basketball.heenglish.com Open in urlscan Pro
2606:4700:3034::ac43:a65b Public Scan

Go To Rescan
Add Verdict Report

URL:
https://basketball.heenglish.com/
Submission: On February 24 via api (February 24th 2024, 6:56:02 pm UTC) from US — Scanned from US

Summary HTTP 71 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 11 IPs in 1 countries across 7 domains to perform 71 HTTP transactions. The main IP is 2606:4700:3034::ac43:a65b, located in United States and belongs to CLOUDFLARENET, US. The main domain is basketball.heenglish.com.
TLS certificate: Issued by GTS CA 1P5 on February 21st 2024. Valid for: 3 months.

This is the only time basketball.heenglish.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	2606:4700:303... 2606:4700:3034::ac43:a65b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 16	2607:f8b0:400... 2607:f8b0:4004:c08::9c	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c1d::5f	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c08::9d	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4004:c1b::5e	15169 (GOOGLE) (GOOGLE)
11	2607:f8b0:400... 2607:f8b0:4004:c08::64	15169 (GOOGLE) (GOOGLE)
9	2607:f8b0:400... 2607:f8b0:4004:c1d::84	() ()
1	2607:f8b0:400... 2607:f8b0:4004:c1d::5e	() ()
1	2607:f8b0:400... 2607:f8b0:4004:c09::63	() ()
2	172.253.63.155 172.253.63.155	() ()
71	11

13 2606:4700:3034::ac43:a65b (United States)

ASN13335 (CLOUDFLARENET, US)

basketball.heenglish.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2607:f8b0:4004:c08::9c (Washington, United States) 1 redirects

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1d::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c08::9d (Washington, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c1b::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4004:c08::64 (Washington, United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4004:c1d::84 (None, )

ASN- ()

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1d::5e (None, )

ASN- ()

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c09::63 (None, )

ASN- ()

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.63.155 (None, )

ASN- ()

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 106 tpc.googlesyndication.com	475 KB
13	heenglish.com basketball.heenglish.com	164 KB
12	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 665 www.google.com	71 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	93 KB
4	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 35	53 KB
2	googleadservices.com www.googleadservices.com
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 32	2 KB
71	7

	Domain	Requested by
13	pagead2.googlesyndication.com	basketball.heenglish.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
13	basketball.heenglish.com	basketball.heenglish.com
11	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
9	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
4	fonts.gstatic.com	fonts.googleapis.com
4	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com
2	www.googleadservices.com
2	fonts.googleapis.com	basketball.heenglish.com googleads.g.doubleclick.net
1	www.google.com	tpc.googlesyndication.com
1	www.gstatic.com	googleads.g.doubleclick.net
71	10

This site contains links to these domains. Also see Links.

Domain
url

Subject Issuer	Validity	Valid
heenglish.com GTS CA 1P5	`2024-02-21` - `2024-05-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://basketball.heenglish.com/
Frame ID: 5528E4F443655874A5F431E9B379BA89
Requests: 48 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20190131/zrt_lookup_fy2021.html
Frame ID: AA9725C310A4DC9607784501B0655E37
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7785906137093181&output=html&adk=1812271804&adf=3025194257&lmt=1708800954&plaf=2%3A2%2C7%3A2&plat=3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fbasketball.heenglish.com%2F&pra=5&wgl=1&easpi=1&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708800953601&bpp=13&bdt=268&idt=823&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8060808613988&frm=20&pv=2&ga_vid=1085860388.1708800955&ga_sid=1708800955&ga_hid=67354727&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532523%2C44795921%2C95325066%2C95320376%2C95320870%2C95321865%2C95324154%2C95324161&oid=2&pvsid=1825751719339348&tmod=2030470530&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=958
Frame ID: FB59E968392E0B97DE8EDD91211B9341
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: AE20DE3B5C7233D1D29C8949C3142DE9
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 098D8480BFC6F40A3F399305B0D1B069
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E9C8DDE4633C3F797632318DE3A0CBA9
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/8Tsy5hKGOkd2pZxHZ-DVXCM53v6mWtt85lweNHdJ0fc.js
Frame ID: D6E0E713ECECCD98386106E7B44D582B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

basketball.heenglish.com

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

basket.js (JavaScript Libraries) Expand

Overall confidence: 10%
Detected patterns

basket.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

71
Requests

82 %
HTTPS

90 %
IPv6

7
Domains

10
Subdomains

11
IPs

1
Countries

856 kB
Transfer

2393 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://url/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54

https://googleads.g.doubleclick.net/pagead/adview?ai=CDyFXuzvaZZ7VEce64_UPxNylyAPwz8_ydZ-k2ZL5EWQQASCam8KbAWDJ7o6LwKSMEKABgcmv1APIAQmoAwHIA8sEqgToAU_QfEmnpiVzfSNMBCZC_gxSeaEQEHGQMjrYK1RtvkQjrq-mHnZwrKmfUfRcdYTh4laJSEAHGPeP89cOf9xd1OjgdjhYaWJ2_KYzVs-LBUmjASto5Xkx-SMpDWh3R2wqpFHeQWM1h2svuD5zmxwoVk-rIDzXr4nCWhBu_n21GCtV-mCIRyP_oaQfknjDrjjA1RwfSqNQea5HNbJyIhSNds2AvVRpNKXRs4McMVUDWpqoUEqHFnKoR3aKAGwbAX8VPl6BsmeWE8fNudj-dU4-j89CbsAbqrQYdFC6FGYBkAPD_V8y0SPVr-PABNbi15DHBIgFo7rKsk2SBQQIBBgBkgUECAUYBKAGLoAH3Y-OqQOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G9gHAPIHBBDe9B3SCCQIgGEQARgfMgKKAjoJgECAwICAgIAISL39wTpYr6q4z9PEhAOaCX9odHRwczovL3d3dy5uYXRpb24uY29tL2VtYnJhY2UtdGhlLWZ1dHVyZS1vZi1jb250YWN0LWNlbnRlci1zb2x1dGlvbnMtaW4tMjAyMy13aHkteW91LXNob3VsZC1hZGFwdC1ub3cvP3Zhcj04Mzg5MDkzNDUxMzE5MjE4ODYwgAoByAsB2gwQCgoQgM32spGrudYHEgIBA7gT5APYEwvQFQGAFwGyFxwKGggAEhRwdWItNzc4NTkwNjEzNzA5MzE4MRgA&sigh=DfQsiNBgpEk&uach_m=%5BUACH%5D&ase=2&cid=CAQSTgAvHhf_B5JOtDLPPC8wvoR2zZvQocnUhjLnazFqJvQHfat7pWarnOdgPpToGtxQ2OYGalxkf1rpELK56DiNxEAF3YnAxoQ1XztVIDvCwBgB&template_id=484&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x8954aa324f0851630000000000000000%22,%222%22:%220xb5a3f26503f14e500000000000000000%22,%223%22:%220x3962900923ed37a40000000000000000%22,%224%22:%220x847ab20d90f27da90000000000000000%22,%225%22:%220x76a9a28da87755c20000000000000000%22},%22debug_key%22:%2217523001871679807133%22,%22debug_reporting%22:true,%22destination%22:%22https://nation.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22982246529%22],%2222%22:[%22true%22],%224%22:[%2202-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229804421870581532785%22}&andc=true

71 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
basketball.heenglish.com/ 66 KB
13 KB 580ms
118ms Document
text/html 2606:4700:3034::ac43:a65b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://basketball.heenglish.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:a65b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c697d9c70d6ea4143336442cf58783c2e6f53a602774302ac145a2f98e06aebd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 85a9ece5a8324bbd-BUF
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 24 Feb 2024 18:55:53 GMT
link: <http://basketball.heenglish.com/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jPtDa2XH8s9AmXnPhoMw7Tz2rYa9S4koPRLQ5C0VrJ7N8OO6WMWabyiket%2BTaJEvbpzudMoIw41OCJNPV7%2Fql4Im8HookHHiToj2d%2Bv2xgH%2Fhd5ci5NvD4mh04Wzl2asZoN6aToZ2VsRBQW9%2FFDm8CsbER4q5xA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-litespeed-cache: hit

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 153ms
73ms Script
text/javascript 2607:f8b0:4004:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7785906137093181

Requested by

Host: basketball.heenglish.com
URL: https://basketball.heenglish.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

