hes-goals.tv Open in urlscan Pro
104.21.235.61 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://hes-goals.tv/
Submission Tags: falconsandbox
Submission: On July 05 via api (July 5th 2023, 4:48:36 pm UTC) from US — Scanned from DE

Summary HTTP 275 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 47 IPs in 9 countries across 40 domains to perform 275 HTTP transactions. The main IP is 104.21.235.61, located in and belongs to CLOUDFLARENET, US. The main domain is hes-goals.tv.
TLS certificate: Issued by GTS CA 1P5 on July 5th 2023. Valid for: 3 months.

This is the only time hes-goals.tv was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	104.21.235.61 104.21.235.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2606:4700::68... 2606:4700::6810:8616	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	108.138.36.75 108.138.36.75	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
11	2606:4700:10:... 2606:4700:10::ac43:2642	13335 (CLOUDFLAR...) (CLOUDFLARENET)
40	104.21.4.192 104.21.4.192	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
37	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
5	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	104.18.35.34 104.18.35.34	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.155.129.34 18.155.129.34	16509 (AMAZON-02) (AMAZON-02)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:225... 2600:9000:2250:d000:a:e047:753:be1	() ()
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
2	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
1	54.171.151.8 54.171.151.8	16509 (AMAZON-02) (AMAZON-02)
1	141.95.33.111 141.95.33.111	16276 (OVH) (OVH)
1 2	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
9	108.138.36.43 108.138.36.43	16509 (AMAZON-02) (AMAZON-02)
1 27	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:811::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
2 7	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
3 6	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
5 20	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
1 2	2620:116:800d... 2620:116:800d:21:e365:4988:e8a7:3270	16509 (AMAZON-02) (AMAZON-02)
1 3	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
2 4	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3 3	37.157.4.28 37.157.4.28	198622 (ADFORM) (ADFORM)
1	98.98.134.243 98.98.134.243	21859 (ZEN-ECN) (ZEN-ECN)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	134.122.57.34 134.122.57.34	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2 2	213.155.156.168 213.155.156.168	1299 (TWELVE99 ...) (TWELVE99 Arelion)
2 2	54.194.100.120 54.194.100.120	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:401... 2a00:1450:4013:c1a::78	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3 3	18.197.42.180 18.197.42.180	16509 (AMAZON-02) (AMAZON-02)
2 2	3.121.111.240 3.121.111.240	16509 (AMAZON-02) (AMAZON-02)
1 1	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
275	47

6 104.21.235.61 (None, )

ASN13335 (CLOUDFLARENET, US)

hes-goals.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6810:8616 (United States)

ASN13335 (CLOUDFLARENET, US)

live.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 108.138.36.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-75.muc50.r.cloudfront.net

mediation.magnetssp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:10::ac43:2642 (United States)

ASN13335 (CLOUDFLARENET, US)

embed.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 104.21.4.192 (None, )

ASN13335 (CLOUDFLARENET, US)

api.scorarab.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
web-api.scorarab.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.35.34 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.155.129.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-129-34.cdg52.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:d000:a:e047:753:be1 (United States)

ASN- ()

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

446ca768f6101eb974d20754f4b8163a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.151.8 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-151-8.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::d (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 108.138.36.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-43.muc50.r.cloudfront.net

www.boomplaygames.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2001:678:cb4:bbbb::11 (United Kingdom) 3 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 172.217.18.98 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:e365:4988:e8a7:3270 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.204.158.49 (Groningen, Netherlands) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.1.9 (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.4.28 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 134.122.57.34 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.168 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.194.100.120 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-100-120.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4013:c1a::78 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.197.42.180 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-42-180.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.121.111.240 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-111-240.eu-central-1.compute.amazonaws.com

a.sportradarserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.253 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ius.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
67	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 135 446ca768f6101eb974d20754f4b8163a.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 160	662 KB
40	doubleclick.net 5 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 216 googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 cm.g.doubleclick.net — Cisco Umbrella Rank: 254	342 KB
40	scorarab.com api.scorarab.com web-api.scorarab.com	494 KB
21	gstatic.com fonts.gstatic.com www.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn0.gstatic.com csi.gstatic.com	314 KB
12	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 113 www.google.com — Cisco Umbrella Rank: 10	2 KB
11	tawk.to embed.tawk.to — Cisco Umbrella Rank: 8718 va.tawk.to — Cisco Umbrella Rank: 8412	141 KB
11	demand.supply live.demand.supply — Cisco Umbrella Rank: 45237	33 KB
10	magnetssp.com mediation.magnetssp.com — Cisco Umbrella Rank: 428281	17 KB
9	boomplaygames.com www.boomplaygames.com	467 KB
8	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 88 imasdk.googleapis.com — Cisco Umbrella Rank: 500	136 KB
8	criteo.com 3 redirects gum.criteo.com — Cisco Umbrella Rank: 405 mug.criteo.com — Cisco Umbrella Rank: 2102 dis.criteo.com — Cisco Umbrella Rank: 608 ads.eu.criteo.com — Cisco Umbrella Rank: 7742	16 KB
6	turn.com 3 redirects ad.turn.com — Cisco Umbrella Rank: 1067 r.turn.com — Cisco Umbrella Rank: 3947	3 KB
6	hes-goals.tv hes-goals.tv	659 KB
5	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 325	120 KB
5	criteo.net static.criteo.net — Cisco Umbrella Rank: 568	2 MB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 205	224 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	144 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 359	2 KB
3	adform.net 3 redirects c1.adform.net — Cisco Umbrella Rank: 633	2 KB
3	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 383	793 B
3	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 893 s.tribalfusion.com — Cisco Umbrella Rank: 1946	2 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 63 region1.google-analytics.com — Cisco Umbrella Rank: 1623	21 KB
2	sportradarserving.com 2 redirects a.sportradarserving.com — Cisco Umbrella Rank: 2972	1 KB
2	360yield.com 2 redirects match.360yield.com — Cisco Umbrella Rank: 2409	815 B
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 5037	651 B
2	simpli.fi 2 redirects um.simpli.fi — Cisco Umbrella Rank: 981	1 KB
2	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 862	829 B
2	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 1531	314 B
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 808 id5-sync.com — Cisco Umbrella Rank: 423	25 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1002 bcp.crwdcntrl.net — Cisco Umbrella Rank: 959	12 KB
1	ctnsnet.com 1 redirects ius.ctnsnet.com — Cisco Umbrella Rank: 8246	623 B
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 857	339 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2864	552 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 2276	173 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 756	187 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1129	418 B
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 1516	2 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 1401	2 KB
1	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1953	4 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 368	878 B
275	40

	Domain	Requested by
37	pagead2.googlesyndication.com	mediation.magnetssp.com pagead2.googlesyndication.com www.boomplaygames.com googleads.g.doubleclick.net hes-goals.tv www.googletagservices.com securepubads.g.doubleclick.net tpc.googlesyndication.com
27	tpc.googlesyndication.com	1 redirects 446ca768f6101eb974d20754f4b8163a.safeframe.googlesyndication.com googleads.g.doubleclick.net hes-goals.tv pagead2.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
20	cm.g.doubleclick.net	5 redirects hes-goals.tv googleads.g.doubleclick.net 446ca768f6101eb974d20754f4b8163a.safeframe.googlesyndication.com www.boomplaygames.com
20	web-api.scorarab.com	hes-goals.tv
20	api.scorarab.com	hes-goals.tv
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net hes-goals.tv 446ca768f6101eb974d20754f4b8163a.safeframe.googlesyndication.com
11	live.demand.supply	hes-goals.tv live.demand.supply
10	mediation.magnetssp.com	hes-goals.tv mediation.magnetssp.com
9	www.boomplaygames.com	mediation.magnetssp.com www.boomplaygames.com
8	securepubads.g.doubleclick.net	live.demand.supply securepubads.g.doubleclick.net 446ca768f6101eb974d20754f4b8163a.safeframe.googlesyndication.com www.googletagservices.com
8	embed.tawk.to	hes-goals.tv embed.tawk.to
7	www.gstatic.com	googleads.g.doubleclick.net hes-goals.tv 446ca768f6101eb974d20754f4b8163a.safeframe.googlesyndication.com
7	www.google.com	2 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
6	fonts.gstatic.com	fonts.googleapis.com googleads.g.doubleclick.net
6	fonts.googleapis.com	s0.2mdn.net 446ca768f6101eb974d20754f4b8163a.safeframe.googlesyndication.com hes-goals.tv googleads.g.doubleclick.net
6	hes-goals.tv	hes-goals.tv
5	s0.2mdn.net	hes-goals.tv s0.2mdn.net
5	static.criteo.net	securepubads.g.doubleclick.net www.boomplaygames.com
5	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
4	csi.gstatic.com	imasdk.googleapis.com
4	dis.criteo.com	2 redirects hes-goals.tv www.boomplaygames.com
4	www.googletagservices.com	446ca768f6101eb974d20754f4b8163a.safeframe.googlesyndication.com googleads.g.doubleclick.net hes-goals.tv
4	www.googletagmanager.com	hes-goals.tv www.googletagmanager.com
3	va.tawk.to	embed.tawk.to
3	x.bidswitch.net	3 redirects
3	c1.adform.net	3 redirects
3	match.adsrvr.org	googleads.g.doubleclick.net 446ca768f6101eb974d20754f4b8163a.safeframe.googlesyndication.com
3	r.turn.com	hes-goals.tv googleads.g.doubleclick.net
3	ad.turn.com	3 redirects
3	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
3	446ca768f6101eb974d20754f4b8163a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	a.sportradarserving.com	2 redirects
2	imasdk.googleapis.com	googleads.g.doubleclick.net
2	match.360yield.com	2 redirects
2	d5p.de17a.com	2 redirects
2	um.simpli.fi	2 redirects
2	a.tribalfusion.com	1 redirects googleads.g.doubleclick.net
2	cms.quantserve.com	1 redirects googleads.g.doubleclick.net
2	gum.criteo.com	1 redirects static.criteo.net
2	esp.rtbhouse.com	invstatic101.creativecdn.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	ius.ctnsnet.com	1 redirects
1	onetag-sys.com	1 redirects
1	ads.eu.criteo.com	imasdk.googleapis.com
1	match.adsby.bidtheatre.com	1 redirects
1	tr.blismedia.com	446ca768f6101eb974d20754f4b8163a.safeframe.googlesyndication.com
1	pixel-sync.sitescout.com	446ca768f6101eb974d20754f4b8163a.safeframe.googlesyndication.com
1	s.tribalfusion.com	hes-goals.tv
1	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
1	mug.criteo.com	hes-goals.tv
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	id5-sync.com	cdn.id5-sync.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	cdn-ima.33across.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	region1.google-analytics.com	www.googletagmanager.com
275	60

This site contains links to these domains. Also see Links.

Domain
yalla-shoots.tv
yacine-tv.live
shoot-yalla.to
hes-goal.net

Subject Issuer	Validity	Valid
hes-goals.tv GTS CA 1P5	`2023-07-05` - `2023-10-03`	3 months	crt.sh
demand.supply Cloudflare Inc ECC CA-3	`2023-02-19` - `2024-02-19`	a year	crt.sh
*.magnetssp.com Amazon RSA 2048 M02	`2023-02-09` - `2024-03-09`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-28` - `2024-04-27`	a year	crt.sh
scorarab.com GTS CA 1P5	`2023-05-28` - `2023-08-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-06` - `2023-09-30`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-06-27` - `2023-09-25`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2023-05-18` - `2023-08-16`	3 months	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2023-05-17` - `2023-08-15`	3 months	crt.sh
*.id5-sync.com R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.boomplaygames.com Amazon RSA 2048 M02	`2023-05-08` - `2024-06-06`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-09` - `2024-02-02`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-06-09` - `2023-09-07`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-13` - `2023-08-10`	3 months	crt.sh

This page contains 30 frames:

Primary Page: https://hes-goals.tv/
Frame ID: 172345C6CFD12462995531E28675DFFD
Requests: 105 HTTP requests in this frame

Frame: https://mediation.magnetssp.com/bpads/page?id=1a00190d4d0d800&slot=1c00790d4e4a400&adsid=C0DO0r5ZBeStGx-kxwBT&sdkVersion=v1.0.0&page_url=hes-goals.tv%2F&w=933.328125&h=0
Frame ID: ADCD6D49733B2EF9B5F33E9B2346D5EC
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20190131/zrt_lookup.html
Frame ID: E36FE7EC40CF7505CD3DEE5D8EEC26DB
Requests: 1 HTTP requests in this frame

Frame: https://446ca768f6101eb974d20754f4b8163a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5BCF08B4D61ADBE149CC393681508EA9
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=hes-goals.tv
Frame ID: A4B81BA4B5D72B35537CB371D582F758
Requests: 2 HTTP requests in this frame

Frame: https://www.boomplaygames.com/afgegg?at=1
Frame ID: A98B36A279040C9C9AF43ABA78A4DE6E
Requests: 30 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&adk=1812271804&adf=3025194257&lmt=1688575699&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fhes-goals.tv%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688575708244&bpp=4&bdt=544&idt=294&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2868777199370&frm=20&pv=2&ga_vid=37944306.1688575708&ga_sid=1688575708&ga_hid=367701350&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C31075644%2C31075757%2C31075811%2C44788441&oid=2&pvsid=2371316093786648&tmod=319273603&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=315
Frame ID: FC6A9A04C2C9D790E080FE1432518057
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=280&slotname=4370586668&adk=2813343204&adf=1668082725&pi=t.ma~as.4370586668&w=933&fwrn=4&fwrnh=100&lmt=1688575699&rafmt=1&format=933x280&url=https%3A%2F%2Fhes-goals.tv%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688575708496&bpp=3&bdt=797&idt=66&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2868777199370&frm=20&pv=1&ga_vid=37944306.1688575708&ga_sid=1688575708&ga_hid=367701350&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=501&ady=1578&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C31075644%2C31075757%2C31075811%2C44788441&oid=2&pvsid=2371316093786648&tmod=319273603&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=MSBsji8SsW&p=https%3A//hes-goals.tv&dtd=72
Frame ID: 23E5BDAE832A4F8BE03D6417B1DBF831
Requests: 16 HTTP requests in this frame

Frame: https://446ca768f6101eb974d20754f4b8163a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9607E174B3F81FF1E83176882138BD1A
Requests: 8 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/326909/29905229/1685811822968/index.html
Frame ID: 353AF9B683C3171D940D1A8E929DEDA5
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&adk=1812271804&adf=3279755401&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fhes-goals.tv%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688575709020&bpp=5&bdt=162&idt=193&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&nras=1&correlator=32668278212&frm=24&ife=1&pv=2&ga_vid=1263071458.1688575709&ga_sid=1688575709&ga_hid=785754829&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759837%2C44759927%2C42532266%2C44788441%2C44796476%2C21065724&oid=2&pvsid=1977473505638320&tmod=780174454&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.awfsur8mqf2l&fsb=1&dtd=213
Frame ID: 0479F8F930D57165C37A685626E19244
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C67394B3B1689A876CFCD351F97B4C3C
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js
Frame ID: 70C5834E4686621C7146F29B9C0738D8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238076&w=1600&vpmute=0&format=1600x1200&url=https%3A%2F%2Fhes-goals.tv%2F&ea=0&pra=3&wgl=1&fa=10&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688575709617&bpp=1&bdt=758&idt=0&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=32668278212&frm=24&ife=1&pv=1&ga_vid=1263071458.1688575709&ga_sid=1688575709&ga_hid=785754829&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759837%2C44759927%2C42532266%2C44788441%2C44796476%2C21065724&oid=2&pvsid=1977473505638320&tmod=780174454&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=2&uci=2.whe44yr4zwzt&fsb=1&dtd=4
Frame ID: AA8ABB9A02EECB1719BF23453FEC4ED6
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=1300378849&w=1600&vpmute=0&format=1600x1200&url=https%3A%2F%2Fhes-goals.tv%2F&ea=0&pra=3&wgl=1&fa=11&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688575709624&bpp=1&bdt=766&idt=0&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&prev_fmts=0x0%2C1600x1200&nras=3&correlator=32668278212&frm=24&ife=1&pv=1&ga_vid=1263071458.1688575709&ga_sid=1688575709&ga_hid=785754829&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759837%2C44759927%2C42532266%2C44788441%2C44796476%2C21065724&oid=2&pvsid=1977473505638320&tmod=780174454&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=3&uci=3.gevd64ghekcm&fsb=1&dtd=6
Frame ID: 957A137299C0BC4EC36D6D7041628AEB
Requests: 4 HTTP requests in this frame

Frame: https://446ca768f6101eb974d20754f4b8163a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 674E41A71C2DC9F7517EA715204A6401
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 549D826FB8B1F503A9909B5290B85DA5
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1F56DB904D5E73CA77C6AA5A1C440265
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 981101F4F237DCBD77C9D305231BD08A
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js
Frame ID: 082F5D835D634A32C07F55C6845020EB
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Frame ID: 5ABA253922D5EF6A60375F07B4B18DE9
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0E3CC06EAF3AB5DF5C816A4F66D73179
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/load_preloaded_resource_fy2021.js
Frame ID: B58F3A484D61ABFED2A1ED30FD77630E
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 742B2909A476A7E8178434D7424B39FE
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EF4AE4DADC4444167B2E3DC9D89900EF
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js
Frame ID: ED769F43DE2E56A7EBDAA81801AA0080
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D0A14351336C943608E24B03B5045965
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 29DBAE58004123C2DC4B87DE2DDED199
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1357F46794984F0B7BFDC714F79D797C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5AE71B694EBEAECF029A0F44C9D22713
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hesgoal TV - Free Live Sports Stream

Detected technologies

Tawk.to (Live Chat) Expand

Overall confidence: 100%
Detected patterns

//embed\.tawk\.to

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

275
Requests

93 %
HTTPS

55 %
IPv6

40
Domains

60
Subdomains

47
IPs

9
Countries

6195 kB
Transfer

10068 kB
Size

37
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://yalla-shoots.tv/
Title: Yalla Shoot

