAUsT28Bif5KM26vX1McJIdd4OXE41mdslA9hT_lJYAI6DVADquJErCCC4YKGQLZnB-S8JbZcBavGOWMTVCQ29BxKIkQFuUKaAPFKK0_VW9LWaC2iMTdcgSgNyPyNzExjbaqxTY4YOitN4hOISK6SUb4GazJLexGG6F5gf2PB4ZkYe4LS2RmgCta4GzcyJo0zNjSDDVRrOP_S0tQQ1Dps4kPY50Mb5VcQm6YxGHrjuGVm_IvlD7NBLCYVcTKfAXMnIXQRWx-VjEjWZFoL5jcfVD8Q9-ZVyMjIVeuKp66O2L-ph4WR2zpgrD_IuyN_iuxdQQWAlcd5vUDl2203yXJxS5hvm4AJc2XetrIJjlDocPc31b4h-tr-97v8jTlks&sig=Cg0ArKJSzOqcxy3QtgL0EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9maXZlcnIuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=42&vt=11&dtpt=41&dett=2&cstd=0&cisv=r20240122.82508&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: goheels.com
URL: https://goheels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 5828 38 KB
13 KB 6ms
6ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: goheels.com
URL: https://goheels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 115172
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 23 Jan 2024 21:49:12 GMT
expires: Wed, 22 Jan 2025 21:49:12 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F35C 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9604588db7fd07d44bb9512b7aaa95a4ccfc0126ae0d789387adc23b6ee4020f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame F53D 39 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 23:30:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22716
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Jan 2025 23:30:08 GMT

GET
H3 200 WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js Show response
pagead2.googlesyndication.com/bg/ Frame 5828 50 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5828ff27c35c12c94d0d8b3cdfd77b28606034437c009902d28cf7f5bcb6a907

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 23:30:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22712
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19599
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Jan 2025 23:30:12 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F53D 0
20 B 40ms
40ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BrSjRO_axZZ7BLPmV7_UP5d-C4AwAAAAAOAHgBAI&bg=!VFelVxjNAAa8BdJLnAU7ADQBe5WfOK_6WtSzMTDt0g6Jfm4kkd3054zazQFnUrrXAAE55dXmxTP2_qpon0xyAL2rnBfLAgAAAEBSAAAAAmgBBwoAJTHgawme1T9y_CKWcFUdDX4lfDJYv3f02re76q3IYnRzf2_8epGZAvgIgqoz6N480eSQ2rOzw-K66HtxpMaY0jM9eubLoeFEMpZ_ImOnH-r1PN1Dokxq40mz0XHZvySbOTeIGbDY_EAzeClkCK5HZnyFVf62zIMVeuojvEdbITmLJe3frqs2GZlaNdyuaBuxXvIv3dUUcu10fHm1JXtGbvwdV2UdHf0D6EZz0N8EDCV0h8Uv1GzhnzvOdVGbcGd32JmBkt3l3bnAcAQV0BmrGdrlu6WZAmsNJ2sS6rMwW3WiAp3W2uaobVVGcKN2vXqQvA28AF_iqDXw8NF4rpdn8tJGshPSuz1LP-Sb6B6aF8nQOdhADOPFd3bNhjOqz_AoUK_OH_zhtLClq9HBcnuO100UlQctLsUrD5mxC4w495_KskH4SFTBKK3K_xCvox-lFgzpxZ1J7j8KpFe3jo9x0BPWQ8o8ib8sNAH4kwY_P4G8WXWcCrtDGEhSV880zUlTxmKQDg4SRdqKBYeeSU10gvNqWt1vS5hHPeuUa7G_Hz-AmjhMxwT0f6XUvZHW3vWp0z5Vfj6n4XTaxR-41AGpmI2DbRiaXj2FnlSLMUXdVYtWWc4lH4majCLskblt_3q-FRQLiKZ4v4CnxlZNwvnkNuSs9j_5bdCcdM1gAQxQArVLAEuk4Ze03tvIJIvxqXB0Bjml-Eo7t1pgTsGMZtJTOAHBIXefrMcwlSuCmiOfirwliNjgufUN0apc-oLAiHbOLuYBvM26NABw0qEZyvRaHrmoh8WmTimsGLSHEi4DsHXYjmX4UdqbHyC4NXK4CPAehriw1YXvOjLSjKJTWK9zPxAIAtNn1jkjFZd9HvFfZ154mS7TT0n2WyE6Xs-oO2ur4Jrw5Wgmqmz_iyMVJFp64COmueoO4XgX4BLt5apzPdAxTv7muBv1b0KDAp1byk26bQKdnuBqarEeh_vuDqMlki5NSm1HTKJucSgwxhdEfltLHX0nRsZGbyZ1NAuqIZjXSt2HgLZ7xiDehrYuzrF_o4RAi2pLjGMifgZAws-Y7WZt

Requested by

Host: goheels.com
URL: https://goheels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 05:48:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5828 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BNudXO_axZa6eKc2N7_UP7PGO0A8AAAAAOAHgBAI&bg=!R0SlRAvNAAZVxkGXdcY7ADQBe5WfODRfl7utEJCSGjrm-AgDQoFlYe88JtBEElWorqlRcAHKAEM0Lz_q2LHHoma5UKWMAgAAAD9SAAAAAmgBB5kDBEgrHOko3nx5ArWzM1bhdVPz5az5dBh_uUKzl71EtnQ2uVwhogUTOXyfr6tAGO3wDTGt03PL1tZKMqY8hA_Dtzreq7Mv0aCRKAMTIE6WPZjVwVbhTUIbHuA93Fa24Pne62khXOO8RUAtX17tUi88jeugIFUOGgkFPQ8TTwroCy9cU6gG9bU_UsuGh109JpyLAEIVnulyTLXwfoCoSvvNVFbdJhmVAuOb9z0XDeIH2z0d0t6WhApShMbvTviXByVFfnuzFzV2mYXd2RA7z38fQeG-zaTQukAjJwlx5rh-dN5XKNRjoApY5UAUSNr2syQhA4Z08-j8-e9hJWKMj84MzCGizjdwAl5cYj_URFxPBgrEDPtAjjmEUZ09fbXpq7ix2pdTW61K7puUGfSswcgMNvKqnICHkBZ-sjm_VaKDphKc-tmb3_Ov1WnZ7Z-TuLOVQ9Zc_dOku0H597y0CdVuRLlMpPzc9YWhR-Ds93OL6eBRfS7VxMIMtraIEe2ov2NmpvTGmcpOdGece2aBmqmcmu5Neq80G6TTziIiMO2_Pyitc2BZ2MADSRkC8aeH6nv00EQ_qIfMjlp9PS3od_cicPvpdpdExhdFGRpxV1gAm3J_su-iA4sLToV6TTfZcFfa_8GleT_IUZIhroHWQttNMdqORaozV_NUw9vgtx_MQclp9nD3_iXjrYEYMgyeI1vnC-rZBovTMiK5vW7yLY8zMD16VX8hgB_w7UWMqJBWS1hnZYCl9Liwx6XC8FP4jYaYmXKy4n8fAYM-DfWfUtR-M2nL9ZzxFDU-9u4_o5L3Phw_FCnEXW-mu2vz5dEcMEpbFYamspTLL2mbPjtvbTWcvAC6bVsAgddratprnovlvWqeR_TvT4J9O2waqd8UW4mgplj-fEG48V-T4e7v46aNinBpCQyuUncaghxcMaPlUdkh4z-JvIUi2mNlYhfY78DXhFzlHvovV9_QYdo2CX4KImhH_22z1o4saTwAwtN5ddCUtFdZTtZUImS4PTTGRX3d8mFgpOE

Requested by

Host: goheels.com
URL: https://goheels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 05:48:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 64ms
50ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401180101&st=env

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

376fd69516b79397b81bb32aec73d750807098515ba035eaaa1614500e245122

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12201
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 258 KB
88 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Y29PC3P5S9&l=dataLayer&cx=c

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3f7aca346efd8183a690b3af905aadbe8a8d8fe064a7b949cd3f5b3c1360b4e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89524
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 25 Jan 2024 05:48:44 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
252 B 34ms
13ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-Y29PC3P5S9&gtm=45je41m0v882570456z8833217870&_p=1706161723231&_gaz=1&gcs=G111&gcd=11t1t1l1l5&dma_cps=sypham&dma=1&tag_exp=71847096&cid=1970315308.1706161724&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1706161724&sct=1&seg=0&dl=https%3A%2F%2Fgoheels.com%2F&dt=University%20of%20North%20Carolina%20Athletics&en=page_view&_fv=1&_ss=1&tfd=2692
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 05:48:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://goheels.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
243 B 60ms
20ms Ping
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-Y29PC3P5S9&cid=1970315308.1706161724&gtm=45je41m0v882570456z8833217870&aip=1&dma=1&dma_cps=sypham&gcs=G111&gcd=11t1t1l1l5
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 05:48:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://goheels.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
409 B 38ms
18ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Y29PC3P5S9&cid=1970315308.1706161724&gtm=45je41m0v882570456z8833217870&aip=1&dma=1&dma_cps=sypham&gcs=G111&gcd=11t1t1l1l5&z=1014767725

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 05:48:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 25 Jan 2024 05:48:44 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
55 B 16ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-Y29PC3P5S9&gtm=45je41m0v882570456&_p=1706161723231&gcs=G111&gcd=11t1t1l1l5&dma_cps=sypham&dma=1&tag_exp=71847096&cid=1970315308.1706161724&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1706161724&sct=1&seg=0&dl=https%3A%2F%2Fgoheels.com%2F&dt=University%20of%20North%20Carolina%20Athletics&_s=2&tfd=2710
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://goheels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 05:48:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://goheels.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 37F5 13 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://goheels.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 40256
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 24 Jan 2024 18:37:48 GMT
expires: Thu, 23 Jan 2025 18:37:48 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E763 829 B
561 B 18ms
18ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fac269511c17b0f4631c3a1ee5bf5febf572f4316c2918e05beca7b1c225d31c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-fUia9N8Dx6_k4zpKg0vwFA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://goheels.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-fUia9N8Dx6_k4zpKg0vwFA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 25 Jan 2024 05:48:44 GMT
expires: Thu, 25 Jan 2024 05:48:44 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B769 42 B
64 B 41ms
40ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvh4NXs4ulMGQGrk86Az_3gW3WLWEHO7M7D1vqKapJKp8btt8xXgqnDsQz9nsHoDXDyNg9qiiewYpfIzEp962GB461wfTL8wbFik71P69SXquJ9EdbZhFZkAqrPfyA6SZMzF_fWf9aOV5NbJpsLMyIOqg&sig=Cg0ArKJSzOl6GcbIcXkrEAE&id=lidar2&mcvt=1001&p=56,823,106,973&mtos=0,1001,1001,1001,1001&tos=0,1001,0,0,0&v=20240124&bin=7&avms=nio&bs=1600,1200&mc=0.99&vu=1&app=0&itpl=3&adk=3834413431&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=170616172300&rst=1706161723705&rpt=135&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 05:48:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 43F5 42 B
64 B 41ms
41ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu2cXjqv1KZeql2XoHJG7J5v6k4GQ_S-yLr7ov8wUeRn9054mWiXaPHXRPWaOXxZ89x-BtkI-mpmWo7Q3c1QhMq26JlkBmBOt3YvVLQ4U27zMSD_mUzQwZ0f2h5cMAE7DwH1aChm-UJPJFIbHPZMi6y3w&sig=Cg0ArKJSzIM3xT5iJwmUEAE&id=lidar2&mcvt=1003&p=140,994,190,1144&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20240124&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1565439538&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=170616172300&rst=1706161723712&rpt=106&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 05:48:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 37F5 39 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 23:30:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22716
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Jan 2025 23:30:08 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E763 0
0 37ms
36ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401180101&jk=2944138713192369&rc=null
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 37F5 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?qsoKRA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:44 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 SidearmSkipPauseLinks.es.c81d5a68.mjs Show response
goheels.com/ 781 B
744 B 107ms
107ms Script
application/javascript 18.119.68.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://goheels.com/SidearmSkipPauseLinks.es.c81d5a68.mjs

Requested by

Host: goheels.com
URL: https://goheels.com/index.5122ccf8.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.119.68.163 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-119-68-163.us-east-2.compute.amazonaws.com

Software

Resource Hash

754c004f98154ac7f3358598233ed72931fe6a7529192e5c5ef7b415a8a44a55

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Referer: https://goheels.com/index.5122ccf8.mjs
Origin: https://goheels.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:45 GMT
strict-transport-security: max-age=15724800
content-encoding: gzip
last-modified: Tue, 16 Jan 2024 18:03:01 GMT
etag: W/"30d-18d1370e008"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536

GET
H2 200 CommonTopAdComponent.es.0ca45865.mjs Show response
goheels.com/ 2 KB
2 KB 109ms
109ms Script
application/javascript 18.119.68.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://goheels.com/CommonTopAdComponent.es.0ca45865.mjs

Requested by

Host: goheels.com
URL: https://goheels.com/index.5122ccf8.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.119.68.163 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-119-68-163.us-east-2.compute.amazonaws.com

Software

Resource Hash

78cb9c9d88a526a6e5952f06a7718c53359a0f8bc1bdc1de2940d4662a344c8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Referer: https://goheels.com/index.5122ccf8.mjs
Origin: https://goheels.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:45 GMT
strict-transport-security: max-age=15724800
content-encoding: gzip
last-modified: Tue, 16 Jan 2024 18:03:01 GMT
etag: W/"9b4-18d1370e008"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536

GET
H2 200 AppLayoutComponent.es.f1fd85b8.mjs Show response
goheels.com/ 4 KB
2 KB 115ms
115ms Script
application/javascript 18.119.68.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://goheels.com/AppLayoutComponent.es.f1fd85b8.mjs

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.119.68.163 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-119-68-163.us-east-2.compute.amazonaws.com

Software

Resource Hash

95ba8504cf87f0dc87f082300057b35c96c1c10054221c7955f9feed24f40f05

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Referer
Origin: https://goheels.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:45 GMT
strict-transport-security: max-age=15724800
content-encoding: gzip
last-modified: Tue, 16 Jan 2024 18:03:01 GMT
etag: W/"106e-18d1370e008"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536

GET
H2 200 AlertComponent.es.c4b33805.mjs Show response
goheels.com/ 2 KB
1 KB 110ms
109ms Script
application/javascript 18.119.68.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://goheels.com/AlertComponent.es.c4b33805.mjs

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.119.68.163 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-119-68-163.us-east-2.compute.amazonaws.com

Software

Resource Hash

a5881b896852164959f995bc8d783ef7221b3dbe285df406161354f2e7a214e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Referer
Origin: https://goheels.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:45 GMT
strict-transport-security: max-age=15724800
content-encoding: gzip
last-modified: Tue, 16 Jan 2024 18:03:01 GMT
etag: W/"87f-18d1370e008"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536

GET
H2 200 MainFooter.e830bcb8.mjs Show response
goheels.com/ 3 KB
1 KB 120ms
120ms Script
application/javascript 18.119.68.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://goheels.com/MainFooter.e830bcb8.mjs

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.119.68.163 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-119-68-163.us-east-2.compute.amazonaws.com

Software

Resource Hash

53b0b0b467481bcb3cb843f707c990e158aaf4c07f0b88018b109133cfb6ec46

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Referer
Origin: https://goheels.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:45 GMT
strict-transport-security: max-age=15724800
content-encoding: gzip
last-modified: Tue, 16 Jan 2024 18:03:01 GMT
etag: W/"c98-18d1370e008"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536

GET
H2 200 MainFooter-c57e962e.css
goheels.com/assets/ 4 KB
1 KB 110ms
110ms Stylesheet
text/css 18.119.68.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://goheels.com/assets/MainFooter-c57e962e.css

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.119.68.163 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-119-68-163.us-east-2.compute.amazonaws.com

Software

Resource Hash

c57e962e6657bb1137ac70519ab3e4f36eb96b9888f876fd8f96707e0c1ee3af

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:45 GMT
strict-transport-security: max-age=15724800
content-encoding: gzip
last-modified: Tue, 16 Jan 2024 18:03:01 GMT
etag: W/"116c-18d1370e008"
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536

GET
H2 200 ScoreboardComponent.es.f32518a2.mjs Show response
goheels.com/ 1 KB
932 B 155ms
155ms Script
application/javascript 18.119.68.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://goheels.com/ScoreboardComponent.es.f32518a2.mjs

Requested by

Host: goheels.com
URL: https://goheels.com/index.5122ccf8.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.119.68.163 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-119-68-163.us-east-2.compute.amazonaws.com

Software

Resource Hash

10b13a63930ea4f9c9577c2a5ff193c37a1b01211ea64066fe66d69aa3ed88fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Referer: https://goheels.com/index.5122ccf8.mjs
Origin: https://goheels.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:45 GMT
strict-transport-security: max-age=15724800
content-encoding: gzip
last-modified: Tue, 16 Jan 2024 18:03:01 GMT
etag: W/"554-18d1370e008"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536

GET
H2 200 sidearm-icons.svg
goheels.com/ 107 KB
38 KB 115ms
115ms Other
image/svg+xml 18.119.68.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://goheels.com/sidearm-icons.svg

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.119.68.163 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-119-68-163.us-east-2.compute.amazonaws.com

Software

Resource Hash

e8a08f092d451e222bc83e53a54bcfc3f09630b2694a11068bf6c7826ce297b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:45 GMT
strict-transport-security: max-age=15724800
content-encoding: gzip
last-modified: Tue, 16 Jan 2024 18:02:57 GMT
etag: W/"1ac0a-18d1370d068"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536

GET
H2 200 SAdvert.es.66350c41.mjs Show response
goheels.com/ 2 KB
1 KB 110ms
109ms Script
application/javascript 18.119.68.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://goheels.com/SAdvert.es.66350c41.mjs

Requested by

Host: goheels.com
URL: https://goheels.com/index.5122ccf8.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.119.68.163 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-119-68-163.us-east-2.compute.amazonaws.com

Software

Resource Hash

2305918a800c40736cb993c3a6141f091fcdb2bfceb1235286986cd2d199e002

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Referer: https://goheels.com/index.5122ccf8.mjs
Origin: https://goheels.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:45 GMT
strict-transport-security: max-age=15724800
content-encoding: gzip
last-modified: Tue, 16 Jan 2024 18:03:01 GMT
etag: W/"884-18d1370e008"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536

GET
H2 200 adaptive_components.ashx Show response
goheels.com/services/ 303 KB
16 KB 155ms
155ms XHR
application/json 18.119.68.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://goheels.com/services/adaptive_components.ashx?type=main-navigation&count=10&start=0&extra=%7B%7D

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.119.68.163 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-119-68-163.us-east-2.compute.amazonaws.com

Software

Resource Hash

7c974496bada53ca3d4cf94b10be9c8e5ebc81df8d2f885eda1bdf77db838899

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://goheels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
tenant: unc

Response headers

date: Thu, 25 Jan 2024 05:48:45 GMT
strict-transport-security: max-age=0;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,tenant,x-sidearm-auth
x-xss-protection: 1; mode=block

GET
H2 200 main_nav_logo.svg
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/sng_2023/ 7 KB
8 KB 6ms
6ms Image
image/svg+xml 108.138.24.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/sng_2023/main_nav_logo.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.24.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-24-192.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ccbcbee8ec8b08de3054feb1b45d202ea5d17f5cd5cf9844f78c842c73f8e733

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 06:16:57 GMT
via: 1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
last-modified: Tue, 15 Aug 2023 17:56:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 84709
x-amz-server-side-encryption: AES256
x-amz-meta-cb-modifiedtime: Tue, 15 Aug 2023 17:54:27 GMT
vary: Origin
etag: "0b4421e1174ef567c58b414c1a1d47ae"
content-type: image/svg+xml
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 7659
x-amz-cf-id: tmoFPOT557-1qPO8flUQh8CAzgqZ_jZg1ktoup3gBSsSp2conrlH6Q==

POST
H2 200 search Show response
goheels.com/api/v2/TrackingTag/ 2 KB
859 B 363ms
363ms XHR
application/json 18.119.68.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://goheels.com/api/v2/TrackingTag/search
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.119.68.163 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-119-68-163.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 769825b307079c4f2a7b2702418d6f970fcdeb476229601428b8567264fec23d

Request headers

Accept: application/json, text/plain, */*
Referer: https://goheels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
tenant: unc
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Thu, 25 Jan 2024 05:48:45 GMT
content-encoding: gzip
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,tenant,x-sidearm-auth
vary: Accept-Encoding
content-type: application/json; charset=utf-8

