urlscan.io logo urlscan.io
SecurityTrails logo

d2hehf2dmadudj.cloudfront.net Open in urlscan Pro
2600:9000:2057:d000:19:5e3:41c0:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://d2hehf2dmadudj.cloudfront.net/ar/leagues23/?utm_source=Twitter&utm_medium=Websitecardstatic&utm_campaign=Leagues23&prm=true&so...
Effective URL: https://d2hehf2dmadudj.cloudfront.net/ar/leagues23/?utm_source=Twitter&utm_medium=Websitecardstatic&utm_campaign=Leagues23&prm=true&so...
Submission: On October 20 via api from SA — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 3 countries across 13 domains to perform 37 HTTP transactions. The main IP is 2600:9000:2057:d000:19:5e3:41c0:93a1, located in United States and belongs to AMAZON-02, US. The main domain is d2hehf2dmadudj.cloudfront.net.
TLS certificate: Issued by Amazon RSA 2048 M01 on December 8th 2022. Valid for: a year.
This is the only time d2hehf2dmadudj.cloudfront.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2600:9000:2057:ce00:19:5e3:41c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
d2hehf2dmadudj.cloudfront.net
5    2600:9000:2057:d000:19:5e3:41c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
d2hehf2dmadudj.cloudfront.net
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
4    2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
storagebeincom.azurefd.net
1    2620:1ec:bdf::63 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
assets.bein.com
2    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)
script.crazyegg.com
3    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
3    2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
4    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
6 cloudfront.net
d2hehf2dmadudj.cloudfront.net
126 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 116
278 B
4 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2714
www.google.com — Cisco Umbrella Rank: 2
753 B
4 crazyegg.com
script.crazyegg.com — Cisco Umbrella Rank: 2609
35 KB
4 azurefd.net
storagebeincom.azurefd.net
2 MB
3 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 98
475 B
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 187
125 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
21 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 6147
515 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56
193 KB
1 bein.com
assets.bein.com — Cisco Umbrella Rank: 714141
39 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 925
30 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 250
4 KB
37 13
Domain Requested by
6 d2hehf2dmadudj.cloudfront.net 1 redirects d2hehf2dmadudj.cloudfront.net
4 www.facebook.com d2hehf2dmadudj.cloudfront.net
4 script.crazyegg.com www.googletagmanager.com
script.crazyegg.com
4 storagebeincom.azurefd.net d2hehf2dmadudj.cloudfront.net
3 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
3 region1.analytics.google.com www.googletagmanager.com
3 connect.facebook.net d2hehf2dmadudj.cloudfront.net
connect.facebook.net
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.google.de d2hehf2dmadudj.cloudfront.net
2 www.googletagmanager.com d2hehf2dmadudj.cloudfront.net
www.googletagmanager.com
1 www.google.com d2hehf2dmadudj.cloudfront.net
1 assets.bein.com d2hehf2dmadudj.cloudfront.net
1 code.jquery.com d2hehf2dmadudj.cloudfront.net
1 cdnjs.cloudflare.com d2hehf2dmadudj.cloudfront.net
37 14

This site contains links to these domains. Also see Links.

Domain
www.bein.com
Subject Issuer Validity Valid
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.azurefd.net
Microsoft Azure TLS Issuing CA 06		 2023-08-22 -
2024-06-27		 10 months crt.sh
*.bein.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-25 -
2024-01-14		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-07-29 -
2023-10-27		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://d2hehf2dmadudj.cloudfront.net/ar/leagues23/?utm_source=Twitter&utm_medium=Websitecardstatic&utm_campaign=Leagues23&prm=true&source=35&twclid=2-30gg7vr0g8dw3sn21xq75uwjz
Frame ID: 6498A0A684AD0DC57C44C5D84CFC4EE2
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://d2hehf2dmadudj.cloudfront.net/ar/leagues23/?utm_source=Twitter&utm_medium=Websitecardstatic&utm_campaign=L... HTTP 301
    https://d2hehf2dmadudj.cloudfront.net/ar/leagues23/?utm_source=Twitter&utm_medium=Websitecardstatic&utm_campaign=L... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • script\.crazyegg\.com/pages/scripts/\d+/\d+\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

37
Requests

100 %
HTTPS

100 %
IPv6

13
Domains

14
Subdomains

14
IPs

3
Countries

2575 kB
Transfer

3630 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://d2hehf2dmadudj.cloudfront.net/ar/leagues23/?utm_source=Twitter&utm_medium=Websitecardstatic&utm_campaign=Leagues23&prm=true&source=35&twclid=2-30gg7vr0g8dw3sn21xq75uwjz HTTP 301
    https://d2hehf2dmadudj.cloudfront.net/ar/leagues23/?utm_source=Twitter&utm_medium=Websitecardstatic&utm_campaign=Leagues23&prm=true&source=35&twclid=2-30gg7vr0g8dw3sn21xq75uwjz Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
d2hehf2dmadudj.cloudfront.net/ar/leagues23/
Redirect Chain
  • http://d2hehf2dmadudj.cloudfront.net/ar/leagues23/?utm_source=Twitter&utm_medium=Websitecardstatic&utm_campaign=Leagues23&prm=true&source=35&twclid=2-30gg7vr0g8dw3sn21xq75uwjz
  • https://d2hehf2dmadudj.cloudfront.net/ar/leagues23/?utm_source=Twitter&utm_medium=Websitecardstatic&utm_campaign=Leagues23&prm=true&source=35&twclid=2-30gg7vr0g8dw3sn21xq75uwjz
32 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d2hehf2dmadudj.cloudfront.net/ar/leagues23/?utm_source=Twitter&utm_medium=Websitecardstatic&utm_campaign=Leagues23&prm=true&source=35&twclid=2-30gg7vr0g8dw3sn21xq75uwjz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:d000:19:5e3:41c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
b8bb6a2580c3b101891c5be5a30527dde76826a3179d9ef8335e2aa3b326f42d
Security Headers
Name Value
Strict-Transport-Security max-age=631138519, max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
age
366602
cache-control
public
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 16 Oct 2023 08:25:30 GMT
expires
Mon, 16 Oct 2023 08:26:40 GMT
link
<https://www.bein.com/ar/wp-json/>; rel="https://api.w.org/" <https://www.bein.com/ar/wp-json/wp/v2/pages/86591>; rel="alternate"; type="application/json" <https://www.bein.com/ar/?p=86591>; rel=shortlink
strict-transport-security
max-age=631138519, max-age=15768000
vary
Accept-Encoding
via
1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
x-amz-cf-id
2rqFvMzKTjguu9Dl8gv1g9zFasbK60TPqjEn1D4DUzyQMShI-HVUew==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-cache-hits
6
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block