Search URL Search Domain Scan URL

URL: https://yacine-tv.live/
Title: ياسين تيفي Yacine TV

Search URL Search Domain Scan URL

URL: https://shoot-yalla.to/
Title: Yalla Shoot Live

Search URL Search Domain Scan URL

URL: https://hes-goal.net/
Title: Hesgoal

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 102

https://gum.criteo.com/sid/json?origin=publishertagids&domain=hes-goals.tv&sn=ChromeSyncframe&so=0&topUrl=hes-goals.tv&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=EQIEqnwxdzQrU1ZSV3hOU01FWkVWcEJ5bmRUWkF2S1prVEwvdC81cDgzMXFTV2E5cmpPNmdvYzJ6ZUx4cjNqVVZtamtBcU1hc1JFVnJXRnRtY0dubzhWeHM5TFJzWXEwVmVyS0o1UWZ2c3FTWmxvZ2N5OXVCYzYreEVqejZNWXZSRVJwYjBpRks4aWtFWjNVenFBKzlyZkdMTnloSmt2TVFuN1o0TDBOOVJGOFNETUlTWXlLdjM5RUI3eG5uRFRyVjNScDM1dDN4dGFOckpNNnFoNFNKMTNnaHgvN3ZSU21TR3A2dXFnVUZEVmxKQkVON1pDSUIwM0NzOGxVdzdJTDRBakUrNW9WNnJ5ei9kakNGeER2MzE1NWcrZz09fA&cppv=2

Request Chain 145

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDbhv_nVhCkBhjJATIIT-U8H3K8tRU HTTP 301
https://tpc.googlesyndication.com/simgad/4339031254341182387

Request Chain 148

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEKs4S5235c3XjmIwLOj_4aE&google_cver=1&google_push=AaAOQGGiFSAUeyCLaoDs58gaPs_rk-Pq22D_rpJn_xLdCfc_yQ8HkrNPwtsxDReESLCI5TBwSTAE17ccqIKBnQb-41dtkWXthIGWrfY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODI1NTg1Mjk5MDQzMzIxNDA5Mg==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKs4S5235c3XjmIwLOj_4aE&google_cver=1

Request Chain 150

https://a.tribalfusion.com/i.match?p=b6&u=CAESEJWleZH12akrmlmVPZ5moz4&google_cver=1&google_push=AaAOQGHx9vrmyfvzGcuFI-EHJPOGR3P58No957j7E10AerxmrQ7t1fNVby_JoPjOJ-H1yOwQzLHSYAFXxJVWDtSAFEean6hnuIdnwzs&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGHx9vrmyfvzGcuFI-EHJPOGR3P58No957j7E10AerxmrQ7t1fNVby_JoPjOJ-H1yOwQzLHSYAFXxJVWDtSAFEean6hnuIdnwzs%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJWleZH12akrmlmVPZ5moz4&google_cver=1&google_push=AaAOQGHx9vrmyfvzGcuFI-EHJPOGR3P58No957j7E10AerxmrQ7t1fNVby_JoPjOJ-H1yOwQzLHSYAFXxJVWDtSAFEean6hnuIdnwzs&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGHx9vrmyfvzGcuFI-EHJPOGR3P58No957j7E10AerxmrQ7t1fNVby_JoPjOJ-H1yOwQzLHSYAFXxJVWDtSAFEean6hnuIdnwzs%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 151

https://um.simpli.fi/gp_match?google_gid=CAESEA9sYG92Ssskyy4UwnjDlXQ&google_cver=1&google_push=AaAOQGHSHclYhultpCKYDVAJHJZtDTfepqR82DkS8qMOOLaO0eG8PA4GxE_ss9H13uddhFFILlRZwLQqW3e62yTUDt5x05Tfnch8sA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=121054A96B134A3D81927EF1AB81355B&google_push=AaAOQGHSHclYhultpCKYDVAJHJZtDTfepqR82DkS8qMOOLaO0eG8PA4GxE_ss9H13uddhFFILlRZwLQqW3e62yTUDt5x05Tfnch8sA

Request Chain 153

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEAroP4P-pMCKdPMaddwOYic&google_cver=1&google_push=AaAOQGFWQZRXXGmnXCKZC1aOEXADOdNJW9g2pk5rKt-6NTW9fdbVe73Ys12qC_tMCQq-bMknp9TQ8sTT3MOu1QQSemcX0FLo8CSOYAI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-0Lhy9BM8BFry1UOsoStwX8o0AAvuiwP7SVA-gw&google_push=PUSH_DATA HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5

Request Chain 154

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMbE63pjkrZO0bPxan1nv94&google_cver=1&google_push=AaAOQGFdYmwf3UEtwWqiQEYQp5oH1EUYAk-Ht__koPtVmblpvuVBLobKaDHLfM9lXsncoNXkGZiNGkN4v73R9b2vpykhmWxWgJD2Bt0 HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMbE63pjkrZO0bPxan1nv94&google_cver=1&google_push=AaAOQGFdYmwf3UEtwWqiQEYQp5oH1EUYAk-Ht__koPtVmblpvuVBLobKaDHLfM9lXsncoNXkGZiNGkN4v73R9b2vpykhmWxWgJD2Bt0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODQ2MzUzMjQ3MTE1MjM1NDY2Ng&google_push=AaAOQGFdYmwf3UEtwWqiQEYQp5oH1EUYAk-Ht__koPtVmblpvuVBLobKaDHLfM9lXsncoNXkGZiNGkN4v73R9b2vpykhmWxWgJD2Bt0

Request Chain 183

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 185

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEMsZW-5oq8Q13Y7XpKms7B8&google_cver=1&google_push=AaAOQGE4TES6zYKfVBpyIz5-WEA8mhKH7bSmkDyDCvxKQTNPO7NCTHjbLu6gsSMpnP1SRKuyIaWK9CQc9DTLDVVugFv4zr6jTZyhcw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODI1NTg1Mjk5MDQzMzIxNDA5Mg==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKs4S5235c3XjmIwLOj_4aE&google_cver=1

Request Chain 189

https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEPgy-U7tniYPIyWUOQdZbKY&google_cver=1&google_push=AaAOQGEUPKwcAXwqehGi32xJc7ihqcH4feyubaHmmCfuGk8hd0tw0T74IMM8aiO0mR0VSJA881V13JNTdq1pyBMliqyCx7ZRwhRLTw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AaAOQGEUPKwcAXwqehGi32xJc7ihqcH4feyubaHmmCfuGk8hd0tw0T74IMM8aiO0mR0VSJA881V13JNTdq1pyBMliqyCx7ZRwhRLTw

Request Chain 190

https://d5p.de17a.com/cookies/google?google_gid=CAESEHmGiPN-cI2pKOHFBk1omP4&google_cver=1&google_push=AaAOQGEGn6weDx-Z_QQk-2_F8rEgcfloX-O0G6XyYGi47nOAESGsnJec27dBvX9JcOZT0RWDex_u7wXnGUzfazCzv23Ls3HH2O-iHQ HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEHmGiPN-cI2pKOHFBk1omP4&google_cver=1&google_push=AaAOQGEGn6weDx-Z_QQk-2_F8rEgcfloX-O0G6XyYGi47nOAESGsnJec27dBvX9JcOZT0RWDex_u7wXnGUzfazCzv23Ls3HH2O-iHQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGEGn6weDx-Z_QQk-2_F8rEgcfloX-O0G6XyYGi47nOAESGsnJec27dBvX9JcOZT0RWDex_u7wXnGUzfazCzv23Ls3HH2O-iHQ

Request Chain 191

https://match.360yield.com/match/ebda?google_gid=CAESED26xp0xuBoBZFmS4fy2wWo&google_cver=1&google_push=AaAOQGGGr9ZTYd5CAVeZfEv5aXvsyQ0FjmICvACgzVZizwYo21rpSnNf9MTG9I0BPjI-xG71peBxbkcV8lTuAVahF8IhYiO9wNJHzg HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESED26xp0xuBoBZFmS4fy2wWo&google_cver=1&google_push=AaAOQGGGr9ZTYd5CAVeZfEv5aXvsyQ0FjmICvACgzVZizwYo21rpSnNf9MTG9I0BPjI-xG71peBxbkcV8lTuAVahF8IhYiO9wNJHzg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Jvrm7sM3RxKb1b6gh4pNJg&google_push=AaAOQGGGr9ZTYd5CAVeZfEv5aXvsyQ0FjmICvACgzVZizwYo21rpSnNf9MTG9I0BPjI-xG71peBxbkcV8lTuAVahF8IhYiO9wNJHzg

Request Chain 209

https://um.simpli.fi/gp_match?google_gid=CAESEA9sYG92Ssskyy4UwnjDlXQ&google_cver=1&google_push=AaAOQGGBgGeI67oOlpVmR00o5kkIHxII63NYUkB3m2L3dbaZ0mOcJk__e8Lucvc8EnDk6Je-b0tnTFuVCr4FyNJ3mL1uPRj3RWtCFJ_wInUPHLXqxOaLNBpJ9-8RIzfoJaxv_e5pwGHJvPJ5LMsa0pwKvBaVVy4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=121054A96B134A3D81927EF1AB81355B&google_push=AaAOQGGBgGeI67oOlpVmR00o5kkIHxII63NYUkB3m2L3dbaZ0mOcJk__e8Lucvc8EnDk6Je-b0tnTFuVCr4FyNJ3mL1uPRj3RWtCFJ_wInUPHLXqxOaLNBpJ9-8RIzfoJaxv_e5pwGHJvPJ5LMsa0pwKvBaVVy4

Request Chain 210

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHsx6QbPEzTpbD-4JUKnIXE&google_cver=1&google_push=AaAOQGGM-sx4dHTHdmedNkPhWUrhSfvuzQ8d2Afg34iKIYw6r08OS5W-Ykip9ZrgbCMI6EgnVIo_JUMxclmkNDlkVwFGmN_WNiLcuOv76OyVqHNsue9uGBL7_OV4nG0gFKY3bbwG1VIlZTQmKoa6qIcnKwo_Utk HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEHsx6QbPEzTpbD-4JUKnIXE&google_cver=1&google_push=AaAOQGGM-sx4dHTHdmedNkPhWUrhSfvuzQ8d2Afg34iKIYw6r08OS5W-Ykip9ZrgbCMI6EgnVIo_JUMxclmkNDlkVwFGmN_WNiLcuOv76OyVqHNsue9uGBL7_OV4nG0gFKY3bbwG1VIlZTQmKoa6qIcnKwo_Utk HTTP 302
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=42b6ddd7-f111-4590-a488-df8693f819cb&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGGM-sx4dHTHdmedNkPhWUrhSfvuzQ8d2Afg34iKIYw6r08OS5W-Ykip9ZrgbCMI6EgnVIo_JUMxclmkNDlkVwFGmN_WNiLcuOv76OyVqHNsue9uGBL7_OV4nG0gFKY3bbwG1VIlZTQmKoa6qIcnKwo_Utk&google_hm=KRPZSQEKSoKGTkXF7voQxA==

Request Chain 211

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEAroP4P-pMCKdPMaddwOYic&google_cver=1&google_push=AaAOQGHrvurzO8ylmil_WRgCTK5-XeLOQeHiIg8lBrZqMqUa78Ridv4s1HAIQZSP0FYx3tLL56N8YS2ipy7WCnUJCbAywMG0yhxMQRWYgmmtG5X0O2JWARQfFFxAF5rQkZXE9005ODLDMTSFs7D2KTcwAMWeO9A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-0Lhy9BM8BFry1UOsoStwX8o0AAvuiwP7SVA-gw&google_push=PUSH_DATA HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5

Request Chain 231

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 232

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEKs4S5235c3XjmIwLOj_4aE&google_cver=1&google_push=AaAOQGERsY7fZ6F4OxdCUs53yN0YhX4Bt3xB7Vze3SSDz9GQDq36eZuxhE6uEr3OhwYXn0u84HQNIw4LfHH0WDFpfNS_0naC1iGptVU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODI1NTg1Mjk5MDQzMzIxNDA5Mg==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKs4S5235c3XjmIwLOj_4aE&google_cver=1

Request Chain 233

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJUvAYEYJCdErxNojCtKZVU&google_cver=1&google_push=AaAOQGEkSEOA1ERy9wC8fDOwjd-ggpYVzY548wFWI-cxGR8t6PFYkmsH_gaLnCYJHZRrt2Q2wt-lpXUjysa4MiTGQ_3FvS2rhR2ZFqg HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AaAOQGEkSEOA1ERy9wC8fDOwjd-ggpYVzY548wFWI-cxGR8t6PFYkmsH_gaLnCYJHZRrt2Q2wt-lpXUjysa4MiTGQ_3FvS2rhR2ZFqg&google_hm=evBQJeR2Gq4jqGABMOUxgw

Request Chain 236

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMbE63pjkrZO0bPxan1nv94&google_cver=1&google_push=AaAOQGFkv4DtK0arnJZc5qpVNyK6ZajhOrLbypzoiS7q8Q1fks3CHDQiO6DnamnNMwYDdlSKp5okZgbPnE0-3lYtVJew3cHSZYBv2ZU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODQ2MzUzMjQ3MTE1MjM1NDY2Ng&google_push=AaAOQGFkv4DtK0arnJZc5qpVNyK6ZajhOrLbypzoiS7q8Q1fks3CHDQiO6DnamnNMwYDdlSKp5okZgbPnE0-3lYtVJew3cHSZYBv2ZU

Request Chain 237

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEPFRIMj-E8UnM9E9KFhbwF0&google_cver=1&google_push=AaAOQGH5oX1An25OCuTxvnAIAlK4rPgu6EcXaz_is2wJoUZsNp4KnykuVQDUFllC2P6xHYNt6cMv-PTDg8HbonwUn_p0-1xzOlZi9NU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGH5oX1An25OCuTxvnAIAlK4rPgu6EcXaz_is2wJoUZsNp4KnykuVQDUFllC2P6xHYNt6cMv-PTDg8HbonwUn_p0-1xzOlZi9NU

Request Chain 238

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEILu8MvIPeinTQsuy_LIyNc&google_cver=1&google_push=AaAOQGEbq0tjd1TiGsFWtoqg7BjPoNidQADtnLbo_7NhdPcJMvlK2qO3-WUQRby-EUd17u88X9qU8fvFnwb4sj98OF2YJ7a0Ak4W09at HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AaAOQGEbq0tjd1TiGsFWtoqg7BjPoNidQADtnLbo_7NhdPcJMvlK2qO3-WUQRby-EUd17u88X9qU8fvFnwb4sj98OF2YJ7a0Ak4W09at&google_hm=Wks9XHsbQF-B_2iVI88EgRs

275 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
hes-goals.tv/ 79 KB
13 KB 109ms
36ms Document
text/html 104.21.235.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hes-goals.tv/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.235.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33852fd93af285f5f764ba5a64a5dc274f176c9975ba6bfa26a18615fff7839b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 7e21187ce8a66987-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 05 Jul 2023 16:48:27 GMT
expires: Wed, 05 Jul 2023 16:49:24 GMT
last-modified: Wed, 05 Jul 2023 16:48:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: public
referrer-policy: strict-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g0oFeGbw8piV0xOhphlKRdh2S%2B03rHeIV7SyfMXKLxcWL6OCjwXVBSdxuSzUo%2FaCFMsBOt1caiZjHKRx9BIpyhKHnliUgHhnu3fBPg9NG0oM0FlrnYh8vYsunxWWO%2B8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 app.css
hes-goals.tv/assets/css/ 72 KB
14 KB 30ms
29ms Stylesheet
text/css 104.21.235.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hes-goals.tv/assets/css/app.css?t=1688575699

Requested by

Host: hes-goals.tv
URL: https://hes-goals.tv/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.235.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

251e698350d71b2099fca45f78c5400fa102df568973b193d25e7f79aea7e922

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Thu, 27 Oct 2022 09:08:24 GMT
server: cloudflare
etag: W/"635a4a88-120a5"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U3m3qJarRNz9ux23Q1jifyq20ENtJrshIDEGOrimFL%2FUQajVgH1SEUXHoeZFJQrxUfrhnqRcHgkHWsdHItqqmrRXjclOu3GfrukKmKQhExSildEho3gsTkTKZB4K8iY%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 7e21187d38fa6987-FRA
expires: Fri, 04 Aug 2023 16:48:24 GMT

GET
H2 200 home.css
hes-goals.tv/assets/css/ 3 KB
1 KB 29ms
28ms Stylesheet
text/css 104.21.235.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hes-goals.tv/assets/css/home.css?t=1688575699

Requested by

Host: hes-goals.tv
URL: https://hes-goals.tv/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.235.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eeff21a699dabd0291e0f9677c7cdd5e198f2c70abcea9afe1329c4f9e528e8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Mon, 28 Mar 2022 20:50:35 GMT
server: cloudflare
etag: W/"62421f9b-b86"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LAPNWfe7%2FD8L6HSEPtkXmtVAl4h%2FYvPLIJY5TkDus7boD7crVhBVz9aUNoGiOuGz%2FxCFnTqEHqV3pL4XiZUDCoQTW0HNr4Zwky8qA2b%2FErSlUADN9yGr2qNrg6Tk4dQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 7e21187d38fb6987-FRA
expires: Fri, 04 Aug 2023 16:48:24 GMT

GET
H2 200 matche.css
hes-goals.tv/assets/css/ 3 KB
1 KB 33ms
32ms Stylesheet
text/css 104.21.235.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hes-goals.tv/assets/css/matche.css?t=1688575699

Requested by

Host: hes-goals.tv
URL: https://hes-goals.tv/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.235.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d93b2ad3f1c0e8b5a43c517d409b28d015eb3ccd5f11beed827d6ecfbf16cf4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Mon, 06 Jun 2022 13:42:39 GMT
server: cloudflare
etag: W/"629e044f-cd3"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hnmwvJHhIYePGCPkUPt6exQ2f%2FpsokwEZaSw5PmQSQeZP4ggiikfghS%2BetC7NwHDtIDIhdMiz9Nlw%2FYbd9eKAkNL39iIz7UpPhruSh37W3qNQ9z0TegcUE4P9rKR41Y%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 7e21187d38fd6987-FRA
expires: Fri, 04 Aug 2023 16:48:24 GMT

GET
H2 200 up.js Show response
live.demand.supply/ 5 KB
3 KB 311ms
247ms Script
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/up.js
Requested by: Host: hes-goals.tv
URL: https://hes-goals.tv/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea1761bc55feeb90d28161e8cd9be009554508bff69eb35367bad32a600da940

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nf-request-id: 01H4EDNZTF1V20RR065X1PJ1Y3
date: Wed, 05 Jul 2023 16:48:27 GMT
content-encoding: br
cf-cache-status: HIT
age: 30
cf-polished: origSize=4392
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"d58bae894b44cde53c852c82c52550c9-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray: 7e21187d9cff1da6-FRA
link: <https://live.demand.supply/impl.v17.2.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v16-10-0/aGVzLWdvYWxzLnR2Lw==>; rel=preload; as=script
timing-allow-origin: *