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9135 42 B
64 B 42ms
42ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvnfuMH-XUIRHLtCvmM_FzjbphqEzrLlWpF69wat0JppZWUuXOriNNKBVwAp99qlBQROu6mE-SZi9xYnG0qGgsAOvCuxfWQMKWtRsMAGRfe66BjeYngLDZVRpdSXx153qiCHlX5jZ3nDFpal7xgJo948Le9&sai=AMfl-YQ5qYKZYp5JFS0W9URX6il6DQYBvoIQ7-EgJ5NbdsZKwCW1F42rA3D8NZu0GDZtcDxSwmRKugGv5lbTWuszjIfYGw9qJaQPRyC3PtLO4fnnHy9TFZVvUfSlU-HC&sig=Cg0ArKJSzHwowKQo-62nEAE&cid=CAQSPAAvHhf_oSvzRxmzya3M6THlqNUrFYCZMMd0nT_vvOtHuvjNFjJpoYr6WrbwPNE8eUHaKyAwfV_zvE393hgB&id=lidar2&mcvt=1000&p=291,103,541,403&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240124&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2274927268&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=170616172400&rst=1706161724076&rpt=270&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 05:48:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F35C 42 B
64 B 43ms
43ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssKTs2ANANJi2kZy-Gw0vsdpZZP6j6Vbzmd809gYC5z2AFgrUOrfnviGK_EF_xzW-EbyqAOpB7C13Ye9cArHsrJHkW2H1UxpR2zzRBMMzLtnRh-gnpADw7j2kgrIEeugjuJoIroS5QcHWD2IraLwuAXZYkM&sai=AMfl-YQD97cMrfBjGc-PrQ_zWonoKvnulPX5YMUvtibdmP2oI8CMj03KqmliHyqWKKU5DaCyf_KVj58YWEfPiNKLiPIyAmiH0cdcNKIlGKTU-_ubQDYOovnFe6J72wk&sig=Cg0ArKJSzO5Qq7Q-XdKWEAE&cid=CAQSOwAvHhf_rGhAzPt3n0ReZS7D72r2E2N143-Z-vle6o3j1t3wwpazmHug0WDWD0Pc9Z5A849GkEbR04jYGAE&id=lidar2&mcvt=1000&p=8,436,98,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240123&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=594400745&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1706161724210&rpt=204&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 05:48:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 40ms
40ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401180101&jk=2944138713192369&bg=!JiWlJWrNAAa8BdJLnAU7ADQBe5WfONQDJLIKlot-8Ospw3IcJoGj7v4oeiu14zzvwSP9q_EReHLqaBS2uryyyrv8727LAgAAACtSAAAAAmgBB5kCujaYFyo5Gi9uywlQS0iUsD78X744tlQp3QnhUnO7FDI4q9Fmee0s5y4rT3h7rljX9ShcwqbutzsLuHRpHC4HogZt5F7LvyF696EpyfACe0NR_8tHic8YF-_IZHxASxYhl4A26YRq4DYLMmGtC9VnqEM6RnTJ8j_CTg_e3EoKKY-WXpNdEgXBkyjyI3urucfGf5vrtm9FpGT1629qQ3_r3bxizwd5HujBJ7R9cbzW2kqxvPpZ4i60Gf9olVi5RlPJdFbqxzAe_0DfHWLVor6THfJ5TXUdq0xjcfzXA3TCbbQtM85ySCS18DYFx4YOHx_T3K6ZBh_5kQXeOJhEtMx07EDo287I6TVJ1McqJBehkFwDP7gzvatDtGX55_lsLhv4-va0GBwc8aKmrKjCS1Qm-dAgxFAmNGNGh1MawaypGpaocWq-SXqmCFuIBNGNfvtmtiBjXpcxkXxq2O4_lHuM7peFFjLxxFTS2vXpvz_6SESVFPrmtlIV6XRsW1hjqelPD0s2EepYaNoYRRQM9RppOq5jE48c7x1Yzo-y9utv6OhuYQT3oRqOoEW4TfOne93kYADdXYyDkh_OIdu33lWqqEWmeXjMrvNEGzAkA5T8O6z9KYvmfRZi9FquB1ldPILOQFsjevWdDpiuWlaghCrZpLLLMqHkinV9_JuVnH8XwZWVoAkq-g5MPZY3EVNLrsUghCgegI2mwJ87fkmFTrtcXN6c8cebK8vVjDExXMfIGNtXp22u5VwCmJZ-Il8uxJpflKtZ7J2_xxrBN1o0yFpJEe6uoiigBlxmPbapsjdeqKPECfRJAUKR37DmYiTjUzr3E3zsySJMEYDLapBxcGex4GxwxEGfvhohfyqbul3Oq3vxJlgaS9GONIMleHwmzlPsukX5BPxx7ZqrH8TnM4cdoICWiWUt-LyDTSP7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H2 200 SidearmContainerComponent.es.32427e0d.mjs Show response
goheels.com/ 543 B
571 B 110ms
110ms Script
application/javascript 18.119.68.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://goheels.com/SidearmContainerComponent.es.32427e0d.mjs

Requested by

Host: goheels.com
URL: https://goheels.com/index.5122ccf8.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.119.68.163 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-119-68-163.us-east-2.compute.amazonaws.com

Software

Resource Hash

ece25bdb66e5d2846cf2a445514299d182ba4fe16db253160f33133d932b9739

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Referer: https://goheels.com/index.5122ccf8.mjs
Origin: https://goheels.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:45 GMT
strict-transport-security: max-age=15724800
content-encoding: gzip
last-modified: Tue, 16 Jan 2024 18:03:01 GMT
etag: W/"21f-18d1370e008"
x-cache-status: STALE
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536

GET
H2 200 SSplashScreen.es.1e25f469.mjs Show response
goheels.com/ 4 KB
2 KB 136ms
136ms Script
application/javascript 18.119.68.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://goheels.com/SSplashScreen.es.1e25f469.mjs

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.119.68.163 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-119-68-163.us-east-2.compute.amazonaws.com

Software

Resource Hash

dede50166779e3449c746479645df8fda29b6a3ce126d071265db4d8c0c083a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Referer
Origin: https://goheels.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:45 GMT
strict-transport-security: max-age=15724800
content-encoding: gzip
last-modified: Tue, 16 Jan 2024 18:03:01 GMT
etag: W/"11f4-18d1370e008"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536

GET
H2 200 _plugin-vue_export-helper.es.f875bd67.mjs Show response
goheels.com/ 91 B
323 B 104ms
104ms Script
application/javascript 18.119.68.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://goheels.com/_plugin-vue_export-helper.es.f875bd67.mjs

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.119.68.163 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-119-68-163.us-east-2.compute.amazonaws.com

Software

Resource Hash

a327f39e40209aee900ef0744926566b04efefa5c01632857a178aa0366130bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Referer
Origin: https://goheels.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:45 GMT
strict-transport-security: max-age=15724800
last-modified: Tue, 16 Jan 2024 18:03:01 GMT
etag: W/"5b-18d1370e008"
x-cache-status: HIT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536
accept-ranges: bytes
content-length: 91

GET
H2 200 active Show response
goheels.com/api/v2/Alert/ 2 B
274 B 170ms
170ms XHR
application/json 18.119.68.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://goheels.com/api/v2/Alert/active
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.119.68.163 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-119-68-163.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept: application/json, text/plain, */*
Referer: https://goheels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
tenant: unc

Response headers

access-control-allow-origin: *
date: Thu, 25 Jan 2024 05:48:45 GMT
content-encoding: gzip
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,tenant,x-sidearm-auth
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/json; charset=utf-8

GET
H2 200 SAdBlockModal.es.1f86f3d5.mjs Show response
goheels.com/ 2 KB
1 KB 112ms
111ms Script
application/javascript 18.119.68.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://goheels.com/SAdBlockModal.es.1f86f3d5.mjs

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.119.68.163 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-119-68-163.us-east-2.compute.amazonaws.com

Software

Resource Hash

ae2600337c11762e90e9ca5c1aba65f28d628112a987e7fd4cc6a7553e63dbf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Referer
Origin: https://goheels.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:45 GMT
strict-transport-security: max-age=15724800
content-encoding: gzip
last-modified: Tue, 16 Jan 2024 18:03:01 GMT
etag: W/"844-18d1370e008"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536

GET
H2 200 SBaseModal.es.d1410f99.mjs Show response
goheels.com/ 3 KB
2 KB 106ms
106ms Script
application/javascript 18.119.68.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://goheels.com/SBaseModal.es.d1410f99.mjs

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.119.68.163 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-119-68-163.us-east-2.compute.amazonaws.com

Software

Resource Hash

5f0589fba9575ad30b009e42b87a962b4e9f8ae9bfa9d88b38ed6d945e3f95b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Referer
Origin: https://goheels.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:45 GMT
strict-transport-security: max-age=15724800
content-encoding: gzip
last-modified: Tue, 16 Jan 2024 18:03:01 GMT
etag: W/"ce0-18d1370e008"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536

GET
H2 200 campaigns Show response
goheels.com/api/v2/Slideshows/2/ 4 KB
1 KB 119ms
118ms XHR
application/json 18.119.68.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://goheels.com/api/v2/Slideshows/2/campaigns?sportId=0&id=2&$pageSize=10
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.119.68.163 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-119-68-163.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 87b9249d882d73c9e62dd99cac341519a35cbb1b4395547427f0a1bbb2444797

Request headers

Accept: application/json, text/plain, */*
Referer: https://goheels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
tenant: unc

Response headers

access-control-allow-origin: *
date: Thu, 25 Jan 2024 05:48:45 GMT
content-encoding: gzip
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,tenant,x-sidearm-auth
x-cache-status: STALE
vary: Accept-Encoding
content-type: application/json; charset=utf-8

GET
H2 200 main_nav_logo.svg
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/sng_2023/ 7 KB
8 KB 6ms
6ms Image
image/svg+xml 108.138.24.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/sng_2023/main_nav_logo.svg
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.24.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-24-192.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ccbcbee8ec8b08de3054feb1b45d202ea5d17f5cd5cf9844f78c842c73f8e733

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 06:16:57 GMT
via: 1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
last-modified: Tue, 15 Aug 2023 17:56:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 84709
x-amz-server-side-encryption: AES256
x-amz-meta-cb-modifiedtime: Tue, 15 Aug 2023 17:54:27 GMT
vary: Origin
etag: "0b4421e1174ef567c58b414c1a1d47ae"
content-type: image/svg+xml
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 7659
x-amz-cf-id: kOLID0_Me-8p1dAPKufttTVATx_qmhlsb1IrlLoh6CB8U2OEVCe6ZA==

GET
H2 200 SCommonFooter.es.501ad46b.mjs Show response
goheels.com/ 24 KB
10 KB 112ms
112ms Script
application/javascript 18.119.68.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://goheels.com/SCommonFooter.es.501ad46b.mjs

Requested by

Host: goheels.com
URL: https://goheels.com/index.5122ccf8.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.119.68.163 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-119-68-163.us-east-2.compute.amazonaws.com

Software

Resource Hash

16f5140188dc1cb49e950960d3adebe5ca1fd605a6862a94abf751ed8d8a8229

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Referer: https://goheels.com/index.5122ccf8.mjs
Origin: https://goheels.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:45 GMT
strict-transport-security: max-age=15724800
content-encoding: gzip
last-modified: Tue, 16 Jan 2024 18:03:01 GMT
etag: W/"5ffa-18d1370e008"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536

GET
H2 200 heading_argyle.svg
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/sng_2023/ 11 KB
11 KB 7ms
7ms Image
image/svg+xml 108.138.24.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/sng_2023/heading_argyle.svg
Requested by: Host: goheels.com
URL: https://goheels.com/assets/MainFooter-c57e962e.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.24.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-24-192.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c4b1101eab6487d75d0ce1b1ec78628ed586edc7065a32adc0b0a51554600a00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 07:48:10 GMT
via: 1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
last-modified: Tue, 15 Aug 2023 17:55:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 79235
x-amz-server-side-encryption: AES256
x-amz-meta-cb-modifiedtime: Tue, 15 Aug 2023 17:54:27 GMT
vary: Origin
etag: "566f8e87bbf1f6f6859bfb60c3a8ce50"
content-type: image/svg+xml
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 11074
x-amz-cf-id: tuPTitm0mn-2B6gn5t9BzEQysFYp4BBVu1dcea4ozHUvjkOSCrdL7A==

GET
H2 200 footer_edu.svg
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/sng_2023/ 23 KB
23 KB 9ms
7ms Image
image/svg+xml 108.138.24.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/sng_2023/footer_edu.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.24.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-24-192.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cb9f1be84145af4e22503705cf3821b426a0b4cb833c3a41c8dadb2e681592f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 07:48:11 GMT
via: 1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
last-modified: Tue, 15 Aug 2023 17:55:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 79235
x-amz-server-side-encryption: AES256
x-amz-meta-cb-modifiedtime: Tue, 15 Aug 2023 17:54:27 GMT
vary: Origin
etag: "47ee6786396b8f453fb9f19ce0fa8a5f"
content-type: image/svg+xml
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 23588
x-amz-cf-id: zRPN6PJvhN5APgnGXg2HPgReMj7AE_UErp7gFQl0BnOSqKNmsyh_mw==

GET
H2 200 footer_rams_club.svg
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/sng_2023/ 7 KB
7 KB 8ms
6ms Image
image/svg+xml 108.138.24.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/sng_2023/footer_rams_club.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.24.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-24-192.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 378f2591d4076b199d8c173dd354f9775cc7ed986086db7056bcd6b5d742ca1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 06:16:57 GMT
via: 1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
last-modified: Tue, 15 Aug 2023 17:55:54 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 84708
x-amz-server-side-encryption: AES256
x-amz-meta-cb-modifiedtime: Tue, 15 Aug 2023 17:54:27 GMT
vary: Origin
etag: "f7b1112fb4e92546e77ff2b033c3fd16"
content-type: image/svg+xml
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 6770
x-amz-cf-id: gWNr5Lf0fUqvu-EATnx3nyUUAhkE6JQhtnBl3fjAONr9Bs69SuT-vQ==

GET
H2 200 footer_acc.svg
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/sng_2023/ 1 KB
2 KB 12ms
10ms Image
image/svg+xml 108.138.24.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/sng_2023/footer_acc.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.24.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-24-192.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cb55f4393be5eedcac5b8c55378cb2f2ec821b8811e73c49156e1a99e4733294

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 06:16:57 GMT
via: 1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
last-modified: Tue, 15 Aug 2023 17:55:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 84708
x-amz-server-side-encryption: AES256
x-amz-meta-cb-modifiedtime: Tue, 15 Aug 2023 17:54:27 GMT
vary: Origin
etag: "e5e942afb79453b355dc743966e1f6d5"
content-type: image/svg+xml
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 1453
x-amz-cf-id: RzQ5s5wctdQ_O06aPtM_2CClSb0wybj7TVgZrKNH-ObPO96l72yIrw==

GET
H2 200 footer_nike.svg
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/sng_2023/ 699 B
1 KB 11ms
9ms Image
image/svg+xml 108.138.24.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/sng_2023/footer_nike.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.24.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-24-192.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7798cd5dcf1c85123ff84a7aef53cf84db9e00c54500a567a5131921eda1eb26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 06:16:57 GMT
via: 1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
last-modified: Tue, 15 Aug 2023 17:55:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 84708
x-amz-server-side-encryption: AES256
x-amz-meta-cb-modifiedtime: Tue, 15 Aug 2023 17:54:27 GMT
vary: Origin
etag: "dfd9b8490c1a600a9bbc63e1f2a5357a"
content-type: image/svg+xml
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 699
x-amz-cf-id: dwhax9ybNd19FH7NOqBXyggpCv0rqN0t5nkyV5AjAtNxUlrJMQtZAA==

GET
H2 200 footer_jumpman.svg
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/sng_2023/ 8 KB
8 KB 9ms
8ms Image
image/svg+xml 108.138.24.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/sng_2023/footer_jumpman.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.24.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-24-192.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c29a000d030e080bc66b95a3311c17e8ef23382bf8427daf9f7cfdadfd923a5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 06:48:56 GMT
via: 1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
last-modified: Tue, 15 Aug 2023 17:55:45 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 82790
x-amz-meta-cb-modifiedtime: Tue, 15 Aug 2023 17:54:27 GMT
etag: "b38a45ba406498c9d984fcffbecd34af"
vary: Origin
x-amz-server-side-encryption: AES256
content-type: image/svg+xml
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 8147
x-amz-cf-id: vov1dLTOrp5yPMwd2B1prhB4nbABa8J8bYwAJhfDDKHG4qFFn8DF5A==

GET
H2 200 adaptive_components.ashx Show response
goheels.com/services/ 29 KB
5 KB 171ms
171ms XHR
application/json 18.119.68.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://goheels.com/services/adaptive_components.ashx?type=scoreboard&count=10&start=0&sport_id=0&extra=%7B%7D

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.119.68.163 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-119-68-163.us-east-2.compute.amazonaws.com

Software

Resource Hash

f23accbab6f9de0a2e01025f05fc3f1343518da8e83d2b844d6430dace54b2f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://goheels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
tenant: unc

Response headers

date: Thu, 25 Jan 2024 05:48:45 GMT
strict-transport-security: max-age=0;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
x-cache-status: STALE
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,tenant,x-sidearm-auth
x-xss-protection: 1; mode=block

GET
H2 200 sidearm-icons.svg
goheels.com/ 107 KB
38 KB 113ms
113ms Other
image/svg+xml 18.119.68.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://goheels.com/sidearm-icons.svg

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.119.68.163 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-119-68-163.us-east-2.compute.amazonaws.com

Software

Resource Hash

e8a08f092d451e222bc83e53a54bcfc3f09630b2694a11068bf6c7826ce297b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:45 GMT
strict-transport-security: max-age=15724800
content-encoding: gzip
last-modified: Tue, 16 Jan 2024 18:02:57 GMT
etag: W/"1ac0a-18d1370d068"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 9135 0
0

GET
H2 200 sidearm-icons-social.svg
goheels.com/ 22 KB
10 KB 127ms
127ms Other
image/svg+xml 18.119.68.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://goheels.com/sidearm-icons-social.svg

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.119.68.163 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-119-68-163.us-east-2.compute.amazonaws.com

Software

Resource Hash

bbb8b9f5fc594127d8fe002c55a30fec474a401c7547fcb64b24052e5deb6474

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:45 GMT
strict-transport-security: max-age=15724800
content-encoding: gzip
last-modified: Tue, 16 Jan 2024 18:02:57 GMT
etag: W/"58d4-18d1370d068"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536

GET
H2 200 adaptive_components.ashx Show response
goheels.com/services/ 427 B
601 B 144ms
144ms XHR
application/json 18.119.68.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://goheels.com/services/adaptive_components.ashx?type=ads&name=top-promo---sng-e0e04a&sport_id=0

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.119.68.163 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-119-68-163.us-east-2.compute.amazonaws.com

Software

Resource Hash

53516d40a458c72846fc1c1cd2bb73bac2977bdb5b46b78cffcce3585fa10005

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://goheels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
tenant: unc

Response headers

date: Thu, 25 Jan 2024 05:48:45 GMT
strict-transport-security: max-age=0;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
x-cache-status: STALE
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,tenant,x-sidearm-auth
x-xss-protection: 1; mode=block

GET
H2 200 adaptive_components.ashx Show response
goheels.com/services/ 2 KB
981 B 3298ms
3298ms XHR
application/json 18.119.68.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://goheels.com/services/adaptive_components.ashx?type=ads&name=social-media-icons---sng-074140&sport_id=0

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.119.68.163 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-119-68-163.us-east-2.compute.amazonaws.com

Software

Resource Hash

e194515c6e97847497ad64f11aaf0df0faefe004814a4d9a740d849023cc68ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://goheels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
tenant: unc

Response headers

date: Thu, 25 Jan 2024 05:48:48 GMT
strict-transport-security: max-age=0;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
x-cache-status: MISS
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,tenant,x-sidearm-auth
x-xss-protection: 1; mode=block

GET
H2 200 adaptive_components.ashx Show response
goheels.com/services/ 2 KB
1 KB 211ms
211ms XHR
application/json 18.119.68.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://goheels.com/services/adaptive_components.ashx?type=ads&name=quick-links---sng-3bb73d&sport_id=0

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.119.68.163 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-119-68-163.us-east-2.compute.amazonaws.com

Software

Resource Hash

536caf4721626844221cf8800eed2ab1e907a3334b83aeb5bcaa2a00ffda1a0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://goheels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
tenant: unc

Response headers

date: Thu, 25 Jan 2024 05:48:45 GMT
strict-transport-security: max-age=0;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
x-cache-status: MISS
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,tenant,x-sidearm-auth
x-xss-protection: 1; mode=block

GET
H2 200 adaptive_components.ashx Show response
goheels.com/services/ 5 KB
1 KB 358ms
358ms XHR
application/json 18.119.68.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://goheels.com/services/adaptive_components.ashx?type=ads&name=promo-rotator---sng-7a49d7&sport_id=0

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.119.68.163 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-119-68-163.us-east-2.compute.amazonaws.com

Software

Resource Hash

38ad3ab1ba4d2e118786a6d94e43fdda6e21dd906c3732d9bce6d48b1f509057

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://goheels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
tenant: unc

Response headers

date: Thu, 25 Jan 2024 05:48:45 GMT
strict-transport-security: max-age=0;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
x-cache-status: MISS
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,tenant,x-sidearm-auth
x-xss-protection: 1; mode=block

GET
H2 200 adaptive_components.ashx Show response
goheels.com/services/ 4 KB
2 KB 820ms
820ms XHR
application/json 18.119.68.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://goheels.com/services/adaptive_components.ashx?type=podcasts&count=3&start=0&sport_id=0&extra=%7B%7D

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.119.68.163 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-119-68-163.us-east-2.compute.amazonaws.com

Software

Resource Hash

1aee1561b2b5cad353c79df63ae0504b3923c6a999228eebb8e888e37478b691

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://goheels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
tenant: unc

Response headers

date: Thu, 25 Jan 2024 05:48:46 GMT
strict-transport-security: max-age=0;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
x-cache-status: MISS
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,tenant,x-sidearm-auth
x-xss-protection: 1; mode=block

GET
H2 200 adaptive_components.ashx Show response
goheels.com/services/ 5 KB
2 KB 312ms
312ms XHR
application/json 18.119.68.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://goheels.com/services/adaptive_components.ashx?type=all-access&count=4&start=0&sport_id=0&extra=%7B%7D

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.119.68.163 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-119-68-163.us-east-2.compute.amazonaws.com

Software

Resource Hash

fdbe6370e0acd557ed6dfc1e8c435859be32d380776ec35081b7e923060954b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://goheels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
tenant: unc

Response headers

date: Thu, 25 Jan 2024 05:48:45 GMT
strict-transport-security: max-age=0;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
x-cache-status: MISS
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,tenant,x-sidearm-auth
x-xss-protection: 1; mode=block

GET
H2 200 crop
images.sidearmdev.com/ 70 KB
71 KB 83ms
42ms Image
image/webp 18.66.122.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sidearmdev.com/crop?url=https%3A%2F%2Fs3.us-east-2.amazonaws.com%2Fsidearm.nextgen.sites%2Func.sidearmsports.com%2Fimages%2F2024%2F1%2F23%2Func-a39ee7f6-81fe-42b1-9dd1-5e06ea2dc8e1.jpg&width=1078&height=608&type=webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-103.fra60.r.cloudfront.net