Redirect headers

Connection
keep-alive
Content-Length
167
Content-Type
text/html
Date
Fri, 20 Oct 2023 14:11:43 GMT
Location
https://d2hehf2dmadudj.cloudfront.net/ar/leagues23/?utm_source=Twitter&utm_medium=Websitecardstatic&utm_campaign=Leagues23&prm=true&source=35&twclid=2-30gg7vr0g8dw3sn21xq75uwjz
Server
CloudFront
Via
1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
X-Amz-Cf-Id
4hqMngVCJXlDgt_ieWK7HPK6SQiXqmYIVgLKrY8DjfK8l9SmT7ATTA==
X-Amz-Cf-Pop
FRA6-C1
X-Cache
Redirect from cloudfront
bootstrap.min.css
d2hehf2dmadudj.cloudfront.net/en/wp-content/themes/getbein/css/ 		114 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2hehf2dmadudj.cloudfront.net/en/wp-content/themes/getbein/css/bootstrap.min.css
Requested by
Host: d2hehf2dmadudj.cloudfront.net
URL: https://d2hehf2dmadudj.cloudfront.net/ar/leagues23/?utm_source=Twitter&utm_medium=Websitecardstatic&utm_campaign=Leagues23&prm=true&source=35&twclid=2-30gg7vr0g8dw3sn21xq75uwjz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:d000:19:5e3:41c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8b6b862c423f3f2286ca9d5bd4c021433eb766fc04c14ca8b79a8b5e4f4eb255
Security Headers
Name Value
Strict-Transport-Security max-age=631138519, max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2hehf2dmadudj.cloudfront.net/ar/leagues23/?utm_source=Twitter&utm_medium=Websitecardstatic&utm_campaign=Leagues23&prm=true&source=35&twclid=2-30gg7vr0g8dw3sn21xq75uwjz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-cache-hits
18
date
Fri, 20 Oct 2023 14:11:43 GMT
strict-transport-security
max-age=631138519, max-age=15768000
x-content-type-options
nosniff
content-encoding
gzip
x-permitted-cross-domain-policies
none
via
1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
26
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
last-modified
Wed, 04 Oct 2023 05:24:52 GMT
etag
W/"1c9a2-606dd3a1738f1"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
public
x-amz-cf-id
q2W3vsI0KqPwXFbYtYkiatYC3tdPXUacJ3Av7iDQasjS0fph476XMQ==
expires
Fri, 20 Oct 2023 14:16:16 GMT
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/3.2.1/css/ 		22 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/3.2.1/css/font-awesome.min.css
Requested by
Host: d2hehf2dmadudj.cloudfront.net
URL: https://d2hehf2dmadudj.cloudfront.net/ar/leagues23/?utm_source=Twitter&utm_medium=Websitecardstatic&utm_campaign=Leagues23&prm=true&source=35&twclid=2-30gg7vr0g8dw3sn21xq75uwjz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
326b994ec59c7334f52211fbd5aa909a36b98d1717cb798bfcd3af8d4cbdb6ca
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2hehf2dmadudj.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 14:11:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
11473502
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3555
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-5644"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ACOk8e8RB5QUIEsI0DDPXyLHJ%2FfbD69gukX6qUDVcwUVnVBYFibw%2BSKG0AiOlJGnP7AZO7PzFGJQenS5qpZgU%2FJlumgv5LUqNMK%2BUEpNlvw0Coz%2B7YksJAnNPRxOBcgaJGm3qXZ6%2FvqS4E62cc0kFH8s"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8191da032c659b70-FRA
expires
Wed, 09 Oct 2024 14:11:43 GMT
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: d2hehf2dmadudj.cloudfront.net
URL: https://d2hehf2dmadudj.cloudfront.net/ar/leagues23/?utm_source=Twitter&utm_medium=Websitecardstatic&utm_campaign=Leagues23&prm=true&source=35&twclid=2-30gg7vr0g8dw3sn21xq75uwjz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2hehf2dmadudj.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 14:11:43 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
2573003
x-cache
HIT, HIT
content-length
30875
x-served-by
cache-lga21931-LGA, cache-fra-eddf8230029-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1697811103.215245,VS0,VE0
etag
W/"28feccc0-15d9d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
11, 1388637
bootstrap.min.js
d2hehf2dmadudj.cloudfront.net/ar/wp-content/themes/getbein/js/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2hehf2dmadudj.cloudfront.net/ar/wp-content/themes/getbein/js/bootstrap.min.js
Requested by
Host: d2hehf2dmadudj.cloudfront.net
URL: https://d2hehf2dmadudj.cloudfront.net/ar/leagues23/?utm_source=Twitter&utm_medium=Websitecardstatic&utm_campaign=Leagues23&prm=true&source=35&twclid=2-30gg7vr0g8dw3sn21xq75uwjz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:d000:19:5e3:41c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
9a61a325508cd509f23cd31043b878957281f0a3603d8e7d40758c4a7c489d5a
Security Headers
Name Value
Strict-Transport-Security max-age=631138519, max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2hehf2dmadudj.cloudfront.net/ar/leagues23/?utm_source=Twitter&utm_medium=Websitecardstatic&utm_campaign=Leagues23&prm=true&source=35&twclid=2-30gg7vr0g8dw3sn21xq75uwjz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-cache-hits
119
date
Fri, 20 Oct 2023 14:11:43 GMT
strict-transport-security
max-age=631138519, max-age=15768000
x-content-type-options
nosniff
content-encoding
gzip
x-permitted-cross-domain-policies
none
via
1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
200
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
last-modified
Wed, 04 Oct 2023 05:24:53 GMT
etag
W/"8a82-606dd3a26b1ef"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public
x-amz-cf-id
p3sdhO5JGCCEIc554i-VigQEf5-qqmtfqTUHgwA7wSzWI2dZO7D96g==
expires
Fri, 20 Oct 2023 14:13:22 GMT
beinlogo.png
storagebeincom.azurefd.net/mena/sites/3/2015/06/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storagebeincom.azurefd.net/mena/sites/3/2015/06/beinlogo.png
Requested by
Host: d2hehf2dmadudj.cloudfront.net
URL: https://d2hehf2dmadudj.cloudfront.net/ar/leagues23/?utm_source=Twitter&utm_medium=Websitecardstatic&utm_campaign=Leagues23&prm=true&source=35&twclid=2-30gg7vr0g8dw3sn21xq75uwjz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5cb3e20564e71dd4ecc536f6124342e402ab4d5d5bade6dd1755aeae798a5657