GET
H2 200 magnetsspads.min.js Show response
mediation.magnetssp.com/bpads/js/ 11 KB
4 KB 317ms
242ms Script
application/javascript 108.138.36.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mediation.magnetssp.com/bpads/js/magnetsspads.min.js?id=1a00190d4d0d800
Requested by: Host: hes-goals.tv
URL: https://hes-goals.tv/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-75.muc50.r.cloudfront.net
Software: nginx /
Resource Hash: d50e12b32a9f597e7db520fcf93c0db0703ce8b2f22977ca7e8b8d7297f06bad

Request headers

Referer: https://hes-goals.tv/
Origin: https://hes-goals.tv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:28 GMT
content-encoding: gzip
via: 1.1 e5f838cca0e0de4bbf3520e7a4d3ae3e.cloudfront.net (CloudFront)
last-modified: Sun, 25 Jun 2023 02:15:52 GMT
server: nginx
x-amz-cf-pop: MUC50-P2
vary: Origin,Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-origin: https://hes-goals.tv
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: ,sentry-trace,x-requested-with,*
x-amz-cf-id: JaAFD9YGe5htt1HqgBSpnZRiOA85INbjxcy319581U21s9Qx4EgEag==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 175 KB
64 KB 91ms
32ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-262345773-1

Requested by

Host: hes-goals.tv
URL: https://hes-goals.tv/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6f491106c4564f17841d49d018efaf5e4671fe8b0200d2612aaf74d76a0320d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65215
x-xss-protection: 0
last-modified: Wed, 05 Jul 2023 16:04:08 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 05 Jul 2023 16:48:27 GMT

GET
H2 200 default Show response
embed.tawk.to/62b84c937b967b1179968f61/ 2 KB
925 B 99ms
30ms Script
application/x-javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/62b84c937b967b1179968f61/default

Requested by

Host: hes-goals.tv
URL: https://hes-goals.tv/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef812cd33b232e61ac15a916b88aa527de30d12e88ae3cef5f56b6ef6f23d28d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hes-goals.tv/
Origin: https://hes-goals.tv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:27 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
server: cloudflare
age: 663
etag: W/"stable-v4-64795e77f7f"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=3600
cf-ray: 7e21187dfb0b9004-FRA
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 401 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c5a8cec60b5774c8e0ea5d3feed60f15820528d3cf18a4634cd29c6b23baa2b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H3 200 din-regular.woff
hes-goals.tv/assets/webfonts/ 63 KB
64 KB 30ms
29ms Font
font/woff 104.21.235.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hes-goals.tv/assets/webfonts/din-regular.woff

Requested by

Host: hes-goals.tv
URL: https://hes-goals.tv/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.235.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0fd8366f85ca9b53a88fba4c1a9a2a043d273e1152b923af231ebcd708fbb26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hes-goals.tv/
Origin: https://hes-goals.tv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2442969
alt-svc: h3=":443"; ma=86400
content-length: 64452
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Sun, 06 Mar 2022 19:55:08 GMT
server: cloudflare
etag: "6225119c-fbc4"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: font/woff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OmqgwMUvB8Zpg7ioe2XdMBlYGrD2IyvOj2DwM8arOM3BMDx%2BkqsBLk%2BMb0X2P3DJe8ftIxknRQ92eKKd0KoJVS3fQba2X%2F6P87u%2BvPVoHoWXOQZup5Zeogr6nP5sRQc%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7e21187d999c18e3-FRA
expires: Fri, 07 Jul 2023 10:12:18 GMT

GET
H2 200 39.jpg
api.scorarab.com/uploads/leagues/ 5 KB
5 KB 105ms
29ms Image
image/jpeg 104.21.4.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.scorarab.com/uploads/leagues/39.jpg
Requested by: Host: hes-goals.tv
URL: https://hes-goals.tv/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.4.192 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72fe8c33fe10e9e43164ef94d9a35b9a3549ef6501e0eedea8693f86cc3756d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 251290
alt-svc: h3=":443"; ma=86400
content-length: 5036
last-modified: Wed, 08 Dec 2021 16:51:21 GMT
server: cloudflare
etag: "61b0e289-13ac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F4R7TPGp4EnU%2B89ZB9MydEA0UH%2BboWBURAvJq%2BbMmjI75YnikNYnp7MlHH0V%2BfhS2Aa%2BovAfXIZt4Q%2Bp9eBSzOwpPWSPkBwLD1pfGPnPiK4AI07vdP6PcVWb4ZVVK1gxMlO7"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7e21187e285d194d-FRA
expires: Tue, 01 Aug 2023 19:00:17 GMT

GET
H2 200 2.jpg
api.scorarab.com/uploads/leagues/ 4 KB
4 KB 127ms
51ms Image
image/jpeg 104.21.4.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.scorarab.com/uploads/leagues/2.jpg
Requested by: Host: hes-goals.tv
URL: https://hes-goals.tv/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.4.192 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd281e860ca39a5f29c0d3483ce6cf03ef62d263f901d8bb5f66eb21b4187b5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 251290
alt-svc: h3=":443"; ma=86400
content-length: 3887
last-modified: Wed, 08 Dec 2021 16:51:21 GMT
server: cloudflare
etag: "61b0e289-f2f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E8Mhp%2BXITHx7YkOTLJD83VMKGlMoZBW4qRMizGJrUf326SlaBGBN1p1hW5LpQ7mqAVZ89%2BnyFhnRBBRq2shO8vLdh7HEqXwL8%2BmmoRRMUoHU8063cXK6vIdcVJ7Y%2Bul6BOzE"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7e21187e2860194d-FRA
expires: Tue, 01 Aug 2023 19:00:17 GMT

GET
H2 200 3.jpg
api.scorarab.com/uploads/leagues/ 5 KB
5 KB 129ms
53ms Image
image/jpeg 104.21.4.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.scorarab.com/uploads/leagues/3.jpg
Requested by: Host: hes-goals.tv
URL: https://hes-goals.tv/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.4.192 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5cbfdba5871eaddafdcea0b9eaf328fb4c1fc338adf5526f7f991c3f087865c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 251290
alt-svc: h3=":443"; ma=86400
content-length: 4618
last-modified: Wed, 08 Dec 2021 16:51:21 GMT
server: cloudflare
etag: "61b0e289-120a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kpDfUgzgXmtMc6qT%2BI8iHrNrwakl8jGAhYef1gSDYzFfToIog91EH8MQcluspTIKBMcY6uFIOGrUSaktqOnCqqdGRJhTfOHeAcYXI6XXaBaxR3TeqEcnySnpW5lzsYAMJwc%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7e21187e4884194d-FRA
expires: Tue, 01 Aug 2023 19:00:17 GMT

GET
H2 200 140.jpg
api.scorarab.com/uploads/leagues/ 7 KB
7 KB 128ms
52ms Image
image/jpeg 104.21.4.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.scorarab.com/uploads/leagues/140.jpg
Requested by: Host: hes-goals.tv
URL: https://hes-goals.tv/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.4.192 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf923ba7808582538fe2d8b53ff2dba1a85df20156e67bb9284ff36f788f7023

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 251290
alt-svc: h3=":443"; ma=86400
content-length: 6734
last-modified: Wed, 08 Dec 2021 16:51:21 GMT
server: cloudflare
etag: "61b0e289-1a4e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pbWfSQV7ZLdn38BNKoIdftgYZlkPV2OrH4l0zIXP%2BE%2FMmYHheIczpUYZiwmFnKVYAsNFZ2m9LEzQAlxcybXIkSxmmwEgvSLGj9BYOxqt5RyWzCs9VWAiYHdPqXx3Vkb%2FYZnG"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7e21187e4882194d-FRA
expires: Tue, 01 Aug 2023 19:00:17 GMT

GET
H2 200 135.jpg
api.scorarab.com/uploads/leagues/ 8 KB
9 KB 128ms
52ms Image
image/jpeg 104.21.4.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.scorarab.com/uploads/leagues/135.jpg
Requested by: Host: hes-goals.tv
URL: https://hes-goals.tv/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.4.192 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff24e055ee2587d6a90d6256a9aa1fb460ed6b4842a44bac39d81656959d7d61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 251290
alt-svc: h3=":443"; ma=86400
content-length: 8554
last-modified: Wed, 08 Dec 2021 16:51:21 GMT
server: cloudflare
etag: "61b0e289-216a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PrfTktMvwMAQ7IePqNOj%2FdHzwVKle76MLM1LJxbT0%2BGBAbLFGAPvz%2BFB25ajL%2BOP3IQKllQnJIUP6IEN%2F4%2FnmB1oTuIYXOEhqai63SORmDVnm98eesE0PDKHeWMY7ZkIefY8"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7e21187e4880194d-FRA
expires: Tue, 01 Aug 2023 19:00:17 GMT

GET
H2 200 78.jpg
api.scorarab.com/uploads/leagues/ 4 KB
4 KB 128ms
52ms Image
image/jpeg 104.21.4.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.scorarab.com/uploads/leagues/78.jpg
Requested by: Host: hes-goals.tv
URL: https://hes-goals.tv/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.4.192 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5304014e622ac98de071a2c770367be73b02febed61706a5570ec18011a896c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 251290
alt-svc: h3=":443"; ma=86400
content-length: 4251
last-modified: Wed, 08 Dec 2021 16:51:21 GMT
server: cloudflare
etag: "61b0e289-109b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BE0%2BeEx1uG0FSrgJmJfWymr%2Fqj%2BDo9G3arhdl16NzO5D9dySEdFT%2ByLcrX9KLLUrlvr341lQGg1PTjwSm0%2FVZNszmAqP66AUQmQSOZA8GylSTpQGxKnEqKBQcE5h2Fb5j5AU"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7e21187e4881194d-FRA
expires: Tue, 01 Aug 2023 19:00:17 GMT

GET
H2 200 61.jpg
api.scorarab.com/uploads/leagues/ 8 KB
9 KB 45ms
26ms Image
image/jpeg 104.21.4.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.scorarab.com/uploads/leagues/61.jpg
Requested by: Host: hes-goals.tv
URL: https://hes-goals.tv/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.4.192 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62bf4b5a9f50e5f894564da29105683eddc709f3511c08fe628db41dd52d9c30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 251290
alt-svc: h3=":443"; ma=86400
content-length: 8329
last-modified: Wed, 08 Dec 2021 16:51:21 GMT
server: cloudflare
etag: "61b0e289-2089"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KanCgYbEsgKZlPRtRBN7nULSrd9CLHKUENUV955o62RJPKJAXRIp0LgNnOp%2F23WlF%2Fh2ZGHHXr%2BCeZpEPSiunS6qTWug07Me%2BrpsAgSn%2FtMWIJdnb2JZFSqDtkYVmUrokZ1q"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7e21187e2856194d-FRA
expires: Tue, 01 Aug 2023 19:00:17 GMT

GET
H2 200 529.jpg
api.scorarab.com/uploads/teams/ 6 KB
6 KB 65ms
45ms Image
image/jpeg 104.21.4.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.scorarab.com/uploads/teams/529.jpg
Requested by: Host: hes-goals.tv
URL: https://hes-goals.tv/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.4.192 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cd1336841f9b6a47bfefd1304c8f86d2a04a768358ef88a6144130074555e30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 251290
alt-svc: h3=":443"; ma=86400
content-length: 5713
last-modified: Wed, 08 Dec 2021 16:51:22 GMT
server: cloudflare
etag: "61b0e28a-1651"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N7ZTeAHdPBBC9wTzpOBTsgRogUoZ849NI%2Fpmu%2BDSmzuE%2FYvb%2FhVU0AbOUw%2B3F%2F9zuLKqtn6l7ryBN1k4EZGKHFLUOrxaazU%2BSJABdZ%2BmhI%2BFPNjLmsTVgjusWB5wl5CPIT5Z"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7e21187e285c194d-FRA
expires: Tue, 01 Aug 2023 19:00:17 GMT

GET
H2 200 541.jpg
api.scorarab.com/uploads/teams/ 8 KB
8 KB 47ms
28ms Image
image/jpeg 104.21.4.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.scorarab.com/uploads/teams/541.jpg
Requested by: Host: hes-goals.tv
URL: https://hes-goals.tv/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.4.192 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02b209928f54d5bab5517ca9dea9af1f2675bce2d98c96203a82b756e7444d75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 251290
alt-svc: h3=":443"; ma=86400
content-length: 7914
last-modified: Wed, 08 Dec 2021 16:51:26 GMT
server: cloudflare
etag: "61b0e28e-1eea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I52XU6FoNkhXg65zSCtZrGWKgjCwiZ2%2BoFEQ3P0%2B4iRsvCEl%2FGP3xO0flYDU9pYf89vVVmw3c2jVHPFuhTRgrHkBOkb5w%2BI6jBx14FQtgX0vO6wN3A%2BRmQRfC5S3GQL5IzLW"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7e21187e2858194d-FRA
expires: Tue, 01 Aug 2023 19:00:17 GMT

GET
H2 200 85.jpg
api.scorarab.com/uploads/teams/ 10 KB
10 KB 52ms
32ms Image
image/jpeg 104.21.4.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.scorarab.com/uploads/teams/85.jpg
Requested by: Host: hes-goals.tv
URL: https://hes-goals.tv/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.4.192 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32ab67033bbf505e26b3abb5317160c34ccc866bcdcecb84014c26a75ca7e582

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 251290
alt-svc: h3=":443"; ma=86400
content-length: 10291
last-modified: Wed, 08 Dec 2021 16:51:24 GMT
server: cloudflare
etag: "61b0e28c-2833"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U3l04%2BAWvEiICRTGqwgt6HmfymHAI%2B3HNwB1qlOgVkvoqPCbcoDb28UNlG%2FwG1EM0GErr2NnummghD5IHwS6SjBq4jp65bKPo1kyg6VZz%2BxbFOgLD09wZF4c%2FNDFm5EpvuXm"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7e21187e2855194d-FRA
expires: Tue, 01 Aug 2023 19:00:17 GMT

GET
H2 200 33.jpg
api.scorarab.com/uploads/teams/ 12 KB
12 KB 69ms
50ms Image
image/jpeg 104.21.4.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.scorarab.com/uploads/teams/33.jpg
Requested by: Host: hes-goals.tv
URL: https://hes-goals.tv/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.4.192 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e635e6c39fcb9637407a910b39111671ba82d0f9380cb7f83b0d48548d343bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 251290
alt-svc: h3=":443"; ma=86400
content-length: 12373
last-modified: Wed, 08 Dec 2021 16:51:26 GMT
server: cloudflare
etag: "61b0e28e-3055"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HdonoZ3xXnJa%2FCquoFrvZh%2BpvyUKQAN%2FUmdh1AoGsSs2LR5Aop%2BUlq3d5EMmCb2j2A1clJvqU5KdbvPwKBtUU%2BFEAsS5OXo9nUkxpFDMausUo%2BjZY2AzmhVksa5GKxOSSdOU"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7e21187e285b194d-FRA
expires: Tue, 01 Aug 2023 19:00:17 GMT

GET
H2 200 50.jpg
api.scorarab.com/uploads/teams/ 10 KB
10 KB 49ms
30ms Image
image/jpeg 104.21.4.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.scorarab.com/uploads/teams/50.jpg
Requested by: Host: hes-goals.tv
URL: https://hes-goals.tv/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.4.192 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 081fa2dae56dba7ea3b94b69124bf7dac4bb19691146089ecf8c8cb91d764569

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 251290
alt-svc: h3=":443"; ma=86400
content-length: 9972
last-modified: Wed, 08 Dec 2021 16:51:27 GMT
server: cloudflare
etag: "61b0e28f-26f4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VSiEmaB2TP%2F7aqjn%2F7m3e85VZeZrHbxQefTLD0HwRZWkbPH%2BaoiMYhGY589VMbi0IBKeWEdVnrkaBRMNZzFFk5BDq498%2FrZo0eNr0useN%2FjoOZO228pL2g17b%2Bb0HqMbYzk6"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7e21187e285e194d-FRA
expires: Tue, 01 Aug 2023 19:00:17 GMT

GET
H2 200 42.jpg
api.scorarab.com/uploads/teams/ 7 KB
7 KB 71ms
52ms Image
image/jpeg 104.21.4.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.scorarab.com/uploads/teams/42.jpg
Requested by: Host: hes-goals.tv
URL: https://hes-goals.tv/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.4.192 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4afcd9f5c6ed612b8d826b1cab671242751bf28bb91a2f321f91d40722a4696

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 251290
alt-svc: h3=":443"; ma=86400
content-length: 7233
last-modified: Wed, 08 Dec 2021 16:51:23 GMT
server: cloudflare
etag: "61b0e28b-1c41"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CAv22BIxvuXd11fA%2BC29bTAyUxXTaT%2BpLY%2F7zM%2B%2FLReETdKLBAB5UCLI86N%2BMc7fOSAshoUQA%2FJRXlq6ao%2BHYQfswZDeIxcqxF3xGlOAQLMsjJlUOJ77uzhJ3ccc1M%2BlT1u1"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7e21187e487e194d-FRA
expires: Tue, 01 Aug 2023 19:00:17 GMT

GET
H2 200 40.jpg
api.scorarab.com/uploads/teams/ 10 KB
10 KB 43ms
42ms Image
image/jpeg 104.21.4.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.scorarab.com/uploads/teams/40.jpg
Requested by: Host: hes-goals.tv
URL: https://hes-goals.tv/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.4.192 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a2b45b99a2c8cdb8ee20b4a1ab53375594044248f7d33070b636ce06d11bdce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 251290
alt-svc: h3=":443"; ma=86400
content-length: 10285
last-modified: Wed, 08 Dec 2021 16:51:26 GMT
server: cloudflare
etag: "61b0e28e-282d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OFr1EG3%2BsxvVqzoMgs0Aw8YAmqY3qNATO%2FQB63BcNfiY%2BhZgPzx1g18YEqo1l27gEw%2BPQ3D8iAo6EJM5tDJV2axevkVpsb0otKIURLn45HDb0BC8a%2F61iIZ25Gn%2BXvSTHQ%2Bu"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7e21187e4887194d-FRA
expires: Tue, 01 Aug 2023 19:00:17 GMT

GET
H2 200 49.jpg
api.scorarab.com/uploads/teams/ 11 KB
12 KB 44ms
43ms Image
image/jpeg 104.21.4.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.scorarab.com/uploads/teams/49.jpg
Requested by: Host: hes-goals.tv
URL: https://hes-goals.tv/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.4.192 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a0fa1432d03ea6463f191daf6cba5087f6a3889c94b8dc231f992c7474e0a42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 251290
alt-svc: h3=":443"; ma=86400
content-length: 11673
last-modified: Wed, 08 Dec 2021 16:51:25 GMT
server: cloudflare
etag: "61b0e28d-2d99"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1XTwkdyX%2F6fs20GnnkHua5E1k4YUxc56%2FPcC6CTezoXMYDS%2FGHFmqHcLiMhT7vDh9nWuN5oPY3wFWNnzi%2FP7p7saaaYOdFWneRbGqt9xcngGL%2B3cyDYUa6GKA3mfDDxcr5T4"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7e21187e4889194d-FRA
expires: Tue, 01 Aug 2023 19:00:17 GMT