Software

Resource Hash

a6f3442fdbc8dab3bcb37167ceaf7d311b2b4b2aaafc163518812005efe67d07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 21:24:11 GMT
via: 1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: FRA60-P2
age: 116674
x-cache: Hit from cloudfront
content-length: 72154
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 100
x-frame-options: SAMEORIGIN
content-type: image/webp
vary: Origin
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-amz-cf-id: _DTzMu7Asqwg4Arvqulvy-PTx4-gkpLCPecWuJDKMZN6ZN6DEj1piA==

GET
H2 200 crop
images.sidearmdev.com/ 30 KB
30 KB 83ms
42ms Image
image/webp 18.66.122.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sidearmdev.com/crop?url=https%3A%2F%2Fd141rwalb2fvgk.cloudfront.net%2Fimages%2F2024%2F1%2F23%2Fngwsd_event_recap_cover_16x9_93wpn.jpg&width=1078&height=608&type=webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-103.fra60.r.cloudfront.net

Software

Resource Hash

795c798eb2867fd8f930bf0000d1cdb42b3b6f7478145dc0bf4423f9ce05cffd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 17:20:31 GMT
via: 1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: FRA60-P2
age: 131294
x-cache: Hit from cloudfront
content-length: 30574
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 99
x-frame-options: SAMEORIGIN
content-type: image/webp
vary: Origin
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-amz-cf-id: _2V6PGJMbRTcCFuFULnnj0FEvQc_sCNK2ERGyO0tvnKKK7fWxe9sHA==

GET
H2 200 crop
images.sidearmdev.com/ 52 KB
52 KB 60ms
19ms Image
image/webp 18.66.122.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sidearmdev.com/crop?url=https%3A%2F%2Fd141rwalb2fvgk.cloudfront.net%2Fimages%2F2024%2F1%2F23%2Fci_cover-oly_update_xTsCK.jpg&width=1078&height=608&type=webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-103.fra60.r.cloudfront.net

Software

Resource Hash

0e9285565c848a5860309fa95c7ebd839b1bba972bd2ad341e097cb28708cd75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 16:24:49 GMT
via: 1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: FRA60-P2
age: 134636
x-cache: Hit from cloudfront
content-length: 53242
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 100
x-frame-options: SAMEORIGIN
content-type: image/webp
vary: Origin
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-amz-cf-id: _ipGB1UOqqWU-fMBEotC1Hvbn06zcdiTpeXXuuvPjHoB8DrZ1jtrqg==

GET
H2 200 stories Show response
goheels.com/api/v2/ 18 KB
4 KB 751ms
751ms XHR
application/json 18.119.68.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://goheels.com/api/v2/stories?$pageIndex=0&$pageSize=09&sportId=0
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.119.68.163 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-119-68-163.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 6cd9fd2c2b5dff8c51c5dd9f4060a60f5904997c322f790578186bada5627df0

Request headers

Accept: application/json, text/plain, */*
Referer: https://goheels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
tenant: unc

Response headers

access-control-allow-origin: *
date: Thu, 25 Jan 2024 05:48:46 GMT
content-encoding: gzip
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,tenant,x-sidearm-auth
x-cache-status: MISS
vary: Accept-Encoding
content-type: application/json; charset=utf-8

GET
H2 200 parallax_argyle.svg
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/sng_2023/ 11 KB
11 KB 8ms
8ms Image
image/svg+xml 108.138.24.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/sng_2023/parallax_argyle.svg
Requested by: Host: goheels.com
URL: https://goheels.com/assets/index-7be64fb4.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.24.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-24-192.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 783d728b3b12b0e567a3fe176f6611ed0f0fa784e0012e5d649b8e8a19598cfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 06:04:32 GMT
via: 1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
last-modified: Tue, 15 Aug 2023 17:56:08 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 85453
x-amz-server-side-encryption: AES256
x-amz-meta-cb-modifiedtime: Tue, 15 Aug 2023 17:54:27 GMT
vary: Origin
etag: "2bae6a3f0e200899f27d81f25139a9a5"
content-type: image/svg+xml
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 11007
x-amz-cf-id: gtKlXtr6D25I8j6bFu39CvakqiwAquFdNexuWaSdcEVoFWrdyfRv9w==

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 46 KB
17 KB 59ms
59ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2944138713192369&correlator=4472582804345733&eid=31080256&output=ldjh&gdfp_req=1&vrg=202401180101&ptt=17&impl=fifs&iu_parts=21708449227%2CUNC&enc_prev_ius=%2F0%2F1&prev_iu_szs=150x50&ifi=7&didk=1619800996&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D5d03bff7ffc8bc3c%3AT%3D1706161723%3ART%3D1706161723%3AS%3DALNI_Mau4b7S1Al9ARWPWDtGJmrEHs5Pcw&gpic=UID%3D00000d49680283d7%3AT%3D1706161723%3ART%3D1706161723%3AS%3DALNI_MY0TXSFsPHfy0vjS9N9GP9E1YJC-w&abxe=1&dt=1706161725623&lmt=1706161725&adxs=1370&adys=156&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fgoheels.com%2F&vis=1&psz=150x0&msz=150x0&fws=512&ohw=0&psts=AOrYGsk83Irr5fcXEhsEwNdB98g3aQkH-sjYx41jyHTaHftAKXuMd2VprTTBnh-ar5aOOqOJ-T_Es0OwZJLu7BXYgosIdaBK%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGskU5W5aOS7YRKHJTC_N8MvjBWXMsSOvevW_AaXyAmZBS_IproO32iICD2oojmAt9Ex5pJbNbPhMR0ZoaTjrGw&ga_vid=1970315308.1706161724&ga_sid=1706161724&ga_hid=1549886769&ga_fc=true&a3p=EjQKCnB1YmNpZC5vcmcSJDVhNGU1NTE2LWQ1YWYtNGQ3NS1iNDZmLTgzMWRhMjg0ODc4N1gBEhwKDWNyd2RjbnRybC5uZXQY7LCn-dMxSABSAghkEhsKDGlkNS1zeW5jLmNvbRiJsqf50zFIAFICCGo.&dlt=1706161722775&idt=689&prev_scp=pos%3Dnavigation_sponsorlogo%26htl_refresh%3D1&cust_params=htlbidid%3D28996%26is_testing%3Dno%26is_home%3Dyes%26category%3Dhome%26post_id%3D%26sport_name%3D%26sport_name_custom%3D%26page_template%3Dhome%26load%3Dpage%26adtest%3D%26site%3Dgoheels.com%26sect%3Dfrontpage&adks=1574668483&frm=20

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc5ab56e479db69f2ba8ab0dc41ff684f908ae31b2c42f627e6832d9d261371

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17462
x-xss-protection: 0
google-lineitem-id: 6460981108
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138460779262
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://goheels.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sidearm-icons.svg
goheels.com/ 107 KB
38 KB 124ms
124ms Other
image/svg+xml 18.119.68.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://goheels.com/sidearm-icons.svg

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.119.68.163 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-119-68-163.us-east-2.compute.amazonaws.com

Software

Resource Hash

e8a08f092d451e222bc83e53a54bcfc3f09630b2694a11068bf6c7826ce297b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:45 GMT
strict-transport-security: max-age=15724800
content-encoding: gzip
last-modified: Tue, 16 Jan 2024 18:02:57 GMT
etag: W/"1ac0a-18d1370d068"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536

GET
H2 200 NewGoHeelscom-Recruiting-1920wX1080w_trophies.png
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/2023/10/18/ 3 MB
3 MB 16ms
15ms Image
image/png 108.138.24.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/2023/10/18/NewGoHeelscom-Recruiting-1920wX1080w_trophies.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.24.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-24-192.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ad9be77bea2700a647294d68087ad74bab427dd723526a0345985b150c8f8b7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:45 GMT
via: 1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
last-modified: Wed, 18 Oct 2023 19:10:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 270
x-amz-server-side-encryption: AES256
etag: "35608c1517e6bf3e01f2f9243f01b888"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 3360415
x-amz-cf-id: Je--rL-mAckhcGUixcaEBUE8kxGpqF2z-qRKm8StBEl3ngZbRknLCQ==

GET
H2 200 slideshow_bg_desktop.jpg
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/2023/8/22/ 1 MB
1 MB 13ms
12ms Image
image/jpeg 108.138.24.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/2023/8/22/slideshow_bg_desktop.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.24.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-24-192.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 26c5fbc447e412dc954495805fc5cae468610cf581a33cfae3b8a7f1f6dbd9d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 06:04:32 GMT
via: 1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
last-modified: Tue, 22 Aug 2023 17:46:08 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 85454
x-amz-server-side-encryption: AES256
etag: "df7868e45a7be4722c7b71315ec09158"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 1377753
x-amz-cf-id: UTe6yl4Wsl5e4DvXhm77vfGVtmE7eQnlx7553BQyBMMVsPAwA8pTIQ==

GET
H2 200 NewGoHeelscom-Recruiting-1920wX1080w_unc-old_well1.png
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/2023/10/18/ 4 MB
4 MB 9ms
8ms Image
image/png 108.138.24.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/2023/10/18/NewGoHeelscom-Recruiting-1920wX1080w_unc-old_well1.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.24.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-24-192.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f1fe6f6f4ed966740c864a15a49b25c685de11f6f0abf57ae88b088dfa5710f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 06:04:32 GMT
via: 1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
last-modified: Wed, 18 Oct 2023 19:01:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 85453
x-amz-server-side-encryption: AES256
etag: "42688310b72bcb0d6f564be876f4b3cd"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 4441190
x-amz-cf-id: adsjXqJYliqkhwRvMxtrQyL_jsmex0RPJ9QrqGKrmw5w1Qw-MMkAYQ==

GET
H2 200 NewGoHeelscom-Recruiting-1920wX1080w_support-loudyold.png
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/2023/10/18/ 4 MB
4 MB 10ms
9ms Image
image/png 108.138.24.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/2023/10/18/NewGoHeelscom-Recruiting-1920wX1080w_support-loudyold.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.24.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-24-192.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5908e50548d392c2fc3a5a2800a1f1fb9449dea3ac5dfdce30d516fa3a9a4b5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 07:04:44 GMT
via: 1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
last-modified: Wed, 18 Oct 2023 20:54:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 81842
x-amz-server-side-encryption: AES256
etag: "6f9c7b3687c745d8e5da5a5959c217d2"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 4534421
x-amz-cf-id: SWTjD4FxE7_muuNhmnPZXbtSGXbhtpVye9kqpELUEyG9w56Yow-5Uw==

GET
H2 200 NewGoHeelscom-Recruiting-1920wX1080w_facilities-fb.png
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/2023/10/18/ 4 MB
4 MB 13ms
12ms Image
image/png 108.138.24.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/2023/10/18/NewGoHeelscom-Recruiting-1920wX1080w_facilities-fb.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.24.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-24-192.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e572ba9a4d65eb04eca8f7fb3aff1033dc98379dbee8a11b36be0b25f7c3bb7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:44:18 GMT
via: 1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
last-modified: Wed, 18 Oct 2023 21:01:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 268
etag: "f288027cb5fee7f0ddab3d7e9f34bc5c"
x-amz-server-side-encryption: AES256
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 4349022
x-amz-cf-id: 1O3FvcOcJu4xvxRHvOP6wmhAWg4iPVlXMo6JQTuXAJ6X0EgV9Sqx9A==

GET
H2 200 NewGoHeelscom-Recruiting-1920wX1080w_gameday-pompoms.png
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/2023/10/18/ 4 MB
4 MB 28ms
28ms Image
image/png 108.138.24.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/2023/10/18/NewGoHeelscom-Recruiting-1920wX1080w_gameday-pompoms.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.24.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-24-192.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3a98f00d08ba7b3f50f1b25ccbc9ea4e8399a445476ba1c8d89e17ca6f9f6597

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:45 GMT
via: 1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
last-modified: Wed, 18 Oct 2023 21:14:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 2584
x-amz-server-side-encryption: AES256
etag: "b5f106a9c4a7390a3e1d49cc38e31140"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 4551494
x-amz-cf-id: I35DBnJ0DBs105J7XluZswUDIrs-vEe54ApVkwYJMDjYFCSn5yXlow==

GET
H2

200

parallax_logo.svg
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/sng_2023/
Redirect Chain

https://goheels.com/images/sng_2023/parallax_logo.svg
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/sng_2023/parallax_logo.svg

7 KB
8 KB

7ms
7ms

Image
image/svg+xml

108.138.24.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/sng_2023/parallax_logo.svg
Protocol: H2
Server: 108.138.24.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-24-192.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2c503a65bd474615a3de69259929ab2c3a71cfeeeecb73387844406a0a3f6d37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 06:44:37 GMT
via: 1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
last-modified: Tue, 15 Aug 2023 17:56:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 83049
x-amz-server-side-encryption: AES256
x-amz-meta-cb-modifiedtime: Tue, 15 Aug 2023 17:54:27 GMT
vary: Origin
etag: "62bb164fa6b155825d2da34e8f5bf0f7"
content-type: image/svg+xml
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 7658
x-amz-cf-id: pBNfItUolIkcHfDtQppeZGfAKFSRX287VgfQV6To8EOe9BuPgL_cqg==

Redirect headers

date: Thu, 25 Jan 2024 05:48:45 GMT
strict-transport-security: max-age=0;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-cache-status: MISS
content-type: text/html; charset=utf-8
location: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/sng_2023/parallax_logo.svg
access-control-allow-origin: *
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,tenant,x-sidearm-auth
content-length: 231
x-xss-protection: 1; mode=block

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
354 B 51ms
51ms XHR
text/javascript 18.245.47.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fgoheels.com%2F&pid=4oyPrPqWT2qPr&cb=2&ws=1600x1200&v=24.117.1925&t=1100&slots=%5B%7B%22sd%22%3A%22htlad-4-gpt%22%2C%22s%22%3A%5B%22970x90%22%2C%22970x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F21708449227%2FUNC%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A5%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&pubid=49d1d053-156d-46ed-9d18-8370d1d949e8&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.47.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-47-29.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:45 GMT
via: 1.1 e47c87f8fd9c4c08ac7559d0bcc2b4c2.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P9
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://goheels.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: UtjPUjBGaUMveodHujimxa7GhMgcQcFjfnSOrGml56oGK6TujvROQw==

GET
H/1.1 200
OK 1x1-pixel.png Show response
ams-depr-public.s3.amazonaws.com/ 68 B
443 B 325ms
104ms Fetch
image/png 3.5.29.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ams-depr-public.s3.amazonaws.com/1x1-pixel.png?fn=removeDomElement&publisher=goheels.com
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.29.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 05:48:46 GMT
Last-Modified: Tue, 27 Oct 2020 15:04:29 GMT
Server: AmazonS3
x-amz-request-id: ANVG78KZ9ZH5850S
ETag: "91e42db1c66c0b276abf6234dc50b2eb"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 68
x-amz-id-2: KP/aiKRPOXzgLVF/GeupHmozGAZVOhy67P6cEF/4tNCtk3YvXEGIx9foZG32sCiXLpXl+8cXonHpigt0LubtB/XPMjTr7Cvp

HEAD
H2 404 prebid-ads.js
goheels.com/js/ 0
0 109ms
107ms Fetch 18.119.68.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://goheels.com/js/prebid-ads.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.119.68.163 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-119-68-163.us-east-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:45 GMT
strict-transport-security: max-age=15724800
content-length: 0

GET
H2 200 0 Show response
goheels.com/api/v2/Splash/ 29 B
299 B 115ms
115ms XHR
application/json 18.119.68.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://goheels.com/api/v2/Splash/0
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.119.68.163 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-119-68-163.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 299363f8bd010b882bc4a4530bc911dfa341bbd28f5b63dd69d9d4cf5b9d89be

Request headers

Accept: application/json, text/plain, */*
Referer: https://goheels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
tenant: unc

Response headers

access-control-allow-origin: *
date: Thu, 25 Jan 2024 05:48:45 GMT
content-encoding: gzip
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,tenant,x-sidearm-auth
x-cache-status: STALE
vary: Accept-Encoding
content-type: application/json; charset=utf-8

GET
H2 200 livestats.ashx Show response
goheels.com/services/ 12 B
372 B 138ms
137ms XHR
application/json 18.119.68.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://goheels.com/services/livestats.ashx

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.119.68.163 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-119-68-163.us-east-2.compute.amazonaws.com

Software

Resource Hash

3afdd367b45f02a8d2b88343e8d622c44332965cf6004d63831b22eb6219fcd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://goheels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
tenant: unc

Response headers

date: Thu, 25 Jan 2024 05:48:45 GMT
strict-transport-security: max-age=0;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
etag: F24602A3
x-cache-status: HIT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,tenant,x-sidearm-auth
content-length: 12
x-xss-protection: 1; mode=block

GET
H2

200

Boston-College.png
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/
Redirect Chain

https://d141rwalb2fvgk.cloudfront.net/images/logos/Boston-College.png
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/Boston-College.png

34 KB
35 KB

91ms
91ms

Image
image/png

108.138.24.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/Boston-College.png
Protocol: H2
Server: 108.138.24.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-24-192.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8e7198036fd4d8ad94f64c7fefd2d3178b00c2bd93b165640bfe271a1a79e184

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:45 GMT
via: 1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
last-modified: Wed, 27 Sep 2023 15:56:07 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 272
x-amz-server-side-encryption: AES256
etag: "374eaca8fe0367d9b4e588ad01a4ce89"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 35195
x-amz-cf-id: vg-TDVSzw1WTMqkMdGUVWByvwsD23efFjb_HYuHwgU2JjwTwxIb9Ew==

Redirect headers

date: Wed, 24 Jan 2024 19:41:15 GMT
strict-transport-security: max-age=0;
x-content-type-options: nosniff
via: 1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 36450
x-cache-status: MISS
x-cache: Hit from cloudfront
content-length: 229
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
content-type: text/html; charset=utf-8
location: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/Boston-College.png
access-control-allow-origin: *
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,tenant,x-sidearm-auth
x-amz-cf-id: O4_hLzdHieKB8Ufhwn6GAYBLR77riKtcanWNcfVmuKtb04eSigCxYw==

GET
H2

200

Columbia.png
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/
Redirect Chain

https://d141rwalb2fvgk.cloudfront.net/images/logos/Columbia.png
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/Columbia.png

26 KB
27 KB

86ms
85ms

Image
image/png

108.138.24.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/Columbia.png
Protocol: H2
Server: 108.138.24.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-24-192.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 000e1bf3ba7d2fd1c62c78bab355c6100c90bdb2b6cea8140d1f11f7c95487a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 06:44:36 GMT
via: 1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
last-modified: Mon, 23 Jan 2023 15:52:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 83050
etag: "8a06887b7ceb97263139a9647527082f"
x-amz-server-side-encryption: AES256
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 26806
x-amz-cf-id: L0uHE4R6UnHAXCqDxtmXDyyUcXZbJLPK17iDj70QgLpMV49HuOKGHA==

Redirect headers

date: Wed, 24 Jan 2024 17:20:59 GMT
strict-transport-security: max-age=0;
x-content-type-options: nosniff
via: 1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 44866
x-cache-status: MISS
x-cache: Hit from cloudfront
content-length: 223
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
content-type: text/html; charset=utf-8
location: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/Columbia.png
access-control-allow-origin: *
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,tenant,x-sidearm-auth
x-amz-cf-id: ViJeGzIggfjRar5nWieZxhT_U-GpwrXdqT02KTt2H-LUKBlIcj2q0A==

GET
H2

200

Georgia.png
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/
Redirect Chain

https://d141rwalb2fvgk.cloudfront.net/images/logos/Georgia.png
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/Georgia.png

8 KB
9 KB

86ms
86ms

Image
image/png

108.138.24.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/Georgia.png
Protocol: H2
Server: 108.138.24.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-24-192.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b5664b7fd8f0be326a4ff5c91e3c23e189c198af51caa070dc93a749f0fc209b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 04:29:14 GMT
via: 1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
last-modified: Mon, 23 Jan 2023 15:52:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 9168
x-amz-server-side-encryption: AES256
etag: "3d7d4741e817e98fd60d100aaf76176e"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 8518
x-amz-cf-id: hqtALP2jaOreoBK3mkWPf1Q4xNJlwz89-ypC5hLLwEh9MBCPaWvnxQ==

Redirect headers

date: Wed, 24 Jan 2024 16:36:08 GMT
strict-transport-security: max-age=0;
x-content-type-options: nosniff
via: 1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 47557
x-cache-status: MISS
x-cache: Hit from cloudfront
content-length: 222
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
content-type: text/html; charset=utf-8
location: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/Georgia.png
access-control-allow-origin: *
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,tenant,x-sidearm-auth
x-amz-cf-id: VcEivdZcLF7pIKY0XMNvRdABW2z8q5LrvWw8fo9rB_zUhLj3Epwt-w==

GET
H2

200

Louisville.png
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/
Redirect Chain

https://d141rwalb2fvgk.cloudfront.net/images/logos/Louisville.png
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/Louisville.png

15 KB
15 KB

87ms
86ms

Image
image/png

108.138.24.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/Louisville.png
Protocol: H2
Server: 108.138.24.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-24-192.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9a4aa63abb59bdec7bc4ddfdba7d97b1ec9ef88fe5ac894e8871927a118e55ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 08:26:54 GMT
via: 1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
last-modified: Thu, 07 Dec 2023 15:06:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 76912
etag: "51797a94f5c7a7b581d6bbc9ccd12381"
x-amz-server-side-encryption: AES256
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 15361
x-amz-cf-id: pCIpuuzKfpzQaTSHqcEXWfH22cdoOocAmdGIz7KWUOSbHY-a2MTR7Q==

Redirect headers

date: Wed, 24 Jan 2024 17:46:44 GMT
strict-transport-security: max-age=0;
x-content-type-options: nosniff
via: 1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 43321
x-cache-status: MISS
x-cache: Hit from cloudfront
content-length: 225
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
content-type: text/html; charset=utf-8
location: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/Louisville.png
access-control-allow-origin: *
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,tenant,x-sidearm-auth
x-amz-cf-id: mnsbfCO5byK-leRFnIJATX7_QeU2iv7cx35Dpv1vQznbGJgmghgYcw==

GET
H2

200

WakeForest100419.png
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/
Redirect Chain

https://d141rwalb2fvgk.cloudfront.net/images/logos/WakeForest100419.png
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/WakeForest100419.png