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2hehf2dmadudj.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
AppendBlob
date
Fri, 20 Oct 2023 14:11:43 GMT
last-modified
Tue, 16 May 2023 08:01:41 GMT
x-ms-blob-committed-block-count
1
etag
0x8DB55E3C8AAADC9
vary
Origin
x-azure-ref
20231020T141143Z-huerqu821518rc1e9b5wpfmnsn00000000n000000000q117
content-type
image/png
x-ms-request-id
6a6d8529-601e-0048-2ac4-010371000000
cache-control
public, max-age=604800
x-cache
TCP_HIT
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
3230
comp-clear-2023-10.jpg
assets.bein.com/mena/sites/3/2015/06/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.bein.com/mena/sites/3/2015/06/comp-clear-2023-10.jpg
Requested by
Host: d2hehf2dmadudj.cloudfront.net
URL: https://d2hehf2dmadudj.cloudfront.net/ar/leagues23/?utm_source=Twitter&utm_medium=Websitecardstatic&utm_campaign=Leagues23&prm=true&source=35&twclid=2-30gg7vr0g8dw3sn21xq75uwjz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::63 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9fc7e1cf6e498eaca7e1cdea1fe28c92328b6333337aa51ec1c075d91c624ea0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2hehf2dmadudj.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
AppendBlob
date
Fri, 20 Oct 2023 14:11:43 GMT
last-modified
Mon, 16 Oct 2023 08:10:19 GMT
x-ms-blob-committed-block-count
1
etag
0x8DBCE1F56BEC8F2
vary
Origin
x-azure-ref
20231020T141143Z-bn9quxg0np5f9e8ct4c44dvy8w00000003k000000002eqx6
content-type
image/jpeg
x-ms-request-id
2446dc6e-c01e-006e-200b-00684e000000
cache-control
public, max-age=604800
x-cache
TCP_HIT
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
39343
smart-card-resized.png
storagebeincom.azurefd.net/mena/sites/3/2015/06/ 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storagebeincom.azurefd.net/mena/sites/3/2015/06/smart-card-resized.png
Requested by
Host: d2hehf2dmadudj.cloudfront.net
URL: https://d2hehf2dmadudj.cloudfront.net/ar/leagues23/?utm_source=Twitter&utm_medium=Websitecardstatic&utm_campaign=Leagues23&prm=true&source=35&twclid=2-30gg7vr0g8dw3sn21xq75uwjz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
75d04aaf4ba1dde16a2b9e2f31a145143baf4c8e16d543f72553f9cf0f592a88

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2hehf2dmadudj.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
AppendBlob
date
Fri, 20 Oct 2023 14:11:43 GMT
last-modified
Thu, 10 Feb 2022 06:10:22 GMT
x-ms-blob-committed-block-count
1
etag
0x8D9EC5C05A456A9
vary
Origin
x-azure-ref
20231020T141143Z-huerqu821518rc1e9b5wpfmnsn00000000n000000000q118
content-type
image/png
x-ms-request-id
a122e68d-401e-004a-0e40-025575000000
cache-control
public, max-age=604800
x-cache
TCP_HIT
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
77674
Group-1939.png
storagebeincom.azurefd.net/mena/sites/3/2015/06/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storagebeincom.azurefd.net/mena/sites/3/2015/06/Group-1939.png
Requested by
Host: d2hehf2dmadudj.cloudfront.net
URL: https://d2hehf2dmadudj.cloudfront.net/ar/leagues23/?utm_source=Twitter&utm_medium=Websitecardstatic&utm_campaign=Leagues23&prm=true&source=35&twclid=2-30gg7vr0g8dw3sn21xq75uwjz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dd5fdf05554c8b31775054d0e5db6c63326042cbb1ad54b60007a5066625a496