626dccaf9cc0ec9d9bd06be2ac826725e76aa8824295458899e1eb71a58807c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://basketball.heenglish.com/
Origin: https://basketball.heenglish.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 18:55:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50990
x-xss-protection: 0
server: cafe
etag: 10117158230932528749
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sat, 24 Feb 2024 18:55:53 GMT

GET
H2 200 style.min.css
basketball.heenglish.com/wp-includes/css/dist/block-library/ 108 KB
15 KB 172ms
159ms Stylesheet
text/css 2606:4700:3034::ac43:a65b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://basketball.heenglish.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3
Requested by: Host: basketball.heenglish.com
URL: https://basketball.heenglish.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:a65b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Request headers

accept-language: en-US,en;q=0.9
Referer: https://basketball.heenglish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 18:55:53 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 06 Feb 2024 13:21:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1ae43-65c23248-ff607a;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OVg5VG%2BO8gA%2B%2BAf0Q3NVtIDYtHJ4d%2BIX3OnUzldwLPp3SROeT4%2BCyVaLBwC8DCdQKGxae4O4tXWNFkHxewq%2Fp26Q95NiSpKdkQl2uBSiTeei14R2q2Zt2mavW7MNoiYz0YwfW9mG50DHPi3TxEWOH%2Fn2ipob9vk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 85a9ece6886c4bbd-BUF
alt-svc: h3=":443"; ma=86400
expires: Sat, 02 Mar 2024 18:55:53 GMT

GET
H2 200 fl-icons.css
basketball.heenglish.com/wp-content/themes/flatsome/assets/css/ 328 B
458 B 140ms
129ms Stylesheet
text/css 2606:4700:3034::ac43:a65b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://basketball.heenglish.com/wp-content/themes/flatsome/assets/css/fl-icons.css?ver=3.12
Requested by: Host: basketball.heenglish.com
URL: https://basketball.heenglish.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:a65b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30fd9ec16112567ac68f1db9d60e71dd610be376f97dd1856ad61ba4265e8fd2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://basketball.heenglish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 18:55:53 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 06 Feb 2024 13:30:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"148-65c23488-ff8a20;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sMZYpH0FIl9NP43XpLsFljXE1Fu511A9mDn3euJb4Fg4r3HH8nyqPAlGTMqd%2BIH1TP9KSzQQ9lqUi9W3tbJgbCvJrxfHkvDAx9Qixd5FlGOE0G9JrNUFd3aTXc%2F%2Fh26K8vLrbfi95v5JJq12Gun9piF3Y3QxLl0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 85a9ece6886d4bbd-BUF
alt-svc: h3=":443"; ma=86400
expires: Sat, 02 Mar 2024 18:55:53 GMT

GET
H2 200 flatsome.css
basketball.heenglish.com/wp-content/themes/flatsome/assets/css/ 143 KB
30 KB 181ms
171ms Stylesheet
text/css 2606:4700:3034::ac43:a65b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://basketball.heenglish.com/wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.12.1
Requested by: Host: basketball.heenglish.com
URL: https://basketball.heenglish.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:a65b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 497b66a80f838d9eb5f619d5af58ae6f8fa8f5790437680a5e87a41cad2f5c19

Request headers

accept-language: en-US,en;q=0.9
Referer: https://basketball.heenglish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 18:55:53 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 06 Feb 2024 13:30:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"23a2b-65c23488-ff8a15;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OSNdbanZlMwLI9dau0s05%2BfmciIyKu%2FAivZo47o6N86M5gXESr8LfMlvT1y1Jzx0cXwmLAirx%2FKcwz6d5kGTgNSNl5va9BItp1tTF7vdJ5zhHPsfolyOETe67uSwTmaY2UwqWASO2k2aDThmsuOy02fnADVCDRA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 85a9ece6886f4bbd-BUF
alt-svc: h3=":443"; ma=86400
expires: Sat, 02 Mar 2024 18:55:53 GMT

GET
H2 200 style.css
basketball.heenglish.com/wp-content/themes/flatsome/ 567 B
671 B 132ms
122ms Stylesheet
text/css 2606:4700:3034::ac43:a65b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://basketball.heenglish.com/wp-content/themes/flatsome/style.css?ver=3.12.1
Requested by: Host: basketball.heenglish.com
URL: https://basketball.heenglish.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:a65b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f576aaa1ac8352e9e0c17cb743536e1488b0518fecc8bba8f8b87b560a0d5cca

Request headers

accept-language: en-US,en;q=0.9
Referer: https://basketball.heenglish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 18:55:53 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 06 Feb 2024 13:30:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"237-65c23488-ff8a8a;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wwlDFhO4o3af4TFMufoO0%2Btpxin16K1OernrT6EiK437y213nlfyofbIbVQXW9KJdjnROScHedr96uzhzZLmOhUphKIheyWbEvyXoeqeaFGdYELYRsiysoLjb759XB0QZVfRhWQT9D%2Bg4x7WV2bL%2FaeEZbNpQfE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 85a9ece688704bbd-BUF
alt-svc: h3=":443"; ma=86400
expires: Sat, 02 Mar 2024 18:55:53 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
982 B 120ms
42ms Stylesheet
text/css 2607:f8b0:4004:c1d::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato%3Aregular%2C700%2C400%2C700%7CDancing+Script%3Aregular%2C400&display=swap&ver=3.9

Requested by

Host: basketball.heenglish.com
URL: https://basketball.heenglish.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

81e56d1e7da2629d351e861469401069405236f6ff9a5efb1eaa704ef6bba81f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://basketball.heenglish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 24 Feb 2024 18:55:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 24 Feb 2024 18:08:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 24 Feb 2024 18:55:53 GMT

GET
H2 200 jquery.min.js Show response
basketball.heenglish.com/wp-includes/js/jquery/ 86 KB
31 KB 181ms
174ms Script
application/x-javascript 2606:4700:3034::ac43:a65b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://basketball.heenglish.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: basketball.heenglish.com
URL: https://basketball.heenglish.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:a65b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://basketball.heenglish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 18:55:53 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 06 Feb 2024 13:21:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"15601-65c23248-ff6251;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AZK3P%2FGZhCIiZyRiI3fSdDu1tz46TcAJt0mHksMVwLbS%2Fpc52GDnUm0ONqr1kMoOpgKqXxjAivVulTpaD%2BK%2F5k56mvsNGqJmehf8EB2BeyQmnucbtC3pBoasrOkBCp%2BA8CSPBvt1lZORiklD9LEdVcCntjyLsjg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 85a9ece688714bbd-BUF
alt-svc: h3=":443"; ma=86400
expires: Sat, 02 Mar 2024 18:55:53 GMT

GET
H2 200 jquery-migrate.min.js Show response
basketball.heenglish.com/wp-includes/js/jquery/ 13 KB
5 KB 129ms
123ms Script
application/x-javascript 2606:4700:3034::ac43:a65b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://basketball.heenglish.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: basketball.heenglish.com
URL: https://basketball.heenglish.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:a65b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: en-US,en;q=0.9
Referer: https://basketball.heenglish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 18:55:53 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 06 Feb 2024 13:21:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3509-65c23248-ff62a1;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0qPN4bE87%2F51DYgMUR3VUFUNjs9sUiSoGgPwVxLQGDWy2ddqVcDs1FJFxOTNlPTMWy%2B%2F5f5xVJk9Gh27Bo17j10ysrKO4QTpbcUT1zMSkGstP7h4X7c44Ht%2BxoBmVHMgrpY3tXBNZ%2BklPLgxW%2BgHJu7tzt12aHM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 85a9ece688724bbd-BUF
alt-svc: h3=":443"; ma=86400
expires: Sat, 02 Mar 2024 18:55:53 GMT

GET
H2 200 logo.png
basketball.heenglish.com/wp-content/themes/flatsome/assets/img/ 3 KB
3 KB 129ms
124ms Image
image/png 2606:4700:3034::ac43:a65b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://basketball.heenglish.com/wp-content/themes/flatsome/assets/img/logo.png
Requested by: Host: basketball.heenglish.com
URL: https://basketball.heenglish.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:a65b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03955f77c5fb64853ee1349aee217467d5965bd9339024dcc15df003efc75a54