6 KB
6 KB

91ms
91ms

Image
image/png

108.138.24.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/WakeForest100419.png
Protocol: H2
Server: 108.138.24.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-24-192.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1befe40b23ba785edb25b3bb76ebc69edd443b1e61a412bbdefb68b4063777f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:45 GMT
via: 1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
last-modified: Wed, 15 Nov 2023 03:58:31 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 270
x-amz-server-side-encryption: AES256
etag: "833b6adf2e2f33a0f0514d250213156b"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 6055
x-amz-cf-id: DmyY-e8WSiXNt0ATINnNROYfH_vYvGC8wAt5Z4YZGbuAjjyHRvlyzw==

Redirect headers

date: Wed, 24 Jan 2024 12:09:00 GMT
strict-transport-security: max-age=0;
x-content-type-options: nosniff
via: 1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 63585
x-cache-status: MISS
x-cache: Hit from cloudfront
content-length: 231
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
content-type: text/html; charset=utf-8
location: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/WakeForest100419.png
access-control-allow-origin: *
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,tenant,x-sidearm-auth
x-amz-cf-id: GvSsYuH3M3Op03ct8WmfSyGrpvfiVgxM8z9AQ7_SHvnBLTSNaQcV-Q==

GET
H2

200

Miami.png
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/
Redirect Chain

https://d141rwalb2fvgk.cloudfront.net/images/logos/Miami.png
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/Miami.png

5 KB
5 KB

87ms
87ms

Image
image/png

108.138.24.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/Miami.png
Protocol: H2
Server: 108.138.24.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-24-192.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a32e59f21f5d8f5980210586d7d5c99f2daf35be822dfe37cfd3f3b69ef08a7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 08:26:54 GMT
via: 1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
last-modified: Wed, 27 Sep 2023 15:56:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 76912
etag: "2b6b52dcd16fda8f39ec10849ebd92ef"
x-amz-server-side-encryption: AES256
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 4856
x-amz-cf-id: 24kTuZ0CWuKfSGqQl4qByjXGQtIBOAFDa2X_wvDcY5l8qMJMqQ2wig==

Redirect headers

date: Wed, 24 Jan 2024 16:14:54 GMT
strict-transport-security: max-age=0;
x-content-type-options: nosniff
via: 1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 48831
x-cache-status: MISS
x-cache: Hit from cloudfront
content-length: 220
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
content-type: text/html; charset=utf-8
location: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/Miami.png
access-control-allow-origin: *
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,tenant,x-sidearm-auth
x-amz-cf-id: 2HfmMTE0HCcD9ArsNTH81ivxl7wN3VqzX0yQrmcZFwiJW6w9endUvQ==

GET
H2

200

Penn-State.png
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/
Redirect Chain

https://d141rwalb2fvgk.cloudfront.net/images/logos/Penn-State.png
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/Penn-State.png

17 KB
18 KB

79ms
79ms

Image
image/png

108.138.24.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/Penn-State.png
Protocol: H2
Server: 108.138.24.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-24-192.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 70ba56e45f4c152892a71ab1f8b7be6b9b209656ceb88bdd75b0371fa8f36813

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 06:44:36 GMT
via: 1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
last-modified: Sat, 27 May 2023 03:37:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 83050
etag: "0a37c533f4baabadf85b2c4e26038ac5"
x-amz-server-side-encryption: AES256
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 17690
x-amz-cf-id: fxd23eZpwNDxt1EunZ8rrwXt0JQ5T487wv4mx24JioYM-oCDx19GdA==

Redirect headers

date: Wed, 24 Jan 2024 12:50:47 GMT
strict-transport-security: max-age=0;
x-content-type-options: nosniff
via: 1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 61078
x-cache-status: MISS
x-cache: Hit from cloudfront
content-length: 225
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
content-type: text/html; charset=utf-8
location: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/Penn-State.png
access-control-allow-origin: *
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,tenant,x-sidearm-auth
x-amz-cf-id: PUNBFbf5_OYW5zF2qqQXxi_mTeeSb0wneVY5kdKQcYJhVuUmwcyp5Q==

GET
H2

200

Oregon.png
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/
Redirect Chain

https://d141rwalb2fvgk.cloudfront.net/images/logos/Oregon.png
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/Oregon.png

16 KB
16 KB

79ms
79ms

Image
image/png

108.138.24.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/Oregon.png
Protocol: H2
Server: 108.138.24.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-24-192.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a45e550d3f37b810ed85f6d8524a9a5a96e46cafbd62f0f000287d11c215ed30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 04:29:14 GMT
via: 1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
last-modified: Mon, 23 Jan 2023 15:52:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 5883
x-amz-server-side-encryption: AES256
etag: "1634751761364af442afc322b1309862"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 15993
x-amz-cf-id: MagrhFb2i9bwRxtZCSVHLzzUDVzNBwDXD-K9mLnGWs4CbR1FxMVgMw==

Redirect headers

date: Wed, 24 Jan 2024 17:20:59 GMT
strict-transport-security: max-age=0;
x-content-type-options: nosniff
via: 1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 44866
x-cache-status: MISS
x-cache: Hit from cloudfront
content-length: 221
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
content-type: text/html; charset=utf-8
location: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/Oregon.png
access-control-allow-origin: *
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,tenant,x-sidearm-auth
x-amz-cf-id: 3Lz9Rx2x3CNeo_Ht2TPiAWU_4HNrOBfI0e8kScPkSVtnrVLNOPccfg==

GET
H2

200

Duke.png
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/
Redirect Chain

https://d141rwalb2fvgk.cloudfront.net/images/logos/Duke.png
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/Duke.png

3 KB
3 KB

80ms
80ms

Image
image/png

108.138.24.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/Duke.png
Protocol: H2
Server: 108.138.24.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-24-192.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2241e094e5b94af857260c5e75866c0fe49dc78c63e8f18ffd1fbd61c061b6f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 04:49:30 GMT
via: 1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
last-modified: Thu, 07 Dec 2023 14:51:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 5545
x-amz-server-side-encryption: AES256
etag: "ee943c656fbc83d2c150a3e47282e603"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2973
x-amz-cf-id: rpL0keTQXR8UcvC6RV3GvubSAuIJXTSpXYwReERzUCtA2xLONnjmQA==

Redirect headers

date: Wed, 24 Jan 2024 17:46:44 GMT
strict-transport-security: max-age=0;
x-content-type-options: nosniff
via: 1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 43321
x-cache-status: MISS
x-cache: Hit from cloudfront
content-length: 219
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
content-type: text/html; charset=utf-8
location: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/Duke.png
access-control-allow-origin: *
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,tenant,x-sidearm-auth
x-amz-cf-id: muWSiPhqUEFwI7kb4qCB1bw7Pw1We0476V6MPjylZdumTKJhkk8yxg==

GET
H2

200

Virginia-Tech.png
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/
Redirect Chain

https://d141rwalb2fvgk.cloudfront.net/images/logos/Virginia-Tech.png
https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/Virginia-Tech.png

10 KB
11 KB

79ms
78ms

Image
image/png

108.138.24.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/Virginia-Tech.png
Protocol: H2
Server: 108.138.24.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-24-192.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ac8ec8e55ae34fff05c016937f29bb8a46f1daaa199098a7466d3c4e45863b0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 07:39:27 GMT
via: 1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
last-modified: Wed, 27 Sep 2023 15:56:18 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 79759
x-amz-server-side-encryption: AES256
etag: "e9c1344a6a9cbb7cf4460300332bd13b"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 10737
x-amz-cf-id: vXcUf-5dj94dd-UDe5tq_YIESftDI-kuKaFgXwOx9NFugVvmWlZdMQ==

Redirect headers

date: Wed, 24 Jan 2024 19:48:45 GMT
strict-transport-security: max-age=0;
x-content-type-options: nosniff
via: 1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 36000
x-cache-status: MISS
x-cache: Hit from cloudfront
content-length: 228
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
content-type: text/html; charset=utf-8
location: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/logos/Virginia-Tech.png
access-control-allow-origin: *
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,tenant,x-sidearm-auth
x-amz-cf-id: MW03-IDzOpLeWbiTvl2xbdNYj5hpl09bzBBVYohUcSanYU6vKR7QBQ==

OPTIONS
H2 204 putRecords
prod.tahoe-analytics.publishers.advertising.a2z.com/logevent/ Frame 0
0 582ms
191ms Preflight 44.233.137.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.tahoe-analytics.publishers.advertising.a2z.com/logevent/putRecords?encoded=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.233.137.117 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-233-137-117.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-api-key
Access-Control-Request-Method: POST
Origin: https://goheels.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
date: Thu, 25 Jan 2024 05:48:46 GMT
x-amz-apigw-id: SFNpxHUjvHcEOAQ=
x-amzn-requestid: 0be0bc51-47cb-466e-b7e5-364cfbc12b87

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
354 B 54ms
54ms XHR
text/javascript 18.245.47.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fgoheels.com%2F&pid=4oyPrPqWT2qPr&cb=3&ws=1600x1200&v=24.117.1925&t=1100&slots=%5B%7B%22sd%22%3A%22htlad-8-gpt%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F21708449227%2FUNC%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A5%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&pubid=49d1d053-156d-46ed-9d18-8370d1d949e8&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.47.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-47-29.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:45 GMT
via: 1.1 e47c87f8fd9c4c08ac7559d0bcc2b4c2.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P9
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://goheels.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: q6HRhhm4mMul0HiAljn0qkBBj0xDxxKXF7v3wOlefhzDkJoPeFyuzQ==

POST
H2 200 putRecords Show response
prod.tahoe-analytics.publishers.advertising.a2z.com/logevent/ 146 B
374 B 199ms
199ms Fetch
application/json 44.233.137.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.tahoe-analytics.publishers.advertising.a2z.com/logevent/putRecords?encoded=true
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.233.137.117 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-233-137-117.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: a3b898bf4abbc4bb1aa4de1154b5c1d2484d909f60052a195c894f7dfbdf0e6c

Request headers

Referer: https://goheels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
x-api-key: 5e0b19374596b1c8abfb0560fcb956220131d0a7f7100979de5d18cfada355d5
Content-Type: application/json

Response headers

date: Thu, 25 Jan 2024 05:48:46 GMT
x-amzn-trace-id: Root=1-65b1f63e-204eeecc0069f513480a5314
x-amzn-requestid: 3db8333f-0e48-4abe-a7db-5f14f481e895
access-control-allow-methods: *
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: SFNpyFeOvHcEs0A=
content-length: 146

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4284 0
0 48ms
48ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuZgP6UILW7gKBl6ZfjhXyuN-X1D6_v0ZffdSEVavagWlS53gj73q1agMGmB8hiQtneol_3r5aBzo2Z7mYDQqPY2q-sDF0rPSL-z3inGcFeW-Xq6dSEm0X9ZurVLRsqf8NQr4EzET1lUcJQWhVp-eRm8EXeP4IBbrswYmRwyj05SfzI4hWwkhHYRw1FxC5e3zz3khM-bIx_2oVkpxYASOwbVy3DbYwXpOdcTgO4m02We0bZvGHkq1K0TwY1wewAjGGxN18RIEEy70sczGNaCvbljkA-nrLfAPpsgpDZT3hkHo0EYFskNjHL29V_u1RPV1qiEYiN&sai=AMfl-YT2Yby35ZP5B2QXKc9YDs0rWJIkkTKlF3FGYFtyEqvbF7cmkPTpy2GMFmH0vIpHFXib8gbStPRZe1wnu2F7PsY9w78GSztqQvaB8pWi5COBciArGDxiaEIZWg6qbA&sig=Cg0ArKJSzDdV7hVjrXK_EAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: goheels.com
URL: https://goheels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 4284 3 KB
1 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Host: goheels.com
URL: https://goheels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 18:37:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40261
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Feb 2024 18:37:44 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4284 205 KB
65 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: goheels.com
URL: https://goheels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66337
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706100845105677"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Jan 2024 05:48:45 GMT

GET
H3 200 7335643768259034790
tpc.googlesyndication.com/simgad/ Frame 4284 223 KB
223 KB 17ms
17ms Image
image/gif 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7335643768259034790

Requested by

Host: goheels.com
URL: https://goheels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2d08053e4a0bdce655ea4aea231df84a4fca7f6bc44c188a6bfa338012ffef1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 23 Jan 2025 11:07:42 GMT
date: Wed, 24 Jan 2024 11:07:42 GMT
x-content-type-options: nosniff
age: 67263
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 228204
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 17:49:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 91 KB
41 KB 538ms
537ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2944138713192369&correlator=1409448194303707&eid=31080256&output=ldjh&gdfp_req=1&vrg=202401180101&ptt=17&impl=fifs&iu_parts=21708449227%2CUNC&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C970x250%7C728x90&ifi=8&didk=359666826&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D5d03bff7ffc8bc3c%3AT%3D1706161723%3ART%3D1706161723%3AS%3DALNI_Mau4b7S1Al9ARWPWDtGJmrEHs5Pcw&gpic=UID%3D00000d49680283d7%3AT%3D1706161723%3ART%3D1706161723%3AS%3DALNI_MY0TXSFsPHfy0vjS9N9GP9E1YJC-w&abxe=1&dt=1706161725752&lmt=1706161725&adxs=315&adys=403&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fgoheels.com%2F&vis=1&psz=970x0&msz=970x0&fws=0&ohw=0&psts=AOrYGsk83Irr5fcXEhsEwNdB98g3aQkH-sjYx41jyHTaHftAKXuMd2VprTTBnh-ar5aOOqOJ-T_Es0OwZJLu7BXYgosIdaBK%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGskU5W5aOS7YRKHJTC_N8MvjBWXMsSOvevW_AaXyAmZBS_IproO32iICD2oojmAt9Ex5pJbNbPhMR0ZoaTjrGw%2CAOrYGslT0UAjvOQARMEIxNclNswdAYfol2Vi88AA0ZCdooO8DlkqFcteReL33u8jTgAteL9m6ZKguihuwamTNetwrRYu7hiS&ga_vid=1970315308.1706161724&ga_sid=1706161724&ga_hid=1549886769&ga_fc=true&a3p=EjQKCnB1YmNpZC5vcmcSJDVhNGU1NTE2LWQ1YWYtNGQ3NS1iNDZmLTgzMWRhMjg0ODc4N1gBEhwKDWNyd2RjbnRybC5uZXQY7LCn-dMxSABSAghkEhsKDGlkNS1zeW5jLmNvbRiJsqf50zFIAFICCGo.&dlt=1706161722775&idt=689&prev_scp=pos%3Dmiddle%26htl_refresh%3D1&cust_params=htlbidid%3D28996%26is_testing%3Dno%26is_home%3Dyes%26category%3Dhome%26post_id%3D%26sport_name%3D%26sport_name_custom%3D%26page_template%3Dhome%26load%3Dpage%26adtest%3D%26site%3Dgoheels.com%26sect%3Dfrontpage&adks=1858864637&frm=20

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf6934abae6580154ec8357269f87a9dafb047407f7b8ad6c9e511b2cb4ae15f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42300
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://goheels.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 settings Show response
goheels.com/api/v2/Analytics/ 44 B
316 B 111ms
111ms XHR
application/json 18.119.68.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://goheels.com/api/v2/Analytics/settings
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.119.68.163 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-119-68-163.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: ddcb17946e1cf33e88cc46cdaaa8fcfdf82a03cbeb867cc94bf3b562d8fd35b6

Request headers

Accept: application/json, text/plain, */*
Referer: https://goheels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
tenant: unc

Response headers

access-control-allow-origin: *
date: Thu, 25 Jan 2024 05:48:45 GMT
content-encoding: gzip
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,tenant,x-sidearm-auth
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/json; charset=utf-8

GET
DATA 200
OK truncated
/ Frame 4284 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ac57960745679a12a644260885867e06cd3d28f0051e4494f138ba961b86a4b1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 collect
region1.analytics.google.com/g/ 0
55 B 20ms
19ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-Y29PC3P5S9&gtm=45je41m0v882570456&_p=1706161723231&gcs=G111&gcd=11t1t1l1l5&dma_cps=sypham&dma=1&tag_exp=71847096&cid=1970315308.1706161724&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=3&sid=1706161724&sct=1&seg=0&dl=https%3A%2F%2Fgoheels.com%2F&dt=University%20of%20North%20Carolina%20Athletics&en=scroll&epn.percent_scrolled=90&_et=9&tfd=3693
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 05:48:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://goheels.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 92 KB
42 KB 435ms
435ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2944138713192369&correlator=3350400351629859&eid=31080256&output=ldjh&gdfp_req=1&vrg=202401180101&ptt=17&impl=fifs&iu_parts=21708449227%2CUNC&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=9&didk=318369283&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D5d03bff7ffc8bc3c%3AT%3D1706161723%3ART%3D1706161723%3AS%3DALNI_Mau4b7S1Al9ARWPWDtGJmrEHs5Pcw&gpic=UID%3D00000d49680283d7%3AT%3D1706161723%3ART%3D1706161723%3AS%3DALNI_MY0TXSFsPHfy0vjS9N9GP9E1YJC-w&abxe=1&dt=1706161725810&lmt=1706161725&adxs=103&adys=1109&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fgoheels.com%2F&vis=1&psz=300x0&msz=300x0&fws=0&ohw=0&psts=AOrYGsk83Irr5fcXEhsEwNdB98g3aQkH-sjYx41jyHTaHftAKXuMd2VprTTBnh-ar5aOOqOJ-T_Es0OwZJLu7BXYgosIdaBK%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGskU5W5aOS7YRKHJTC_N8MvjBWXMsSOvevW_AaXyAmZBS_IproO32iICD2oojmAt9Ex5pJbNbPhMR0ZoaTjrGw%2CAOrYGslT0UAjvOQARMEIxNclNswdAYfol2Vi88AA0ZCdooO8DlkqFcteReL33u8jTgAteL9m6ZKguihuwamTNetwrRYu7hiS&ga_vid=1970315308.1706161724&ga_sid=1706161724&ga_hid=1549886769&ga_fc=true&a3p=EjQKCnB1YmNpZC5vcmcSJDVhNGU1NTE2LWQ1YWYtNGQ3NS1iNDZmLTgzMWRhMjg0ODc4N1gBEhwKDWNyd2RjbnRybC5uZXQY7LCn-dMxSABSAghkEhsKDGlkNS1zeW5jLmNvbRiJsqf50zFIAFICCGo.&dlt=1706161722775&idt=689&prev_scp=pos%3Dmiddle1%26htl_refresh%3D1&cust_params=htlbidid%3D28996%26is_testing%3Dno%26is_home%3Dyes%26category%3Dhome%26post_id%3D%26sport_name%3D%26sport_name_custom%3D%26page_template%3Dhome%26load%3Dpage%26adtest%3D%26site%3Dgoheels.com%26sect%3Dfrontpage&adks=2912231492&frm=20

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b63260cbcdf230ed573848c73e482fda5c05f8b8327a2b1fac8862a776b48c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42974
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://goheels.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sidearm-icons.svg
goheels.com/ 107 KB
38 KB 106ms
106ms Other
image/svg+xml 18.119.68.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://goheels.com/sidearm-icons.svg

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.119.68.163 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-119-68-163.us-east-2.compute.amazonaws.com

Software

Resource Hash

e8a08f092d451e222bc83e53a54bcfc3f09630b2694a11068bf6c7826ce297b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:45 GMT
strict-transport-security: max-age=15724800
content-encoding: gzip
last-modified: Tue, 16 Jan 2024 18:02:57 GMT
etag: W/"1ac0a-18d1370d068"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536

GET
H2 200 ad_counter.aspx Show response
goheels.com/services/ 0
338 B 228ms
228ms XHR
text/html 18.119.68.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://goheels.com/services/ad_counter.aspx?ad_id=1152,1168,1153,1154,1155

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.119.68.163 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-119-68-163.us-east-2.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://goheels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
tenant: unc

Response headers

date: Thu, 25 Jan 2024 05:48:45 GMT
strict-transport-security: max-age=0;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-cache-status: MISS
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: private
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,tenant,x-sidearm-auth
content-length: 0
x-xss-protection: 1; mode=block

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4284 0
0 46ms
46ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss4sdwrOBit01DBfzjxzR3OPXc1EuhdNH5RyZgb3_X1yVVZt9oWIotYIdb_DprBrf3l8N81UbhCdUeiLYaMtmTHJC3iBof1LUjL8kEkQSPplQ1BopGl4_xh_GN7nf2acwRYk3xBEN5qbphQFdDz3c2LkRsTqBB_4oFrZzXKjW0g2ZPyDppZEn6iqzwBr1CmLQdWatMRydFcvEo4lFVgTjHqBN8pKO2lQaONO-2di0asDlskh2ZQKYO-zwklCQGrOkenycpvUX6u-n1P-LaIrZ6_GAG-uKf8Q4md95YHzoYf2K3OvTjUqsma7Viarq8vZKxpJHdVdmM&sai=AMfl-YQ3TIT06JyhC-dqJO3hNpy68aYHUX2i7y4tL7lHn_pHRSar0RR-ctfPDmJGg1tJiY97xAwnqEAVahh4_w14re9EcqKOCiQhFWZGf_DZXJfUjWYu4-QI9vUJJizbEA&sig=Cg0ArKJSzFXyaHVDO1cvEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 25 Jan 2024 05:48:45 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 25 Jan 2024 05:48:09 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 36
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 25 Jan 2024 07:48:09 GMT

GET
H2 200 sidearm-icons.svg
goheels.com/ 107 KB
38 KB 108ms
107ms Other
image/svg+xml 18.119.68.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://goheels.com/sidearm-icons.svg

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.119.68.163 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-119-68-163.us-east-2.compute.amazonaws.com

Software

Resource Hash

e8a08f092d451e222bc83e53a54bcfc3f09630b2694a11068bf6c7826ce297b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:46 GMT
strict-transport-security: max-age=15724800
content-encoding: gzip
last-modified: Tue, 16 Jan 2024 18:02:57 GMT
etag: W/"1ac0a-18d1370d068"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536