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2hehf2dmadudj.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
AppendBlob
date
Fri, 20 Oct 2023 14:11:43 GMT
last-modified
Mon, 12 Jun 2023 09:24:10 GMT
x-ms-blob-committed-block-count
1
etag
0x8DB6B26C759B74D
vary
Origin
x-azure-ref
20231020T141143Z-huerqu821518rc1e9b5wpfmnsn00000000n000000000q119
content-type
image/png
x-ms-request-id
051f9f23-101e-0047-4966-ff8a6e000000
cache-control
public, max-age=604800
x-cache
TCP_HIT
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
45517
gtm.js
www.googletagmanager.com/ 		299 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WSKPNP6
Requested by
Host: d2hehf2dmadudj.cloudfront.net
URL: https://d2hehf2dmadudj.cloudfront.net/ar/leagues23/?utm_source=Twitter&utm_medium=Websitecardstatic&utm_campaign=Leagues23&prm=true&source=35&twclid=2-30gg7vr0g8dw3sn21xq75uwjz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
05c4160b47e84f749ab009bf8f386475feaf675150fe3fc9585a5b3f6e04739c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2hehf2dmadudj.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 14:11:43 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
101560
x-xss-protection
0
last-modified
Fri, 20 Oct 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 20 Oct 2023 14:11:43 GMT
bts-2023-desktop-gradient-3.png
storagebeincom.azurefd.net/mena/sites/3/2015/06/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storagebeincom.azurefd.net/mena/sites/3/2015/06/bts-2023-desktop-gradient-3.png
Requested by
Host: d2hehf2dmadudj.cloudfront.net
URL: https://d2hehf2dmadudj.cloudfront.net/ar/leagues23/?utm_source=Twitter&utm_medium=Websitecardstatic&utm_campaign=Leagues23&prm=true&source=35&twclid=2-30gg7vr0g8dw3sn21xq75uwjz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0447476d8ee97ea945ec27a81ad45b66457ee9d1a8df9b789daee1d6b19668e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2hehf2dmadudj.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
AppendBlob
date
Fri, 20 Oct 2023 14:11:43 GMT
last-modified
Sun, 30 Jul 2023 09:52:31 GMT
x-ms-blob-committed-block-count
1
etag
0x8DB90E2B11176F1
vary
Origin
x-azure-ref
20231020T141143Z-huerqu821518rc1e9b5wpfmnsn00000000n000000000q11d
content-type
image/png
x-ms-request-id
b51a424b-b01e-0009-25ad-02fb62000000
cache-control
public, max-age=604800
x-cache
TCP_REMOTE_HIT
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
1917892
bein_arabic_normal-webfont.woff
d2hehf2dmadudj.cloudfront.net/en/wp-content/themes/getbein/fonts/typo/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d2hehf2dmadudj.cloudfront.net/en/wp-content/themes/getbein/fonts/typo/bein_arabic_normal-webfont.woff
Requested by
Host: d2hehf2dmadudj.cloudfront.net
URL: https://d2hehf2dmadudj.cloudfront.net/ar/leagues23/?utm_source=Twitter&utm_medium=Websitecardstatic&utm_campaign=Leagues23&prm=true&source=35&twclid=2-30gg7vr0g8dw3sn21xq75uwjz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:d000:19:5e3:41c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e8b013fe11b8d7ea72519aefa9d4d5e0d2e6bba59daacee9a69b6f9e2cd75505
Security Headers
Name Value
Strict-Transport-Security max-age=631138519, max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://d2hehf2dmadudj.cloudfront.net/ar/leagues23/?utm_source=Twitter&utm_medium=Websitecardstatic&utm_campaign=Leagues23&prm=true&source=35&twclid=2-30gg7vr0g8dw3sn21xq75uwjz
Origin
https://d2hehf2dmadudj.cloudfront.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-cache-hits
45
date
Fri, 20 Oct 2023 14:11:43 GMT
strict-transport-security
max-age=631138519, max-age=15768000
x-content-type-options
nosniff
via
1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
none
x-amz-cf-pop
FRA6-C1
age
197
x-cache
Miss from cloudfront
content-length
44768
x-xss-protection
1; mode=block
last-modified
Wed, 04 Oct 2023 05:24:52 GMT
etag
"aee0-606dd3a1905e3"
x-frame-options
SAMEORIGIN
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public
accept-ranges
bytes
x-amz-cf-id
YHi1SvaDROkCCCnnBIvNOdUj2BYYWQ8CqmlbSzhIyAx3EFl8SYjG4w==
expires
Fri, 20 Oct 2023 14:13:26 GMT
bein_arabic_black-webfont.woff
d2hehf2dmadudj.cloudfront.net/ar/wp-content/themes/getbein/fonts/typo/ 		43 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d2hehf2dmadudj.cloudfront.net/ar/wp-content/themes/getbein/fonts/typo/bein_arabic_black-webfont.woff
Requested by
Host: d2hehf2dmadudj.cloudfront.net
URL: https://d2hehf2dmadudj.cloudfront.net/ar/leagues23/?utm_source=Twitter&utm_medium=Websitecardstatic&utm_campaign=Leagues23&prm=true&source=35&twclid=2-30gg7vr0g8dw3sn21xq75uwjz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:d000:19:5e3:41c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4070ccadef0cea683d1af7a4c39980da54ba1d7839ffcbaaf531d1044ec75e21
Security Headers
Name Value
Strict-Transport-Security max-age=631138519, max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://d2hehf2dmadudj.cloudfront.net/ar/leagues23/?utm_source=Twitter&utm_medium=Websitecardstatic&utm_campaign=Leagues23&prm=true&source=35&twclid=2-30gg7vr0g8dw3sn21xq75uwjz
Origin
https://d2hehf2dmadudj.cloudfront.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-cache-hits
84
date
Fri, 20 Oct 2023 14:11:43 GMT
strict-transport-security
max-age=631138519, max-age=15768000
x-content-type-options
nosniff
via
1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
none
x-amz-cf-pop
FRA6-C1
age
285
x-cache
Miss from cloudfront
content-length
44316
x-xss-protection
1; mode=block
last-modified
Wed, 04 Oct 2023 05:24:52 GMT
etag
"ad1c-606dd3a18cb4a"
x-frame-options
SAMEORIGIN
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public
accept-ranges
bytes
x-amz-cf-id
pITIto9fDEMSB-AZEcv4_H1-4c60F7J1zyBlI_GmxBuLvz8oZt6P8w==
expires