GET
H2 200 489.jpg
api.scorarab.com/uploads/teams/ 6 KB
6 KB 44ms
44ms Image
image/jpeg 104.21.4.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.scorarab.com/uploads/teams/489.jpg
Requested by: Host: hes-goals.tv
URL: https://hes-goals.tv/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.4.192 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 870fe3ad57f364db1b1d4376a052dbc10e9ebb62f59e389e075fe3b4e7c1ac94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 251290
alt-svc: h3=":443"; ma=86400
content-length: 5663
last-modified: Wed, 08 Dec 2021 16:51:25 GMT
server: cloudflare
etag: "61b0e28d-161f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9InTD0fwKmgkClyDezqyM2nyAl6Vi0d6tA1EozcTm4ZaMyPVMnQEI4Uv6Wl0UsvKSC1bn04gaSXi9huXrvlbkY9f8D6r3xyLMn80JoBD843Ym8et37iRzjnE28vSk0HafGB%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7e21187e488b194d-FRA
expires: Tue, 01 Aug 2023 19:00:17 GMT

GET
H2 200 505.jpg
api.scorarab.com/uploads/teams/ 5 KB
5 KB 45ms
45ms Image
image/jpeg 104.21.4.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.scorarab.com/uploads/teams/505.jpg
Requested by: Host: hes-goals.tv
URL: https://hes-goals.tv/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.4.192 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84eb928b53866586291fbc8dd8fce5ab58341fc0e46afc858f2436350b71f80d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 251290
alt-svc: h3=":443"; ma=86400
content-length: 4746
last-modified: Wed, 08 Dec 2021 16:51:26 GMT
server: cloudflare
etag: "61b0e28e-128a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8HCP36ic5H46Aqej9rA3c4t%2Fvkb0LhhnJrlm3FrKQXFkPMzHYpsIUFtoup0%2BeD3IEnliRC5t4MG%2B6eq5i%2FnzzzADetNJI1S6l4eFkiROWNTb88RZi6mMefvHoqX8WhhcMTsu"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7e21187e488c194d-FRA
expires: Tue, 01 Aug 2023 19:00:17 GMT

GET
H2 200 496.jpg
api.scorarab.com/uploads/teams/ 3 KB
3 KB 44ms
43ms Image
image/jpeg 104.21.4.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.scorarab.com/uploads/teams/496.jpg
Requested by: Host: hes-goals.tv
URL: https://hes-goals.tv/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.4.192 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78007c2c998efc58a117a755e2151f0b3db2f5b7e21c8a960b2384287d424411

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 251290
alt-svc: h3=":443"; ma=86400
content-length: 2852
last-modified: Wed, 08 Dec 2021 16:51:26 GMT
server: cloudflare
etag: "61b0e28e-b24"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YyKHo2dOSWtfXhZPKC8kT42%2FS0bDe1dO%2FBdT5yHPhwidGK2DTsOXpK%2F%2F1MNesGjpU1cQLZngFlt3qkOnDii1NzXstFLvAByQ4V1gzZZmZUMcRAdSk728T7KmE49MY5N7Z7WG"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7e21187e488d194d-FRA
expires: Tue, 01 Aug 2023 19:00:17 GMT

GET
H2 200 157.jpg
api.scorarab.com/uploads/teams/ 8 KB
9 KB 45ms
44ms Image
image/jpeg 104.21.4.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.scorarab.com/uploads/teams/157.jpg
Requested by: Host: hes-goals.tv
URL: https://hes-goals.tv/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.4.192 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5aaa92dcc869c3873f221c39a6e2e3da467946be14d5dd7a3c376e6f0a89c21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 251290
alt-svc: h3=":443"; ma=86400
content-length: 8388
last-modified: Wed, 08 Dec 2021 16:51:26 GMT
server: cloudflare
etag: "61b0e28e-20c4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NvTfi%2BQfj1V0aDk6JPWioAuq4rb%2FdRqseRS6d6vB9Zm33%2FTI9%2B1h8CLjQSKaroj2QflEHuj61NdJ8Dq66y%2B%2B8teHdn3w6mwYyfYp6jhU9kQu7tN1garReZ4fDYlpKWoFv2sQ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7e21187e488e194d-FRA
expires: Tue, 01 Aug 2023 19:00:17 GMT

GET
H2 200 165.jpg
api.scorarab.com/uploads/teams/ 7 KB
7 KB 45ms
44ms Image
image/jpeg 104.21.4.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.scorarab.com/uploads/teams/165.jpg
Requested by: Host: hes-goals.tv
URL: https://hes-goals.tv/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.4.192 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e22df30974dbc894ac8902a184d73fab4bac48257b32e4dba9a46b4c6e3ac31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 251171
alt-svc: h3=":443"; ma=86400
content-length: 6806
last-modified: Wed, 08 Dec 2021 16:51:25 GMT
server: cloudflare
etag: "61b0e28d-1a96"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dO40fUEzD3S1S%2BbBz9hWwMoUwrFTQbicmGumG%2BQamiJnv5HiRjl6oFsIE50tIDSunisPxTxV%2BJ4HwJCXmf7GhHl9tgfgy0KJuTSZq2jnqS8HRIfwm83rs71j6%2F1Uu%2BB6sHJ1"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7e21187e488f194d-FRA
expires: Tue, 01 Aug 2023 19:02:16 GMT

GET
H3 200 1.png
hes-goals.tv/uploads/img/post/ 565 KB
566 KB 34ms
33ms Image
image/png 104.21.235.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hes-goals.tv/uploads/img/post/1.png

Requested by

Host: hes-goals.tv
URL: https://hes-goals.tv/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.235.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f18028a8c8f9685c4c8b79a102de82aefe1786bc627d1af57db26834903e1a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2442969
alt-svc: h3=":443"; ma=86400
content-length: 578478
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Sun, 05 Feb 2023 01:55:04 GMT
server: cloudflare
etag: "63df0c78-8d3ae"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UTFkxlozNhQCBfSJlaUqjT2hmmgW5RZbf39tQv267p5gXTkdUQLvl8Igoi%2Fa5f0cW2Pcx4Gnvf5Znj14e2THLf0l69BZ%2BEcviRelc1UcI%2FvjwiFCYS7MSH1iNT%2BDYuI%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7e21187db9bd18e3-FRA
expires: Fri, 07 Jul 2023 10:12:18 GMT

GET
H2 200 2023-07-05 Show response
web-api.scorarab.com/api/matches/ 7 KB
2 KB 144ms
81ms Fetch
text/plain 104.21.4.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://web-api.scorarab.com/api/matches/2023-07-05?t=48

Requested by

Host: hes-goals.tv
URL: https://hes-goals.tv/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.4.192 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cdb89e8e7f3b2aca3261b9b82d5712d14b4a44d30e3823b2a452114ef31d7f6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pTEMYPBhlZr5vmmKbs%2BOXG%2FEGJiIWrs1wcPqEo%2BP94G1WRiGKipeAeEhGZoLHdFhS8vEJPYXALxRk9jQlZHvl18d6UoSngp7Z0HoqBLQx5Rwg22clVCyk%2BmO2jUCyQYS4cY%2BK%2F5wYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
cf-ray: 7e21187e18f892b4-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Wed, 05 Jul 2023 16:49:27 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 222 KB
79 KB 36ms
34ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-098V1SPXWN&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-262345773-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

76a110577feffe879a6a5321da0f937b26f6f779b35891f882896abcdde3cba7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81198
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 05 Jul 2023 16:48:27 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 67ms
20ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-262345773-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 05 Jul 2023 15:04:41 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6226
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 05 Jul 2023 17:04:41 GMT

GET
DATA 200
OK truncated
/ 500 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H3 200 8200.png
web-api.scorarab.com/uploads/team/ 18 KB
18 KB 172ms
119ms Image
image/png 104.21.4.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/8200.png

Requested by

Host: hes-goals.tv
URL: https://hes-goals.tv/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.4.192 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56c7c259204af647ab87fff5af225230b7c086ff68217fb411d4bcd7a4c6a91b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 72148
alt-svc: h3=":443"; ma=86400
content-length: 17929
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Jul 2023 20:43:30 GMT
server: cloudflare
etag: "64a48472-4609"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CR%2BJbRIJihExXEJrSZXsA1BzyqV8xLEi4ysCihzRJxuVf3jrccGwDKxzaN0QbZjKR%2FAaT9ZT6TX6zHcrQ6VcJNmvH2nicO6WFbgv9Qv3UzUOA32HlKdls%2B%2BRinpEy0IFEZgCAc8VtA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7e21187f0ceebb65-FRA
expires: Thu, 03 Aug 2023 20:46:00 GMT

GET
H3 200 8190.png
web-api.scorarab.com/uploads/team/ 3 KB
3 KB 172ms
120ms Image
image/png 104.21.4.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/8190.png

Requested by

Host: hes-goals.tv
URL: https://hes-goals.tv/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.4.192 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55f8164fc4d266417200fa79515999810bd90f88c2e7ff2b92a8de8a5a9e9e65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 72148
alt-svc: h3=":443"; ma=86400
content-length: 2845
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Jul 2023 20:43:30 GMT
server: cloudflare
etag: "64a48472-b1d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tyuQjiln3UgCt%2BKziFNmO4VpWXj16PvlN8oEa16eNp2P5LCZRMUATcbktpjDsg0yBH51YKoumsabf3C1eyqQsWgbebobNNbGLz7%2BVGMNamk63v106efbkch9p2dyCC4SD4MkvVGkIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7e21187f0cf3bb65-FRA
expires: Thu, 03 Aug 2023 20:46:00 GMT

GET
H3 200 1557010589.png
web-api.scorarab.com/uploads/team/ 4 KB
5 KB 169ms
118ms Image
image/png 104.21.4.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1557010589.png

Requested by

Host: hes-goals.tv
URL: https://hes-goals.tv/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.4.192 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b24b97eba7a64f23317020f937bf3852cf87bc699bca89c65df2893773654d7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 72426
alt-svc: h3=":443"; ma=86400
content-length: 4438
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Dec 2021 17:06:39 GMT
server: cloudflare
etag: "61b0e61f-1156"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U0VoJPYdsMIAVywFa18jnpW0zRr8v1d%2F3RSFft%2B%2BxOP9GezG5LcnVL%2BGFx4c9GOlcPv%2FrLaLkqy4fSGqLKbhFM%2B%2BFy9iV7jKhBiVCo5KeXER%2FqHM5eNRJiGu5dWPcD4jO9LX6Hj4NA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7e21187f0cd5bb65-FRA
expires: Thu, 03 Aug 2023 20:41:22 GMT

GET
H3 200 1566243393.png
web-api.scorarab.com/uploads/team/ 13 KB
14 KB 149ms
98ms Image
image/png 104.21.4.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1566243393.png

Requested by

Host: hes-goals.tv
URL: https://hes-goals.tv/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.4.192 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4dc1555887b8868234b3d67cf28cda945f83e7bef9dbac50e418091f1cac9ca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 72426
alt-svc: h3=":443"; ma=86400
content-length: 13582
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Dec 2021 17:06:39 GMT
server: cloudflare
etag: "61b0e61f-350e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=geuddScH3oXVCidcS6GX1VNH61U619%2FCoGKaHzb2LEdpaziJj5b2UYtaepJUAulsuUM2oZ4EGXnO%2FvHfZLQwL%2BoY5YEJ6xDDsJTJk%2FmFxXoiTp9Jo3YCBiN%2BfPogaLUAh45ymYqdWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7e21187f0ce6bb65-FRA
expires: Thu, 03 Aug 2023 20:41:22 GMT

GET
H3 200 1563975183.png
web-api.scorarab.com/uploads/team/ 6 KB
7 KB 146ms
95ms Image
image/png 104.21.4.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1563975183.png

Requested by

Host: hes-goals.tv
URL: https://hes-goals.tv/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.4.192 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc4ee6fd5625e3388a2180c439508e6bd7e1affd4b7a74e23a02ea735253296a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 251648
alt-svc: h3=":443"; ma=86400
content-length: 6603
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Dec 2021 17:06:40 GMT
server: cloudflare
etag: "61b0e620-19cb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RIY3iSRFxn45yYYDsIpSVKGd8yhpayIwqHVFixsRSd1dm30di7RjBzHhi0L2LGpKuGMw%2BdY%2FeQWot%2F9oUrNwLUoda1x2bZXuz7z2LZCzNo1kjTAaRsTfXMIYxWwM3ynL6xjBmjHTBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7e21187f0ce7bb65-FRA
expires: Tue, 01 Aug 2023 18:54:20 GMT

GET
H3 200 1563975286.png
web-api.scorarab.com/uploads/team/ 22 KB
22 KB 134ms
83ms Image
image/png 104.21.4.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1563975286.png

Requested by

Host: hes-goals.tv
URL: https://hes-goals.tv/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.4.192 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

416e4d0f6bc2bdddb348dcf8fa16b87e698b0c3a40e42303298b9ef8683ea200

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 72148
alt-svc: h3=":443"; ma=86400
content-length: 22459
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Dec 2021 17:06:40 GMT
server: cloudflare
etag: "61b0e620-57bb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5j24AUPsJAdkPhdYAZuHmPGdS4HWuKRI3wVYAgGAwyjRE2uxsNTfQfLBfeEB7uH842Y6WVOJKeaf0agVUXBxOXPvDrHvENytsrXIqPpufRU4myXP6pDBJ%2BNsClcx9GIKUGvXEPbr6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7e21187f0ce8bb65-FRA
expires: Thu, 03 Aug 2023 20:46:00 GMT

GET
H3 200 8224.png
web-api.scorarab.com/uploads/team/ 7 KB
7 KB 147ms
97ms Image
image/png 104.21.4.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/8224.png

Requested by

Host: hes-goals.tv
URL: https://hes-goals.tv/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.4.192 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26c593439d52db01fdada987d794fdbebca4c3057c4189f382e9030a536e33ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 72148
alt-svc: h3=":443"; ma=86400
content-length: 7059
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Jul 2023 20:44:01 GMT
server: cloudflare
etag: "64a48491-1b93"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yjRGeMvWxxLtDtP%2FuVDtNUOo5dn%2BjDAZYYQIaupv1CpP30%2B4yOa8YXSOiE3Bc9fAnuGjQdRz3RfRW6Qjk5CBPt1AxOzGusUXl1ThOGo%2FycxeJl8sdQskNKJ5xhUQFb3Bs5cnYKlx%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7e21187f0cd7bb65-FRA
expires: Thu, 03 Aug 2023 20:46:00 GMT

GET
H3 200 8228.png
web-api.scorarab.com/uploads/team/ 13 KB
14 KB 145ms
96ms Image
image/png 104.21.4.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/8228.png

Requested by

Host: hes-goals.tv
URL: https://hes-goals.tv/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.4.192 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f920698736a8067fc75fd59138bd0d610f01d8dbf4f0ca6db7110b9e3970200

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 72148
alt-svc: h3=":443"; ma=86400
content-length: 13615
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Jul 2023 20:44:01 GMT
server: cloudflare
etag: "64a48491-352f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8hvAFCinNH9OK8%2F4wfYAc%2FyDaihosCeXomkVpVzEWWQlq7F6vYJ2qRB2f4u8Qsu984qmmIch55oNu%2BoH7kns597TU0p9eyXuFihq1JEQNR9x8W8SgoFhR1b0hX3eRS4%2BOq4YdwWQKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7e21187f0cd9bb65-FRA
expires: Thu, 03 Aug 2023 20:46:00 GMT

GET
H3 200 1566245104.png
web-api.scorarab.com/uploads/team/ 8 KB
8 KB 80ms
31ms Image
image/png 104.21.4.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1566245104.png

Requested by

Host: hes-goals.tv
URL: https://hes-goals.tv/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.4.192 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9af2879b74e7fdaedf2ba271f9eebf592a7068f8a48bae63693ec9e45d2efbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 71417
alt-svc: h3=":443"; ma=86400
content-length: 7820
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Dec 2021 17:06:39 GMT
server: cloudflare
etag: "61b0e61f-1e8c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xQmMSgsgs3AZRcsTMtOUDnJVtox0CClUR%2BmMnMphfiEBln8YuGWQnpyGOPLCyV72Mr7g7gWYAPSadzuQBpYnSf1n1E2MUA1wG%2FnxZPbwKf4FXixIVFsaJ0tpv7NDgqIeKD7VCLkDgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7e21187f0cdbbb65-FRA
expires: Thu, 03 Aug 2023 20:58:11 GMT

GET
H3 200 448.png
web-api.scorarab.com/uploads/team/ 16 KB
17 KB 80ms
31ms Image
image/png 104.21.4.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/448.png

Requested by

Host: hes-goals.tv
URL: https://hes-goals.tv/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.4.192 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5c3f51b47bbb58a51f038cfd86c6222d614ff7a586d931daa99d58ab1b11fc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 71417
alt-svc: h3=":443"; ma=86400
content-length: 16855
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Jul 2023 20:55:32 GMT
server: cloudflare
etag: "64a48744-41d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zvL4UiqttnToxUr9CN%2Ba6XIhHkXXbnFndDVnbbRtbrJ9o9vu%2B2CCyXw9vExaQyq%2F7%2FxTtyEZyiDKbHAXhij1aLWbwXKMD3Ia1DMjQP0f6WyGw0t3SwGWz%2FwP253J8rarh3Hq3chqsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7e21187f0cdcbb65-FRA
expires: Thu, 03 Aug 2023 20:58:11 GMT

GET
H3 200 441.png
web-api.scorarab.com/uploads/team/ 18 KB
19 KB 103ms
54ms Image
image/png 104.21.4.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/441.png

Requested by

Host: hes-goals.tv
URL: https://hes-goals.tv/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.4.192 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f05360cfc3cd26232144b02b779fb3b5a43d49c0f32ff4cee143483fe69566d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 71416
alt-svc: h3=":443"; ma=86400
content-length: 18787
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Jul 2023 20:55:44 GMT
server: cloudflare
etag: "64a48750-4963"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E5XvSuhWRF118xof3%2BrOmW1uby3gvqTpdnVROP9cH3RFp%2F%2Bco1nxlSpJhya9ZAuydlefrmK%2FckrIyikPIkGcc2Wj5jYQZqohByA50yyDHj6UNTISwvTnmKyAfUra9quBVUsnaN4HfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7e21187f0cddbb65-FRA
expires: Thu, 03 Aug 2023 20:58:11 GMT