GET
H2 200 crop
images.sidearmdev.com/ 92 KB
92 KB 9ms
8ms Image
image/webp 18.66.122.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sidearmdev.com/crop?url=https%3A%2F%2Fd141rwalb2fvgk.cloudfront.net%2Fimages%2F2024%2F1%2F23%2Frj_davis_sc_svp_012224__720p_1_1YUOa.jpg&width=1078&height=608&type=webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-103.fra60.r.cloudfront.net

Software

Resource Hash

3e35744549a6577392c045ed9a66cc577cb47cddc42b4dcf6df932ea58691f5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 18:18:56 GMT
via: 1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: FRA60-P2
age: 127789
x-cache: Hit from cloudfront
content-length: 93962
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 100
x-frame-options: SAMEORIGIN
content-type: image/webp
vary: Origin
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-amz-cf-id: s3KRwL0yG5IvXS_EPBnA1r_ujHmb7DSPDtsyEFyiEhKszXFurmCrOg==

GET
H2 200 get Show response
goheels.com/services/allaccess.ashx/categories/ 168 B
544 B 114ms
114ms XHR
application/json 18.119.68.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://goheels.com/services/allaccess.ashx/categories/get

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.119.68.163 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-119-68-163.us-east-2.compute.amazonaws.com

Software

Resource Hash

832541a7cac9717c3dea0d1504f3fc958ae3b4f1e80e0b0fd2d408e3d7639698

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://goheels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
tenant: unc

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 05:48:46 GMT
strict-transport-security: max-age=0;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-cache-status: STALE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,tenant,x-sidearm-auth
content-length: 168
x-xss-protection: 1; mode=block
expires: -1

GET
H2 200 resize
images.sidearmdev.com/ 14 KB
15 KB 9ms
8ms Image
image/webp 18.66.122.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sidearmdev.com/resize?url=https%3A%2F%2Fdxbhsrqyrr690.cloudfront.net%2Fsidearm.nextgen.sites%2Func.sidearmsports.com%2Fimages%2F2023%2F9%2F18%2FAPP_Download_Sider_460x260.jpg&width=2000&type=webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-103.fra60.r.cloudfront.net

Software

Resource Hash

398610b925e3f1c7bc6719be70e513c745bf9c976a39d65176532157a83b10ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 20:13:38 GMT
via: 1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: FRA60-P2
age: 1935307
x-cache: Hit from cloudfront
content-length: 14840
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 100
x-frame-options: SAMEORIGIN
content-type: image/webp
vary: Origin
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-amz-cf-id: AfClx0VKRuRuAOEGtt1IO_bpuXPz_mJikVwzHVXEXLETVdrQ6Vnu1A==

GET
H2 200 resize
images.sidearmdev.com/ 12 KB
12 KB 10ms
9ms Image
image/webp 18.66.122.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-103.fra60.r.cloudfront.net

Software

Resource Hash

3ccb0d213449b1128d0febff39cec802b5b6cf803e097c1356b0a41cd2ece474

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 14:07:46 GMT
via: 1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: FRA60-P2
age: 1870859
x-cache: Hit from cloudfront
content-length: 12054
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 100
x-frame-options: SAMEORIGIN
content-type: image/webp
vary: Origin
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-amz-cf-id: 6BJ0bTn08vh-wWNCtux0sVvwODfu1Qn-ZcnZHGoeIIpu1y76fw5Rdg==

GET
H2 200 resize
images.sidearmdev.com/ 9 KB
9 KB 13ms
11ms Image
image/webp 18.66.122.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sidearmdev.com/resize?url=https%3A%2F%2Fdxbhsrqyrr690.cloudfront.net%2Fsidearm.nextgen.sites%2Func.sidearmsports.com%2Fimages%2F2023%2F9%2F27%2F460x260_Carolina_Kids_Club__1__AEMTg.png&width=2000&type=webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-103.fra60.r.cloudfront.net

Software

Resource Hash

26118e9fb6846a279299fed4247f25e3a3ae921c69f792272ba7f8bbd9086f08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 17:14:58 GMT
via: 1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: FRA60-P2
age: 1773227
x-cache: Hit from cloudfront
content-length: 8984
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 100
x-frame-options: SAMEORIGIN
content-type: image/webp
vary: Origin
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-amz-cf-id: Bxys0CICGIfdmz8JDq8zCCx_FyRqzqQMMSTEoFyA_c91HWq31ozwaA==

GET
H2 200 resize
images.sidearmdev.com/ 13 KB
13 KB 11ms
10ms Image
image/webp 18.66.122.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-103.fra60.r.cloudfront.net

Software

Resource Hash

15d481d96ccaa722f5f7b3036367a95e9d70a52d862884cafae5f78ba92b1315

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 20:30:22 GMT
via: 1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: FRA60-P2
age: 2107102
x-cache: Hit from cloudfront
content-length: 13340
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 100
x-frame-options: SAMEORIGIN
content-type: image/webp
vary: Origin
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-amz-cf-id: Ca16RtA1s5t0tbxl5KDN5A63gQ6Y-2OvZAgBY6GaowLHz-wMDAIgOA==

GET
H2 200 ad_counter.aspx Show response
goheels.com/services/ 0
339 B 107ms
107ms XHR
text/html 18.119.68.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://goheels.com/services/ad_counter.aspx?ad_id=1165,1166,1167,1149

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.119.68.163 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-119-68-163.us-east-2.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://goheels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
tenant: unc

Response headers

date: Thu, 25 Jan 2024 05:48:46 GMT
strict-transport-security: max-age=0;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-cache-status: STALE
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: private
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,tenant,x-sidearm-auth
content-length: 0
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK elqCfg.min.js Show response
img.en25.com/i/ 6 KB
3 KB 52ms
14ms Script
application/x-javascript 23.37.51.81
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://img.en25.com/i/elqCfg.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.37.51.81 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-51-81.deploy.static.akamaitechnologies.com

Software

Resource Hash

3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 25 Jan 2024 05:48:46 GMT
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Connection: keep-alive
Content-Length: 2183
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Wed, 04 Oct 2023 18:38:07 GMT
ETag: "b8e913ebf1f6d91:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: no-store
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Expires: Thu, 25 Jan 2024 05:48:46 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 279 KB
92 KB 22ms
22ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3GKT4Y4BLP

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0d2937de169a8b14f8193d04c840c429422d0f6dbe22d04ed914b44c1c661ecc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94477
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 25 Jan 2024 05:48:46 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 279 KB
92 KB 34ms
34ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3GKT4Y4BLP&l=dataLayer&cx=c

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ea741faa0039e713f7a8bfb5f8be5f871db81baf7dbe63e5776f221eacce41f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94466
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 25 Jan 2024 05:48:46 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
207 B 14ms
13ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1549886769&t=pageview&_s=1&dl=https%3A%2F%2Fgoheels.com%2F&ul=en-us&de=UTF-8&dt=University%20of%20North%20Carolina%20Athletics%20-%20Official%20Athletics%20Website&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAEK~&jid=334615682&gjid=1310481923&cid=1970315308.1706161724&tid=UA-180696617-1&_gid=1345073887.1706161726&_r=1&_slc=1&gtm=45He41m0n81K3TH4CCv833217870&cd1=2024-01-25T06%3A48%3A45%2B01%3A00&cd20=University%20of%20North%20Carolina&cd21=DI&cd22=ACC&cd23=1323&cd24=University%20of%20North%20Carolina%20Athletics%20-%20Official%20Athletics%20Website&cd25=home&cd26=1&cd27=learfield&cd28=1&cd29=1&cd35=0&cd37=0&cd49=UA-180624321-5&cd50=unc&cd53=frontpage&cd54=paciolan&cd55=south&cd56=SIDEARM&gcs=G111&gcd=11t1t1l1l5&dma_cps=sypham&dma=1&tag_exp=71847096&cd5=1970315308.1706161724&z=1734960403

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://goheels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 05:48:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://goheels.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
71 B 14ms
13ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1549886769&t=pageview&_s=1&dl=https%3A%2F%2Fgoheels.com%2F&ul=en-us&de=UTF-8&dt=University%20of%20North%20Carolina%20Athletics%20-%20Official%20Athletics%20Website&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAEK~&jid=2042968746&gjid=2039884817&cid=1970315308.1706161724&tid=UA-180624321-5&_gid=1345073887.1706161726&_r=1&_slc=1&gtm=45He41m0n81TW6R675&cd1=2024-01-25T06%3A48%3A45%2B01%3A00&cd20=University%20of%20North%20Carolina&cd21=DI&cd22=ACC&cd23=1323&cd24=University%20of%20North%20Carolina%20Athletics%20-%20Official%20Athletics%20Website&cd25=home&cd26=1&cd27=learfield&cd28=1&cd29=1&cd35=0&cd37=0&cd49=UA-180624321-5&cd50=unc&cd53=frontpage&cd54=paciolan&cd55=south&gcs=G111&gcd=11t1t1l1l5&dma_cps=sypham&dma=1&tag_exp=71847096&cd5=1970315308.1706161724&z=1922396761

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://goheels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 05:48:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://goheels.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
152 B 22ms
19ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-180696617-1&cid=1970315308.1706161724&jid=334615682&gjid=1310481923&_gid=1345073887.1706161726&_u=YADAAEAAAAAAACAEK~&z=633616368

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://goheels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 25 Jan 2024 05:48:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://goheels.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 13ms
13ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-3GKT4Y4BLP&gtm=45je41m0v885127877&_p=1706161723231&_gaz=1&gcs=G111&gcd=11t1t1l1l5&dma_cps=sypham&dma=1&tag_exp=71847096&cid=1970315308.1706161724&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1706161726&sct=1&seg=0&dl=https%3A%2F%2Fgoheels.com%2F&dt=University%20of%20North%20Carolina%20Athletics%20-%20Official%20Athletics%20Website&en=page_view&_fv=1&_ss=1&_ee=1&tfd=3974
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 05:48:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://goheels.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
55 B 20ms
20ms Ping
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-3GKT4Y4BLP&cid=1970315308.1706161724&gtm=45je41m0v885127877&aip=1&dma=1&dma_cps=sypham&gcs=G111&gcd=11t1t1l1l5
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 05:48:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://goheels.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
108 B 18ms
18ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-3GKT4Y4BLP&cid=1970315308.1706161724&gtm=45je41m0v885127877&aip=1&dma=1&dma_cps=sypham&gcs=G111&gcd=11t1t1l1l5&z=1674539113

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 05:48:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 17ms
17ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-180696617-1&cid=1970315308.1706161724&jid=334615682&_u=YADAAEAAAAAAACAEK~&z=156058565

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 05:48:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
108 B 18ms
18ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-180696617-1&cid=1970315308.1706161724&jid=334615682&_u=YADAAEAAAAAAACAEK~&z=156058565

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 05:48:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

svrGP
t.goheels.com/visitor/v200/
Redirect Chain

https://t.goheels.com/visitor/v200/svrGP?pps=3&siteid=1107655&ref=https%3A%2F%2Fgoheels.com%2F&ref2=elqNone&tzo=-60&ms=66&optin=disabled&firstPartyCookieDomain=t.goheels.com
https://t.goheels.com/visitor/v200/svrGP?pps=3&siteid=1107655&ref=https%3A%2F%2Fgoheels.com%2F&ref2=elqNone&tzo=-60&ms=66&optin=disabled&elq1pcGUID=7F01980172C242B5AB9BB8DB99656077

49 B
508 B

199ms
199ms

Image
image/gif

147.154.54.13
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.goheels.com/visitor/v200/svrGP?pps=3&siteid=1107655&ref=https%3A%2F%2Fgoheels.com%2F&ref2=elqNone&tzo=-60&ms=66&optin=disabled&elq1pcGUID=7F01980172C242B5AB9BB8DB99656077

Protocol

HTTP/1.1

Server

147.154.54.13 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

Resource Hash

f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Jan 2024 05:48:46 GMT
X-Content-Type-Options: nosniff
Content-Type: image/gif
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 49
X-Xss-Protection: 1; mode=block
Expires: -1

Redirect headers

Pragma: no-cache
Date: Thu, 25 Jan 2024 05:48:46 GMT
X-Content-Type-Options: nosniff
Content-Type: text/html; charset=utf-8
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Location: https://t.goheels.com/visitor/v200/svrGP?pps=3&siteid=1107655&ref=https%3A%2F%2Fgoheels.com%2F&ref2=elqNone&tzo=-60&ms=66&optin=disabled&elq1pcGUID=7F01980172C242B5AB9BB8DB99656077
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 325
X-Xss-Protection: 1; mode=block
Expires: -1

GET
H3 200 container.html Show response
67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DCB7 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://goheels.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 25 Jan 2024 05:48:43 GMT
expires: Fri, 24 Jan 2025 05:48:43 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D8F3 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://goheels.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 25 Jan 2024 05:48:43 GMT
expires: Fri, 24 Jan 2025 05:48:43 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3489 0
16 B 43ms
43ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARi5v53cATAB&v=APEucNXG01ZM59tJ6to7cTGPfvbF6ZEceBee2R6A-X0RzqLG9-HCGF3fbhzaPxpQ0BQtO9h_eKOWaGcQuw6Odg0J2OuKamTNEw

Requested by

Host: 67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com
URL: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 25 Jan 2024 05:48:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame DCB7 23 KB
9 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js

Requested by

Host: goheels.com
URL: https://goheels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 23:30:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22716
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 16165788300067284045
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Feb 2024 23:30:10 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/ Frame DCB7 8 KB
3 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: goheels.com
URL: https://goheels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 23:30:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22716
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3206
x-xss-protection: 0
server: cafe
etag: 12640889860211258669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Feb 2024 23:30:10 GMT

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame DCB7 0
0 51ms
51ms Fetch
image/gif 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstkxFAspGv1DvHnD-7oFUo4jMwXHua-VHHKMo-d-xwSGPrrUMUKfuSW2TQE9yST7nXshU_OK9W9W4-qsx4Qw41Mq2hXSd8jKPiNN3whGti0w2WHrODsUYhH24SZwWX9uK1icEx08xL4QfzvMySd3HqGbSayOkzXjoFWT1fbLkIYgRPwZ4Mv2-Ce5hpShh7aH4oLDn5xJk54rTD3yUFBPclvVnpOWkZCx9XzZsssk--7_g5EOSOePTFS9TIVtShgVV_CylUMSypG_aUb9Z2ogYUhJAvzXsqH9Z0xs66lVNMu9UDTJWYot8y9dxmwP0JoIZwxCIHmSCv2Y3VPPUgi6IGuGTrCDklCcs2avL39GH8acdHNVp9HHHn8Qbqmtdrpv_qMeTQq79APrUPT-NETfuyLWWuXlMMXnXExmnNp8fezWLNtYKKQL1dYuuiWoBy9LuE24QDVx_KCqLpqMw69lJDN7ipKQIrSFguVDUu9Eh2h505OfJlCo2EnKveXzFTg2LY6QLnkJDZSKUiaK-Nj8hv2WR0gsotZAKw01KjUAaPlM0jBCDmdVWBpQp0oBVEtce9jMVJYh_AAFGapftfr3_hS72ODccg0fCxEBk-UQ1Psz5B4EB5QPm_vllnmayGXQjCwCfFWilXQc9mfNU4gvMRz2EWFuhnlKMJ3DB2-GRKFUCVMBENmzjcLGwEt33mkWNarzXMj1ZaWQbScVOR_M7-_Jt0gImKdXrysrR_Hf_ErSjbKbUhjVyQb89Yd9IFpQ-ZlEl-AWfFkVIAgJ4_8gvLOE6dfMCdY1wNnlLOEm1xl59bj8Dx8LWi_dv2epN-SFjSXMvT-u1C-21-MPaR4bnvOJwI7pE--4c07p3lBq3Sy6zOjjpKwYka7eLObw23bIZ2_i8pCap3V3ZsAuxrYxXSjRuoNGXthVlM17qArnhZSAeQdZNYOUyQC9peYY_udyNosaZKe-x7WChEE42QStDsnqPNz9yxBDDP13ZFyWTMQkzZzAlKSg1T5IOvuy5adoo2xK30BJwvRbx8p6BZDew7esevUky0Rd9_kmBLMUDgPhzqxPvpBewb_zv6aGIUL9tZARBgjRRsyVP90Iyu4kWK7ZgIG6vn5A1i7xuH1oxL_1pzO69UMBpMDmN5Hbr89kgDm8MnJws4i3uhldmrVweaTvtCQN075OK4dxhGcMRUH9dO55rIBrAg2haNkD-ynXfW0uzj0d_F4HyrqIsVfy3gcXLRIX7qavY13EKBEaG4tMmCoeeAmUzFEnnLhxnGHrHhLcsncHpQMnCc4b-fnxO5ZX8WlfLu3mGyNhOAVVevPqCrqosdbw5Njgt_vaLhe0yzPhS9EVCNgFjvboUnAiJ-bXlAfuVcS0BLpjyQNaymm4ph7vCOhTLrZ9y6eIw_9ZttPFD1RJxafW_zH84HrHL4jK_K9OUpVsaK5wt9lxgHCg2cu&sai=AMfl-YQyvuKEu-CA40HfWj5RRHIjl6oGQv2ZqHOMvFbNY7bxqqL0opKZ7aylY3c7Ra60UJLWhLZFlJtcj6Up9N8Q2JrqLmP_aAqzGcv2EKdWnXS8ieXldyiNgKFpI_bWAAkH_e6ox1chnQSbx-FnpCyywsUSqwqBwX3snTsV-lGEq6TbKLUulnROUwCcJgBchf3UjApjiK3IPanatDeGVNLac_Mx0_pkRH0-0OcbF-nuUTOgsnT1fL7MTRv-loxw6ySiOWFs8r3j-fJC8yd6Hmyrg-FBJuoqwrkggvr1aiMrLktvXNJ-CSyp-SHpj_ci0GL-PbgC6VO0L6kGfSu6oNlqlKFJoXMVb68gJqLRWqr2BoMnkCU2oFrNM7VvCzYWYXvpSE3N268lYb7WXQbDyPs_Xx_welRBc40qcDgOyXg&sig=Cg0ArKJSzAabK5be40ssEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9maXZlcnIuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20240122.51822&arae=0&ftch=1&adurl=

Requested by

Host: goheels.com
URL: https://goheels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 25 Jan 2024 05:48:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame DCB7 41 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: goheels.com
URL: https://goheels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:39:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 108529
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 23:39:57 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame DCB7 3 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Host: 67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com
URL: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 18:37:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40262
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Feb 2024 18:37:44 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame DCB7 20 KB
8 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com
URL: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 23:41:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22009
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Feb 2024 23:41:57 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame DCB7 42 B
63 B 46ms
46ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cv5tWD9FKcQ404LiCDXzSzRmR-uUTs0SQ5WLw4175TEAuE_Lx8WoAVwh2iVAxOx14NeYbMR2tOPNke1cuRxIUu8dGxuymLbga2BUxgQEXVeh_1bOQ

Requested by

Host: 67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com
URL: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 05:48:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame DCB7 0
0 14ms
14ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRYggT-7PelEp-it8KE14AoAQydP9H1mEraFvV1knCRNbhQY9xUs-XdXaLfBkiEcGnPkFc7
Requested by: Host: 67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com
URL: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame DCB7 205 KB
65 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com
URL: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66337
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706100845105677"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Jan 2024 05:48:46 GMT

GET
H2 200 pixel
protected-by.clarium.io/ Frame DCB7 68 B
244 B 30ms
29ms Image
image/png 63.32.16.169
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_Mmt0M2tyRGVtSGtUVmx3SkhGR0ZfRVJ0LUhJLzI2OTkxODY4Mjg6MzAweDI1MA==&v=5&s=v31hkvijotl&id=eyJkZnAiOnsiYWQiOjQ1NzMxNTI4NzEsImMiOm51bGwsImwiOjAsIm8iOjI2OTkxODY4MjgsIkEiOiIvMjE3MDg0NDkyMjcvVU5DIiwieSI6MjIxMjQ2LCJjbyI6MCwicyI6Imh0bGFkLTgtZ3B0In19&cb=8569573&h=goheels.com&d=eyJ3aCI6Ik1tdDBNMnR5UkdWdFNHdFVWbXgzU2toR1IwWmZSVkowTFVoSkx6STJPVGt4T0RZNE1qZzZNekF3ZURJMU1BPT0iLCJ3ZCI6eyJvIjoyNjk5MTg2ODI4LCJ3IjoiMzAwIiwiaCI6IjI1MCJ9LCJ3ciI6Mn0=
Requested by: Host: 67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com
URL: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.16.169 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-16-169.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Thu, 25 Jan 2024 05:48:46 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.18.0 (Ubuntu)
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 16372568333802491740
s0.2mdn.net/simgad/ Frame DCB7 68 KB
68 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/16372568333802491740

Requested by

Host: 67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com
URL: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dac605bdaa0279febb4e4a9df2ba16289b31409b9d39c221735e17412cefd3c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 22 Jan 2025 19:18:08 GMT
date: Tue, 23 Jan 2024 19:18:08 GMT
x-content-type-options: nosniff
age: 124238
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69364
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 13:52:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 sidearm-icons.svg
goheels.com/ 107 KB
38 KB 108ms
107ms Other
image/svg+xml 18.119.68.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://goheels.com/sidearm-icons.svg

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.119.68.163 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-119-68-163.us-east-2.compute.amazonaws.com

Software

Resource Hash

e8a08f092d451e222bc83e53a54bcfc3f09630b2694a11068bf6c7826ce297b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:46 GMT
strict-transport-security: max-age=15724800
content-encoding: gzip
last-modified: Tue, 16 Jan 2024 18:02:57 GMT
etag: W/"1ac0a-18d1370d068"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536

GET
H2 200 crop
images.sidearmdev.com/ 29 KB
30 KB 14ms
13ms Image
image/webp 18.66.122.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sidearmdev.com/crop?url=https%3A%2F%2Fd141rwalb2fvgk.cloudfront.net%2Fimages%2F2024%2F1%2F21%2FKey_Teonni.lville.299.jpg&width=720&height=405&type=webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-103.fra60.r.cloudfront.net