Fri, 20 Oct 2023 14:11:58 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WSKPNP6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2hehf2dmadudj.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 20 Oct 2023 13:49:42 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
1321
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 20 Oct 2023 15:49:42 GMT
8056.js
script.crazyegg.com/pages/scripts/0025/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/scripts/0025/8056.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WSKPNP6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a0d65b783f14c3bc65f9119bddfb4ae1bc4102d668d8989aee7e996f68773c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2hehf2dmadudj.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 14:11:43 GMT
content-encoding
gzip
cf-cache-status
HIT
age
37331
cf-polished
origSize=6011
ce-version
11.5.140
cf-bgj
minify
last-modified
Fri, 20 Oct 2023 03:49:32 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
timing-allow-origin
*
cf-ray
8191da055b968ffa-FRA
fbevents.js
connect.facebook.net/en_US/ 		199 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: d2hehf2dmadudj.cloudfront.net
URL: https://d2hehf2dmadudj.cloudfront.net/ar/leagues23/?utm_source=Twitter&utm_medium=Websitecardstatic&utm_campaign=Leagues23&prm=true&source=35&twclid=2-30gg7vr0g8dw3sn21xq75uwjz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0ec8bc3ef1eb0c6ff43a2f94234c9487df3bf5e5f6b511693ca32cbb89bb665d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2hehf2dmadudj.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 20 Oct 2023 14:11:43 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
53588
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
GVTUgL2KoABO4wx1QoikRiKrLUSqkzVkw6RYKWAxn3fPb/SzkKU+KICnIVNAtk2RClivchr4bIPtcraOvx3yPA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
x-fb-optimizer
1
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		286 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-E3KSD2FS5T&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WSKPNP6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
469dd8c735e7178b83f8456ed374819a5d87eaef3af617110f9f9dc51ccbbb4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2hehf2dmadudj.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 14:11:43 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
95682
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 20 Oct 2023 14:11:43 GMT
d2hehf2dmadudj.cloudfront.net.json
script.crazyegg.com/pages/data-scripts/0025/8056/site/ 		7 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0025/8056/site/d2hehf2dmadudj.cloudfront.net.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0025/8056.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf614b40514497488d626a5f94b31656f7ae764c27380397a9d6b4fe42640e17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2hehf2dmadudj.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 14:11:43 GMT
content-encoding
gzip
cf-cache-status
HIT
age
35207
ce-version
11.5.140
content-length
1837
last-modified
Fri, 20 Oct 2023 04:24:56 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8191da05b880906d-FRA
1105393533568421
connect.facebook.net/signals/config/ 		140 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1105393533568421?v=2.9.135&r=stable&domain=d2hehf2dmadudj.cloudfront.net
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3bba7225d80e5483b9dfbfa6db1be35bba4c5f4b647d8596130c052fa918a613
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2hehf2dmadudj.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 20 Oct 2023 14:11:43 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
36851
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
9nwp6ejZRRkqubJGO9v644vhArNVcO4F7GeAq1zz8uqO6NSpOZfJjQ/bHVaBWQN9pP/VmsVEzrHf5UoaNzY3dA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
0dfcfe1be92de2f19657f97df1f01ad2.js
script.crazyegg.com/pages/versioned/common-scripts/ 		91 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/versioned/common-scripts/0dfcfe1be92de2f19657f97df1f01ad2.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0025/8056.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3fcc8aba74b07af1651ae780dfd623f9403379b1e5a70df3ead036b76e8758b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2hehf2dmadudj.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 14:11:43 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 12 Oct 2023 19:55:48 GMT
server
cloudflare
age
37816
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8191da05ec238ffa-FRA
content-length
30951
collect
region1.analytics.google.com/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-E3KSD2FS5T&gtm=45je3ai0&_p=518752987&_gaz=1&cid=231380610.1697811104&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697811103&sct=1&seg=0&dl=https%3A%2F%2Fd2hehf2dmadudj.cloudfront.net%2Far%2Fleagues23%2F%3Futm_source%3DTwitter%26utm_medium%3DWebsitecardstatic%26utm_campaign%3DLeagues23%26prm%3Dtrue%26source%3D35%26twclid%3D2-30gg7vr0g8dw3sn21xq75uwjz&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&ep.page=%2Far%2Fleagues23%2F%3Futm_source%3DTwitter%26utm_medium%3DWebsitecardstatic%26utm_campaign%3DLeagues23%26prm%3Dtrue%26source%3D35%26twclid%3D2-30gg7vr0g8dw3sn21xq75uwjz
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E3KSD2FS5T&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2hehf2dmadudj.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Oct 2023 14:11:43 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://d2hehf2dmadudj.cloudfront.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-E3KSD2FS5T&cid=231380610.1697811104&gtm=45je3ai0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E3KSD2FS5T&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2hehf2dmadudj.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Oct 2023 14:11:43 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://d2hehf2dmadudj.cloudfront.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-E3KSD2FS5T&cid=231380610.1697811104&gtm=45je3ai0&aip=1&z=1520396435