GET
H3 200 1566244593.png
web-api.scorarab.com/uploads/team/ 8 KB
8 KB 131ms
82ms Image
image/png 104.21.4.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1566244593.png

Requested by

Host: hes-goals.tv
URL: https://hes-goals.tv/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.4.192 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

daf7cc0ceb592620be8a91d4cd7658e166f9f1bed4423d584632d9fe5465696d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 251571
alt-svc: h3=":443"; ma=86400
content-length: 7712
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Dec 2021 17:06:39 GMT
server: cloudflare
etag: "61b0e61f-1e20"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dkHsmX0FUv0Do7nnygvZsRkgObQ56Q%2B2Z9s0hSDyCsahkk7yFBQ9ZHLXwtuzMYR1rBh9ZNaziWDDWBOSgAgKKSgnlonw9nKZd%2FcGp6MAd50WFxHNqo%2FcheC78hT3WYk%2Bnv0oAM0U0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7e21187f0ce0bb65-FRA
expires: Tue, 01 Aug 2023 18:55:37 GMT

GET
H3 200 1664238907.png
web-api.scorarab.com/uploads/team/ 3 KB
3 KB 132ms
83ms Image
image/png 104.21.4.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1664238907.png

Requested by

Host: hes-goals.tv
URL: https://hes-goals.tv/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.4.192 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

642a0bd8ae906593d947df50fe877f4055de38b225a0c41c42aca1636efa5c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 72277
alt-svc: h3=":443"; ma=86400
content-length: 2715
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 00:35:07 GMT
server: cloudflare
etag: "6332453b-a9b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nPoUsv3EXFYu%2B2VBJrXDSE88S544GEyGPJWfJktdwlQ%2FWVMrKYYGpn1AU0ktvQjrDZNtXhv%2FkRzPV0ITD6eXSJyxpazzNIDMcuMPXZ41aXFRdayXopXo2sl83v3QjbsKWfYHEah2JA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7e21187f0ce2bb65-FRA
expires: Thu, 03 Aug 2023 20:43:51 GMT

GET
H3 200 1679937277.png
web-api.scorarab.com/uploads/team/ 3 KB
3 KB 168ms
119ms Image
image/png 104.21.4.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1679937277.png

Requested by

Host: hes-goals.tv
URL: https://hes-goals.tv/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.4.192 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0dc6468a3e77397fedf2e7befb19600dc7111f3f7fc165a08f7b352ac6997f7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 72277
alt-svc: h3=":443"; ma=86400
content-length: 3024
x-xss-protection: 1; mode=block
last-modified: Mon, 27 Mar 2023 17:14:37 GMT
server: cloudflare
etag: "6421cefd-bd0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aWvQTEiftccBMJmzThvfz9OhA0XV3wHNedI0mu6Qg1Z26FKpmGKX03TzXxL3wfmpXwWsrLv19KDBON4y2fn6q4C%2BcKmt19eqlJ3bvw7aKtbCJatpt6sIKERLQXU%2FXNDU3doEjItoyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7e21187f0ce3bb65-FRA
expires: Thu, 03 Aug 2023 20:43:51 GMT

GET
H3 200 1655156961.png
web-api.scorarab.com/uploads/team/ 3 KB
4 KB 170ms
121ms Image
image/png 104.21.4.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1655156961.png

Requested by

Host: hes-goals.tv
URL: https://hes-goals.tv/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.4.192 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b115ab2bfee0ecb367bcc5a4870cac98d54aa613c73dd6a79f9be6bb2ccf362

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 72148
alt-svc: h3=":443"; ma=86400
content-length: 3113
x-xss-protection: 1; mode=block
last-modified: Mon, 13 Jun 2022 21:49:21 GMT
server: cloudflare
etag: "62a7b0e1-c29"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c0KKxnaF%2BL77dDHV71NftlO4XK6NRaVMgCPkGAbKQcakKfSWR1ume%2FtpCn0FNFU1f8eQviWxsRsTuoA7TlmIxVk7uGTWSYngNZRKKQBoFX5oUIPHeEJe07VWL5pkBeCPESlFkURedA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7e21187f0cf5bb65-FRA
expires: Thu, 03 Aug 2023 20:46:00 GMT

GET
H3 200 8117.png
web-api.scorarab.com/uploads/team/ 6 KB
7 KB 170ms
121ms Image
image/png 104.21.4.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/8117.png

Requested by

Host: hes-goals.tv
URL: https://hes-goals.tv/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.4.192 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a192048906ff3ff26b970b22681b6f995bc963f1952fdfd7fe2fe8447deeee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 72148
alt-svc: h3=":443"; ma=86400
content-length: 6221
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Jul 2023 20:43:22 GMT
server: cloudflare
etag: "64a4846a-184d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VLO%2Fusy2PR3RJPgxOg4oSm6HLOugp2g%2ByBBA%2BkEygyPxOt5cPmMgsSD%2Bgd%2BZCyY77rXIYABDL9kIJtWVYQXgW3%2BHOKuBK5stjLGcSxqtKLefYXHzMDa7QLTB1w%2Fd6hsGv7PzwD9pxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7e21187f0cf8bb65-FRA
expires: Thu, 03 Aug 2023 20:46:00 GMT

GET
H3 200 1610.png
web-api.scorarab.com/uploads/team/ 88 KB
89 KB 173ms
124ms Image
image/png 104.21.4.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1610.png

Requested by

Host: hes-goals.tv
URL: https://hes-goals.tv/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.4.192 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

798216b41863d068ba10c6d81dff0e44f59cca71f4e0761e160934774d0aa777

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 71694
alt-svc: h3=":443"; ma=86400
content-length: 90381
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Jul 2023 20:52:58 GMT
server: cloudflare
etag: "64a486aa-1610d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FU29j%2BO8xjZqfXd0pi0wJPgXJypDHwzQxyWdecU%2FdFyDWaifVqmkYzHUKpimy3KxrzsncB3n2JneVCu86bNVDSTRQllLSiF4YlMoUgIglvHeSYvIF3jKZQCvMbjmp43Gd7MypPfmSw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7e21187f0cfbbb65-FRA
expires: Thu, 03 Aug 2023 20:53:34 GMT

GET
H3 200 1617.png
web-api.scorarab.com/uploads/team/ 88 KB
89 KB 193ms
144ms Image
image/png 104.21.4.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/team/1617.png

Requested by

Host: hes-goals.tv
URL: https://hes-goals.tv/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.4.192 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe98d3a5568bb80babecb5a468ae76be08171334656bcf826779951b5cfa415e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 71694
alt-svc: h3=":443"; ma=86400
content-length: 90381
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Jul 2023 20:52:58 GMT
server: cloudflare
etag: "64a486aa-1610d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hjGaimpe2bhF5zNZ9XI9THNY5M2y9VU1Y7GEhr1VmRG%2BRcC%2FW%2BIVJq2M2bfBh9VVGviXo1yRUaJdZATn%2Bo1WwlCXk50ll19T9RcsIiY8g4HTvm%2FR8nJ93h%2FMFCmoBlFVwi%2B7cPuv5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7e21187f0cfdbb65-FRA
expires: Thu, 03 Aug 2023 20:53:34 GMT

GET
H3 200 1624841792.jpg
web-api.scorarab.com/uploads/league/ 7 KB
8 KB 207ms
158ms Image
image/jpeg 104.21.4.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-api.scorarab.com/uploads/league/1624841792.jpg

Requested by

Host: hes-goals.tv
URL: https://hes-goals.tv/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.4.192 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bbf7ee31ad3e09d42ecd4b3458b9e06113d0c9744e26289db7da1b8fd557ffd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 209206
alt-svc: h3=":443"; ma=86400
content-length: 7332
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Dec 2021 17:06:39 GMT
server: cloudflare
etag: "61b0e61f-1ca4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HpkBIHo4eBm%2FgM9MhXobenMm0lpfpa6XWz9qllUhF7rQLlJn2VMDurniluoaunN4ltcljsoS0niGfum2z3BL239UMsWuBUj0Ei7rvPkHiiK0hm7%2BgJ9ozLAi1n8SOPVC4GJk%2F65tfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7e21187f0d00bb65-FRA
expires: Wed, 02 Aug 2023 06:41:42 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
252 B 79ms
26ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-098V1SPXWN&gtm=45je36s0&_p=367701350&cid=37944306.1688575708&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&ngs=1&_s=1&sid=1688575707&sct=1&seg=0&dl=https%3A%2F%2Fhes-goals.tv%2F&dt=Hesgoal%20TV%20-%20Free%20Live%20Sports%20Stream&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-098V1SPXWN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 16:48:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hes-goals.tv
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
204 B 28ms
28ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=367701350&t=pageview&_s=1&dl=https%3A%2F%2Fhes-goals.tv%2F&ul=en-us&de=UTF-8&dt=Hesgoal%20TV%20-%20Free%20Live%20Sports%20Stream&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=927439560&gjid=1653630246&cid=37944306.1688575708&tid=UA-262345773-1&_gid=1322896429.1688575708&_r=1&gtm=457e36s0&jsscut=1&z=659505285

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://hes-goals.tv/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 16:48:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hes-goals.tv
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 impl.v17.2.0.js Show response
live.demand.supply/ 79 KB
26 KB 35ms
34ms Script
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/impl.v17.2.0.js
Requested by: Host: hes-goals.tv
URL: https://hes-goals.tv/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a3c9c69544c839d178db96a6e58336a41fe05d41cb6de5ec0fd85e9fa6f3cbf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nf-request-id: 01H4EDP04MJTDMT3KTECWRQF8D
date: Wed, 05 Jul 2023 16:48:28 GMT
content-encoding: br
cf-cache-status: HIT
age: 169446
cf-polished: origSize=81492
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"33f2af6c78516d6a2da103ab1a708917-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 7e21187f2fc61da6-FRA

GET
H2 200 aGVzLWdvYWxzLnR2Lw== Show response
live.demand.supply/p4/v16-10-0/ 1 KB
765 B 160ms
159ms Script
text/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v16-10-0/aGVzLWdvYWxzLnR2Lw==
Requested by: Host: hes-goals.tv
URL: https://hes-goals.tv/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccadf91ea6b253cde980f628757f2108644f3aceebabff1f109f87ceb713fdb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:28 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 7e21187f2fc71da6-FRA
alt-svc: h3=":443"; ma=86400

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
481 B 151ms
124ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?e=ll&d=312&cs=c&dsReferer=aGVzLWdvYWxzLnR2Lw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nf-request-id: 01GZTVS3SE256M8E7S3AZNXWYY
date: Wed, 05 Jul 2023 16:48:28 GMT
cf-cache-status: HIT
age: 2584121
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "847d6f45a54b1a346481710a0a6f4147-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7e21187f5e046916-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 76 KB
26 KB 171ms
93ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fcd9c6fbad9f836bf9779d5d585cc45d2604c454d0b2bd9d46923ba8c5cfe202

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26361
x-xss-protection: 0
server: cafe
etag: 325 / 19543 / 31075788 / config-hash: 12539050402590311780
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 16:48:28 GMT

GET
H3 200 ds.2.html Show response
live.demand.supply/ 413 B
621 B 142ms
115ms XHR
text/html 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nf-request-id: 01H3W9SP1M2K5NDSY1TBA5Y2KM
date: Wed, 05 Jul 2023 16:48:28 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 634329
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 7e21187f5e066916-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 140 KB
48 KB 141ms
72ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7731356227310930

Requested by

Host: mediation.magnetssp.com
URL: https://mediation.magnetssp.com/bpads/js/magnetsspads.min.js?id=1a00190d4d0d800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

771f240b104a02793da605bcf6c5d4c3c7760d5f315a7736a7e8a355fdfda51e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hes-goals.tv/
Origin: https://hes-goals.tv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48940
x-xss-protection: 0
server: cafe
etag: 2048465663981942379
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 16:48:28 GMT

GET
H2 200 page Show response
mediation.magnetssp.com/bpads/ Frame ADCD 2 KB
2 KB 200ms
148ms Document
text/html 108.138.36.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mediation.magnetssp.com/bpads/page?id=1a00190d4d0d800&slot=1c00790d4e4a400&adsid=C0DO0r5ZBeStGx-kxwBT&sdkVersion=v1.0.0&page_url=hes-goals.tv%2F&w=933.328125&h=0
Requested by: Host: mediation.magnetssp.com
URL: https://mediation.magnetssp.com/bpads/js/magnetsspads.min.js?id=1a00190d4d0d800
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-75.muc50.r.cloudfront.net
Software: nginx /
Resource Hash: c6e448c90506bfb14bbb711d307a2e4f6aa79062fdc35c8224e1849c76ba368a

Request headers

Referer: https://hes-goals.tv/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: ,sentry-trace,x-requested-with,*
content-encoding: gzip
content-language: de-DE
content-type: text/html;charset=UTF-8
date: Wed, 05 Jul 2023 16:48:28 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 67393fa6b3a865c1a8252acac0aa5cbc.cloudfront.net (CloudFront)
x-amz-cf-id: P97qvLM4a3wdnCdwLR6-o20WRe1GDQW3eIiUhdWbxfZmML8r0dxq3A==
x-amz-cf-pop: MUC50-P2
x-cache: Miss from cloudfront

GET
H2 200 bpads
mediation.magnetssp.com/json/img/ 823 B
1 KB 148ms
90ms Image
image/jpeg 108.138.36.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mediation.magnetssp.com/json/img/bpads?app_id=1a00190d4d0d800&request_id=H5GN1p5a8kQvCv-YkPwjTf9cyRq7NqC1&client_ts=1688575708062&os=&lan=en-US&sdk_version=v1.0.0&page_url=hes-goals.tv%2F&events=%5B%7B%22idf%22%3A%22F3FP5q2ZAdRwCv-Xb2E47ohMzIjLLwK2%22%2C%22gen_ts%22%3A1688575708062%2C%22evt_id%22%3A%22MAG_FIRST_OPEN%22%2C%22cat%22%3A%22MAG%22%2C%22sub_cat%22%3A%22OPEN%22%2C%22data%22%3A%7B%7D%7D%5D
Requested by: Host: hes-goals.tv
URL: https://hes-goals.tv/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-75.muc50.r.cloudfront.net
Software: nginx /
Resource Hash: f034bd8f875925a386dcfe81dd78d184e4b473552a6c34700d9f6355fb5b2f2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:28 GMT
via: 1.1 67393fa6b3a865c1a8252acac0aa5cbc.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: MUC50-P2
x-cache: Miss from cloudfront
access-control-allow-credentials: true
access-control-allow-headers: ,sentry-trace,x-requested-with,*
x-amz-cf-id: k6OgMQV9BtiFlwKo6etDx6z2OtYR9L7gFhveoioUqCLDSYCatSP8WA==

GET
H2 200 bpads
mediation.magnetssp.com/json/img/ 823 B
1 KB 227ms
170ms Image
image/jpeg 108.138.36.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mediation.magnetssp.com/json/img/bpads?app_id=1a00190d4d0d800&request_id=E2EK5s2c6jVxGz-LPHyuE5fvJXT0jcnR&client_ts=1688575708062&os=&lan=en-US&sdk_version=v1.0.0&page_url=hes-goals.tv%2F&events=%5B%7B%22idf%22%3A%22G1HK4l1b7hUtGw-ieVbXAX557OrFfdS5%22%2C%22gen_ts%22%3A1688575708062%2C%22evt_id%22%3A%22MAG_SDK_START%22%2C%22cat%22%3A%22MAG%22%2C%22sub_cat%22%3A%22START%22%2C%22data%22%3A%7B%7D%7D%5D
Requested by: Host: hes-goals.tv
URL: https://hes-goals.tv/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-75.muc50.r.cloudfront.net
Software: nginx /
Resource Hash: f034bd8f875925a386dcfe81dd78d184e4b473552a6c34700d9f6355fb5b2f2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:34 GMT
via: 1.1 67393fa6b3a865c1a8252acac0aa5cbc.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: MUC50-P2
x-cache: Miss from cloudfront
access-control-allow-credentials: true
access-control-allow-headers: ,sentry-trace,x-requested-with,*
x-amz-cf-id: DpG4LH0zg-BSysbfH40pCKJdjygONKekPintGK0vxaZdGsFPQNz0eQ==

GET
H3 200 hes-goals.tv_fluid_lb+sq_fluid Show response
live.demand.supply/cp/ 29 B
375 B 249ms
244ms XHR
text/plain 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/hes-goals.tv_fluid_lb+sq_fluid?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=aGVzLWdvYWxzLnR2Lw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.2.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a725e32f71488cc1f0cb0e25b6f3a4ba8ee76a8218c5e7969d4b9dee002bb4eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:28 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 7e21187f8e586916-FRA
alt-svc: h3=":443"; ma=86400
content-length: 29

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
479 B 119ms
115ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=fs&dsReferer=aGVzLWdvYWxzLnR2Lw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.2.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nf-request-id: 01H2RG4DQEDZPWHMP3AHGYMHTS
date: Wed, 05 Jul 2023 16:48:28 GMT
cf-cache-status: HIT
age: 1889880
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "6eaadfe791d75e3893e524a342d68ef6-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7e21187f8e546916-FRA

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/ 391 KB
125 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js?cb=31075788

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8187dcb05ebcfc94502aeec0524c23c7d22afbafe17aff1d39acc1d59a3a52db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 11:25:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19380
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127464
x-xss-protection: 0
server: cafe
etag: 4704578582152062329
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 04 Jul 2024 11:25:28 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306260101/ 344 KB
118 KB 138ms
86ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7731356227310930&plah=hes-goals.tv

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7731356227310930

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40d116f6e6bf9b32cbfa92d9192dc17522dd56764750a1c2dbd17c64913a051e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121156
x-xss-protection: 0
server: cafe
etag: 10839963718223986590
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 16:48:28 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230627/r20190131/ Frame E36F 10 KB
5 KB 79ms
19ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230627/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7731356227310930