Request headers

accept-language: en-US,en;q=0.9
Referer: https://basketball.heenglish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 18:55:53 GMT
cf-cache-status: MISS
last-modified: Tue, 06 Feb 2024 13:30:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "b6b-65c23488-ff8a0c;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7PVgFCMKN5ONijFqElq1PymG2RFgIDpicHcOm0M2hO%2F0%2BFzaM5QDQtvisXOh%2FwNSz1UhVVFEIAy%2B2wakF%2BXONrMXuo9LKwzft94tngd%2F1Ow3HIaebSSGOS7TGzNAzuEMg1pQak22v4LIaYoAstZZjuz3XsU4enA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 85a9ece688734bbd-BUF
alt-svc: h3=":443"; ma=86400
content-length: 2923
expires: Sat, 02 Mar 2024 18:55:53 GMT

GET
H2 200 email-decode.min.js Show response
basketball.heenglish.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 35ms
32ms Script
application/javascript 2606:4700:3034::ac43:a65b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://basketball.heenglish.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: basketball.heenglish.com
URL: https://basketball.heenglish.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:a65b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://basketball.heenglish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 18:55:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 20 Feb 2024 15:59:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65d4cc77-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BDeqUO6UjAOkywlcKqQ9Fdf6kg7mfXbRH%2BvBW5C0%2F56iH1i0dSh4n0TCYK8yJIenqs98RRgeJEsEuvyt4mEEHRqPyVv2H7YDtJqzrj1lyB5o4%2BT246QcQF7P8LuMVYOZxh1Re0hNRxwyMwRhu08Xfc0AHAf%2Fm98%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 85a9ece6b8854bbd-BUF
expires: Mon, 26 Feb 2024 18:55:53 GMT

GET
H3 200 flatsome-live-search.js Show response
basketball.heenglish.com/wp-content/themes/flatsome/inc/extensions/flatsome-live-search/ 16 KB
6 KB 118ms
118ms Script
application/x-javascript 2606:4700:3034::ac43:a65b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://basketball.heenglish.com/wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.12.1
Requested by: Host: basketball.heenglish.com
URL: https://basketball.heenglish.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:a65b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebf0e8c538ae3047cf5056253a32daa65d23d8fb531ea05b0f0f28d58f828143

Request headers

accept-language: en-US,en;q=0.9
Referer: https://basketball.heenglish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 18:55:53 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 06 Feb 2024 13:30:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3e04-65c23488-ff847f;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=39MP9wyBGcQGpMWtZLlgf8mvjdfb4A6V7FBMfXZcLb3WLMy5FLKpl%2F%2FOkpthkOAFVdo%2FUlsyGWF2vvz5VcG40xJYjUeRgMUdbr%2BdwFgr4JKXmQ5oug33kssDM5yT57dGDs8txAPSSNlAvdxAPDEItYqb0FiSba8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 85a9ece6eaa74bd3-BUF
alt-svc: h3=":443"; ma=86400
expires: Sat, 02 Mar 2024 18:55:53 GMT

GET
H3 200 hoverIntent.min.js Show response
basketball.heenglish.com/wp-includes/js/ 1 KB
1 KB 117ms
116ms Script
application/x-javascript 2606:4700:3034::ac43:a65b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://basketball.heenglish.com/wp-includes/js/hoverIntent.min.js?ver=1.10.2
Requested by: Host: basketball.heenglish.com
URL: https://basketball.heenglish.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:a65b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40

Request headers

accept-language: en-US,en;q=0.9
Referer: https://basketball.heenglish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 18:55:53 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 06 Feb 2024 13:21:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5db-65c23248-ff6393;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eo%2FCAVbktbrWVugyeP45q9v%2Bgu2n12Is8hplL1As4trs7Ux3ptngs6l3jI%2BgoKnmJ9pox7SuNIROV5sHfGcJuvwfS8Z7crwGVeq%2FomCJZTb5moN7smZ6Ckk8WdGH9vqvQrfO3IXxKwdUrQkuOy80mRA0%2FzmJ%2BQs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 85a9ece74ad94bd3-BUF
alt-svc: h3=":443"; ma=86400
expires: Sat, 02 Mar 2024 18:55:53 GMT

GET
H3 200 flatsome.js Show response
basketball.heenglish.com/wp-content/themes/flatsome/assets/js/ 169 KB
51 KB 668ms
668ms Script
application/x-javascript 2606:4700:3034::ac43:a65b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://basketball.heenglish.com/wp-content/themes/flatsome/assets/js/flatsome.js?ver=3.12.1
Requested by: Host: basketball.heenglish.com
URL: https://basketball.heenglish.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:a65b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb5bb847d63c20fa89fbd4ec8a08c5c4d5b37247fa9f926f45df00ab03406392

Request headers

accept-language: en-US,en;q=0.9
Referer: https://basketball.heenglish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 18:55:53 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 06 Feb 2024 13:30:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2a4c3-65c23488-ff8a29;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F8BQv%2Fh7cxMZeVswwToSWxTqtuq1%2B1C8AmjgEWGkuAsMdugs2moDm6Vxa2ZBultlklbInzZ%2FLsjDplewPp4BfwrykPaETUrq378iiBnBP4U9hxuOlXQmlla6brSmqOP7TCJXQOIdCjV86Ry4KXMR6FgU15zOmHk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 85a9ece7bb174bd3-BUF
alt-svc: h3=":443"; ma=86400
expires: Sat, 02 Mar 2024 18:55:53 GMT

GET
BLOB 200
OK 2bd723b7-33ff-4c55-990f-7bd3fd26e504
https://basketball.heenglish.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://basketball.heenglish.com/2bd723b7-33ff-4c55-990f-7bd3fd26e504
Requested by: Host: basketball.heenglish.com
URL: https://basketball.heenglish.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402200101/ 408 KB
138 KB 612ms
513ms Script
text/javascript 2607:f8b0:4004:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402200101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7785906137093181

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf356fc18fe71cadf0f9a4e41410cb57f6edf319deda52ddb1a73047cf1620af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://basketball.heenglish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 18:55:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141535
x-xss-protection: 0
server: cafe
etag: 9060547008946128104
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Feb 2024 18:55:53 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240221/r20190131/ Frame AA97 9 KB
5 KB 613ms
33ms Document
text/html 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240221/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7785906137093181

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://basketball.heenglish.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 81800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 23 Feb 2024 20:12:34 GMT
etag: 3890843268177463596
expires: Fri, 08 Mar 2024 20:12:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET take-photo-camera.jpg
basketball.heenglish.com/wp-content/uploads/2024/02/ 0
0

GET how-to-use-neff-self-cleaning-oven.jpg
basketball.heenglish.com/wp-content/uploads/2024/02/ 0
0

GET how-oven-electric.jpg
basketball.heenglish.com/wp-content/uploads/2024/02/ 0
0

GET best-oven-brand-philippines.jpg
basketball.heenglish.com/wp-content/uploads/2024/02/ 0
0

GET free-standing-eye-level-oven.jpg
basketball.heenglish.com/wp-content/uploads/2024/02/ 0
0

GET baby-back-ribs-in-oven-at-400.jpg
basketball.heenglish.com/wp-content/uploads/2024/02/ 0
0

GET how-to-clean-dishwasher-filter.jpg
basketball.heenglish.com/wp-content/uploads/2024/02/ 0
0

GET What-is-a-Cloud-PBX
basketball.heenglish.com/wp-content/uploads/2024/02/ 0
0

GET how-does-a-dishwasher-pump-work.jpg
basketball.heenglish.com/wp-content/uploads/2024/02/ 0
0

GET can-you-put-pots-and-pans-in-the-dishwasher.jpg
basketball.heenglish.com/wp-content/uploads/2024/02/ 0
0

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 613ms
35ms Font
font/woff2 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3Aregular%2C700%2C400%2C700%7CDancing+Script%3Aregular%2C400&display=swap&ver=3.9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://basketball.heenglish.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Fri, 23 Feb 2024 15:15:30 GMT
x-content-type-options: nosniff
age: 99624
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Feb 2025 15:15:30 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 705ms
126ms Font
font/woff2 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3Aregular%2C700%2C400%2C700%7CDancing+Script%3Aregular%2C400&display=swap&ver=3.9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://basketball.heenglish.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 06:59:48 GMT
x-content-type-options: nosniff
age: 215766
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Feb 2025 06:59:48 GMT