Requested by
Host: d2hehf2dmadudj.cloudfront.net
URL: https://d2hehf2dmadudj.cloudfront.net/ar/leagues23/?utm_source=Twitter&utm_medium=Websitecardstatic&utm_campaign=Leagues23&prm=true&source=35&twclid=2-30gg7vr0g8dw3sn21xq75uwjz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2hehf2dmadudj.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Oct 2023 14:11:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-E3KSD2FS5T&gtm=45je3ai0&_p=518752987&cid=231380610.1697811104&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAC&_s=2&sid=1697811103&sct=1&seg=1&dl=https%3A%2F%2Fd2hehf2dmadudj.cloudfront.net%2Far%2Fleagues23%2F%3Futm_source%3DTwitter%26utm_medium%3DWebsitecardstatic%26utm_campaign%3DLeagues23%26prm%3Dtrue%26source%3D35%26twclid%3D2-30gg7vr0g8dw3sn21xq75uwjz&dt=&en=page_view&_et=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E3KSD2FS5T&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2hehf2dmadudj.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Oct 2023 14:11:43 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://d2hehf2dmadudj.cloudfront.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1275407429592504
connect.facebook.net/signals/config/ 		138 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1275407429592504?v=2.9.135&r=stable&domain=d2hehf2dmadudj.cloudfront.net
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fdb95c506cf17ef9267a1935cdd8f63166cdaf561f59334c337e26bc67a6b586
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2hehf2dmadudj.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 20 Oct 2023 14:11:43 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
36622
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
EWrxBaie2QIJ9B/B8Nis/Y+2Z/oLdD/kkyZUkfcNyEAQKBFkMOpzmkArv4iZUCR4lDpYG5gCoipF9bdobrW7SA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1105393533568421&ev=PageView&dl=https%3A%2F%2Fd2hehf2dmadudj.cloudfront.net%2Far%2Fleagues23%2F%3Futm_source%3DTwitter%26utm_medium%3DWebsitecardstatic%26utm_campaign%3DLeagues23%26prm%3Dtrue%26source%3D35%26twclid%3D2-30gg7vr0g8dw3sn21xq75uwjz&rl=&if=false&ts=1697811103774&sw=1600&sh=1200&v=2.9.135&r=stable&ec=0&o=30&fbp=fb.2.1697811103768.1965579362&cs_est=true&ler=empty&it=1697811103617&coo=false&rqm=GET
Requested by
Host: d2hehf2dmadudj.cloudfront.net
URL: https://d2hehf2dmadudj.cloudfront.net/ar/leagues23/?utm_source=Twitter&utm_medium=Websitecardstatic&utm_campaign=Leagues23&prm=true&source=35&twclid=2-30gg7vr0g8dw3sn21xq75uwjz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2hehf2dmadudj.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 20 Oct 2023 14:11:43 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
collect
www.google-analytics.com/j/ 		4 B
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=518752987&t=pageview&_s=1&dl=https%3A%2F%2Fd2hehf2dmadudj.cloudfront.net%2Far%2Fleagues23%2F%3Futm_source%3DTwitter%26utm_medium%3DWebsitecardstatic%26utm_campaign%3DLeagues23%26prm%3Dtrue%26source%3D35%26twclid%3D2-30gg7vr0g8dw3sn21xq75uwjz&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1126636311&gjid=35560697&cid=231380610.1697811104&tid=UA-66224846-2&_gid=1073443258.1697811104&_r=1&_slc=1&gtm=45He3ai0n81WSKPNP6&z=987991510
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://d2hehf2dmadudj.cloudfront.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 20 Oct 2023 14:11:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://d2hehf2dmadudj.cloudfront.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
69 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=518752987&t=pageview&_s=1&dl=https%3A%2F%2Fd2hehf2dmadudj.cloudfront.net%2Far%2Fleagues23%2F%3Futm_source%3DTwitter%26utm_medium%3DWebsitecardstatic%26utm_campaign%3DLeagues23%26prm%3Dtrue%26source%3D35%26twclid%3D2-30gg7vr0g8dw3sn21xq75uwjz&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACAAI~&jid=3781808&gjid=195402438&cid=231380610.1697811104&tid=UA-66224846-20&_gid=1073443258.1697811104&_r=1&_slc=1&gtm=45He3ai0n81WSKPNP6&z=447049550
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://d2hehf2dmadudj.cloudfront.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 20 Oct 2023 14:11:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://d2hehf2dmadudj.cloudfront.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
d2hehf2dmadudj.cloudfront.net.json
script.crazyegg.com/pages/data-scripts/0025/8056/sampling/ 		376 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0025/8056/sampling/d2hehf2dmadudj.cloudfront.net.json?t=471614
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/0dfcfe1be92de2f19657f97df1f01ad2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c6fdeefdca8280767bb46b45895f9a4cfc83acf13b346b055394f10c2f4d1c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2hehf2dmadudj.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 14:11:43 GMT
content-encoding
gzip
cf-cache-status
HIT
age
8165
ce-version
11.5.140
content-length
188
last-modified
Fri, 20 Oct 2023 11:55:38 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8191da06d9aa906d-FRA
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1275407429592504&ev=PageView&dl=https%3A%2F%2Fd2hehf2dmadudj.cloudfront.net%2Far%2Fleagues23%2F%3Futm_source%3DTwitter%26utm_medium%3DWebsitecardstatic%26utm_campaign%3DLeagues23%26prm%3Dtrue%26source%3D35%26twclid%3D2-30gg7vr0g8dw3sn21xq75uwjz&rl=&if=false&ts=1697811103826&sw=1600&sh=1200&v=2.9.135&r=stable&ec=0&o=30&fbp=fb.2.1697811103768.1965579362&cs_est=true&ler=empty&it=1697811103617&coo=false&rqm=GET