Software

Resource Hash

dd568d1f82716403dbe81012d88bdec6c2b312aa901b924bfd4c211f20c95865

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 23:37:23 GMT
via: 1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: FRA60-P2
age: 22283
x-cache: Hit from cloudfront
content-length: 29980
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 100
x-frame-options: SAMEORIGIN
content-type: image/webp
vary: Origin
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-amz-cf-id: ZDDJvW4Iz1hAsJQA1wM6ceRB1kqKq6VMxOxitKmdEWI_438ArwgXkw==

GET
H2 200 crop
images.sidearmdev.com/ 14 KB
15 KB 23ms
22ms Image
image/webp 18.66.122.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sidearmdev.com/crop?url=https%3A%2F%2Fd141rwalb2fvgk.cloudfront.net%2Fimages%2F2024%2F1%2F21%2FBrantmeier_Reese.ga.20240121WT24.jpg&width=720&height=405&type=webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-103.fra60.r.cloudfront.net

Software

Resource Hash

00aa337e1fde97ba7e3daf1853861e8772996260d2981c841de5f73aa7ce8242

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 21:01:03 GMT
via: 1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: FRA60-P2
age: 31663
x-cache: Hit from cloudfront
content-length: 14690
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 100
x-frame-options: SAMEORIGIN
content-type: image/webp
vary: Origin
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-amz-cf-id: Sjf7XeArEDiaYCBOTZEjotUVYS5inyj6IzTVoAFUPFlTqTUH1XCsEQ==

GET
H2 200 crop
images.sidearmdev.com/ 40 KB
40 KB 24ms
23ms Image
image/webp 18.66.122.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sidearmdev.com/crop?url=https%3A%2F%2Fd141rwalb2fvgk.cloudfront.net%2Fimages%2F2023%2F9%2F9%2Ffootball_helmet.app.95.jpg&width=748&height=499&type=webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-103.fra60.r.cloudfront.net

Software

Resource Hash

f7a47084a50538b4887a35323a2fbc3422b69de4f702ad35206849b308c55c32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 22:01:54 GMT
via: 1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: FRA60-P2
age: 28012
x-cache: Hit from cloudfront
content-length: 40748
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 100
x-frame-options: SAMEORIGIN
content-type: image/webp
vary: Origin
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-amz-cf-id: w_1wi_jaCYxHeKQQM9-AQshW6aTaIEB1DZZ_bL3DGla1BA3JU56xmQ==

GET
H2 200 crop
images.sidearmdev.com/ 23 KB
23 KB 15ms
14ms Image
image/webp 18.66.122.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sidearmdev.com/crop?url=https%3A%2F%2Fd141rwalb2fvgk.cloudfront.net%2Fimages%2F2024%2F1%2F14%2FUstby_Alyssa.uva.6090.jpg&width=720&height=405&type=webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-103.fra60.r.cloudfront.net

Software

Resource Hash

50ce774ca57bbab7b2b578870e9fedddeac15ee141f9aefa3d3c01896168476e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 18:30:56 GMT
via: 1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: FRA60-P2
age: 40670
x-cache: Hit from cloudfront
content-length: 23210
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 100
x-frame-options: SAMEORIGIN
content-type: image/webp
vary: Origin
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-amz-cf-id: UY6-j1QayTnA0pAQNzcDZ6PLH-YQaI88OHWQ0T_YadVbkzbwXAY7_g==

GET
H2 200 crop
images.sidearmdev.com/ 48 KB
48 KB 16ms
15ms Image
image/webp 18.66.122.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sidearmdev.com/crop?url=https%3A%2F%2Fd141rwalb2fvgk.cloudfront.net%2Fimages%2F2024%2F1%2F23%2FNWGSD_DSC02189.jpg&width=720&height=405&type=webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-103.fra60.r.cloudfront.net

Software

Resource Hash

9a54b02e92985bf1cb337e66353b56455704fa934793616be08e6cd1c5815eff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 17:34:09 GMT
via: 1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: FRA60-P2
age: 130477
x-cache: Hit from cloudfront
content-length: 48750
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 100
x-frame-options: SAMEORIGIN
content-type: image/webp
vary: Origin
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-amz-cf-id: uRVvMu-4xLPkFtJ0LJE91JmHC0OijTKgEqbWQulfBsFwNIxjgZ4mRQ==

GET
H2 200 crop
images.sidearmdev.com/ 25 KB
25 KB 23ms
22ms Image
image/webp 18.66.122.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sidearmdev.com/crop?url=https%3A%2F%2Fd141rwalb2fvgk.cloudfront.net%2Fimages%2F2024%2F1%2F22%2Fath.37.jpg&width=720&height=405&type=webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-103.fra60.r.cloudfront.net

Software

Resource Hash

95a93b7a615ebff57160e391c4de593ade61f029fc3837a579dd149c019bdc1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 17:53:59 GMT
via: 1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: FRA60-P2
age: 129287
x-cache: Hit from cloudfront
content-length: 25352
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 100
x-frame-options: SAMEORIGIN
content-type: image/webp
vary: Origin
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-amz-cf-id: Njz0JMV7zFc2lmgO-E0oC1TaH43F1VAce5JwuavQM5c5A3ih-SYFpQ==

GET
H2 200 crop
images.sidearmdev.com/ 19 KB
19 KB 25ms
24ms Image
image/webp 18.66.122.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sidearmdev.com/crop?url=https%3A%2F%2Fd141rwalb2fvgk.cloudfront.net%2Fimages%2F2024%2F1%2F23%2FMartins_Delea.tf.1832.jpg&width=720&height=405&type=webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-103.fra60.r.cloudfront.net

Software

Resource Hash

d53cea4605d5a4cb4ef7b3a14e46aff8b35883be25c7acd0bcecb35d4242bedb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 22:10:03 GMT
via: 1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: FRA60-P2
age: 113923
x-cache: Hit from cloudfront
content-length: 18982
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 100
x-frame-options: SAMEORIGIN
content-type: image/webp
vary: Origin
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-amz-cf-id: lE8l45JZGjFsnV5txERTQFc_CEl9eQFuer8vE1oxGExxrwnlt1cBQg==

GET
H2 200 crop
images.sidearmdev.com/ 51 KB
51 KB 25ms
25ms Image
image/webp 18.66.122.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sidearmdev.com/crop?url=https%3A%2F%2Fd141rwalb2fvgk.cloudfront.net%2Fimages%2F2024%2F1%2F21%2FKelly_Deja.lville.424.jpg&width=720&height=405&type=webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-103.fra60.r.cloudfront.net

Software

Resource Hash

19a036fedd1efc1a6ffec324d0afb65a1f98e0723411038f06b0e69084c460cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 18:46:26 GMT
via: 1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: FRA60-P2
age: 126140
x-cache: Hit from cloudfront
content-length: 52008
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 100
x-frame-options: SAMEORIGIN
content-type: image/webp
vary: Origin
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-amz-cf-id: 28hXAhwzw2Z1NH7WUha5T1Rk-WzNL7bRNVeZQZ19aUVWbxXTP12lmw==

GET
H2 200 crop
images.sidearmdev.com/ 38 KB
38 KB 26ms
26ms Image
image/webp 18.66.122.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sidearmdev.com/crop?url=https%3A%2F%2Fd141rwalb2fvgk.cloudfront.net%2Fimages%2F2024%2F1%2F15%2FVazquez_Aranza.dive.232.jpg&width=720&height=405&type=webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-103.fra60.r.cloudfront.net

Software

Resource Hash

2aff4ebb3e4255e9bc4dd4eb368a7029bdeb91961fbf983b82f031b968ca905e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 18:46:27 GMT
via: 1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: FRA60-P2
age: 126139
x-cache: Hit from cloudfront
content-length: 38700
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 100
x-frame-options: SAMEORIGIN
content-type: image/webp
vary: Origin
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-amz-cf-id: 4XXMlyVxpAsBOSzlrMORDlw2vnS1HuAnRRYtaim7vmx2SV6q93im7A==

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1BB8 0
16 B 43ms
42ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIyE0QIQivniAhj799P7ATAB&v=APEucNXw4PtZf4cVUlpiRAYW4euc-yHSbD2yI0bZofVuDdA-Ca4pdz4WjLOCnlm6Lue0AEw7hI4ZQK0YW1S_UHqht5jKr5MPSQ

Requested by

Host: 67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com
URL: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 25 Jan 2024 05:48:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame D8F3 23 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js

Requested by

Host: goheels.com
URL: https://goheels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 23:30:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22716
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 16165788300067284045
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Feb 2024 23:30:10 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/ Frame D8F3 8 KB
3 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: goheels.com
URL: https://goheels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 23:30:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22716
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3206
x-xss-protection: 0
server: cafe
etag: 12640889860211258669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Feb 2024 23:30:10 GMT

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame D8F3 0
0 48ms
47ms Fetch
image/gif 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsuv3XYrJ4ST22qDFo8gOfuNUFOQVcbmI27-NItnUZPXXOw0nEX_jbqRZVdsQedGPLXznV6YdrGVeXJ-RYoAwsCGmKtQ_zg8jDM2Fn0CbIb_tfOyYt_RlSBGVBUgSfGwAalAgbwfZOm1ypIY9IITqd6wwVbmmzigtrLQxPmGcrOdeWQrRWfDJRunnS4Bfgd3oQkyg1kehqZ83XQHYgT24irqBnwA9sPdUS1pSOzgkvn29HJvzGomF77lhHsAoSyDZxAAw4mzFQ35qTyXbhgpP5UNzZoNBQRFf8r3eG-z-OIStC2qyTnUnKNLkIw6IrksdlddRTVupmybmM2SstCGcqTLhIRsdS0wC6FG6lWwZiljnenJWe0uFaJKU6QfrZf6hnzIGqFeiDA_JYAqhJUit3Y-C875psb3prf_YF_uOG_vm5idcoujMycyEuaw2EPOeXgQyuua36iaBACXn_0yNx32rbqAw99gkYW6DgLjrBsxxUXbSvtlIrgYilVP0Olw60pvV7A_ey3BrqsdolEs-5r4rBkPZQ98LL32J9HrvWgYwNEuyLy9-Q7VJuqb28Wbp0o8YpAEjAKbnjFfwTUsr7-IOx-0rtjb-Q8qPiXsigs0T-zuV-0kOMo1LZ6IHbB0d1xImFfr12tLP84P988cTM74RQ-9x3qRN93Hgj-6sxuyRXZcCI3adNyKZdX7BVxPPn7PCppcrjiqF1GQZ48kDW-xhm_5M-cE1bWnkqqfqn4uWVXoPM2HjmcnbBUw82Je07Kfb4fa3hawa7pY2AuJBycY3-aWVEAP_IeKbDTqnznodmZxRWybyVtBhdQJ76YeMculgSHJjuXcsXWz6l73kdYc7MIUymE6QRkShl_mUzjjX8f0rGeN5FyF1r-ghhDyPDNceNyOB7gvlrmrCL7MvV4VBa3AsP370wJk7RkeE1f6v8Q7Eyh0TR3LXC2BMw_BLCj-q5ac0vE2VKFXUJP9uzldV0pFSFwJvVwFDynJM7Xzgbx8qCSUX5j8CLIyw2h1pgsITTv3-rH9sPLakvlRUmMt3-Lc-xd4KrG89dYQ1PzgrBddPHgEhgJAknen6XY9GtjYHv-wbk93bwzy7NlfKepwR-4i--XoP48FCYAgWjsMWxH9Vk6cgXf1Sg3_pR_4Tu4FluItgqmSl4i1JxICRzIHMbKUSOKe6NxVbfXQzCCCLwjeWphQxLEleeOQR3RXhFPt1_DU4myS3D0FRzNzpUzYrXrDJNW1rK3BFmGeMtphye3Zad79KbaEo25wLoq6SnKT6VoVrq5T6uRstIwVutuLyB4c69ZpMpxc5LPMP7xQNyj5YIFdQL1o6OvfB08ALPv_80C5kIICDx5Sf9QB5d5CuYiPE52-0IZthEz-e3ZZg0OrW8qaKb_zpf0uKA8MlQNdF8vlSs-tzazhBSKYDnA&sai=AMfl-YSBqzU6Ciy8QMvzyPcZwQhKo50ElGyGdkBbmUevIK_QPt63wVvuTApi7ze1P6hqTghRv0TmCHuGQmXp-qyuUVyS6J-XvZE--gOiDDi2I1hqG6D1-wYR1r1SYpa7XvYzibUAhZQ95EYROgCBeHNwnfBcckljaDOZu7bOZ7xoiQGI44SL1kSrc2TiQUK44t6RAW7fGkq_t3UhpksPVkfUcRuCKWejRPYDHnLb2W_ZzwyvR2L8rVG2yig11xZ0t8aKq1tQMQp_C5k5OyOtaRe1jF57ZC3TRrzTrbc69vs1Ks3AbrsOC-Hwbp6oYXluhjE-Yh0AOTuZWjxNNfsNjK3KRUtoJPYyHkE436dGePa2gMUA9dY88PsxyljVMGw1eL0BmxNNLdmTSmorYrs_NM3yv3LdKJ9whQiqeNA1yqU&sig=Cg0ArKJSzDpcAKgLK218EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9pc2NoZ2wuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20240122.24204&arae=0&ftch=1&adurl=

Requested by

Host: goheels.com
URL: https://goheels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 25 Jan 2024 05:48:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame D8F3 41 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: goheels.com
URL: https://goheels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:39:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 108529
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 23:39:57 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame D8F3 3 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Host: 67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com
URL: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 18:37:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40262
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Feb 2024 18:37:44 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame D8F3 20 KB
8 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com
URL: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 23:41:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22009
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Feb 2024 23:41:57 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame D8F3 42 B
63 B 38ms
38ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BWsCA4R_Jqnf1mwGhG9c5FSnLkC6SO6GYaH_HyaL5henMD_mfzCgkvlwkEfE8fSGLIXi67IT86PL7BjrUNkBFN3dIIj3bKZ6xJF4UyKFUQHhefr_U

Requested by

Host: 67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com
URL: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 05:48:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame D8F3 0
0 15ms
14ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRzLulznD_FsRp5MDSbhJFef9ApHq5H4fuF6wwE_XHXAlj9nxNyChcfsHfxWgHFvVoEs747
Requested by: Host: 67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com
URL: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame D8F3 205 KB
65 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com
URL: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66337
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706100845105677"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Jan 2024 05:48:46 GMT

GET
H2 200 pixel
protected-by.clarium.io/ Frame D8F3 68 B
244 B 32ms
29ms Image
image/png 63.32.16.169
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_Mmt0M2tyRGVtSGtUVmx3SkhGR0ZfRVJ0LUhJLzI2OTkxODY4Mjg6OTcweDI1MA==&v=5&s=v31hkvijp1a&id=eyJkZnAiOnsiYWQiOjQ1NzMxNTI4NzEsImMiOm51bGwsImwiOjAsIm8iOjI2OTkxODY4MjgsIkEiOiIvMjE3MDg0NDkyMjcvVU5DIiwieSI6MjIxMjQ2LCJjbyI6MCwicyI6Imh0bGFkLTQtZ3B0In19&cb=4261036&h=goheels.com&d=eyJ3aCI6Ik1tdDBNMnR5UkdWdFNHdFVWbXgzU2toR1IwWmZSVkowTFVoSkx6STJPVGt4T0RZNE1qZzZPVGN3ZURJMU1BPT0iLCJ3ZCI6eyJvIjoyNjk5MTg2ODI4LCJ3IjoiOTcwIiwiaCI6IjI1MCJ9LCJ3ciI6Mn0=
Requested by: Host: 67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com
URL: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.16.169 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-16-169.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Thu, 25 Jan 2024 05:48:46 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.18.0 (Ubuntu)
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 16818356366789262676
s0.2mdn.net/simgad/ Frame D8F3 213 KB
213 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/16818356366789262676

Requested by

Host: 67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com
URL: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d6f6c1dedd964b7bf8865c988e2daabc54e99b5b376f51efc37fa8fd6ac0328c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 22 Jan 2025 09:14:08 GMT
date: Tue, 23 Jan 2024 09:14:08 GMT
x-content-type-options: nosniff
age: 160478
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 217728
x-xss-protection: 0
last-modified: Wed, 25 Oct 2023 14:58:32 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame DCB7 0
0 43ms
43ms Fetch
image/gif 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstkxFAspGv1DvHnD-7oFUo4jMwXHua-VHHKMo-d-xwSGPrrUMUKfuSW2TQE9yST7nXshU_OK9W9W4-qsx4Qw41Mq2hXSd8jKPiNN3whGti0w2WHrODsUYhH24SZwWX9uK1icEx08xL4QfzvMySd3HqGbSayOkzXjoFWT1fbLkIYgRPwZ4Mv2-Ce5hpShh7aH4oLDn5xJk54rTD3yUFBPclvVnpOWkZCx9XzZsssk--7_g5EOSOePTFS9TIVtShgVV_CylUMSypG_aUb9Z2ogYUhJAvzXsqH9Z0xs66lVNMu9UDTJWYot8y9dxmwP0JoIZwxCIHmSCv2Y3VPPUgi6IGuGTrCDklCcs2avL39GH8acdHNVp9HHHn8Qbqmtdrpv_qMeTQq79APrUPT-NETfuyLWWuXlMMXnXExmnNp8fezWLNtYKKQL1dYuuiWoBy9LuE24QDVx_KCqLpqMw69lJDN7ipKQIrSFguVDUu9Eh2h505OfJlCo2EnKveXzFTg2LY6QLnkJDZSKUiaK-Nj8hv2WR0gsotZAKw01KjUAaPlM0jBCDmdVWBpQp0oBVEtce9jMVJYh_AAFGapftfr3_hS72ODccg0fCxEBk-UQ1Psz5B4EB5QPm_vllnmayGXQjCwCfFWilXQc9mfNU4gvMRz2EWFuhnlKMJ3DB2-GRKFUCVMBENmzjcLGwEt33mkWNarzXMj1ZaWQbScVOR_M7-_Jt0gImKdXrysrR_Hf_ErSjbKbUhjVyQb89Yd9IFpQ-ZlEl-AWfFkVIAgJ4_8gvLOE6dfMCdY1wNnlLOEm1xl59bj8Dx8LWi_dv2epN-SFjSXMvT-u1C-21-MPaR4bnvOJwI7pE--4c07p3lBq3Sy6zOjjpKwYka7eLObw23bIZ2_i8pCap3V3ZsAuxrYxXSjRuoNGXthVlM17qArnhZSAeQdZNYOUyQC9peYY_udyNosaZKe-x7WChEE42QStDsnqPNz9yxBDDP13ZFyWTMQkzZzAlKSg1T5IOvuy5adoo2xK30BJwvRbx8p6BZDew7esevUky0Rd9_kmBLMUDgPhzqxPvpBewb_zv6aGIUL9tZARBgjRRsyVP90Iyu4kWK7ZgIG6vn5A1i7xuH1oxL_1pzO69UMBpMDmN5Hbr89kgDm8MnJws4i3uhldmrVweaTvtCQN075OK4dxhGcMRUH9dO55rIBrAg2haNkD-ynXfW0uzj0d_F4HyrqIsVfy3gcXLRIX7qavY13EKBEaG4tMmCoeeAmUzFEnnLhxnGHrHhLcsncHpQMnCc4b-fnxO5ZX8WlfLu3mGyNhOAVVevPqCrqosdbw5Njgt_vaLhe0yzPhS9EVCNgFjvboUnAiJ-bXlAfuVcS0BLpjyQNaymm4ph7vCOhTLrZ9y6eIw_9ZttPFD1RJxafW_zH84HrHL4jK_K9OUpVsaK5wt9lxgHCg2cu&sai=AMfl-YQyvuKEu-CA40HfWj5RRHIjl6oGQv2ZqHOMvFbNY7bxqqL0opKZ7aylY3c7Ra60UJLWhLZFlJtcj6Up9N8Q2JrqLmP_aAqzGcv2EKdWnXS8ieXldyiNgKFpI_bWAAkH_e6ox1chnQSbx-FnpCyywsUSqwqBwX3snTsV-lGEq6TbKLUulnROUwCcJgBchf3UjApjiK3IPanatDeGVNLac_Mx0_pkRH0-0OcbF-nuUTOgsnT1fL7MTRv-loxw6ySiOWFs8r3j-fJC8yd6Hmyrg-FBJuoqwrkggvr1aiMrLktvXNJ-CSyp-SHpj_ci0GL-PbgC6VO0L6kGfSu6oNlqlKFJoXMVb68gJqLRWqr2BoMnkCU2oFrNM7VvCzYWYXvpSE3N268lYb7WXQbDyPs_Xx_welRBc40qcDgOyXg&sig=Cg0ArKJSzAabK5be40ssEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9maXZlcnIuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=128&vt=11&dtpt=127&dett=2&cstd=0&cisv=r20240122.51822&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: goheels.com
URL: https://goheels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 25 Jan 2024 05:48:46 GMT

GET
H2 200 crop
images.sidearmdev.com/ 29 KB
30 KB 10ms
9ms Image
image/webp 18.66.122.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sidearmdev.com/crop?url=https%3A%2F%2Fd141rwalb2fvgk.cloudfront.net%2Fimages%2F2024%2F1%2F21%2FKey_Teonni.lville.299.jpg&width=720&height=405&type=webp

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-103.fra60.r.cloudfront.net

Software

Resource Hash

dd568d1f82716403dbe81012d88bdec6c2b312aa901b924bfd4c211f20c95865

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 23:37:23 GMT
via: 1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: FRA60-P2
age: 22283
x-cache: Hit from cloudfront
content-length: 29980
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 100
x-frame-options: SAMEORIGIN
content-type: image/webp
vary: Origin
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-amz-cf-id: eTLSU56ELrELXFYRk_5tj2ZMeP2vzJTsUWpzGxPbQH1xX_LLDMAmMw==

GET
H2 200 crop
images.sidearmdev.com/ 14 KB
15 KB 10ms
9ms Image
image/webp 18.66.122.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sidearmdev.com/crop?url=https%3A%2F%2Fd141rwalb2fvgk.cloudfront.net%2Fimages%2F2024%2F1%2F21%2FBrantmeier_Reese.ga.20240121WT24.jpg&width=720&height=405&type=webp