GET
H3 200 fl-icons.woff2
basketball.heenglish.com/wp-content/themes/flatsome/assets/css/icons/ 6 KB
7 KB 605ms
585ms Font
font/woff2 2606:4700:3034::ac43:a65b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://basketball.heenglish.com/wp-content/themes/flatsome/assets/css/icons/fl-icons.woff2
Requested by: Host: basketball.heenglish.com
URL: https://basketball.heenglish.com/wp-content/themes/flatsome/assets/css/fl-icons.css?ver=3.12
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:a65b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 815e5395652e03d7051b767baade615d279fe3644bbf8f8bbdc54a8b9573be67

Request headers

Referer: https://basketball.heenglish.com/wp-content/themes/flatsome/assets/css/fl-icons.css?ver=3.12
Origin: https://basketball.heenglish.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 18:55:53 GMT
cf-cache-status: MISS
last-modified: Tue, 06 Feb 2024 13:30:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1988-65c23488-ff8a12;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t0nCHBmq1rnotYLCra4y99upi3B8xQG1KKhXxwSwpGjceB3R%2B8M2K%2BEG%2FirLI6609rYMZNn9ukttAqHe9DIDD%2FkWEXkETT8ZQiAPHEVTyOjcdtUgkRFPJzj36FgUhP2M7EGBKRxjMgCQcV0mQay3BRKTrPBIhIo%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 85a9ece8bb8e4bd3-BUF
alt-svc: h3=":443"; ma=86400
content-length: 6536
expires: Sat, 02 Mar 2024 18:55:53 GMT

GET wp-emoji-release.min.js
basketball.heenglish.com/wp-includes/js/ 0
0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FB59 146 KB
44 KB 1174ms
1158ms Document
text/html 2607:f8b0:4004:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7785906137093181&output=html&adk=1812271804&adf=3025194257&lmt=1708800954&plaf=2%3A2%2C7%3A2&plat=3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fbasketball.heenglish.com%2F&pra=5&wgl=1&easpi=1&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708800953601&bpp=13&bdt=268&idt=823&shv=r20240221&mjsv=m202402200101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8060808613988&frm=20&pv=2&ga_vid=1085860388.1708800955&ga_sid=1708800955&ga_hid=67354727&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532523%2C44795921%2C95325066%2C95320376%2C95320870%2C95321865%2C95324154%2C95324161&oid=2&pvsid=1825751719339348&tmod=2030470530&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=958

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402200101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

982a1a5ee7fc39eab9af6da68f82c6d25dc0595c671deee91375def23ec25512

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://basketball.heenglish.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 45469
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 24 Feb 2024 18:55:56 GMT
expires: Sat, 24 Feb 2024 18:55:56 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 1222ms
1214ms XHR
application/json 2607:f8b0:4004:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240221&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402200101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6cb64bb64c7593dae7133a145869165d6f41c5a7dd794de552e93e245f620fb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://basketball.heenglish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 18:55:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12281
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402200101/ 166 KB
56 KB 1002ms
1000ms Script
text/javascript 2607:f8b0:4004:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402200101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402200101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e587bef56983cd4d51986f73a88802a65dc79a4f9795dcc9448408943f3c5f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://basketball.heenglish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 18:55:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57356
x-xss-protection: 0
server: cafe
etag: 2359042028546367644
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Feb 2024 18:55:56 GMT

GET
H2 200 ca-pub-7785906137093181 Show response
fundingchoicesmessages.google.com/i/ 183 KB
61 KB 1065ms
62ms Script
application/javascript 2607:f8b0:4004:c08::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-7785906137093181?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402200101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::64 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

43a083aa2a1f3165ed351869d2de2b9b520b635c3536d4d0680e84958803de62

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mQJGUlOuJWCEo4NcCsAGHA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://basketball.heenglish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 18:55:57 GMT
content-security-policy: script-src 'report-sample' 'nonce-mQJGUlOuJWCEo4NcCsAGHA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjmsKoxSXFEKAhxXDi1m2mC0B83ukO03UgvqjylOkmENcyPGNqBeIH4c-YXgCxgcZzJgsgZvzzgokTiN99eckk8PUlkwQQawHxO8lXTN-AeIePBwvfuumsKkBsuH46ayQQxzyfzpoCxItZZ7CuBmKn9BmsIUD8OXMG628g9qmfwRoHxEI8HHu_v1jHJjDh4o7njACPQUXg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 slotcar_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402200101/ 90 KB
31 KB 956ms
955ms Script
text/javascript 2607:f8b0:4004:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402200101/slotcar_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7785906137093181

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f219467974e29e377804b72b73e3d275dfec9fa6385e88d90a404b99a96ff102

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://basketball.heenglish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 18:55:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32111
x-xss-protection: 0
server: cafe
etag: 16588181077668161598
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Feb 2024 18:55:56 GMT

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 91ms
90ms Fetch
text/html 2607:f8b0:4004:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7785906137093181
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c08::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://basketball.heenglish.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/ Frame AE20 9 KB
4 KB 34ms
33ms Document
text/html 2607:f8b0:4004:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402200101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://basketball.heenglish.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 48486
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 24 Feb 2024 05:27:51 GMT
etag: 3890843268177463596
expires: Sat, 09 Mar 2024 05:27:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxXwzFrqCrvOLxHyor4kxTF_hgTdRdQ7JWXBy05MT2E4PY3q0AGPTwWxx957ny4aBqjLv1QIOWo_Zy9OxxoVgHFlOfjd3MPV0Z4YNcwEsRxjWCPSSOzPC0QAMPujmkkZ7sb9jg7Rog== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 60ms
56ms Script
application/javascript 2607:f8b0:4004:c08::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXwzFrqCrvOLxHyor4kxTF_hgTdRdQ7JWXBy05MT2E4PY3q0AGPTwWxx957ny4aBqjLv1QIOWo_Zy9OxxoVgHFlOfjd3MPV0Z4YNcwEsRxjWCPSSOzPC0QAMPujmkkZ7sb9jg7Rog==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA4ODAwOTU3LDYzMDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9iYXNrZXRiYWxsLmhlZW5nbGlzaC5jb20vIixudWxsLFtbOCwiNlRHTElUSGZXNmMiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.6TGLITHfW6c.es5.O/am=wA/d=1/rs=AJlcJMxmqd-4XpOfC1zmKha8ROUCcFmG7w/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::64 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

916f9af23388a1582230b68428ed9c158bf10aa45b4858a734ba21127651f69a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-kJF11aSHJ4nx1HDXcCMLjA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://basketball.heenglish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 18:55:57 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-kJF11aSHJ4nx1HDXcCMLjA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzj6mHU4pJi8NGQYjjvdIfpOhBfVHnKdBOIaxmeMbUC8YPwZ0wvgNhA4zmTBRAz_nnBxAnE7768ZBL4-pJJAoi1gPid5Cumb0C8w8eDhW_ddFYVIDZcP501Eohjnk9nTQHixawzWFcDsVP6DNYQIP6cOYP1NxD71M9gjQNiIR6Ovd9frGMTuLFz1X4mAIYXQMk"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame AE20 4 KB
775 B 45ms
45ms Stylesheet
text/css 2607:f8b0:4004:c1d::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

396bd1ab182a204c8c227c5d6aef6cbe3a3481500e816635b408da715695dfa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 24 Feb 2024 18:55:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 24 Feb 2024 18:13:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 24 Feb 2024 18:55:57 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame AE20 2 KB
903 B 799ms
38ms Script
text/javascript 2607:f8b0:4004:c1d::84

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Fri, 23 Feb 2024 23:01:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71694
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Mar 2024 23:01:04 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/ Frame AE20 23 KB
9 KB 834ms
75ms Script
text/javascript 2607:f8b0:4004:c1d::84

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ec1d799ea15ca9389d9dcd1f5d5c9698d612204464a24020099137878484a168

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Fri, 23 Feb 2024 23:01:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71696
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8988
x-xss-protection: 0
server: cafe
etag: 12564770436581814922
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Mar 2024 23:01:02 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame AE20 3 KB
1 KB 845ms
87ms Script
text/javascript 2607:f8b0:4004:c1d::84

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Fri, 23 Feb 2024 23:01:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71694
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Mar 2024 23:01:04 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame AE20 20 KB
8 KB 789ms
31ms Script
text/javascript 2607:f8b0:4004:c1d::84

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Fri, 23 Feb 2024 23:01:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71696
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8211
x-xss-protection: 0
server: cafe
etag: 3968847549730513390
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Mar 2024 23:01:02 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame AE20 204 KB
61 KB 43ms
42ms Script
text/javascript 2607:f8b0:4004:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be58ac66106f8f26b344b506dbca6968b96606a5bb9f89dac5678dfaf9522ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 18:39:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1009
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62895
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 24 Feb 2024 19:39:08 GMT