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hes-goals.tv/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 83691
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 04 Jul 2023 17:33:37 GMT
etag: 12368291122986407432
expires: Tue, 18 Jul 2023 17:33:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 page-XCXWEUPF.min.js Show response
mediation.magnetssp.com/dist/bpads/js/ Frame ADCD 14 KB
5 KB 97ms
96ms Script
application/javascript 108.138.36.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mediation.magnetssp.com/dist/bpads/js/page-XCXWEUPF.min.js
Requested by: Host: mediation.magnetssp.com
URL: https://mediation.magnetssp.com/bpads/page?id=1a00190d4d0d800&slot=1c00790d4e4a400&adsid=C0DO0r5ZBeStGx-kxwBT&sdkVersion=v1.0.0&page_url=hes-goals.tv%2F&w=933.328125&h=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-75.muc50.r.cloudfront.net
Software: nginx /
Resource Hash: a6482849860cec9c85f0b28a58d829013b52b1c774f20255cf6100f66c1ab46d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mediation.magnetssp.com/bpads/page?id=1a00190d4d0d800&slot=1c00790d4e4a400&adsid=C0DO0r5ZBeStGx-kxwBT&sdkVersion=v1.0.0&page_url=hes-goals.tv%2F&w=933.328125&h=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:34 GMT
content-encoding: gzip
via: 1.1 67393fa6b3a865c1a8252acac0aa5cbc.cloudfront.net (CloudFront)
last-modified: Sun, 25 Jun 2023 02:15:54 GMT
server: nginx
x-amz-cf-pop: MUC50-P2
vary: Origin,Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: ,sentry-trace,x-requested-with,*
x-amz-cf-id: jQ1xtMfiApiTRkj0BWpPYVbq5rWgNvXYg-9BbhYWMrJqL75pVnWRiA==

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 81ms
31ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=hes-goals.tv

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js?cb=31075788

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
878 B 68ms
21ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js?cb=31075788

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 05 Jul 2023 16:48:28 GMT
x-content-type-options: nosniff
content-encoding: br
age: 19717
x-jsd-version: master
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 439
x-served-by: cache-fra-eddf8230088-FRA
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 147ms
69ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js?cb=31075788

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

20e74dbf3ee183f6fe1447dd7efef616905f78e10733e618dfd67f54c8a25ca8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 29 Jun 2023 05:28:55 GMT
server: nginx
etag: W/"649d1697-a980"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 06 Jul 2023 16:48:28 GMT

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 12 KB
4 KB 79ms
24ms Script
application/javascript 104.18.35.34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js?cb=31075788
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.35.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d285ae6755d52c452904f5bdfa4a6c2082186d695304b242e9db2f12461f02e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:28 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 15 Jun 2023 16:15:13 GMT
server: cloudflare
age: 75083
etag: W/"648b3911-2e4b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 7e2118817f0f1c01-FRA
expires: Thu, 06 Jul 2023 16:48:28 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 38 KB
12 KB 103ms
34ms Script
text/javascript 18.155.129.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js?cb=31075788
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.129.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-129-34.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 03:04:08 GMT
content-encoding: gzip
via: 1.1 56d390c8b33724e3b76fca72a585f516.cloudfront.net (CloudFront)
last-modified: Wed, 31 May 2023 20:34:33 GMT
server: AmazonS3
x-amz-cf-pop: CDG52-P4
age: 49461
x-amz-server-side-encryption: AES256
etag: W/"550ead3a95bd6cfcd917d45c5f8f4553"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: kZBflUrlQBhCx67zdTaOGbONwIEza5X1XjmTZ4Q-3YZ7jEiepakNxQ==

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 2 KB
2 KB 74ms
19ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js?cb=31075788
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:42:24 GMT
via: 1.1 google
age: 364
x-guploader-uploadid: ADPycdtANF4QoMIRXomPHZLLv4Xq_VGYq2YVsGnisg3m6UhUjK4Zgvfq2jCBJCcY60wdm4FJeXlYOEMudquE-FWCMnTN
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1938
last-modified: Thu, 27 Apr 2023 19:53:17 GMT
server: UploadServer
etag: "0a4a90264145ed4c5c647dae5dfb0429"
x-goog-generation: 1682625197861193
x-goog-hash: crc32c=jhvysQ==, md5=CkqQJkFF7UxcZH2uXfsEKQ==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 1938
accept-ranges: bytes
expires: Wed, 05 Jul 2023 17:42:24 GMT

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 71ms
19ms Script
text/javascript 2600:9000:2250:d000:a:e047:753:be1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js?cb=31075788
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:d000:a:e047:753:be1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: null
Date: Wed, 05 Jul 2023 05:33:17 GMT
Via: 1.1 da4de4427d18bee1d3254f1bbdad25f2.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 May 2023 00:14:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P2
Age: 40512
x-amz-server-side-encryption: AES256
ETag: "4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1858
X-Amz-Cf-Id: 6gkk_XU7FOzOulGH5rO8e-yihNpeMLyI-7C5xLopyFgx08_kCoYFOg==

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 102 KB
25 KB 103ms
42ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js?cb=31075788

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:28 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 22 Jun 2023 08:35:03 GMT
server: cloudflare
x-amz-request-id: 7K31B1SBF214GTBQ
age: 1908
etag: W/"9b8b8eb50e4814cbdc325ce477c96910"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7e2118818ffabbd1-FRA
x-amz-id-2: e3bzHDxJ/gGu3jgSwzlpMAnHxVi64l2r1kEpNHmt8TNQGwqCCSRzYsoGG4zoKvdKxOzYBUf19Bs=

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 2 KB
879 B 1077ms
1076ms XHR
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2371316093786648&correlator=4353171211813328&eid=31075788%2C31075029&output=ldjh&gdfp_req=1&vrg=202306290101&ptt=17&impl=fif&iu_parts=44890869%3A22636493546%2Cca-pub-3831894559014614-tag%2C85d2df24-6763-4837-bd8f-0a931a810db3&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=2&adks=1197378324&didk=17098578&sfv=1-0-40&ists=1&fas=8&prev_scp=ti%3D24e2a4ae-5a44-4ecb-84e3-628e0a5f47fc%26chrand%3Dy%26pof%3D0%26interstitials-bid%3D14%26bid-p%3Dgoogle%26bsc%3D78&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1688575708340&lmt=1688575699&dlt=1688575707700&idt=597&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fhes-goals.tv%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=37944306.1688575708&ga_sid=1688575708&ga_hid=367701350&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYqJnSt5IxSABSAghkEhsKDDMzYWNyb3NzLmNvbRiomdK3kjFIAFICCGQSGQoKcHViY2lkLm9yZxinmdK3kjFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YqJnSt5IxSABSAghkEhcKCHJ0YmhvdXNlGKiZ0reSMUgAUgIIZBIZCgp1aWRhcGkuY29tGKiZ0reSMUgAUgIIZBIbCgxpZDUtc3luYy5jb20YqJnSt5IxSABSAghk

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js?cb=31075788

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a43e5ef4e08adc47c6cd09cccf45a037743c09fc5c97250fa324706c80d8f046

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:29 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: true
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 848
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hes-goals.tv
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
446ca768f6101eb974d20754f4b8163a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5BCF 6 KB
3 KB 313ms
27ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://446ca768f6101eb974d20754f4b8163a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js?cb=31075788

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hes-goals.tv/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 05 Jul 2023 16:48:28 GMT
expires: Thu, 04 Jul 2024 16:48:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/ 37 KB
13 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl_page_level_ads.js?cb=31075788

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js?cb=31075788

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3cc0b563084ab3f3f982828651c83e32b01aacaeecca60f0edffbf4e29905218

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 11:37:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18686
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13139
x-xss-protection: 0
server: cafe
etag: 4037606220920726119
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 04 Jul 2024 11:37:02 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
479 B 114ms
114ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=hes-goals.tv_fluid_lb%2Bsq_fluid&pdc=0.9250523567199708&ucv=null&e=tcp&dsReferer=aGVzLWdvYWxzLnR2Lw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.2.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nf-request-id: 01GZTVS3SE256M8E7S3AZNXWYY
date: Wed, 05 Jul 2023 16:48:28 GMT
cf-cache-status: HIT
age: 2584121
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "847d6f45a54b1a346481710a0a6f4147-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7e21188158e66916-FRA

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
11 KB 215ms
214ms XHR
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2371316093786648&correlator=2970093041275078&eid=31075788%2C31075029&output=ldjh&gdfp_req=1&vrg=202306290101&ptt=17&impl=fif&iu_parts=44890869%3A22636493546%2Cca-pub-3831894559014614-tag%2C342a4377-d585-4986-92cf-9a4ad02dd705&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280&ifi=3&adks=3769805009&didk=549048309&sfv=1-0-40&prev_scp=ti%3D24e2a4ae-5a44-4ecb-84e3-628e0a5f47fc%26chrand%3Dy%26pof%3D0%26bid%3D0.39%26bid-p%3Dgoogle%26rfi%3D30%26bsc%3D78&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1688575708374&lmt=1688575699&dlt=1688575707700&idt=597&adxs=119&adys=103&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fhes-goals.tv%2F&frm=20&vis=1&psz=1400x116&msz=1400x116&fws=0&ohw=0&ga_vid=37944306.1688575708&ga_sid=1688575708&ga_hid=367701350&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYqJnSt5IxSABSAghkEhsKDDMzYWNyb3NzLmNvbRiomdK3kjFIAFICCGQSGQoKcHViY2lkLm9yZxinmdK3kjFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YqJnSt5IxSABSAghkEhcKCHJ0YmhvdXNlGKiZ0reSMUgAUgIIZBIZCgp1aWRhcGkuY29tGKiZ0reSMUgAUgIIZBIbCgxpZDUtc3luYy5jb20YqJnSt5IxSABSAghk

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js?cb=31075788

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4036a7185b162d10f29251fd3a9cc441dd9231dd1e04c31db545d39581ccf40a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:28 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: true
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10786
x-xss-protection: 0
google-lineitem-id: 6322389315
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138435883103
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hes-goals.tv
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 mediation_configs Show response
mediation.magnetssp.com/json/ Frame ADCD 553 B
1 KB 59ms
59ms XHR
application/json 108.138.36.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mediation.magnetssp.com/json/mediation_configs
Requested by: Host: mediation.magnetssp.com
URL: https://mediation.magnetssp.com/dist/bpads/js/page-XCXWEUPF.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-75.muc50.r.cloudfront.net
Software: nginx /
Resource Hash: 22c4ecbc437ca2d24fa436ef7c1636b6e2dd08f8ed35d7dfaf4966f2e5af7a03

Request headers

Referer: https://mediation.magnetssp.com/bpads/page?id=1a00190d4d0d800&slot=1c00790d4e4a400&adsid=C0DO0r5ZBeStGx-kxwBT&sdkVersion=v1.0.0&page_url=hes-goals.tv%2F&w=933.328125&h=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Wed, 05 Jul 2023 16:48:35 GMT
via: 1.1 67393fa6b3a865c1a8252acac0aa5cbc.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: MUC50-P2
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://mediation.magnetssp.com
access-control-allow-credentials: true
access-control-allow-headers: ,sentry-trace,x-requested-with,*
x-amz-cf-id: 09HUXuhDzSPu2tiaZUUBw0mdpnXF5brIX0kKYaIMJCfveWBzF7YXFw==

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 221 B
314 B 41ms
40ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 85b11773eb90e2899f2944954ba836cc43c0535a1cbc05e75cbe8f54aa87706d

Request headers

Referer: https://hes-goals.tv/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 05 Jul 2023 16:48:28 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: 87a1c4fea0bad3b1802c795bab022167
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 221

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
332 B 248ms
42ms XHR
application/json 54.171.151.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.151.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-151-8.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 410caaf712162d6c453260d9907e548a53092ad3a86b1f019d9867aa6a93b8b0

Request headers

Referer: https://hes-goals.tv/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 16:48:28 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://hes-goals.tv
cache-control: no-cache
x-server: 10.45.1.118
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
321 B 217ms
21ms XHR
text/plain 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://hes-goals.tv/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://hes-goals.tv
date: Wed, 05 Jul 2023 16:48:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame A4B8 15 KB
6 KB 103ms
33ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=hes-goals.tv

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://hes-goals.tv/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 05 Jul 2023 16:48:28 GMT
server: Kestrel
server-processing-duration-in-ticks: 314286
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 200 mediation_batchUploadLogs Show response
mediation.magnetssp.com/json/ Frame ADCD 35 B
600 B 92ms
92ms XHR
application/json 108.138.36.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mediation.magnetssp.com/json/mediation_batchUploadLogs
Requested by: Host: mediation.magnetssp.com
URL: https://mediation.magnetssp.com/dist/bpads/js/page-XCXWEUPF.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-75.muc50.r.cloudfront.net
Software: nginx /
Resource Hash: 2869d4521c11b67c5464be455b4f81870ffc2f42a859262dbaaec63abc9b1142

Request headers

Referer: https://mediation.magnetssp.com/bpads/page?id=1a00190d4d0d800&slot=1c00790d4e4a400&adsid=C0DO0r5ZBeStGx-kxwBT&sdkVersion=v1.0.0&page_url=hes-goals.tv%2F&w=933.328125&h=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Wed, 05 Jul 2023 16:48:28 GMT
via: 1.1 67393fa6b3a865c1a8252acac0aa5cbc.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: MUC50-P2
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://mediation.magnetssp.com
access-control-allow-credentials: true
access-control-allow-headers: ,sentry-trace,x-requested-with,*
x-amz-cf-id: lIdTqkOTuSntHP7EGwZSxH87uz2IfI6e1nTec_eRQ11xhAfS2kTLwA==

POST
H2 200 mediation_batchUploadLogs Show response
mediation.magnetssp.com/json/ Frame ADCD 35 B
599 B 86ms
86ms XHR
application/json 108.138.36.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mediation.magnetssp.com/json/mediation_batchUploadLogs
Requested by: Host: mediation.magnetssp.com
URL: https://mediation.magnetssp.com/dist/bpads/js/page-XCXWEUPF.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-75.muc50.r.cloudfront.net
Software: nginx /
Resource Hash: 2869d4521c11b67c5464be455b4f81870ffc2f42a859262dbaaec63abc9b1142

Request headers

Referer: https://mediation.magnetssp.com/bpads/page?id=1a00190d4d0d800&slot=1c00790d4e4a400&adsid=C0DO0r5ZBeStGx-kxwBT&sdkVersion=v1.0.0&page_url=hes-goals.tv%2F&w=933.328125&h=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Wed, 05 Jul 2023 16:48:28 GMT
via: 1.1 67393fa6b3a865c1a8252acac0aa5cbc.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: MUC50-P2
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://mediation.magnetssp.com
access-control-allow-credentials: true
access-control-allow-headers: ,sentry-trace,x-requested-with,*
x-amz-cf-id: HnsMBTfoNXKa26AhOCCyoTQraRX09E4xArilGhIIm0-QNQf-Nw_Ljw==

GET
H2 200 afgegg Show response
www.boomplaygames.com/ Frame A98B 4 KB
2 KB 166ms
83ms Document
text/html 108.138.36.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.boomplaygames.com/afgegg?at=1
Requested by: Host: mediation.magnetssp.com
URL: https://mediation.magnetssp.com/bpads/js/magnetsspads.min.js?id=1a00190d4d0d800
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-43.muc50.r.cloudfront.net
Software: nginx /
Resource Hash: 04c19866871960d5f764a0e629213d45cb3670fa273ded92884b05f1310bfbc1

Request headers

Referer: https://hes-goals.tv/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: *
content-encoding: gzip
content-language: de-DE
content-type: text/html;charset=UTF-8
date: Wed, 05 Jul 2023 16:48:28 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 902186b72e1ae6ba0d22c4a6abfcf004.cloudfront.net (CloudFront)
x-amz-cf-id: Ll9hK6qidvhV78EQ4btXVLgDP7GBcCAffsm18SoinIoLrXzRWpHmPg==
x-amz-cf-pop: MUC50-P2
x-cache: Miss from cloudfront

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
418 B 35ms
27ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=hes-goals.tv&callback=_gfp_s_&client=ca-pub-7731356227310930

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7731356227310930&plah=hes-goals.tv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

979b564456810f2a7c3f5f808bf473242eb85747580fdf53bf99856a4167be64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 251
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 30ms
29ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=hes-goals.tv

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FC6A 76 B
391 B 231ms
225ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&adk=1812271804&adf=3025194257&lmt=1688575699&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fhes-goals.tv%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688575708244&bpp=4&bdt=544&idt=294&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2868777199370&frm=20&pv=2&ga_vid=37944306.1688575708&ga_sid=1688575708&ga_hid=367701350&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C31075644%2C31075757%2C31075811%2C44788441&oid=2&pvsid=2371316093786648&tmod=319273603&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=315

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6f3c4eb8378e0bd2852618eacf0a02ff8147155da4d5fb765d89989327cd1cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hes-goals.tv/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 66
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Jul 2023 16:48:28 GMT
expires: Wed, 05 Jul 2023 16:48:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 23E5 122 KB
40 KB 800ms
795ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=280&slotname=4370586668&adk=2813343204&adf=1668082725&pi=t.ma~as.4370586668&w=933&fwrn=4&fwrnh=100&lmt=1688575699&rafmt=1&format=933x280&url=https%3A%2F%2Fhes-goals.tv%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688575708496&bpp=3&bdt=797&idt=66&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2868777199370&frm=20&pv=1&ga_vid=37944306.1688575708&ga_sid=1688575708&ga_hid=367701350&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=501&ady=1578&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C31075644%2C31075757%2C31075811%2C44788441&oid=2&pvsid=2371316093786648&tmod=319273603&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=MSBsji8SsW&p=https%3A//hes-goals.tv&dtd=72

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84956bd6e1589e89b06898b6dcdc954ee9d6cd0066d53bab308e4fa797e633bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hes-goals.tv/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40105
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Jul 2023 16:48:29 GMT
expires: Wed, 05 Jul 2023 16:48:29 GMT
observe-browsing-topics: true
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
446ca768f6101eb974d20754f4b8163a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9607 6 KB
3 KB 31ms
26ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://446ca768f6101eb974d20754f4b8163a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js?cb=31075788

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hes-goals.tv/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 05 Jul 2023 16:48:28 GMT
expires: Thu, 04 Jul 2024 16:48:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
478 B 123ms
122ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.39&b=2&r=hes-goals.tv_fluid_lb%2Bsq_fluid&sy=b88f5285-b368-4d2a-963f-2cdf781436ea&ts=78&cd=2&pud=312&pus=c&pue=427&pid=38&pis=c&pie=471&ppd=161&pps=a&ppe=594&pcl=195&ttc=777&tti=1041&ttif=0&lca=594&lcak=ppe&lct=594&lctk=ppe&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=hes-goals.tv&mlre=undefined&mlin=0&mlsi=1024x280&mlbw=4g&mlcs=NaN&mltp=24e2a4ae-5a44-4ecb-84e3-628e0a5f47fc&e=lm&dsReferer=aGVzLWdvYWxzLnR2Lw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.2.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nf-request-id: 01GZTVS3SE256M8E7S3AZNXWYY
date: Wed, 05 Jul 2023 16:48:28 GMT
cf-cache-status: HIT
age: 2584121
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "847d6f45a54b1a346481710a0a6f4147-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7e211882fb9f6916-FRA

OPTIONS
H2 200 encrypt
esp.rtbhouse.com/ Frame 0
0 246ms
35ms Preflight
text/plain 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://hes-goals.tv
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET
access-control-allow-origin: https://hes-goals.tv
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Wed, 05 Jul 2023 16:48:28 GMT
server: Google Frontend
vary: Origin
via: 1.1 google, 1.1 google
x-cloud-trace-context: 20e8b94cd15af0733c6000540d3a8042

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/ Frame 9607 23 KB
9 KB 69ms
18ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/abg_lite_fy2021.js

Requested by

Host: 446ca768f6101eb974d20754f4b8163a.safeframe.googlesyndication.com
URL: https://446ca768f6101eb974d20754f4b8163a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://446ca768f6101eb974d20754f4b8163a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 18:04:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81845
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Jul 2023 18:04:23 GMT

GET
H2 200 dfa7banner_html_inpage_rendering_lib_200_268.js Show response
s0.2mdn.net/879366/ Frame 9607 109 KB
38 KB 93ms
19ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Requested by

Host: hes-goals.tv
URL: https://hes-goals.tv/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://446ca768f6101eb974d20754f4b8163a.safeframe.googlesyndication.com/
Origin: https://446ca768f6101eb974d20754f4b8163a.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 04:35:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44003
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38568
x-xss-protection: 0
last-modified: Tue, 14 Jan 2020 17:35:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 06 Jul 2023 04:35:05 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 9607 24 KB
7 KB 70ms
21ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 446ca768f6101eb974d20754f4b8163a.safeframe.googlesyndication.com
URL: https://446ca768f6101eb974d20754f4b8163a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://446ca768f6101eb974d20754f4b8163a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 12:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17137
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 04 Jul 2024 12:02:51 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9607 179 KB
57 KB 96ms
37ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 446ca768f6101eb974d20754f4b8163a.safeframe.googlesyndication.com
URL: https://446ca768f6101eb974d20754f4b8163a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://446ca768f6101eb974d20754f4b8163a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Jul 2023 16:48:28 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame A4B8
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=hes-goals.tv&sn=ChromeSyncframe&so=0&topUrl=hes-goals.tv&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=EQIEqnwxdzQrU1ZSV3hOU01FWkVWcEJ5bmRUWkF2S1prVEwvdC81cDgzMXFTV2E5cmpPNmdvYzJ6ZUx4cjNqVVZtamtBcU1hc1JFVnJXRnRtY0dubzhWeHM5TFJzWXEwVmVyS0o1UWZ2c3FTWmxvZ2N5OXVCYzYreEVqej...