Requested by
Host: d2hehf2dmadudj.cloudfront.net
URL: https://d2hehf2dmadudj.cloudfront.net/ar/leagues23/?utm_source=Twitter&utm_medium=Websitecardstatic&utm_campaign=Leagues23&prm=true&source=35&twclid=2-30gg7vr0g8dw3sn21xq75uwjz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2hehf2dmadudj.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 20 Oct 2023 14:11:43 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1105393533568421&ev=ViewContent&dl=https%3A%2F%2Fd2hehf2dmadudj.cloudfront.net%2Far%2Fleagues23%2F%3Futm_source%3DTwitter%26utm_medium%3DWebsitecardstatic%26utm_campaign%3DLeagues23%26prm%3Dtrue%26source%3D35%26twclid%3D2-30gg7vr0g8dw3sn21xq75uwjz&rl=&if=false&ts=1697811103827&cd[content_name]=&sw=1600&sh=1200&v=2.9.135&r=stable&ec=1&o=30&fbp=fb.2.1697811103768.1965579362&ler=empty&it=1697811103617&coo=false&rqm=GET
Requested by
Host: d2hehf2dmadudj.cloudfront.net
URL: https://d2hehf2dmadudj.cloudfront.net/ar/leagues23/?utm_source=Twitter&utm_medium=Websitecardstatic&utm_campaign=Leagues23&prm=true&source=35&twclid=2-30gg7vr0g8dw3sn21xq75uwjz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2hehf2dmadudj.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 20 Oct 2023 14:11:43 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1275407429592504&ev=ViewContent&dl=https%3A%2F%2Fd2hehf2dmadudj.cloudfront.net%2Far%2Fleagues23%2F%3Futm_source%3DTwitter%26utm_medium%3DWebsitecardstatic%26utm_campaign%3DLeagues23%26prm%3Dtrue%26source%3D35%26twclid%3D2-30gg7vr0g8dw3sn21xq75uwjz&rl=&if=false&ts=1697811103828&cd[content_name]=&sw=1600&sh=1200&v=2.9.135&r=stable&ec=1&o=30&fbp=fb.2.1697811103768.1965579362&ler=empty&it=1697811103617&coo=false&rqm=GET
Requested by
Host: d2hehf2dmadudj.cloudfront.net
URL: https://d2hehf2dmadudj.cloudfront.net/ar/leagues23/?utm_source=Twitter&utm_medium=Websitecardstatic&utm_campaign=Leagues23&prm=true&source=35&twclid=2-30gg7vr0g8dw3sn21xq75uwjz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2hehf2dmadudj.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 20 Oct 2023 14:11:43 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
collect
stats.g.doubleclick.net/j/ 		4 B
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-66224846-2&cid=231380610.1697811104&jid=1126636311&gjid=35560697&_gid=1073443258.1697811104&_u=YADAAEAAAAAAACAAI~&z=830370784
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://d2hehf2dmadudj.cloudfront.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 20 Oct 2023 14:11:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://d2hehf2dmadudj.cloudfront.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
69 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-66224846-20&cid=231380610.1697811104&jid=3781808&gjid=195402438&_gid=1073443258.1697811104&_u=YCDACEABBAAAACAAI~&z=477882160
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://d2hehf2dmadudj.cloudfront.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 20 Oct 2023 14:11:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://d2hehf2dmadudj.cloudfront.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-66224846-2&cid=231380610.1697811104&jid=1126636311&_u=YADAAEAAAAAAACAAI~&z=1769068979
Requested by
Host: d2hehf2dmadudj.cloudfront.net
URL: https://d2hehf2dmadudj.cloudfront.net/ar/leagues23/?utm_source=Twitter&utm_medium=Websitecardstatic&utm_campaign=Leagues23&prm=true&source=35&twclid=2-30gg7vr0g8dw3sn21xq75uwjz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2hehf2dmadudj.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Oct 2023 14:11:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-66224846-2&cid=231380610.1697811104&jid=1126636311&_u=YADAAEAAAAAAACAAI~&z=1769068979
Requested by
Host: d2hehf2dmadudj.cloudfront.net
URL: https://d2hehf2dmadudj.cloudfront.net/ar/leagues23/?utm_source=Twitter&utm_medium=Websitecardstatic&utm_campaign=Leagues23&prm=true&source=35&twclid=2-30gg7vr0g8dw3sn21xq75uwjz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2hehf2dmadudj.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Oct 2023 14:11:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-E3KSD2FS5T&gtm=45je3ai0&_p=518752987&cid=231380610.1697811104&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=3&sid=1697811103&sct=1&seg=1&dl=https%3A%2F%2Fd2hehf2dmadudj.cloudfront.net%2Far%2Fleagues23%2F%3Futm_source%3DTwitter%26utm_medium%3DWebsitecardstatic%26utm_campaign%3DLeagues23%26prm%3Dtrue%26source%3D35%26twclid%3D2-30gg7vr0g8dw3sn21xq75uwjz&dt=&en=scroll&epn.percent_scrolled=90&_et=5
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E3KSD2FS5T&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2hehf2dmadudj.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Oct 2023 14:11:48 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://d2hehf2dmadudj.cloudfront.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| dataLayer function| $ function| jQuery function| prev function| activates function| navigate function| getParameterByName number| animate function| viewoffer function| showhidesubscribe function| showhidesubscribe_mobile function| showhidesubscriberboxes function| hides function| shows boolean| is_mobile string| views string| subscribes object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| GoogleAnalyticsObject function| ga function| fbq function| _fbq string| pagetitle boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_SITE_DATA_URL string| CE_USER_DATA_URL string| CE_USER_COMMON_SCRIPT_URL string| CE_USER_THIRDPARTY_SCRIPT_URL function| onYouTubeIframeAPIReady object| gaGlobal object| webpackChunkCE2 object| CE2BH function| CE_URL_FINGERPRINT object| gaplugins object| gaData object| CE_API