GET
H2 200 c0f9635aabdd33ab086e3930fa461563.js Show response
www.gstatic.com/mysidia/ Frame AE20 36 KB
15 KB 788ms
31ms Script
text/javascript 2607:f8b0:4004:c1d::5e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c0f9635aabdd33ab086e3930fa461563.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5e -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 10:35:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 289214
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15250
x-xss-protection: 0
last-modified: Fri, 16 Feb 2024 00:22:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 21 May 2024 10:35:44 GMT

GET
H2 200 6592766407814317453
tpc.googlesyndication.com/simgad/8333847982870827006/ Frame AE20 34 KB
34 KB 796ms
40ms Image
image/jpeg 2607:f8b0:4004:c1d::84

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8333847982870827006/6592766407814317453

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

212395a59414b2cc8264030ffe8a3339d293c4051288129d2158cb63dfc635ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

expires: Sun, 23 Feb 2025 18:10:41 GMT
date: Sat, 24 Feb 2024 18:10:41 GMT
x-content-type-options: nosniff
age: 2717
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34675
x-xss-protection: 0
last-modified: Sat, 07 Oct 2023 05:52:18 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/16283985567042141653/ Frame AE20 2 KB
2 KB 794ms
39ms Image
image/jpeg 2607:f8b0:4004:c1d::84

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16283985567042141653/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

baf6d0189a23b23400a73214c23adaa8ec89da66a680153a1f50a3423e27fc6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

expires: Fri, 21 Feb 2025 00:51:33 GMT
date: Thu, 22 Feb 2024 00:51:33 GMT
x-content-type-options: nosniff
age: 237865
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1558
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 20:31:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 AGSKWxUyfiOd0-nYEajwcxeV31J1_cEzXjHBQtQ6yriUTeEfMRv1HbV_g4goswa0b3NO0Am4rchGGhq61jMO6_VnkSaZlqeFCdBFFdfObVuyiuumTnGgkIhFU81DweB8I5bt21Y-I0vtsQ== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 65ms
64ms Script
application/javascript 2607:f8b0:4004:c08::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUyfiOd0-nYEajwcxeV31J1_cEzXjHBQtQ6yriUTeEfMRv1HbV_g4goswa0b3NO0Am4rchGGhq61jMO6_VnkSaZlqeFCdBFFdfObVuyiuumTnGgkIhFU81DweB8I5bt21Y-I0vtsQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA4ODAwOTU3LDY5NjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vYmFza2V0YmFsbC5oZWVuZ2xpc2guY29tLyIsbnVsbCxbWzgsIjZUR0xJVEhmVzZjIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::64 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

561d74cf85b498da8e0201ca9237497ed86ad92dc5640fcb8d31c544eaa33839

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce--rKIzdzcDAd2iSxm1wl1GQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://basketball.heenglish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 18:55:57 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce--rKIzdzcDAd2iSxm1wl1GQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzj6mHU4pJi8NeQYjjvdIfpOhBfVHnKdBOIaxmeMbUC8YPwZ0wvgNhA4zmTBRAz_nnBxAnE7768ZBL4-pJJAoi1gPid5Cumb0C8w8eDhW_ddFYVIDZcP501Eohjnk9nTQHixawzWFcDsVP6DNYQIP6cOYP1NxD71M9gjQNiIR6Ovd9frGMT-LHq7wMmAIl4QVE"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 773ms
88ms Script
text/javascript 2607:f8b0:4004:c1d::84

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402200101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://basketball.heenglish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 18:55:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 24 Feb 2024 18:55:58 GMT

GET
DATA 200
OK truncated
/ Frame AE20 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dd0d6ad4701e0903afd0b44b54983ce2480d8c0af54e852a09d7d13d6c4ce509

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 098D 13 KB
5 KB 49ms
34ms Document
text/html 2607:f8b0:4004:c1d::84

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://basketball.heenglish.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 51901
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 24 Feb 2024 04:30:57 GMT
expires: Sun, 23 Feb 2025 04:30:57 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E9C8 829 B
1 KB 810ms
50ms Document
text/html 2607:f8b0:4004:c09::63

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::63 -, , ASN (),

Reverse DNS

Software

GSE /

Resource Hash

09a8ae3ee5ee40dceea17879ee8318f627910e17bb6563f6e9019c0feccf832d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-x3hU9O7TfEvTmcOmKxbJKQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://basketball.heenglish.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-x3hU9O7TfEvTmcOmKxbJKQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 24 Feb 2024 18:55:59 GMT
expires: Sat, 24 Feb 2024 18:55:59 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame AE20 15 KB
16 KB 35ms
32ms Font
font/woff2 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 07:42:13 GMT
x-content-type-options: nosniff
age: 213225
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Feb 2025 07:42:13 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame AE20 15 KB
15 KB 44ms
41ms Font
font/woff2 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 07:56:02 GMT
x-content-type-options: nosniff
age: 212396
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Feb 2025 07:56:02 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame AE20
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CDyFXuzvaZZ7VEce64_UPxNylyAPwz8_ydZ-k2ZL5EWQQASCam8KbAWDJ7o6LwKSMEKABgcmv1APIAQmoAwHIA8sEqgToAU_QfEmnpiVzfSNMBCZC_gxSeaEQEHGQMjrYK1RtvkQjrq-mHnZ...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x8954aa324f0851630000000000000000%22,%222%22:%220xb5a3f26503f14e500000000000000000%22,%223%22:%220x396290...

0
0

180ms
99ms

Fetch
text/css

172.253.63.155

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x8954aa324f0851630000000000000000%22,%222%22:%220xb5a3f26503f14e500000000000000000%22,%223%22:%220x3962900923ed37a40000000000000000%22,%224%22:%220x847ab20d90f27da90000000000000000%22,%225%22:%220x76a9a28da87755c20000000000000000%22},%22debug_key%22:%2217523001871679807133%22,%22debug_reporting%22:true,%22destination%22:%22https://nation.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22982246529%22],%2222%22:[%22true%22],%224%22:[%2202-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229804421870581532785%22}&andc=true

Protocol

Server

172.253.63.155 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 18:55:59 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x8954aa324f0851630000000000000000","2":"0xb5a3f26503f14e500000000000000000","3":"0x3962900923ed37a40000000000000000","4":"0x847ab20d90f27da90000000000000000","5":"0x76a9a28da87755c20000000000000000"},"debug_key":"17523001871679807133","debug_reporting":true,"destination":"https://nation.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["982246529"],"22":["true"],"4":["02-24"],"6":["true"]},"priority":"500","source_event_id":"9804421870581532785"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 24 Feb 2024 18:55:59 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 24 Feb 2024 18:55:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x8954aa324f0851630000000000000000","2":"0xb5a3f26503f14e500000000000000000","3":"0x3962900923ed37a40000000000000000","4":"0x847ab20d90f27da90000000000000000","5":"0x76a9a28da87755c20000000000000000"},"debug_key":"17523001871679807133","debug_reporting":true,"destination":"https://nation.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["982246529"],"22":["true"],"4":["02-24"],"6":["true"]},"priority":"500","source_event_id":"9804421870581532785"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 8Tsy5hKGOkd2pZxHZ-DVXCM53v6mWtt85lweNHdJ0fc.js Show response
pagead2.googlesyndication.com/bg/ Frame D6E0 50 KB
19 KB 36ms
35ms Script
text/javascript 2607:f8b0:4004:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/8Tsy5hKGOkd2pZxHZ-DVXCM53v6mWtt85lweNHdJ0fc.js

Requested by

Host: basketball.heenglish.com
URL: https://basketball.heenglish.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f13b32e612863a4776a59c4767e0d55c2339defea65adb7ce65c1e347749d1f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Fri, 23 Feb 2024 19:59:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82592
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19817
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Feb 2025 19:59:26 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 289ms
102ms Preflight
text/html 172.253.63.155