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-103.fra60.r.cloudfront.net

Software

Resource Hash

00aa337e1fde97ba7e3daf1853861e8772996260d2981c841de5f73aa7ce8242

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 21:01:03 GMT
via: 1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: FRA60-P2
age: 31663
x-cache: Hit from cloudfront
content-length: 14690
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 100
x-frame-options: SAMEORIGIN
content-type: image/webp
vary: Origin
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-amz-cf-id: V3wVqIa3dJmcg2q1Mt_vOKxng7OxppazOjzkHTjvgOrR46k0iuAnqg==

GET
H2 200 crop
images.sidearmdev.com/ 40 KB
40 KB 11ms
9ms Image
image/webp 18.66.122.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sidearmdev.com/crop?url=https%3A%2F%2Fd141rwalb2fvgk.cloudfront.net%2Fimages%2F2023%2F9%2F9%2Ffootball_helmet.app.95.jpg&width=748&height=499&type=webp

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-103.fra60.r.cloudfront.net

Software

Resource Hash

f7a47084a50538b4887a35323a2fbc3422b69de4f702ad35206849b308c55c32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 22:01:54 GMT
via: 1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: FRA60-P2
age: 28012
x-cache: Hit from cloudfront
content-length: 40748
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 100
x-frame-options: SAMEORIGIN
content-type: image/webp
vary: Origin
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-amz-cf-id: 7q_hTgVMQN00YRugyA6gTXbWl4V7Gg0gcGjnf_glTrljAyBySvkoZA==

GET
H2 200 crop
images.sidearmdev.com/ 23 KB
23 KB 11ms
10ms Image
image/webp 18.66.122.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sidearmdev.com/crop?url=https%3A%2F%2Fd141rwalb2fvgk.cloudfront.net%2Fimages%2F2024%2F1%2F14%2FUstby_Alyssa.uva.6090.jpg&width=720&height=405&type=webp

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-103.fra60.r.cloudfront.net

Software

Resource Hash

50ce774ca57bbab7b2b578870e9fedddeac15ee141f9aefa3d3c01896168476e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 18:30:56 GMT
via: 1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: FRA60-P2
age: 40670
x-cache: Hit from cloudfront
content-length: 23210
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 100
x-frame-options: SAMEORIGIN
content-type: image/webp
vary: Origin
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-amz-cf-id: UlHA9tn7H0Dx4lCEwY8NnbNhGFZf6uBNAAcT4QJQoQRdhH2aE_J_yw==

GET
H2 200 crop
images.sidearmdev.com/ 48 KB
48 KB 11ms
10ms Image
image/webp 18.66.122.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sidearmdev.com/crop?url=https%3A%2F%2Fd141rwalb2fvgk.cloudfront.net%2Fimages%2F2024%2F1%2F23%2FNWGSD_DSC02189.jpg&width=720&height=405&type=webp

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-103.fra60.r.cloudfront.net

Software

Resource Hash

9a54b02e92985bf1cb337e66353b56455704fa934793616be08e6cd1c5815eff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 17:34:09 GMT
via: 1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: FRA60-P2
age: 130477
x-cache: Hit from cloudfront
content-length: 48750
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 100
x-frame-options: SAMEORIGIN
content-type: image/webp
vary: Origin
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-amz-cf-id: F8OxT3zyST42SSuVwOcUvhAGcFZf62tA-NXw2AFzRHXVpJ6vTmfMRQ==

GET
H2 200 crop
images.sidearmdev.com/ 25 KB
25 KB 13ms
12ms Image
image/webp 18.66.122.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sidearmdev.com/crop?url=https%3A%2F%2Fd141rwalb2fvgk.cloudfront.net%2Fimages%2F2024%2F1%2F22%2Fath.37.jpg&width=720&height=405&type=webp

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-103.fra60.r.cloudfront.net

Software

Resource Hash

95a93b7a615ebff57160e391c4de593ade61f029fc3837a579dd149c019bdc1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 17:53:59 GMT
via: 1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: FRA60-P2
age: 129287
x-cache: Hit from cloudfront
content-length: 25352
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 100
x-frame-options: SAMEORIGIN
content-type: image/webp
vary: Origin
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-amz-cf-id: oRCLa7B7jhELw-sVNb-5qDEUfnfPQgJ9iOHL5OdTYw_1jZ6evzWmxw==

GET
H2 200 crop
images.sidearmdev.com/ 19 KB
19 KB 12ms
12ms Image
image/webp 18.66.122.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sidearmdev.com/crop?url=https%3A%2F%2Fd141rwalb2fvgk.cloudfront.net%2Fimages%2F2024%2F1%2F23%2FMartins_Delea.tf.1832.jpg&width=720&height=405&type=webp

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-103.fra60.r.cloudfront.net

Software

Resource Hash

d53cea4605d5a4cb4ef7b3a14e46aff8b35883be25c7acd0bcecb35d4242bedb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 22:10:03 GMT
via: 1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: FRA60-P2
age: 113923
x-cache: Hit from cloudfront
content-length: 18982
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 100
x-frame-options: SAMEORIGIN
content-type: image/webp
vary: Origin
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-amz-cf-id: q6mO0y2kkyqUzqv5O2HA0sRYbAZXNE6gmgQB8nd0rxm-ab0Sxr9Vfw==

GET
H2 200 crop
images.sidearmdev.com/ 51 KB
51 KB 13ms
12ms Image
image/webp 18.66.122.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sidearmdev.com/crop?url=https%3A%2F%2Fd141rwalb2fvgk.cloudfront.net%2Fimages%2F2024%2F1%2F21%2FKelly_Deja.lville.424.jpg&width=720&height=405&type=webp

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-103.fra60.r.cloudfront.net

Software

Resource Hash

19a036fedd1efc1a6ffec324d0afb65a1f98e0723411038f06b0e69084c460cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 18:46:26 GMT
via: 1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: FRA60-P2
age: 126140
x-cache: Hit from cloudfront
content-length: 52008
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 100
x-frame-options: SAMEORIGIN
content-type: image/webp
vary: Origin
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-amz-cf-id: wbT4muutnKn5CFz0NheSfA6incPFqHQ_PHFqklRST96mIAEqccHXcg==

GET
H2 200 crop
images.sidearmdev.com/ 38 KB
38 KB 16ms
16ms Image
image/webp 18.66.122.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.sidearmdev.com/crop?url=https%3A%2F%2Fd141rwalb2fvgk.cloudfront.net%2Fimages%2F2024%2F1%2F15%2FVazquez_Aranza.dive.232.jpg&width=720&height=405&type=webp

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-103.fra60.r.cloudfront.net

Software

Resource Hash

2aff4ebb3e4255e9bc4dd4eb368a7029bdeb91961fbf983b82f031b968ca905e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 18:46:27 GMT
via: 1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: FRA60-P2
age: 126139
x-cache: Hit from cloudfront
content-length: 38700
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 100
x-frame-options: SAMEORIGIN
content-type: image/webp
vary: Origin
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-amz-cf-id: hwYvNDDbUqguCvw6i_SvTXh8SacfUCMadtNab2O91MkMj_ux0aYmEg==

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame D8F3 0
0 42ms
41ms Fetch
image/gif 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsuv3XYrJ4ST22qDFo8gOfuNUFOQVcbmI27-NItnUZPXXOw0nEX_jbqRZVdsQedGPLXznV6YdrGVeXJ-RYoAwsCGmKtQ_zg8jDM2Fn0CbIb_tfOyYt_RlSBGVBUgSfGwAalAgbwfZOm1ypIY9IITqd6wwVbmmzigtrLQxPmGcrOdeWQrRWfDJRunnS4Bfgd3oQkyg1kehqZ83XQHYgT24irqBnwA9sPdUS1pSOzgkvn29HJvzGomF77lhHsAoSyDZxAAw4mzFQ35qTyXbhgpP5UNzZoNBQRFf8r3eG-z-OIStC2qyTnUnKNLkIw6IrksdlddRTVupmybmM2SstCGcqTLhIRsdS0wC6FG6lWwZiljnenJWe0uFaJKU6QfrZf6hnzIGqFeiDA_JYAqhJUit3Y-C875psb3prf_YF_uOG_vm5idcoujMycyEuaw2EPOeXgQyuua36iaBACXn_0yNx32rbqAw99gkYW6DgLjrBsxxUXbSvtlIrgYilVP0Olw60pvV7A_ey3BrqsdolEs-5r4rBkPZQ98LL32J9HrvWgYwNEuyLy9-Q7VJuqb28Wbp0o8YpAEjAKbnjFfwTUsr7-IOx-0rtjb-Q8qPiXsigs0T-zuV-0kOMo1LZ6IHbB0d1xImFfr12tLP84P988cTM74RQ-9x3qRN93Hgj-6sxuyRXZcCI3adNyKZdX7BVxPPn7PCppcrjiqF1GQZ48kDW-xhm_5M-cE1bWnkqqfqn4uWVXoPM2HjmcnbBUw82Je07Kfb4fa3hawa7pY2AuJBycY3-aWVEAP_IeKbDTqnznodmZxRWybyVtBhdQJ76YeMculgSHJjuXcsXWz6l73kdYc7MIUymE6QRkShl_mUzjjX8f0rGeN5FyF1r-ghhDyPDNceNyOB7gvlrmrCL7MvV4VBa3AsP370wJk7RkeE1f6v8Q7Eyh0TR3LXC2BMw_BLCj-q5ac0vE2VKFXUJP9uzldV0pFSFwJvVwFDynJM7Xzgbx8qCSUX5j8CLIyw2h1pgsITTv3-rH9sPLakvlRUmMt3-Lc-xd4KrG89dYQ1PzgrBddPHgEhgJAknen6XY9GtjYHv-wbk93bwzy7NlfKepwR-4i--XoP48FCYAgWjsMWxH9Vk6cgXf1Sg3_pR_4Tu4FluItgqmSl4i1JxICRzIHMbKUSOKe6NxVbfXQzCCCLwjeWphQxLEleeOQR3RXhFPt1_DU4myS3D0FRzNzpUzYrXrDJNW1rK3BFmGeMtphye3Zad79KbaEo25wLoq6SnKT6VoVrq5T6uRstIwVutuLyB4c69ZpMpxc5LPMP7xQNyj5YIFdQL1o6OvfB08ALPv_80C5kIICDx5Sf9QB5d5CuYiPE52-0IZthEz-e3ZZg0OrW8qaKb_zpf0uKA8MlQNdF8vlSs-tzazhBSKYDnA&sai=AMfl-YSBqzU6Ciy8QMvzyPcZwQhKo50ElGyGdkBbmUevIK_QPt63wVvuTApi7ze1P6hqTghRv0TmCHuGQmXp-qyuUVyS6J-XvZE--gOiDDi2I1hqG6D1-wYR1r1SYpa7XvYzibUAhZQ95EYROgCBeHNwnfBcckljaDOZu7bOZ7xoiQGI44SL1kSrc2TiQUK44t6RAW7fGkq_t3UhpksPVkfUcRuCKWejRPYDHnLb2W_ZzwyvR2L8rVG2yig11xZ0t8aKq1tQMQp_C5k5OyOtaRe1jF57ZC3TRrzTrbc69vs1Ks3AbrsOC-Hwbp6oYXluhjE-Yh0AOTuZWjxNNfsNjK3KRUtoJPYyHkE436dGePa2gMUA9dY88PsxyljVMGw1eL0BmxNNLdmTSmorYrs_NM3yv3LdKJ9whQiqeNA1yqU&sig=Cg0ArKJSzDpcAKgLK218EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9pc2NoZ2wuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=40&vt=11&dtpt=39&dett=2&cstd=0&cisv=r20240122.24204&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: goheels.com
URL: https://goheels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame FB10 38 KB
13 KB 7ms
6ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: goheels.com
URL: https://goheels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 115174
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 23 Jan 2024 21:49:12 GMT
expires: Wed, 22 Jan 2025 21:49:12 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame DCB7 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dbf5c2fd2d530fb1443579c5ce45f5fa4ab42457a8f00f7cde25c4ae379f7968

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D8F3 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 19bfc998fae25d8fec41f03c73edc18416215658a004be9145a1b2daddcbbb7e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 6EA2 38 KB
13 KB 6ms
6ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: goheels.com
URL: https://goheels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 115174
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 23 Jan 2024 21:49:12 GMT
expires: Wed, 22 Jan 2025 21:49:12 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js Show response
pagead2.googlesyndication.com/bg/ Frame FB10 50 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5828ff27c35c12c94d0d8b3cdfd77b28606034437c009902d28cf7f5bcb6a907

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 23:30:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22714
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19599
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Jan 2025 23:30:12 GMT

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 6EA2 39 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 23:30:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22718
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Jan 2025 23:30:08 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FB10 0
20 B 40ms
40ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BRXqGPfaxZbCvM8qU7_UPx-6O6AQAAAAAOAHgBAI&bg=!GhmlGVbNAAZVxkGXdcY7ADQBe5WfOG3LVqr4Dc2EZSwnKaVENxWmvt7xvuKl-tpwiUBo-pcNO3Qtm_HKnyoTPkXIzZxjAgAAAElSAAAAAWgBBwoAKu21gkr-Hr_-htzR0vPwOt-YnwbBgY5WcevdZd5sRH020WBDoyigs3ra0ZkDBnQVrcGh3C-PvJZE5Ng5aAT_qbcHFAobVmbH5-DdHUN5zVEZf06i1kzAcTQeS1oEpVeSdObzDEzkRoDfl12mQsbGIvPhN1WMFEt7q92djEzEoxoJ0HyOPctPkkEk1VDTXZ8zaSxnTw1aRSweTdB5s6lXIBCrMpD6Mav3FaOF6gnMEFackYmcE3FcgnI8it4TkqpKPYKas6P6C7sx8g1Sog0p4bJjYUfpi5YXrBdLYBwuGC76_CvWAxau3lQj59AO6iOH3CZulcUgyTL10iTBJakhU0_YabWqzQrofO1hWSDH-CrOk1fcU2_ceGWWSByQEO2-Y-Tv16qFK_2KdLVaiYUfP_8vYE85GXgbCTS4EIlcIP3uEwL7TBo4HVyLHNvyKwvyqWt_yJE9UfUZCVM4tOSnn_NfzENuH05GQ9YXVhOq4B_uxx79oaQzXF9g2WWqnFd8Xi-Dl90rx2QsZGbETqUf4elo9mXNyz9oSdCcbUi7Xukng6KVhyOdMB7-y9w7liZjvqNoPKmR_Vr6SMQPTcWoCYp18XJZE01LW57v6a7lm2LTytF4dGdZeahXa_JhazO9LkfLA8m6GAVDCNv7BdpsRXYsO04STOva44PVQqf7Tv-cneNFaY2rNKuft8ArqItObNBAgt_V-EFM6MFZg--KpKqf3QOR05yWW_6A7ym1OiAkhtSFF79__zhVhP4xmcX0qYE2Eus__xDg04VjKtfuECgT_PCl_dpXlI9zvCviMcLkbV05PbAwNyCfaNI7_nh7saC71PKBZUnA3mhZtrZ9VffJUceLKUT2qjcNPTcnY6316dbb5LxCoezc7EvsIJtejArQh_knOrDggSUvJ60mkX8gVeinj2uYXVMUO8M6wKkBE6g_LypcYDi9CT0kKzjxWmP6oNq10S9eAwvhnbZHnyiCz-tMQCuiKLYFIeX0H69BZDvIn6astHBCgxc5xko_xNKliTAA1XXdrRBPcgz_BXLnoXVnNs_XebAFz0FrDaJ3xOzC4c4Qy-tdWSNEHKHPsyfNjQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 05:48:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6EA2 0
20 B 40ms
40ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BRQaUPfaxZfPPL-uN7_UP9cK_yAcAAAAAOAHgBAI&bg=!19Sl1JvNAAa8BdJLnAU7ADQBe5WfOPvNSET7TiK-QhXVyseGt0T4I40anFs5kgMIncEgLEjgw0xdJG03P4eGK-KPgwASAgAAAEBSAAAAAWgBB5kDDHfVCI11AePKYaO8G9pE-Nja7ShJCc53GPBQuKv80ONsjq0OqzKM4FRmv_C-0rJtdW0PP2O5cASsDwHKWPq7gXztY6oJPY_i2oUCL15zDYmi2bFPbYv0Y0N3QHf5AgOKTqUTcPG35rbXLjqJEzzYGRX7fjzF83aYU9h77Kfm7tv_Eqhlv4NKwyZlLbUvEmtud2nuv8htTXVMErjMHsQ3fCDsQBKDkaK8NawB31zS8jYYezZu9STN1bx8bASN_R2RWCJuILbZ5_zIm0Ifi8wc8_NSa2wXOOq8Ji_e1F1S0YHSzRX1tHsAEiCCaq5x_SU_rg1gxT8nsg6lGcZaAYnYAW5Avk2lFGczbvULILs8wuM1dHyikSHV_hcEvGP2wgBhct1WDeeV-iPpqkEf9t_uxO-of9awXu6dR0IcxYP41lNBmcj6rOBg5rozcjdpg7odU4O-Gzve8oymgYz8XV5m3dDj-SpdT7nu9Buo5R0Uk4WwRhwqfACjldAV4LVI5OmsJZ8e9ipTrqmS9HvT2Zm_CegJJVy6gweQyyM69NjOO9GqjCG9C8BTADRsVpwVYYOBKtAlxkWLyPF2RDBxt4CyvJhvrN7y4eyvPUPKM7z3EFyQ6uv0_b09dWTPacB-8mnr3_r8m_BEjFOWdtv8MdTb2vQIb_6AjXjDI9cnV8SeKk5oWR5JzrnjxoJ-piXdsIea9pw5Sksv76rhzzUK44FCdlqsnJFT0wMZBSaZ2ZeyeIT0h9yeMTgw2g1mwFSbwbEHVZBfM7KEn9yXDzypainZFdnAUziHcw6FPxIpwz5JU_KByI0l5afoB5mIaFSOqi4-EJJvr6oP-obT6ccxZeyEv5iv4qPpZFDCcuoPLB2shHTAjYt_6TSJLWXte5xeGOaev8tDVYsK5Sc0Uddllr8hb8GT3rUkAmLFPa7Y5zIZBOajupoimDS2smKKcz41uqJjuwWJIM-43TZSZn0VySBupTiMtw8qNprV4v3AN4s7Eo1scRsjq5zYWT08tNq23iG7W9GLUqbxMlwKtzvJXw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 05:48:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4284 42 B
64 B 41ms
41ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss4LPXvuo7zcPS1kjckbBu5AcxwOOtnLQmRqXidLsGvTVCSoNanTSKolM-j8qf5mwFLWTh7Y3U9_fpsAscf4Jy-e1_fsgvT4ZqDEyv8fgF2iNxj_g9LnA2WpvnZsAsrdJdqT9LwhjP3ZNvjsKyPC6dn_A&sig=Cg0ArKJSzKlYhrHlMHC9EAE&id=lidar2&mcvt=1000&p=219,1370,269,1520&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240124&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1574668483&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=170616172500&rst=1706161725733&rpt=105&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 05:48:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sidearm-icons-social.svg
goheels.com/ 22 KB
10 KB 125ms
125ms Other
image/svg+xml 18.119.68.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://goheels.com/sidearm-icons-social.svg

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.119.68.163 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-119-68-163.us-east-2.compute.amazonaws.com

Software

Resource Hash

bbb8b9f5fc594127d8fe002c55a30fec474a401c7547fcb64b24052e5deb6474

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:48:48 GMT
strict-transport-security: max-age=15724800
content-encoding: gzip
last-modified: Tue, 16 Jan 2024 18:02:57 GMT
etag: W/"58d4-18d1370d068"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536

GET
H2 200 ad_counter.aspx Show response
goheels.com/services/ 0
337 B 151ms
151ms XHR
text/html 18.119.68.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://goheels.com/services/ad_counter.aspx?ad_id=1156,1157,1158,1159

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.119.68.163 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-119-68-163.us-east-2.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://goheels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
tenant: unc

Response headers

date: Thu, 25 Jan 2024 05:48:48 GMT
strict-transport-security: max-age=0;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-cache-status: HIT
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: private
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,tenant,x-sidearm-auth
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 social.svg
dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/sng_2023/ 20 KB
20 KB 7ms
7ms Image
image/svg+xml 108.138.24.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dxbhsrqyrr690.cloudfront.net/sidearm.nextgen.sites/unc.sidearmsports.com/images/sng_2023/social.svg
Requested by: Host: goheels.com
URL: https://goheels.com/assets/Home-ad2d1e47.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.24.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-24-192.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1f18d6f7a9160dab0295379f09e56d5626507878d9d0d3d90359597d8c1d4162

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goheels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 08:59:32 GMT
via: 1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
last-modified: Tue, 15 Aug 2023 17:56:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 74957
x-amz-meta-cb-modifiedtime: Tue, 15 Aug 2023 17:54:27 GMT
etag: "8e028d9d9bbcad61fcfd7795d07db953"
vary: Origin
x-amz-server-side-encryption: AES256
content-type: image/svg+xml
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 20013
x-amz-cf-id: p0chPMEAu87EHltyNWMMssbz9qcrhWH0b9jA-Sp4E18Px9ZZ_cmiFg==