9 Cookies

Domain/Path Name / Value
d2hehf2dmadudj.cloudfront.net/ Name: ApplicationGatewayAffinity
Value: 5c4c7df73ef32b32fae94c932b33208a
.d2hehf2dmadudj.cloudfront.net/ Name: _ga_E3KSD2FS5T
Value: GS1.1.1697811103.1.1.1697811103.60.0.0
.d2hehf2dmadudj.cloudfront.net/ Name: _fbp
Value: fb.2.1697811103768.1965579362
.d2hehf2dmadudj.cloudfront.net/ Name: _ga
Value: GA1.3.231380610.1697811104
.d2hehf2dmadudj.cloudfront.net/ Name: _gid
Value: GA1.3.1073443258.1697811104
.d2hehf2dmadudj.cloudfront.net/ Name: _gat_UA-66224846-2
Value: 1
.d2hehf2dmadudj.cloudfront.net/ Name: _gat_UA-66224846-20
Value: 1
.d2hehf2dmadudj.cloudfront.net/ Name: cebs
Value: 1
.d2hehf2dmadudj.cloudfront.net/ Name: _ce.s
Value: v~ee9cb84ab8bfcec3ddcf82da31dbd2f0708fa5c9~lcw~1697811103875~vpv~0~lcw~1697811103876

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=631138519, max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.bein.com
cdnjs.cloudflare.com
code.jquery.com
connect.facebook.net
d2hehf2dmadudj.cloudfront.net
region1.analytics.google.com
script.crazyegg.com
stats.g.doubleclick.net
storagebeincom.azurefd.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
2001:4860:4802:34::36
2600:9000:2057:ce00:19:5e3:41c0:93a1
2600:9000:2057:d000:19:5e3:41c0:93a1
2606:4700::6811:190e
2606:4700::6813:9408
2620:1ec:bdf::45
2620:1ec:bdf::63
2a00:1450:4001:806::2004
2a00:1450:4001:80e::2003
2a00:1450:4001:813::2008
2a00:1450:4001:827::200e
2a00:1450:400c:c0c::9d
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a04:4e42:200::649
0447476d8ee97ea945ec27a81ad45b66457ee9d1a8df9b789daee1d6b19668e6
05c4160b47e84f749ab009bf8f386475feaf675150fe3fc9585a5b3f6e04739c
0ec8bc3ef1eb0c6ff43a2f94234c9487df3bf5e5f6b511693ca32cbb89bb665d
326b994ec59c7334f52211fbd5aa909a36b98d1717cb798bfcd3af8d4cbdb6ca
3bba7225d80e5483b9dfbfa6db1be35bba4c5f4b647d8596130c052fa918a613
4070ccadef0cea683d1af7a4c39980da54ba1d7839ffcbaaf531d1044ec75e21
469dd8c735e7178b83f8456ed374819a5d87eaef3af617110f9f9dc51ccbbb4d
5cb3e20564e71dd4ecc536f6124342e402ab4d5d5bade6dd1755aeae798a5657
6a0d65b783f14c3bc65f9119bddfb4ae1bc4102d668d8989aee7e996f68773c8
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
75d04aaf4ba1dde16a2b9e2f31a145143baf4c8e16d543f72553f9cf0f592a88
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8b6b862c423f3f2286ca9d5bd4c021433eb766fc04c14ca8b79a8b5e4f4eb255
8c6fdeefdca8280767bb46b45895f9a4cfc83acf13b346b055394f10c2f4d1c1
9a61a325508cd509f23cd31043b878957281f0a3603d8e7d40758c4a7c489d5a
9fc7e1cf6e498eaca7e1cdea1fe28c92328b6333337aa51ec1c075d91c624ea0
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b8bb6a2580c3b101891c5be5a30527dde76826a3179d9ef8335e2aa3b326f42d
bf614b40514497488d626a5f94b31656f7ae764c27380397a9d6b4fe42640e17
d3fcc8aba74b07af1651ae780dfd623f9403379b1e5a70df3ead036b76e8758b
dd5fdf05554c8b31775054d0e5db6c63326042cbb1ad54b60007a5066625a496
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8b013fe11b8d7ea72519aefa9d4d5e0d2e6bba59daacee9a69b6f9e2cd75505
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fdb95c506cf17ef9267a1935cdd8f63166cdaf561f59334c337e26bc67a6b586
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e