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.155 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 24 Feb 2024 18:55:59 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 BoEj1MRYnOy5BSN5ElbJySd6MGFyYBWT_ZtkFEIAVvM.js Show response
pagead2.googlesyndication.com/bg/ Frame 098D 39 KB
15 KB 49ms
43ms Script
text/javascript 2607:f8b0:4004:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BoEj1MRYnOy5BSN5ElbJySd6MGFyYBWT_ZtkFEIAVvM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068123d4c4589cecb90523791256c9c9277a306172601593fd9b6414420056f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 18:45:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 635
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15302
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 23 Feb 2025 18:45:24 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E9C8 0
0 93ms
88ms Image
text/html 2607:f8b0:4004:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240221&jk=1825751719339348&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c08::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

GET
H3 200 _728_90_ Show response
fundingchoicesmessages.google.com/f/AGSKWxUT4XD-g74EsvK0O4y_iYQ6-LOSZAL2ClYJhdMrvXG0cTqk5UVQZYvac43aT1_Af6kztZL8cUN72wTDkNrvpLswytqJ9BW-2Hfr4FyVoSNClxK_f4ZU46RZ1cgRbeTf3PINyMoViu7YIyxDa8sBdDArSZ4Hl... 54 B
110 B 535ms
534ms Script
application/javascript 2607:f8b0:4004:c08::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUT4XD-g74EsvK0O4y_iYQ6-LOSZAL2ClYJhdMrvXG0cTqk5UVQZYvac43aT1_Af6kztZL8cUN72wTDkNrvpLswytqJ9BW-2Hfr4FyVoSNClxK_f4ZU46RZ1cgRbeTf3PINyMoViu7YIyxDa8sBdDArSZ4Hl439am2D9IjkCVPfTb1t1vtkz4YORXhS/_/google160./ad_include./async/ads-_textads/_728_90_

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.6TGLITHfW6c.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMzmtY4U3bNV8m5BcBjBYzvPxYy6IA/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::64 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5bbf1e9b01c5061268fd246f64e426a6662defc17278c8fbe8464fa5cbf93dff

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-kS1hoMF76pFAghyeXyz-fg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://basketball.heenglish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 18:55:59 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-kS1hoMF76pFAghyeXyz-fg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzj6mHU4pJicNGQYjjvdIfpOhBfVHnKdBOIaxmeMbUC8YPwZ0wvgNhA4zmTBRAz_nnBxAnE7768ZBL4-pJJAoi1gPid5Cumb0C8w8eDhW_ddFYVIDZcP501Eohjnk9nTQHixawzWFcDsVP6DNYQIP6cOYP1NxD71M9gjQNiIR6O_d9frGMTWHHh0CUmAIFXQNU"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 rum.js Show response
pagead2.googlesyndication.com/pagead/js/ 64 KB
24 KB 34ms
33ms Script
text/javascript 2607:f8b0:4004:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d255488fd7493f999e12641c5afed8348b9f5bf3356106c2a33032368782d61d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://basketball.heenglish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 18:12:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2606
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24293
x-xss-protection: 0
server: cafe
etag: 13238648472899439582
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sat, 24 Feb 2024 19:12:33 GMT

POST
H3 204 AGSKWxX3URsVOipX_Hbky0kQa6_3pAcLiK3IfGszcadrcLZwgcY7GXudnfoi_lr1mgiihHS0cotcSYM_JlWm2NvxsoRBDagK6KD515J8TQ_siE8S8ob4HHH7W41_uFqexaNtDQGv48Wurw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 685ms
53ms XHR
text/html 2607:f8b0:4004:c08::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxX3URsVOipX_Hbky0kQa6_3pAcLiK3IfGszcadrcLZwgcY7GXudnfoi_lr1mgiihHS0cotcSYM_JlWm2NvxsoRBDagK6KD515J8TQ_siE8S8ob4HHH7W41_uFqexaNtDQGv48Wurw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::64 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-LCbej4Nqp4TDGNkGfVdmQA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://basketball.heenglish.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 24 Feb 2024 18:56:00 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-LCbej4Nqp4TDGNkGfVdmQA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tHikmLw1JBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hi1P6DNYQIBbi4Tjw_cU6NoGOr-8WMwIASxkWLA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://basketball.heenglish.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AE20 42 B
64 B 103ms
102ms Fetch
image/gif 2607:f8b0:4004:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstBgyNO7H1Bz658P1jOt20_HEFv5iiUGuGSET1AoecXMn1nuSDLLEUvzotdLHGQxj0qq2p65j8lASqAxNZILpEj65oZcjzSf4lCGFSjN5CKJYcelYP4eO0UHVIyVHo_F1zAajIP_iBDJzTiAyOIWaUIh1eFvDywlXw&sai=AMfl-YR_I_MMsP1LKtrN5LAwCldTl1JKeFwZi5w3t4lO_MN3LJyZaC7rSzjAq-Oa40h0t_jiaTZtT9udyWHCYj91rJzk2bxK64l7l9XjQaIkv3dxRtN6qPYZ3JFoAoKd9j8oK4cRMCCOKpRxuwFogZ7j&sig=Cg0ArKJSzBgdxblJFjbnEAE&cid=CAQSTgAvHhf_B5JOtDLPPC8wvoR2zZvQocnUhjLnazFqJvQHfat7pWarnOdgPpToGtxQ2OYGalxkf1rpELK56DiNxEAF3YnAxoQ1XztVIDvCwBgB&id=lidar2&mcvt=1022&p=0,0,124,1005&mtos=984,1022,1022,1022,1022&tos=984,38,0,0,0&v=20240222&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=473375800&rst=1708800957602&rpt=1073&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Feb 2024 18:56:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxX3URsVOipX_Hbky0kQa6_3pAcLiK3IfGszcadrcLZwgcY7GXudnfoi_lr1mgiihHS0cotcSYM_JlWm2NvxsoRBDagK6KD515J8TQ_siE8S8ob4HHH7W41_uFqexaNtDQGv48Wurw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 113ms
65ms XHR
text/html 2607:f8b0:4004:c08::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxX3URsVOipX_Hbky0kQa6_3pAcLiK3IfGszcadrcLZwgcY7GXudnfoi_lr1mgiihHS0cotcSYM_JlWm2NvxsoRBDagK6KD515J8TQ_siE8S8ob4HHH7W41_uFqexaNtDQGv48Wurw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::64 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-G1MPXqKKYA4o3HKJkvORUQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://basketball.heenglish.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 24 Feb 2024 18:56:00 GMT
content-security-policy: script-src 'report-sample' 'nonce-G1MPXqKKYA4o3HKJkvORUQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tHikmJw15BiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hi1P6DNYQIBbi4Tjw_cU6NoGGAycXMwIASUIVyA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://basketball.heenglish.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxX3URsVOipX_Hbky0kQa6_3pAcLiK3IfGszcadrcLZwgcY7GXudnfoi_lr1mgiihHS0cotcSYM_JlWm2NvxsoRBDagK6KD515J8TQ_siE8S8ob4HHH7W41_uFqexaNtDQGv48Wurw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 94ms
66ms XHR
text/html 2607:f8b0:4004:c08::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxX3URsVOipX_Hbky0kQa6_3pAcLiK3IfGszcadrcLZwgcY7GXudnfoi_lr1mgiihHS0cotcSYM_JlWm2NvxsoRBDagK6KD515J8TQ_siE8S8ob4HHH7W41_uFqexaNtDQGv48Wurw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::64 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uRis78EFZ5iXLghEcaegZA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://basketball.heenglish.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 24 Feb 2024 18:56:00 GMT
content-security-policy: script-src 'report-sample' 'nonce-uRis78EFZ5iXLghEcaegZA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tHikmLw0pBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hi1P6DNYQIBbi4Tjw_cU6NoEdPY8WMwIASncV6A"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://basketball.heenglish.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxX3URsVOipX_Hbky0kQa6_3pAcLiK3IfGszcadrcLZwgcY7GXudnfoi_lr1mgiihHS0cotcSYM_JlWm2NvxsoRBDagK6KD515J8TQ_siE8S8ob4HHH7W41_uFqexaNtDQGv48Wurw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 82ms
56ms XHR
text/html 2607:f8b0:4004:c08::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxX3URsVOipX_Hbky0kQa6_3pAcLiK3IfGszcadrcLZwgcY7GXudnfoi_lr1mgiihHS0cotcSYM_JlWm2NvxsoRBDagK6KD515J8TQ_siE8S8ob4HHH7W41_uFqexaNtDQGv48Wurw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::64 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-w5pUJVZ8QiAIOzfQdqW1zg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://basketball.heenglish.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 24 Feb 2024 18:56:00 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-w5pUJVZ8QiAIOzfQdqW1zg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tHikmJw0ZBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hi1P6DNYQIBbi4Tjw_cU6NoEXEzoWMwIASSUVvA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://basketball.heenglish.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxVN-DVB0T8Vwnvi0dmWQpAAalLCkRtLsPgh-ZQCI7zuZgAOWD-ocjw3zblPB1GgjiQYjNyoXmC56L80C9ftbv1rHgs3YxhYcCZb6Ql7MxsUhZx1hZePxxCLkz4V1zcpOBhcrX97Eg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 91ms
90ms Script
application/javascript 2607:f8b0:4004:c08::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVN-DVB0T8Vwnvi0dmWQpAAalLCkRtLsPgh-ZQCI7zuZgAOWD-ocjw3zblPB1GgjiQYjNyoXmC56L80C9ftbv1rHgs3YxhYcCZb6Ql7MxsUhZx1hZePxxCLkz4V1zcpOBhcrX97Eg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA4ODAwOTYwLDI4NzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9iYXNrZXRiYWxsLmhlZW5nbGlzaC5jb20vIixudWxsLFtbOCwiNlRHTElUSGZXNmMiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::64 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c45df2ccb42a0c227eb92ceec3c47344787e875928c1432e16d675fab052df2b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SjyTSG48olcRew6_Dt9saw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://basketball.heenglish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 18:56:00 GMT
content-security-policy: script-src 'report-sample' 'nonce-SjyTSG48olcRew6_Dt9saw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzj6mHU4pJicNKQYjjvdIfpOhBfVHnKdBOIaxmeMbUC8YPwZ0wvgNhA4zmTBRAz_nnBxAnE7768ZBL4-pJJAoi1gPid5Cumb0C8w8eDhW_ddFYVIDZcP501Eohjnk9nTQHixawzWFcDsVP6DNYQIP6cOYP1NxD71M9gjQNiIR6OA99frGMTmLFt1lJGAH6rQFQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 098D 0
10 B 38ms
37ms Image
text/plain 2607:f8b0:4004:c1d::84