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 16ms
16ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-Y29PC3P5S9&gtm=45je41m0v882570456&_p=1706161723231&gcs=G111&gcd=11t1t1l1l5&dma_cps=sypham&dma=1&tag_exp=71847096&cid=1970315308.1706161724&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1706161724&sct=1&seg=0&dl=https%3A%2F%2Fgoheels.com%2F&dt=University%20of%20North%20Carolina%20Athletics%20-%20Official%20Athletics%20Website&_s=4&tfd=8694
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/30fbff84-b0e3-4e26-9084-0b5158fdb1ed/airgap.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://goheels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 05:48:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://goheels.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvnfuMH-XUIRHLtCvmM_FzjbphqEzrLlWpF69wat0JppZWUuXOriNNKBVwAp99qlBQROu6mE-SZi9xYnG0qGgsAOvCuxfWQMKWtRsMAGRfe66BjeYngLDZVRpdSXx153qiCHlX5jZ3nDFpal7xgJo948Le9&sai=AMfl-YQ5qYKZYp5JFS0W9URX6il6DQYBvoIQ7-EgJ5NbdsZKwCW1F42rA3D8NZu0GDZtcDxSwmRKugGv5lbTWuszjIfYGw9qJaQPRyC3PtLO4fnnHy9TFZVvUfSlU-HC&sig=Cg0ArKJSzHwowKQo-62nEAE&cid=CAQSPAAvHhf_oSvzRxmzya3M6THlqNUrFYCZMMd0nT_vvOtHuvjNFjJpoYr6WrbwPNE8eUHaKyAwfV_zvE393hgB&id=lidartos&mcvt=1197&p=291,103,541,403&mtos=1197,1197,1197,1197,1197&tos=1197,0,0,0,0&v=20240124&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2274927268&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=b&co=170616172401&rst=1706161724076&rpt=270&isd=0&lsd=0&ec=1&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Verdicts & Comments Add Verdict or Comment

292 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.goheels.com/	1970-01-20 18:06:06	Name: sharedid Value: 5a4e5516-d5af-4d75-b46f-831da2848787
.goheels.com/	1970-01-20 18:06:06	Name: sharedid_cst Value: zix7LPQsHA%3D%3D
goheels.com/	1970-01-20 17:56:05	Name: _lr_retry_request Value: true
goheels.com/	1970-01-20 18:39:13	Name: _lr_env_src_ats Value: false
goheels.com/	1970-01-20 17:57:28	Name: _lr_geo_location Value: DE
.doubleclick.net/	1970-01-21 03:17:37	Name: IDE Value: AHWqTUm0pDtMULd3AEmuBlq8NyVTkwbWXcoJosD8ehVxnvi8CV_n4kRHrb_KUNwfXCI
.goheels.com/	1970-01-21 03:17:37	Name: __gads Value: ID=5d03bff7ffc8bc3c:T=1706161723:RT=1706161723:S=ALNI_Mau4b7S1Al9ARWPWDtGJmrEHs5Pcw
.goheels.com/	1970-01-21 03:17:37	Name: __gpi Value: UID=00000d49680283d7:T=1706161723:RT=1706161723:S=ALNI_MY0TXSFsPHfy0vjS9N9GP9E1YJC-w
.doubleclick.net/	1970-01-20 22:15:13	Name: receive-cookie-deprecation Value: 1
.goheels.com/	1970-01-20 17:57:28	Name: _gid Value: GA1.2.1345073887.1706161726
.goheels.com/	1970-01-20 17:56:01	Name: _gat_UA-180696617-1 Value: 1
.goheels.com/	1970-01-20 17:56:01	Name: _gat_UA-180624321-5 Value: 1
.goheels.com/	1970-01-21 03:32:01	Name: _ga_3GKT4Y4BLP Value: GS1.1.1706161726.1.0.1706161726.60.0.0
.goheels.com/	1970-01-21 03:32:01	Name: _ga Value: GA1.1.1970315308.1706161724
.goheels.com/	1970-01-21 03:32:01	Name: _ga_Y29PC3P5S9 Value: GS1.1.1706161724.1.0.1706161726.58.0.0
.goheels.com/	1970-01-21 03:27:42	Name: ELOQUA Value: GUID=7F01980172C242B5AB9BB8DB99656077

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://goheels.com/(Line 14) Message: <link rel=preload> must have a valid `as` value
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=13773 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://goheels.com/js/prebid-ads.js Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

67146ce7333aac932d331848d88398e9.safeframe.googlesyndication.com
a.ad.gt
aax.amazon-adsystem.com
ad.doubleclick.net
ams-depr-public.s3.amazonaws.com
ams-pageview-public.s3.amazonaws.com
api.rlcdn.com
ats.rlcdn.com
bcp.crwdcntrl.net
c.amazon-adsystem.com
cdn.confiant-integrations.net
cdn.hadronid.net
cdn.id5-sync.com
cdn.transcend.io
config.aps.amazon-adsystem.com
d141rwalb2fvgk.cloudfront.net
dxbhsrqyrr690.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
geo.privacymanager.io
goheels.com
googleads.g.doubleclick.net
htlbid.com
id.hadron.ad.gt
id5-sync.com
images.sidearmdev.com
img.en25.com
lb.eu-1-id5-sync.com
pagead2.googlesyndication.com
prod.tahoe-analytics.publishers.advertising.a2z.com
protected-by.clarium.io
region1.analytics.google.com
s0.2mdn.net
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
t.goheels.com
tags.crwdcntrl.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
pagead2.googlesyndication.com
108.138.24.192
108.138.24.43
108.138.6.136
13.32.27.51
13.32.99.59
142.250.184.198
147.154.54.13
162.19.138.117
162.19.138.118
18.119.68.163
18.245.31.66
18.245.31.9
18.245.47.29
18.66.122.103
2.23.78.67
2001:4860:4802:34::36
23.37.51.81
2600:9000:2250:ca00:2:8531:afc0:93a1
2606:4700:10::6816:3456
2606:4700:10::6816:34ad
2606:4700:10::6816:545
2606:4700:10::ac43:17ea
2606:4700:4400::6812:2b5a
2a00:1450:4001:802::2001
2a00:1450:4001:806::2003
2a00:1450:4001:813::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2004
2a00:1450:4001:830::2002
2a00:1450:4001:830::200e
2a00:1450:4001:831::2003
2a00:1450:4001:831::2006
2a00:1450:400c:c00::9a
3.5.29.82
34.120.133.55
44.233.137.117
52.217.125.65
54.246.229.145
63.32.16.169
65.9.66.68
000e1bf3ba7d2fd1c62c78bab355c6100c90bdb2b6cea8140d1f11f7c95487a1
00aa337e1fde97ba7e3daf1853861e8772996260d2981c841de5f73aa7ce8242
02f5dfc0c21e92f3c724260f035833e627513a1b91230cc490a1ea756c95e5e5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0d2937de169a8b14f8193d04c840c429422d0f6dbe22d04ed914b44c1c661ecc
0e9285565c848a5860309fa95c7ebd839b1bba972bd2ad341e097cb28708cd75
10b13a63930ea4f9c9577c2a5ff193c37a1b01211ea64066fe66d69aa3ed88fb
13da52d79bfea60a55c894edb352805dac9a129013ee658392965220f567cac4
15d481d96ccaa722f5f7b3036367a95e9d70a52d862884cafae5f78ba92b1315
16070eb3c98c0e3c3df709cbb09bd0eb647919d6bbea8277c3cca3d0f3816f4e
16f5140188dc1cb49e950960d3adebe5ca1fd605a6862a94abf751ed8d8a8229
18684dbf1716096c79fb6ab18fed529bb4387c01eb6c4e445b648ed8386d650e
19a036fedd1efc1a6ffec324d0afb65a1f98e0723411038f06b0e69084c460cc
19bfc998fae25d8fec41f03c73edc18416215658a004be9145a1b2daddcbbb7e
1aee1561b2b5cad353c79df63ae0504b3923c6a999228eebb8e888e37478b691
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1befe40b23ba785edb25b3bb76ebc69edd443b1e61a412bbdefb68b4063777f5
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1c5e3bd5182f40a40b6f2b72b40473f3a871cfcdfd8eb2948a0350adc5cf8e20
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1f18d6f7a9160dab0295379f09e56d5626507878d9d0d3d90359597d8c1d4162
1f597bb435c56e101a33d6b0589102c5216b67006df57bc86c42035aac1ff85f
1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
21720e2f91c5c7bf7e33a21866c37cb57396fff99c0778c8fa4df542c63a9876
21e2cc1be6bb33e75287ef99dd7ba094e114326e221a1550b9f9e21de7a1b51c
2241e094e5b94af857260c5e75866c0fe49dc78c63e8f18ffd1fbd61c061b6f6
2305918a800c40736cb993c3a6141f091fcdb2bfceb1235286986cd2d199e002
2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2
25f5efa3c86cb727fb7fba576d382fca21c54adffc0189a81f25bba8ae6a5560
26118e9fb6846a279299fed4247f25e3a3ae921c69f792272ba7f8bbd9086f08
26334c349db9af44eec7d43ca59f7fabc098b8b1a750041db959a366ee1d9950
26c5fbc447e412dc954495805fc5cae468610cf581a33cfae3b8a7f1f6dbd9d5
299363f8bd010b882bc4a4530bc911dfa341bbd28f5b63dd69d9d4cf5b9d89be
2adc62720097d13e065c3164cf9789be6bd4a8fd82e86cd95a4c2e1a82fe6beb
2aff4ebb3e4255e9bc4dd4eb368a7029bdeb91961fbf983b82f031b968ca905e
2c503a65bd474615a3de69259929ab2c3a71cfeeeecb73387844406a0a3f6d37
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8
376fd69516b79397b81bb32aec73d750807098515ba035eaaa1614500e245122
378f2591d4076b199d8c173dd354f9775cc7ed986086db7056bcd6b5d742ca1e
37f74cff2d44658ef8c0c1d779627fcc0f60998cff2c4df9edb6e2965c67e936
3850b192ebac3c91f692946ba196721fec831d7d6f66dd1d7bd83e7a3a22ba46
38ad3ab1ba4d2e118786a6d94e43fdda6e21dd906c3732d9bce6d48b1f509057
398610b925e3f1c7bc6719be70e513c745bf9c976a39d65176532157a83b10ab
39e789f2cc73f811f3a0a9246ea9f45ef2db06993c56ca700c72ef747906ac65
3a98f00d08ba7b3f50f1b25ccbc9ea4e8399a445476ba1c8d89e17ca6f9f6597
3afdd367b45f02a8d2b88343e8d622c44332965cf6004d63831b22eb6219fcd7
3ccb0d213449b1128d0febff39cec802b5b6cf803e097c1356b0a41cd2ece474
3d8c79ebdea546edefa4fb60d5a18dd6214fd12652cfc82f82b2c437b4f0eaa7
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e35744549a6577392c045ed9a66cc577cb47cddc42b4dcf6df932ea58691f5f
3f5aeb5b3fcdc65cd0be6b7c92c90c3463099d05f9560e059a3d0681fa363529
3f7aca346efd8183a690b3af905aadbe8a8d8fe064a7b949cd3f5b3c1360b4e5
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4ca28568b27f36e9e2c60aa394d02a96d4388aa4297afce264c8184f0751c7f9
4f189adefe2d93c9e2a696025a78cb29e4dc4da578617387cc263233401be773
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
50ce774ca57bbab7b2b578870e9fedddeac15ee141f9aefa3d3c01896168476e
53516d40a458c72846fc1c1cd2bb73bac2977bdb5b46b78cffcce3585fa10005
536caf4721626844221cf8800eed2ab1e907a3334b83aeb5bcaa2a00ffda1a0e
53b0b0b467481bcb3cb843f707c990e158aaf4c07f0b88018b109133cfb6ec46
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56323dab17575f653889b430af9022d72ba38a3994c02de96f0031ebf61f0a14
5828ff27c35c12c94d0d8b3cdfd77b28606034437c009902d28cf7f5bcb6a907
5908e50548d392c2fc3a5a2800a1f1fb9449dea3ac5dfdce30d516fa3a9a4b5a
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5dd0b5724f4bbac4bd58de274236fce36135ce302364b3b8ff5c4c3631e81139
5f0589fba9575ad30b009e42b87a962b4e9f8ae9bfa9d88b38ed6d945e3f95b8
6039c0e8da2c0af4d0ddac49d03558864cbc9ba84fc3b20eee6b331eee12a2e0
60d5a0a66007f36ff4bb86267d49e6865f664822367a73770b39551e5cd04803
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6345670ae2e15b60b94e5fe1e0000f40cec730434566acabaf5bb586c89cc8e6
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
64bb56a1318223b54a9665804bcafac13b9c3119a154097bac737edf06814cb3
655d70a2e61a0b944bf95f7e15ff5574b5b2f62ca09a65efa25b398aabb4821f
6838b8d3c9fcd51d0b3bc7d0154c382df782c7ac68d0cd7e642de17a8806bb2d
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
6cd9fd2c2b5dff8c51c5dd9f4060a60f5904997c322f790578186bada5627df0
6fa4095867a7f2f36b7ed5b7dbdf8fa26642bf56372f1420bb014e95e11d5949
70ba56e45f4c152892a71ab1f8b7be6b9b209656ceb88bdd75b0371fa8f36813
7300c6887a83738ac31c0dfd6df292b2f14c552ef7379cdd8eaf3a01c1d2976d
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
754c004f98154ac7f3358598233ed72931fe6a7529192e5c5ef7b415a8a44a55
769825b307079c4f2a7b2702418d6f970fcdeb476229601428b8567264fec23d
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59
7798cd5dcf1c85123ff84a7aef53cf84db9e00c54500a567a5131921eda1eb26
783d728b3b12b0e567a3fe176f6611ed0f0fa784e0012e5d649b8e8a19598cfb
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
78cb9c9d88a526a6e5952f06a7718c53359a0f8bc1bdc1de2940d4662a344c8d
795c798eb2867fd8f930bf0000d1cdb42b3b6f7478145dc0bf4423f9ce05cffd
7be64fb4ca2a84a43c85eb4c8d414027b24259ca4fdc2abf1e03cac18e2ec589
7c974496bada53ca3d4cf94b10be9c8e5ebc81df8d2f885eda1bdf77db838899
808cf2f35a92b5b2b00865a88a0baf26e093a9150227109ebc16f693dbb94621
80cd1ce5e4cbd996022f7d4b29b93a0c15477468c63f8ffeb4a17e12a00f8c4c
82dc955429a3a9cc249280f8b3892ee3b01e0d5f5067c3fe4b9f3e1126531492
832541a7cac9717c3dea0d1504f3fc958ae3b4f1e80e0b0fd2d408e3d7639698
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87b9249d882d73c9e62dd99cac341519a35cbb1b4395547427f0a1bbb2444797
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8e7198036fd4d8ad94f64c7fefd2d3178b00c2bd93b165640bfe271a1a79e184
8e741985501bcd867706c40668d44b5100be12880a23dc6275888aa92d335211
90ffa440ba4b53877c1531667d26b31f5d30481400f45cba900caea2a60dd243
91088a015cd36dabb6639d0b6d08fadc57be7f1b85011f5f882d4e7a8611df31
95a93b7a615ebff57160e391c4de593ade61f029fc3837a579dd149c019bdc1b
95ba8504cf87f0dc87f082300057b35c96c1c10054221c7955f9feed24f40f05
9604588db7fd07d44bb9512b7aaa95a4ccfc0126ae0d789387adc23b6ee4020f
97a80e42aec4074a8e8f6f1a224618e006b89d9b8b2ec8ced34d8e43fbb78dfb
9a4aa63abb59bdec7bc4ddfdba7d97b1ec9ef88fe5ac894e8871927a118e55ac
9a54b02e92985bf1cb337e66353b56455704fa934793616be08e6cd1c5815eff
9b63260cbcdf230ed573848c73e482fda5c05f8b8327a2b1fac8862a776b48c9
a155388591e9c5456b1724d2ece6592b3ca6ea3d5524bfa1f2c1f01edcfe7623
a2aa2577c105dab138246b4e0a1f575b3c92c30d5aced108d3f73897bd46823f
a327f39e40209aee900ef0744926566b04efefa5c01632857a178aa0366130bd
a32e59f21f5d8f5980210586d7d5c99f2daf35be822dfe37cfd3f3b69ef08a7f
a3b898bf4abbc4bb1aa4de1154b5c1d2484d909f60052a195c894f7dfbdf0e6c
a45c4c421915de7c8f195e44addf1e3caa9de522c9b7fc2efe9d7ee582a3c376
a45e550d3f37b810ed85f6d8524a9a5a96e46cafbd62f0f000287d11c215ed30
a5881b896852164959f995bc8d783ef7221b3dbe285df406161354f2e7a214e6
a6f3442fdbc8dab3bcb37167ceaf7d311b2b4b2aaafc163518812005efe67d07
a8c7afee2e97db8be5e6c8f1cd4901b665fbc17171c649fec47861ca0b5d58c9
abf5d3424408d60f2a3ac56719d7fd820ab4d0292ce8f311ab9e29b69c158334
ac57960745679a12a644260885867e06cd3d28f0051e4494f138ba961b86a4b1
ac8ec8e55ae34fff05c016937f29bb8a46f1daaa199098a7466d3c4e45863b0c
ace4ed400d26a0697f7412924a7472123e326e66eb08b1b340a92931d63629d4
ad2d1e4762e5f376ef80755fe49d1673b9ca82e4a78b2081bf30cbee814acdc6
ad9be77bea2700a647294d68087ad74bab427dd723526a0345985b150c8f8b7f
ae2600337c11762e90e9ca5c1aba65f28d628112a987e7fd4cc6a7553e63dbf5
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b24d09378d1a41112a05ecbb4d5a6e065db1614d54bed17633dea72c2c73950c
b2d08053e4a0bdce655ea4aea231df84a4fca7f6bc44c188a6bfa338012ffef1
b5664b7fd8f0be326a4ff5c91e3c23e189c198af51caa070dc93a749f0fc209b
b75da130700a81088f31bf0322e5738ddace83fd6c37cf3738af9e1eb43812dc
b7bf4f406f5a9bf165c21dfebea2257eab80882e23e887a24756956daac44373
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bbb8b9f5fc594127d8fe002c55a30fec474a401c7547fcb64b24052e5deb6474
bbfa8686291c557b01d6bb51a30370f3e213c68968498457c1c448e773c6a933
bc55125206dde9aa6d9b60ba54d8cadd6187eb12840c12ecadd8243fe5be75cb
bf6934abae6580154ec8357269f87a9dafb047407f7b8ad6c9e511b2cb4ae15f
c29a000d030e080bc66b95a3311c17e8ef23382bf8427daf9f7cfdadfd923a5e
c445f08766d9ad73e73e540b2f74cdeaf3837da1933db1433d33944c670678c4
c4b1101eab6487d75d0ce1b1ec78628ed586edc7065a32adc0b0a51554600a00
c57e962e6657bb1137ac70519ab3e4f36eb96b9888f876fd8f96707e0c1ee3af
cb55f4393be5eedcac5b8c55378cb2f2ec821b8811e73c49156e1a99e4733294
cb9f1be84145af4e22503705cf3821b426a0b4cb833c3a41c8dadb2e681592f9
ccbcbee8ec8b08de3054feb1b45d202ea5d17f5cd5cf9844f78c842c73f8e733
ce8c9ccdc473d7b04bbbb69f3ddf561c234278ca3984d0de4ac1596cad0c0203
d10c8ef98e5eab49585e8bc3707663375d0f8453b598d6f8ab63d093ff0b8132
d351ad9e0491a3bb72ba3995d0dfe67f6af54bbf7d97e18f43ff203ffc5efe1f
d4a162492eca0a9563167750e059e166fede6966f1a64a8e9d1ab9f9e3545711
d53cea4605d5a4cb4ef7b3a14e46aff8b35883be25c7acd0bcecb35d4242bedb
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d6f6c1dedd964b7bf8865c988e2daabc54e99b5b376f51efc37fa8fd6ac0328c
dac605bdaa0279febb4e4a9df2ba16289b31409b9d39c221735e17412cefd3c3
dbf5c2fd2d530fb1443579c5ce45f5fa4ab42457a8f00f7cde25c4ae379f7968
dd568d1f82716403dbe81012d88bdec6c2b312aa901b924bfd4c211f20c95865
ddcb17946e1cf33e88cc46cdaaa8fcfdf82a03cbeb867cc94bf3b562d8fd35b6
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dede50166779e3449c746479645df8fda29b6a3ce126d071265db4d8c0c083a0
e0b464d91fcd1e4748cdd7c9aad2a3e13732c24357e82d15114593a3f4612e0a
e194515c6e97847497ad64f11aaf0df0faefe004814a4d9a740d849023cc68ed
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250
e39ced543e4d68d8501e978ff8fd46dc03dced3944e5ec24194b3f08a52ccb3f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e572ba9a4d65eb04eca8f7fb3aff1033dc98379dbee8a11b36be0b25f7c3bb7b
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e8a08f092d451e222bc83e53a54bcfc3f09630b2694a11068bf6c7826ce297b6
ea741faa0039e713f7a8bfb5f8be5f871db81baf7dbe63e5776f221eacce41f5
eb05ab9444118abaa6b2b93767511d8275ef87a41c509860978dc19aece4b91e
eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ecc5ab56e479db69f2ba8ab0dc41ff684f908ae31b2c42f627e6832d9d261371
ece25bdb66e5d2846cf2a445514299d182ba4fe16db253160f33133d932b9739
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
f187dc8de7fe50f1f8825c3500b64080cc78ac39df7efd31a4b1bc562be9ca3d
f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab
f1fe6f6f4ed966740c864a15a49b25c685de11f6f0abf57ae88b088dfa5710f8
f23accbab6f9de0a2e01025f05fc3f1343518da8e83d2b844d6430dace54b2f2
f7a47084a50538b4887a35323a2fbc3422b69de4f702ad35206849b308c55c32
f8517dc4ecdbfc27a5b5b1608220bba2b1b3716afdbd652f7cc449dedd535246
fa24a9c3d60e385befb8a15808b7064c8dfbea342abf4fc8d63a14f18d30c024
fac269511c17b0f4631c3a1ee5bf5febf572f4316c2918e05beca7b1c225d31c
fdbe6370e0acd557ed6dfc1e8c435859be32d380776ec35081b7e923060954b1

goheels.com Open in urlscan Pro 18.119.68.163 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

300 Requests

94 %HTTPS

48 %IPv6

29 Domains

45 Subdomains

44 IPs

4 Countries

32139 kBTransfer

39866 kBSize

16 Cookies

106 Outgoing links

Page URL History

Redirected requests

300 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

goheels.com Open in urlscan Pro
18.119.68.163 Public Scan

Screenshot
Live screenshot

Full Image

300
Requests

94 %
HTTPS

48 %
IPv6

29
Domains

45
Subdomains

44
IPs

4
Countries

32139 kB
Transfer

39866 kB
Size

16
Cookies

300 HTTP transactions
7 data transactions