425 B
653 B

105ms
28ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=EQIEqnwxdzQrU1ZSV3hOU01FWkVWcEJ5bmRUWkF2S1prVEwvdC81cDgzMXFTV2E5cmpPNmdvYzJ6ZUx4cjNqVVZtamtBcU1hc1JFVnJXRnRtY0dubzhWeHM5TFJzWXEwVmVyS0o1UWZ2c3FTWmxvZ2N5OXVCYzYreEVqejZNWXZSRVJwYjBpRks4aWtFWjNVenFBKzlyZkdMTnloSmt2TVFuN1o0TDBOOVJGOFNETUlTWXlLdjM5RUI3eG5uRFRyVjNScDM1dDN4dGFOckpNNnFoNFNKMTNnaHgvN3ZSU21TR3A2dXFnVUZEVmxKQkVON1pDSUIwM0NzOGxVdzdJTDRBakUrNW9WNnJ5ei9kakNGeER2MzE1NWcrZz09fA&cppv=2

Requested by

Host: hes-goals.tv
URL: https://hes-goals.tv/

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

dc8075a55cee5d7614df571fab514c2108024826f009287327a2bf9938a976a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 16:48:28 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1286986
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 05 Jul 2023 16:48:28 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=EQIEqnwxdzQrU1ZSV3hOU01FWkVWcEJ5bmRUWkF2S1prVEwvdC81cDgzMXFTV2E5cmpPNmdvYzJ6ZUx4cjNqVVZtamtBcU1hc1JFVnJXRnRtY0dubzhWeHM5TFJzWXEwVmVyS0o1UWZ2c3FTWmxvZ2N5OXVCYzYreEVqejZNWXZSRVJwYjBpRks4aWtFWjNVenFBKzlyZkdMTnloSmt2TVFuN1o0TDBOOVJGOFNETUlTWXlLdjM5RUI3eG5uRFRyVjNScDM1dDN4dGFOckpNNnFoNFNKMTNnaHgvN3ZSU21TR3A2dXFnVUZEVmxKQkVON1pDSUIwM0NzOGxVdzdJTDRBakUrNW9WNnJ5ei9kakNGeER2MzE1NWcrZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 242233
content-length: 0
expires: 0

GET
H3 200 index.html Show response
s0.2mdn.net/dfp/326909/29905229/1685811822968/ Frame 353A 19 KB
5 KB 62ms
21ms Document
text/html 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/326909/29905229/1685811822968/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13a80ef3063448c00840e283e683dd30c9ce6dd3a2727acb807939161f69cc4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://446ca768f6101eb974d20754f4b8163a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 83804
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 4860
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 04 Jul 2023 17:31:44 GMT
expires: Wed, 05 Jul 2023 17:31:44 GMT
last-modified: Sat, 03 Jun 2023 17:03:43 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9607 0
29 B 58ms
57ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsur7k1DUFkFKwW0GSInt-A38g_P_YC5OEJy2sTzt04n2vynTVL3T6g2MD0vSxS1IE328-0KKJzONGy4FJhbzSMYpuYE42Oj2T0u95UHH2ep51mU0jV3ia61Ixo0lgmpmJDY-GfKn7GPqtfYZpeDoOtnasbgX5tUu2QFvEj4X1KwxorVQ3KONdKPX0J2zGMrowkHve2W2U7Fes_zI7JvNiS0B9-B-faAZWFxI5o9jO_Yko_Cy9JwP-CYfzwgzUJMgsa7q1t8Agv9FstPaoKC41O5-ijbUzvDPVY7cab1kPwey28Wdt-0PdGbqaS06YeimFuzeC-WJtsfiHtLdkK-8PkxiHlVm0EKWwbza4CbOyQsP0RTbKph6s97YSXDpglSu23lI70puCk&sai=AMfl-YSamEtV84pIXqWcbvkalngPno6WFwUo5eoE4dhGIByBXjvHe0gj5Pvm2Qp5uub_3LCPJ3FeHEjE8Vb8gRvEp90kjd3rY8FPKPnB9IKPX9dieO40Wo2SC6GUyXDj8W83HAyhNH_rT-jqYdBHyL8&sig=Cg0ArKJSzDDoR11t9ilmEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 446ca768f6101eb974d20754f4b8163a.safeframe.googlesyndication.com
URL: https://446ca768f6101eb974d20754f4b8163a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://446ca768f6101eb974d20754f4b8163a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 05 Jul 2023 16:48:28 GMT

GET
H2 200 index.min.css
www.boomplaygames.com/bp-game/egg/css/ Frame A98B 4 KB
2 KB 25ms
25ms Stylesheet
text/css 108.138.36.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.boomplaygames.com/bp-game/egg/css/index.min.css
Requested by: Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/afgegg?at=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-43.muc50.r.cloudfront.net
Software: nginx /
Resource Hash: 1374b8f07fff158a285cae4f10364b53b430f5460c29a56e7069c5044541d12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.boomplaygames.com/afgegg?at=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 09:52:00 GMT
content-encoding: gzip
via: 1.1 902186b72e1ae6ba0d22c4a6abfcf004.cloudfront.net (CloudFront)
last-modified: Sun, 25 Jun 2023 02:15:52 GMT
server: nginx
x-amz-cf-pop: MUC50-P2
age: 24988
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: 1q35ifFh3xodp0aAHee2PxBh3ag9tFAgA9rVxEbIWdWeTaUF4oMLXQ==

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame A98B 138 KB
48 KB 74ms
73ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7731356227310930

Requested by

Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/afgegg?at=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0a5cb9c599aeb2464d76dd343c31dabc25bd06497024a59de3abb576585e3fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.boomplaygames.com/
Origin: https://www.boomplaygames.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48713
x-xss-protection: 0
server: cafe
etag: 6573653479486660394
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 16:48:28 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9607 0
0 105ms
61ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvFVo_Cdgtu3ZcpnVgmYE9p2ttPNNTSbgq1YK-skthHtdlZStmcE20mFTSwbVW9IVX3Mf_duYUh67ewA7OSYSQAy9R8M1r5g_D9BIkkvkQqmiEBX8iWQ5sv4ony-H7cqI5x03YuBqtUQXhV55zJuB_2Bnt9Lf0kbc78BOVEk4_elSWWUIv0VlyMy0LgoZzD9yDnFkspegORe_kTYLuMTX3nQ6Q_mhWToGOQXLl7R2zloydBPruXAnA7KsLzGiuaXlKIIczWYYuUMW1Lev7UjNgapf_FxGKJg8KjF4JYDxPB0zpVBVcjj50FHSPOWFv-JHDFB4bVk8nHmN99sPu182K1jdYtNQNOi2YS2HFZzJSgm6ifX10g_vwcbB1vJD8xrA3733YdXPVS4Q&sai=AMfl-YQh_loevxhRsteFt2l0v2Nd0Z08QsmCFkuhKv0qZ3gFihnfpv1AH66sfWPi4nUccwj9xy6bWKPj06ZjAzbvsN96re137GuwuE-G_CrX2dt133ul9Y2VnTQwb1eKHHjEzYS4bFcUoaDjDa0UQ0I&sig=Cg0ArKJSzF8mJ7CrKcBVEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://446ca768f6101eb974d20754f4b8163a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 05 Jul 2023 16:48:29 GMT

GET
H3 200 bcdc39946861b91689eea548d19ea8da.js Show response
s0.2mdn.net/dfp/326909/29905229/1685811822968/ Frame 353A 106 KB
30 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/326909/29905229/1685811822968/bcdc39946861b91689eea548d19ea8da.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/326909/29905229/1685811822968/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8387b57a118935f8019c446fd39e34f5c72f0dd3ab3f56a090f4a42dba73fcf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/326909/29905229/1685811822968/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 17:31:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83804
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31000
x-xss-protection: 0
last-modified: Sat, 03 Jun 2023 17:03:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 05 Jul 2023 17:31:44 GMT

GET
H2 200 bg.png
www.boomplaygames.com/bp-game/egg/img/ Frame A98B 257 KB
258 KB 29ms
27ms Image
image/png 108.138.36.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.boomplaygames.com/bp-game/egg/img/bg.png
Requested by: Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/bp-game/egg/css/index.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-43.muc50.r.cloudfront.net
Software: nginx /
Resource Hash: 471d1441e10580906ddefbe4cfb90f60ba5a73ff217739fdb927a06d38694ab5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.boomplaygames.com/bp-game/egg/css/index.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 11:08:55 GMT
via: 1.1 902186b72e1ae6ba0d22c4a6abfcf004.cloudfront.net (CloudFront)
last-modified: Sun, 25 Jun 2023 02:15:52 GMT
server: nginx
x-amz-cf-pop: MUC50-P2
age: 20373
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 263395
x-amz-cf-id: E_yz6eSGLlxjb9aulPPPlNYV1Qchkh52XYlrmaBap6eUJDSwlcpzmw==

GET
H2 200 icon_egg_close.png
www.boomplaygames.com/bp-game/egg/img/ Frame A98B 44 KB
44 KB 109ms
107ms Image
image/png 108.138.36.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.boomplaygames.com/bp-game/egg/img/icon_egg_close.png
Requested by: Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/bp-game/egg/css/index.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-43.muc50.r.cloudfront.net
Software: nginx /
Resource Hash: c334fe640b85a39b39afcb3fb696fb65a0f38f61d4aa04e4daeb4b2736721a53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.boomplaygames.com/bp-game/egg/css/index.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 07:10:02 GMT
via: 1.1 902186b72e1ae6ba0d22c4a6abfcf004.cloudfront.net (CloudFront)
last-modified: Sun, 25 Jun 2023 02:15:52 GMT
server: nginx
x-amz-cf-pop: MUC50-P2
age: 34706
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 44659
x-amz-cf-id: 9P3OnEvr7YNi5k-63xVGtGGZP8_q309F7QS0jp_HLAFzciibOU0aUA==

GET
H2 200 hand.png
www.boomplaygames.com/bp-game/egg/img/ Frame A98B 26 KB
26 KB 115ms
112ms Image
image/png 108.138.36.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.boomplaygames.com/bp-game/egg/img/hand.png
Requested by: Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/bp-game/egg/css/index.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-43.muc50.r.cloudfront.net
Software: nginx /
Resource Hash: 4bb033ea7a2a04c5459311db0d05fdf49fa1c1478b61e7db9e8358dcebfc9504

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.boomplaygames.com/bp-game/egg/css/index.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 10:57:50 GMT
via: 1.1 902186b72e1ae6ba0d22c4a6abfcf004.cloudfront.net (CloudFront)
last-modified: Sun, 25 Jun 2023 02:15:52 GMT
server: nginx
x-amz-cf-pop: MUC50-P2
age: 21038
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 26692
x-amz-cf-id: UGd0kXGFBerdOlXjTDGhBhx3dioEKQYXKfMQoBsPd5MtkTJD0IWy_A==

GET
H2 200 icon_egg_head.png
www.boomplaygames.com/bp-game/egg/img/ Frame A98B 18 KB
18 KB 119ms
117ms Image
image/png 108.138.36.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.boomplaygames.com/bp-game/egg/img/icon_egg_head.png
Requested by: Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/bp-game/egg/css/index.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-43.muc50.r.cloudfront.net
Software: nginx /
Resource Hash: 553ae0bf096177f4d85b26a41d255124f5e812a830cc2b47a7fda8d2c05a4cb9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.boomplaygames.com/bp-game/egg/css/index.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 10:57:50 GMT
via: 1.1 902186b72e1ae6ba0d22c4a6abfcf004.cloudfront.net (CloudFront)
last-modified: Sun, 25 Jun 2023 02:15:52 GMT
server: nginx
x-amz-cf-pop: MUC50-P2
age: 21038
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 18136
x-amz-cf-id: m_QYcdxu5a2enVPXvEEzh68R_s9vhFjwIDHVtjlfJGlSGLBDo8Jc5Q==

GET
H2 200 pic_light_1.png
www.boomplaygames.com/bp-game/egg/img/ Frame A98B 58 KB
58 KB 123ms
121ms Image
image/png 108.138.36.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.boomplaygames.com/bp-game/egg/img/pic_light_1.png
Requested by: Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/bp-game/egg/css/index.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-43.muc50.r.cloudfront.net
Software: nginx /
Resource Hash: 53c8e12b1eecfdd19a3dd422e55c59fa464b5b8d79c1c3a496c5464012a7c2e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.boomplaygames.com/bp-game/egg/css/index.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 06:17:13 GMT
via: 1.1 902186b72e1ae6ba0d22c4a6abfcf004.cloudfront.net (CloudFront)
last-modified: Sun, 25 Jun 2023 02:15:52 GMT
server: nginx
x-amz-cf-pop: MUC50-P2
age: 37875
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 59063
x-amz-cf-id: _b_uxIqSXqYvt_91SA8dtNvYwkBrE3d263KCeFVw4SU26XYP8VNcpA==

GET
H2 200 iPhone.png
www.boomplaygames.com/bp-game/egg/img/ Frame A98B 14 KB
14 KB 125ms
123ms Image
image/png 108.138.36.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.boomplaygames.com/bp-game/egg/img/iPhone.png
Requested by: Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/bp-game/egg/css/index.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-43.muc50.r.cloudfront.net
Software: nginx /
Resource Hash: 46694a456711f854acf918bf369e0ce435264b9bb101fe05b5605ef4aa68fe22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.boomplaygames.com/bp-game/egg/css/index.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 07:10:02 GMT
via: 1.1 902186b72e1ae6ba0d22c4a6abfcf004.cloudfront.net (CloudFront)
last-modified: Sun, 25 Jun 2023 02:15:52 GMT
server: nginx
x-amz-cf-pop: MUC50-P2
age: 34706
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 14456
x-amz-cf-id: yW8hlfW6jv0r8Gd6L9Tpmw4Lgss5jTbtopuSway3pbv0vA7YR1pO0A==

GET
H2 200 icon_open_egg.png
www.boomplaygames.com/bp-game/egg/img/ Frame A98B 44 KB
44 KB 126ms
125ms Image
image/png 108.138.36.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.boomplaygames.com/bp-game/egg/img/icon_open_egg.png
Requested by: Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/bp-game/egg/css/index.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-43.muc50.r.cloudfront.net
Software: nginx /
Resource Hash: 5b611e89fa1a6b58cbc1db830dffd3ff972ce5727f6397510a60332cc2218055

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.boomplaygames.com/bp-game/egg/css/index.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 10:20:07 GMT
via: 1.1 902186b72e1ae6ba0d22c4a6abfcf004.cloudfront.net (CloudFront)
last-modified: Sun, 25 Jun 2023 02:15:52 GMT
server: nginx
x-amz-cf-pop: MUC50-P2
age: 23301
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 44922
x-amz-cf-id: efSogiog6FOMjrMeVBs9dMEmrKwpd2Gvy-jyAU1LpyGnXpLu8lKM7A==

GET
H3 200 slotcar_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306260101/ 88 KB
30 KB 68ms
67ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306260101/slotcar_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7731356227310930

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3371ba6cd8c41da32f0c4a26906282126e1229b336f9516295b722c11c80fdd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30960
x-xss-protection: 0
server: cafe
etag: 11476688683232815015
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 16:48:29 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306260101/ Frame A98B 344 KB
118 KB 97ms
97ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7731356227310930&plah=www.boomplaygames.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7731356227310930

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d07b247a5737c7c856df82bfcec6691d22ab84c4983b6c98a33ed192f3f95a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.boomplaygames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121165
x-xss-protection: 0
server: cafe
etag: 3009524717558604545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 16:48:29 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A98B 0
20 B 60ms
60ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=new_abg_tag&value=true&host_v=false&frequency=0.01&eid=44759876%2C44759837%2C44759927%2C42532266%2C44788441%2C44796476%2C21065724

Requested by

Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/afgegg?at=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.boomplaygames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 16:48:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 353A 4 KB
1014 B 89ms
30ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Muli:400|Muli:700|Cardo:400|Cardo:700