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?pQNT3A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c1d::84 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 18:56:00 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 AGSKWxXEyry-XoXGjkgFSFdcNtpkdUHeKIjJpOSyyBPo7Ef0n_-KGUIclXq3hO4qUWDrDzXnqeRboZDmlnmIOwNH2jeOMWXrIBJm5JcS6ls9GZOnfIeZMOIcgjI-z-IfW56XF7lHR32ihw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 51ms
49ms XHR
text/html 2607:f8b0:4004:c08::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXEyry-XoXGjkgFSFdcNtpkdUHeKIjJpOSyyBPo7Ef0n_-KGUIclXq3hO4qUWDrDzXnqeRboZDmlnmIOwNH2jeOMWXrIBJm5JcS6ls9GZOnfIeZMOIcgjI-z-IfW56XF7lHR32ihw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::64 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-b9IW_EsZfZ0zoBAB3GOvhg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://basketball.heenglish.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 24 Feb 2024 18:56:00 GMT
content-security-policy: script-src 'report-sample' 'nonce-b9IW_EsZfZ0zoBAB3GOvhg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tHikmLw1pBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hi1P6DNYQIBbi4Tjw_cU6NoEd57ZdYQQAS5MWMA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://basketball.heenglish.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxX3URsVOipX_Hbky0kQa6_3pAcLiK3IfGszcadrcLZwgcY7GXudnfoi_lr1mgiihHS0cotcSYM_JlWm2NvxsoRBDagK6KD515J8TQ_siE8S8ob4HHH7W41_uFqexaNtDQGv48Wurw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 93ms
60ms XHR
text/html 2607:f8b0:4004:c08::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxX3URsVOipX_Hbky0kQa6_3pAcLiK3IfGszcadrcLZwgcY7GXudnfoi_lr1mgiihHS0cotcSYM_JlWm2NvxsoRBDagK6KD515J8TQ_siE8S8ob4HHH7W41_uFqexaNtDQGv48Wurw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::64 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce--2QfYAdkbijTXBGK14BT8Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://basketball.heenglish.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 24 Feb 2024 18:56:00 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce--2QfYAdkbijTXBGK14BT8Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tHikmII0pBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hi1P6DNYQIBbi4Tjw_cU6NoEDncufMgIATBYV_A"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://basketball.heenglish.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 93ms
92ms Image
text/html 2607:f8b0:4004:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240221&jk=1825751719339348&bg=!JySlJGvNAAZ3BdUuVwU7ADQBe5WfOA5I2mBJqM0Uel7d8MN0ezxtzzov4vP7-PdQf-vb0N_VqwJZ2XsNLXTSQkztj70dAgAAAzZSAAAAA2gBB5kDD18h3QEiNmwMZpcYhEphAH6lnqrtlv-D9OWvGepBHF7OuW6YgfrBPUgVPRRP_sDoVVkxyfJdcWsJtyRgZHvcS7Zamoz3fDwATzrrGYAjN7QhlfokyZl8qh0Re9LyBzDcWosCZXOgI-CX_b1RlqVa1MHUtq9fPsm5HEjGvZDSqrpDarZLwboRVAsMZ3mH_5hPyTikGKhEZ53hA7i6Lc9ReVupTuL0KLAu3d4qYaXlhODHhyZfOcv36wTuKvaHhZCQQq52sN_fk3SNArrJjfKIEfyj7y9m82P9TSN7kyOgEfz_klUoTFZ1hFGD3thl6JL8VymmkDM_HWKAaYpRChR7gJ6RMKJjCM8S02MOtjkAfLkcrX6Awb3ETL6To3EbaY2nza4T8NQu9KWVSvEVzHI5oiPfw3guatLKlFOdfKGBRyKiUGaRIxylLWqUG_z3rka3nmWiOI2OvM-a-E0knOls4_d2dusDrH8YCDSATWyZmGK2YzZMXhz7YsefkUEPAQYevQiPbi0beOSFqlV7TdcYDnOHta-xQwXdZ54_ElR5pgM7orj6ulBJ-OzzHpetfCDs-MkRrPRcCpaieAsO90sh2596iscG5W8mT-YwWiXvwcicJk2etWMs_B7zeeKc4RKaCmk_yQSw8rKTATfE6M4hcqm9_2BP2pKQx43BIxE6wk2k_FSHvL1ZMVVckkpE57Z88wHWW8eL3Po1fz-oiuv_Emo1sv7J0CH_7W36ogzy0lOq-_WUDC7HRB1wV2AbIC1h0146YyBLqtGBKnXNZFxrP_o5sguMuXOjaaUWdWh8yhTuuU0AVgWP9Lr4UvICpv3TovyakCqYoiM6Gx0E6LLxB36miMhak90Pi2Tg5glHE8fgid099jkElZGvjIZpgWnXwULur9lELTnWOIyQyPXtcXwStycrDglRS5y_q9s5gHXI10rPXSyJfQDDOt_CePz0pa8WFBoTKKXzGihKa07ewGW552saCDtMg5jOH5Z3p7lcFJn84TGPjXg7OaOJw7bn7-P3I_Ed826uKvymu930Ow
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c08::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://basketball.heenglish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: basketball.heenglish.com
URL: http://basketball.heenglish.com/wp-content/uploads/2024/02/take-photo-camera.jpg

Domain: basketball.heenglish.com
URL: http://basketball.heenglish.com/wp-content/uploads/2024/02/how-to-use-neff-self-cleaning-oven.jpg

Domain: basketball.heenglish.com
URL: http://basketball.heenglish.com/wp-content/uploads/2024/02/how-oven-electric.jpg

Domain: basketball.heenglish.com
URL: http://basketball.heenglish.com/wp-content/uploads/2024/02/best-oven-brand-philippines.jpg

Domain: basketball.heenglish.com
URL: http://basketball.heenglish.com/wp-content/uploads/2024/02/free-standing-eye-level-oven.jpg

Domain: basketball.heenglish.com
URL: http://basketball.heenglish.com/wp-content/uploads/2024/02/baby-back-ribs-in-oven-at-400.jpg

Domain: basketball.heenglish.com
URL: http://basketball.heenglish.com/wp-content/uploads/2024/02/how-to-clean-dishwasher-filter.jpg

Domain: basketball.heenglish.com
URL: http://basketball.heenglish.com/wp-content/uploads/2024/02/What-is-a-Cloud-PBX?.jpg

Domain: basketball.heenglish.com
URL: http://basketball.heenglish.com/wp-content/uploads/2024/02/how-does-a-dishwasher-pump-work.jpg

Domain: basketball.heenglish.com
URL: http://basketball.heenglish.com/wp-content/uploads/2024/02/can-you-put-pots-and-pans-in-the-dishwasher.jpg

Domain: basketball.heenglish.com
URL: http://basketball.heenglish.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-20 18:40:01	Name: test_cookie Value: CheckForPermission

18 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://basketball.heenglish.com/(Line 757) Message: Mixed Content: The page at 'https://basketball.heenglish.com/' was loaded over HTTPS, but requested an insecure image 'http://basketball.heenglish.com/wp-content/uploads/2024/02/take-photo-camera.jpg'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://basketball.heenglish.com/(Line 757) Message: Mixed Content: The page at 'https://basketball.heenglish.com/' was loaded over HTTPS, but requested an insecure image 'http://basketball.heenglish.com/wp-content/uploads/2024/02/how-to-use-neff-self-cleaning-oven.jpg'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://basketball.heenglish.com/(Line 757) Message: Mixed Content: The page at 'https://basketball.heenglish.com/' was loaded over HTTPS, but requested an insecure image 'http://basketball.heenglish.com/wp-content/uploads/2024/02/how-oven-electric.jpg'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://basketball.heenglish.com/(Line 757) Message: Mixed Content: The page at 'https://basketball.heenglish.com/' was loaded over HTTPS, but requested an insecure image 'http://basketball.heenglish.com/wp-content/uploads/2024/02/best-oven-brand-philippines.jpg'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://basketball.heenglish.com/(Line 757) Message: Mixed Content: The page at 'https://basketball.heenglish.com/' was loaded over HTTPS, but requested an insecure image 'http://basketball.heenglish.com/wp-content/uploads/2024/02/free-standing-eye-level-oven.jpg'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://basketball.heenglish.com/(Line 757) Message: Mixed Content: The page at 'https://basketball.heenglish.com/' was loaded over HTTPS, but requested an insecure image 'http://basketball.heenglish.com/wp-content/uploads/2024/02/baby-back-ribs-in-oven-at-400.jpg'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://basketball.heenglish.com/(Line 757) Message: Mixed Content: The page at 'https://basketball.heenglish.com/' was loaded over HTTPS, but requested an insecure image 'http://basketball.heenglish.com/wp-content/uploads/2024/02/how-to-clean-dishwasher-filter.jpg'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://basketball.heenglish.com/(Line 757) Message: Mixed Content: The page at 'https://basketball.heenglish.com/' was loaded over HTTPS, but requested an insecure image 'http://basketball.heenglish.com/wp-content/uploads/2024/02/What-is-a-Cloud-PBX?.jpg'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://basketball.heenglish.com/(Line 757) Message: Mixed Content: The page at 'https://basketball.heenglish.com/' was loaded over HTTPS, but requested an insecure image 'http://basketball.heenglish.com/wp-content/uploads/2024/02/how-does-a-dishwasher-pump-work.jpg'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://basketball.heenglish.com/(Line 757) Message: Mixed Content: The page at 'https://basketball.heenglish.com/' was loaded over HTTPS, but requested an insecure image 'http://basketball.heenglish.com/wp-content/uploads/2024/02/can-you-put-pots-and-pans-in-the-dishwasher.jpg'. This request has been blocked; the content must be served over HTTPS.
deprecation	warning	URL: https://basketball.heenglish.com/wp-content/themes/flatsome/assets/js/flatsome.js?ver=3.12.1(Line 70) Message: Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
security	error	URL: https://basketball.heenglish.com/(Line 21) Message: Mixed Content: The page at 'https://basketball.heenglish.com/' was loaded over HTTPS, but requested an insecure script 'http://basketball.heenglish.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3'. This request has been blocked; the content must be served over HTTPS.
other	warning	URL: https://basketball.heenglish.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://basketball.heenglish.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://basketball.heenglish.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://basketball.heenglish.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://basketball.heenglish.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://basketball.heenglish.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

basketball.heenglish.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
www.gstatic.com
basketball.heenglish.com
172.253.63.155
2606:4700:3034::ac43:a65b
2607:f8b0:4004:c08::64
2607:f8b0:4004:c08::9c
2607:f8b0:4004:c08::9d
2607:f8b0:4004:c09::63
2607:f8b0:4004:c1b::5e
2607:f8b0:4004:c1d::5e
2607:f8b0:4004:c1d::5f
2607:f8b0:4004:c1d::84
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
03955f77c5fb64853ee1349aee217467d5965bd9339024dcc15df003efc75a54
068123d4c4589cecb90523791256c9c9277a306172601593fd9b6414420056f3
09a8ae3ee5ee40dceea17879ee8318f627910e17bb6563f6e9019c0feccf832d
0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247
1be58ac66106f8f26b344b506dbca6968b96606a5bb9f89dac5678dfaf9522ff
212395a59414b2cc8264030ffe8a3339d293c4051288129d2158cb63dfc635ce
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
30fd9ec16112567ac68f1db9d60e71dd610be376f97dd1856ad61ba4265e8fd2
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
396bd1ab182a204c8c227c5d6aef6cbe3a3481500e816635b408da715695dfa1
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
43a083aa2a1f3165ed351869d2de2b9b520b635c3536d4d0680e84958803de62
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
497b66a80f838d9eb5f619d5af58ae6f8fa8f5790437680a5e87a41cad2f5c19
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
561d74cf85b498da8e0201ca9237497ed86ad92dc5640fcb8d31c544eaa33839
5bbf1e9b01c5061268fd246f64e426a6662defc17278c8fbe8464fa5cbf93dff
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
626dccaf9cc0ec9d9bd06be2ac826725e76aa8824295458899e1eb71a58807c6
6cb64bb64c7593dae7133a145869165d6f41c5a7dd794de552e93e245f620fb7
7e587bef56983cd4d51986f73a88802a65dc79a4f9795dcc9448408943f3c5f7
815e5395652e03d7051b767baade615d279fe3644bbf8f8bbdc54a8b9573be67
81e56d1e7da2629d351e861469401069405236f6ff9a5efb1eaa704ef6bba81f
916f9af23388a1582230b68428ed9c158bf10aa45b4858a734ba21127651f69a
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
982a1a5ee7fc39eab9af6da68f82c6d25dc0595c671deee91375def23ec25512
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
baf6d0189a23b23400a73214c23adaa8ec89da66a680153a1f50a3423e27fc6c
bf356fc18fe71cadf0f9a4e41410cb57f6edf319deda52ddb1a73047cf1620af
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c45df2ccb42a0c227eb92ceec3c47344787e875928c1432e16d675fab052df2b
c697d9c70d6ea4143336442cf58783c2e6f53a602774302ac145a2f98e06aebd
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d255488fd7493f999e12641c5afed8348b9f5bf3356106c2a33032368782d61d
dd0d6ad4701e0903afd0b44b54983ce2480d8c0af54e852a09d7d13d6c4ce509
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360
ebf0e8c538ae3047cf5056253a32daa65d23d8fb531ea05b0f0f28d58f828143
ec1d799ea15ca9389d9dcd1f5d5c9698d612204464a24020099137878484a168
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f13b32e612863a4776a59c4767e0d55c2339defea65adb7ce65c1e347749d1f7
f219467974e29e377804b72b73e3d275dfec9fa6385e88d90a404b99a96ff102
f576aaa1ac8352e9e0c17cb743536e1488b0518fecc8bba8f8b87b560a0d5cca
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fb5bb847d63c20fa89fbd4ec8a08c5c4d5b37247fa9f926f45df00ab03406392

basketball.heenglish.com Open in urlscan Pro 2606:4700:3034::ac43:a65b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

71 Requests

82 %HTTPS

90 %IPv6

7 Domains

10 Subdomains

11 IPs

1 Countries

856 kBTransfer

2393 kBSize

1 Cookies

1 Outgoing links

Redirected requests

71 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

basketball.heenglish.com Open in urlscan Pro
2606:4700:3034::ac43:a65b Public Scan

Screenshot
Live screenshot

Full Image

71
Requests

82 %
HTTPS

90 %
IPv6

7
Domains

10
Subdomains

11
IPs

1
Countries

856 kB
Transfer

2393 kB
Size

1
Cookies

71 HTTP transactions
1 data transactions