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/326909/29905229/1685811822968/bcdc39946861b91689eea548d19ea8da.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e99b649854621c01ca000e9b0c3f5e2115592a4f73b33395fac5b7c648e29820

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 05 Jul 2023 16:48:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 05 Jul 2023 16:37:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 05 Jul 2023 16:48:29 GMT

GET
H3 200 db095612a5d588272204f455bc9f8568.svg
s0.2mdn.net/dfp/326909/29905229/1685811822968/media/ Frame 353A 7 KB
3 KB 20ms
19ms Image
image/svg+xml 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/326909/29905229/1685811822968/media/db095612a5d588272204f455bc9f8568.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/326909/29905229/1685811822968/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5935bd4c9f228a9ab62c6ef3684fb301a4386e19ffc4323cffdc9eed11035b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/326909/29905229/1685811822968/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 17:08:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85199
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3123
x-xss-protection: 0
last-modified: Sat, 03 Jun 2023 17:03:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 05 Jul 2023 17:08:30 GMT

GET
H3 206 a4047e80b11fdf693b1c920b205adc03.mp4
s0.2mdn.net/dfp/326909/29905229/1685811822968/media/ Frame 353A 43 KB
43 KB 28ms
28ms Media
video/mp4 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/326909/29905229/1685811822968/media/a4047e80b11fdf693b1c920b205adc03.mp4

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/326909/29905229/1685811822968/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17e12bf7b8cffd82257eae0499a2f1d89c500c2342fc09b9d8e950edc63bb8ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/326909/29905229/1685811822968/index.html
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 05 Jul 2023 16:48:29 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-44426/44427
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length: 44427
x-xss-protection: 0
last-modified: Sat, 03 Jun 2023 17:03:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 06 Jul 2023 16:48:29 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A98B 0
20 B 53ms
52ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=abg::amalserr&status=tcto&guarding=true&timeout=50&rate=0.01&eid=44759876%2C44759837%2C44759927%2C42532266%2C44788441%2C44796476%2C21065724

Requested by

Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/afgegg?at=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.boomplaygames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 16:48:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v28/ Frame 353A 30 KB
31 KB 74ms
24ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v28/7Auwp_0qiz-afTLGLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:400|Muli:700|Cardo:400|Cardo:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a04078f9550381b5148170ceaf5b378a1b31ed8274c6d0094aeba6f599462cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 19:34:34 GMT
x-content-type-options: nosniff
age: 335635
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31196
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:43:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Jun 2024 19:34:34 GMT

GET
H2 200 wlp_gwjKBV1pqhv43IE.woff2
fonts.gstatic.com/s/cardo/v19/ Frame 353A 15 KB
15 KB 96ms
46ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cardo/v19/wlp_gwjKBV1pqhv43IE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:400|Muli:700|Cardo:400|Cardo:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1346360729e77380edf8f17fa421b76452289ae1b5f4be290b19c4d204e9587

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 19:44:12 GMT
x-content-type-options: nosniff
age: 335057
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14880
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 17:05:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Jun 2024 19:44:12 GMT

GET
H2 200 wlpygwjKBV1pqhND-ZQW-WM.woff2
fonts.gstatic.com/s/cardo/v19/ Frame 353A 18 KB
19 KB 100ms
51ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cardo/v19/wlpygwjKBV1pqhND-ZQW-WM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:400|Muli:700|Cardo:400|Cardo:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f94a0b25ed421e6643ca8ae21ccd63cf5630e8db8a3b64f63a669936d068c427

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 19:29:09 GMT
x-content-type-options: nosniff
age: 335960
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18852
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 17:09:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Jun 2024 19:29:09 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A98B 0
20 B 57ms
56ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=afc_etu&etus=2&sig=1&tms=200&eid=44759876%2C44759837%2C44759927%2C42532266%2C44788441%2C44796476%2C21065724

Requested by

Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/afgegg?at=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.boomplaygames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 16:48:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame A98B 107 B
122 B 31ms
30ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.boomplaygames.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.boomplaygames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0479 76 B
86 B 251ms
251ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&adk=1812271804&adf=3279755401&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fhes-goals.tv%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688575709020&bpp=5&bdt=162&idt=193&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&nras=1&correlator=32668278212&frm=24&ife=1&pv=2&ga_vid=1263071458.1688575709&ga_sid=1688575709&ga_hid=785754829&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759837%2C44759927%2C42532266%2C44788441%2C44796476%2C21065724&oid=2&pvsid=1977473505638320&tmod=780174454&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.awfsur8mqf2l&fsb=1&dtd=213

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6f3c4eb8378e0bd2852618eacf0a02ff8147155da4d5fb765d89989327cd1cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.boomplaygames.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 66
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Jul 2023 16:48:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
482 B 33ms
33ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=hes-goals.tv_auto_interstitial_desktop&e=nai&dsReferer=aGVzLWdvYWxzLnR2Lw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.2.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nf-request-id: 01GZTVS3SE256M8E7S3AZNXWYY
date: Wed, 05 Jul 2023 16:48:29 GMT
cf-cache-status: HIT
age: 2584122
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "847d6f45a54b1a346481710a0a6f4147-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7e21188809a86916-FRA

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 32ms
32ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=hes-goals.tv

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js?cb=31075788

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 163 KB
48 KB 423ms
422ms XHR
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2371316093786648&correlator=454879145692995&eid=31075788%2C31075029&output=ldjh&gdfp_req=1&vrg=202306290101&ptt=17&impl=fif&iu_parts=44890869%3A22636493546%2Cca-pub-3831894559014614-tag%2C354a254b-55f0-4313-bf27-5bf7c1bb443b&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=5&adks=3733003177&didk=3884244304&sfv=1-0-40&ists=1&fas=8&prev_scp=ti%3D24e2a4ae-5a44-4ecb-84e3-628e0a5f47fc%26chrand%3Dy%26pof%3D0%26interstitials-bid%3D4%26bid-p%3Dgoogle%26bsc%3D78&eri=1&sc=1&cookie=ID%3Df688b5ba705df737%3AT%3D1688575708%3ART%3D1688575708%3AS%3DALNI_MYHDYp6hWbBV2xXQ8mYovcNDMqwWA&gpic=UID%3D00000c3733671c39%3AT%3D1688575708%3ART%3D1688575708%3AS%3DALNI_MawkSvU7ZD5Jj1WeDwz1tR06iliJQ&abxe=1&dt=1688575709443&lmt=1688575699&dlt=1688575707700&idt=597&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fhes-goals.tv%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=ABnkTfAI8VmqKL9i8ovApvRX0J9QOZvWDsgUA6sHNz1maXI5FUR-sUW5Y2fegHPmkefqUQW1fX7FAfxsbHk9QXC7XsOZ&ga_vid=37944306.1688575708&ga_sid=1688575708&ga_hid=367701350&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYqJnSt5IxSABSAghkEhsKDDMzYWNyb3NzLmNvbRiomdK3kjFIAFICCGQSGQoKcHViY2lkLm9yZxiVmtK3kjFIAFICCGoSHQoOZXNwLmNyaXRlby5jb20YqJnSt5IxSABSAghkEsIBCghydGJob3VzZRKsATRmL3VWR3loMUlaSkZtNk1DYjRTaVA5Zm9raW5ZZDlTdjZSSG90QkJrS1g2QjVUaVMzcFNIT1Q0dm1VcmR6NHl5aWZPZVlUMVVPZy9oV1FlYTg4eHg4UHJsaHVHczBhWHpVOCtVcUhBMWFFR2hwTTFIK1oyaVFhaGNTYkg4bVE5SS8zMU1mOU1Kb3JnK2FmYkZHa1dPSHp5NFZkMktJQ1dWcE1STUVDZVdYQT0YuZzSt5IxSAASGQoKdWlkYXBpLmNvbRiomdK3kjFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGIGc0reSMUgAUgIIag..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js?cb=31075788

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a7738e3b4ced86866bc4b9745aa9375eb3c2da2a93dfc7e7a52ab41a50da4b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:29 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: true
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49108
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hes-goals.tv
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 23E5 2 KB
973 B 24ms
15ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=280&slotname=4370586668&adk=2813343204&adf=1668082725&pi=t.ma~as.4370586668&w=933&fwrn=4&fwrnh=100&lmt=1688575699&rafmt=1&format=933x280&url=https%3A%2F%2Fhes-goals.tv%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688575708496&bpp=3&bdt=797&idt=66&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2868777199370&frm=20&pv=1&ga_vid=37944306.1688575708&ga_sid=1688575708&ga_hid=367701350&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=501&ady=1578&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C31075644%2C31075757%2C31075811%2C44788441&oid=2&pvsid=2371316093786648&tmod=319273603&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=MSBsji8SsW&p=https%3A//hes-goals.tv&dtd=72

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 18:04:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81842
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Jul 2023 18:04:27 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 23E5 0
0 71ms
66ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CHuWh3J6lZJHLLayJ5LcP8N-hqATmj96DafmT4dHvDZSUjqD_ChABIJOY4HdglYKAgMgHoAHSn_DbA8gBCakCNsTwkR9Hsj6oAwHIA8sEqgTIAU_QfJcpb4bjlbUnY43uWDpACew5PvuSM-nvTJ1-twQHDDwlAnQWUQi49bkNvzRGAIOwpgdXNVTGck1BTn65w7k8uDJ_XxeTX7ltaN4A1AbYrOzp3eF9ykOAidwdl5sBc28jE0T1TReGDXMppmRRiPYNTkv3qXYSXIVnEFJTUBfRXGpfb7Oqyz2C8rtcMZBlhAR8B_4dQPmzRhReu8W51rJwMWR1MbRZMVdObmmYQ_pJ7dPDYsbbAm2M01rEgruR8vQSQiFl_fYNwASwzYvjqgGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHluCPJKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBDhxgXSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsB2BMNiBQD0BUBmBYBgBcBshccChoIABIUcHViLTc3MzEzNTYyMjczMTA5MzAYAA&sigh=Oe4_fZbLezY&uach_m=[UACH]&cid=CAQSKQBygQiDY-R32l5DjfqmjoiEm2jR6jJTyKEzXzpzzYwcVyppnjZlQyPAGAE&template_id=494

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=280&slotname=4370586668&adk=2813343204&adf=1668082725&pi=t.ma~as.4370586668&w=933&fwrn=4&fwrnh=100&lmt=1688575699&rafmt=1&format=933x280&url=https%3A%2F%2Fhes-goals.tv%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688575708496&bpp=3&bdt=797&idt=66&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2868777199370&frm=20&pv=1&ga_vid=37944306.1688575708&ga_sid=1688575708&ga_hid=367701350&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=501&ady=1578&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C31075644%2C31075757%2C31075811%2C44788441&oid=2&pvsid=2371316093786648&tmod=319273603&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=MSBsji8SsW&p=https%3A//hes-goals.tv&dtd=72
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 05 Jul 2023 16:48:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/ Frame 23E5 23 KB
9 KB 28ms
21ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 18:04:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81846
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Jul 2023 18:04:23 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 23E5 3 KB
1 KB 31ms
24ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 07:48:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32405
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Jul 2023 07:48:24 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C673 1 KB
643 B 23ms
18ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 86153
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 04 Jul 2023 16:52:36 GMT
etag: 48472445140208031
expires: Wed, 05 Jul 2023 16:52:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 23E5 20 KB
8 KB 24ms
18ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 17:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82682
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8312
x-xss-protection: 0
server: cafe
etag: 5477749917372345267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Jul 2023 17:50:27 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 23E5 0
0 81ms
27ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSeo8JcpUfroM9nKna3Rzkk7K5N-6qegY7GLuHYOtm7EH7kkrYHeyJcF3V-9dkm6vMN6MgHIZDBRPT96E12ESj7JYz4DQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=280&slotname=4370586668&adk=2813343204&adf=1668082725&pi=t.ma~as.4370586668&w=933&fwrn=4&fwrnh=100&lmt=1688575699&rafmt=1&format=933x280&url=https%3A%2F%2Fhes-goals.tv%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688575708496&bpp=3&bdt=797&idt=66&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2868777199370&frm=20&pv=1&ga_vid=37944306.1688575708&ga_sid=1688575708&ga_hid=367701350&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=501&ady=1578&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C31075644%2C31075757%2C31075811%2C44788441&oid=2&pvsid=2371316093786648&tmod=319273603&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=MSBsji8SsW&p=https%3A//hes-goals.tv&dtd=72
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 23E5 179 KB
56 KB 36ms
31ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Jul 2023 16:48:29 GMT

GET
H2 200 77005c67fa3fd636ca667830ce382e45.js Show response
www.gstatic.com/mysidia/ Frame 23E5 33 KB
14 KB 68ms
19ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/77005c67fa3fd636ca667830ce382e45.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

162c5ebe4d8983b62bbb17bdcbec49361953db02abb8ef83a527c25544b4de9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 17:33:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 170087
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14190
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 18:45:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 01 Oct 2023 17:33:42 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 23E5 32 KB
33 KB 81ms
19ms Image
image/jpeg 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcR2W1PV_LRitgwM7CjcdYV6AITaRb-gFMVetyJE9diDXmSBH-JTsNoO3Sy4T1I&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecc6ccff0a918981f75bc00d318fb0f30a422c2d48d63fa6e0dc0f123d91a33b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 06:22:09 GMT
x-content-type-options: nosniff
age: 296780
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32900
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 08:15:51 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 01 Jul 2024 06:22:09 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 23E5 36 KB
36 KB 112ms
51ms Image
image/jpeg 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQtfG-qSgOxREGYBxCtrWzNLHnSoU-ZPs-QEz8xwDRYmsmOQWM8d8DAU5Ipy5I&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7ead8acc98b6a7af25bbfe2a100d23bcabfc6cc32a04f8ad733ddd149020445

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 09:56:02 GMT
x-content-type-options: nosniff
age: 370347
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36951
x-xss-protection: 0
last-modified: Sun, 15 Jan 2023 10:21:35 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 30 Jun 2024 09:56:02 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 23E5 34 KB
35 KB 86ms
21ms Image
image/jpeg 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRJ7EhSL9fwD3pSnCUcUDlItEi7mP_ctSjgO31BNDBFyWNzTaefLh5K-vlI_A&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d6996455ef875c8e74b317f198c28048626813d28ca154244cd9e86134fcd22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 18:23:36 GMT
x-content-type-options: nosniff
age: 599093
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34920
x-xss-protection: 0
last-modified: Sun, 22 Jan 2023 12:06:57 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 27 Jun 2024 18:23:36 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 23E5 33 KB
33 KB 100ms
39ms Image
image/jpeg 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTnRW9oczsFaWCMgPlapYkGENLo-fq0xmcdgawtNTa4G779AvWo07WUazvr6Ac&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5ad4f7fe1de2ea12066252dfc254958ce71d33f1abec36e537928e6f56deae8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 05:38:12 GMT
x-content-type-options: nosniff
age: 385817
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33543
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 09:47:11 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 30 Jun 2024 05:38:12 GMT

GET
H2

200

4339031254341182387
tpc.googlesyndication.com/simgad/ Frame 23E5
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDbhv_nVhCkBhjJATIIT-U8H3K8tRU
https://tpc.googlesyndication.com/simgad/4339031254341182387

26 KB
26 KB

19ms
19ms

Image
image/png

2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4339031254341182387

Requested by

Protocol

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f99bc745cc2417fc3b9fa7813042d516d77385fdbf5e95ef870f2c1afcec9b6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 04:15:59 GMT
x-content-type-options: nosniff
age: 304350
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26440
x-xss-protection: 0
last-modified: Fri, 17 May 2019 07:40:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 01 Jul 2024 04:15:59 GMT

Redirect headers

date: Tue, 04 Jul 2023 19:04:15 GMT
x-content-type-options: nosniff
server: cafe
age: 78254
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/4339031254341182387
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 03 Aug 2023 19:04:15 GMT

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 23E5 20 KB
20 KB 22ms
19ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 16:40:42 GMT
x-content-type-options: nosniff
age: 346067
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Jun 2024 16:40:42 GMT

GET
H3 200 slotcar_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306260101/ Frame A98B 88 KB
30 KB 84ms
84ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306260101/slotcar_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7731356227310930

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6f1fb3a353b36584814bd6f0b8915e5f8a7cd6c32b4dd19579ac0f577e2ff05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.boomplaygames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30960
x-xss-protection: 0
server: cafe
etag: 14649259567794109778
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 16:48:29 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame C673
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEKs4S5235c3XjmIwLOj_4aE&google_cver=1&google_push=AaAOQGGiFSAUeyCLaoDs58gaPs_rk-Pq22D_rpJn_xLdCfc_yQ8HkrNPwtsxDReESLCI5TBwSTAE17ccqIKBnQb-41dtkWXthIGWrfY
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODI1NTg1Mjk5MDQzMzIxNDA5Mg==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKs4S5235c3XjmIwLOj_4aE&google_cver=1

43 B
398 B

80ms
25ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKs4S5235c3XjmIwLOj_4aE&google_cver=1
Requested by: Host: hes-goals.tv
URL: https://hes-goals.tv/
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 05 Jul 2023 16:48:29 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Wed, 05 Jul 2023 16:48:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKs4S5235c3XjmIwLOj_4aE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame C673 35 B
465 B 82ms
23ms Image
image/gif 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJUvAYEYJCdErxNojCtKZVU&google_cver=1&google_push=AaAOQGHRF3jcNxbg3lAm2ZngKgdwVZ4FExhphH8ZcPcNPwR_qkGj6ZexGz1DV2KQD740tVDUP0ZQVlL5DqDhTpCdkvhpV2pOK4-K-w

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 16:48:29 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame C673
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEJWleZH12akrmlmVPZ5moz4&google_cver=1&google_push=AaAOQGHx9vrmyfvzGcuFI-EHJPOGR3P58No957j7E10AerxmrQ7t1fNVby_JoPjOJ-H1yOwQzLHSYAFXxJVWDtSAFEean6hnuIdnw...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJWleZH12akrmlmVPZ5moz4&google_cver=1&google_push=AaAOQGHx9vrmyfvzGcuFI-EHJPOGR3P58No957j7E10AerxmrQ7t1fNVby_JoPjOJ-H1yOwQzLHSYAFXxJVWDtSAFEean6hnuId...

43 B
441 B

208ms
191ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJWleZH12akrmlmVPZ5moz4&google_cver=1&google_push=AaAOQGHx9vrmyfvzGcuFI-EHJPOGR3P58No957j7E10AerxmrQ7t1fNVby_JoPjOJ-H1yOwQzLHSYAFXxJVWDtSAFEean6hnuIdnwzs&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGHx9vrmyfvzGcuFI-EHJPOGR3P58No957j7E10AerxmrQ7t1fNVby_JoPjOJ-H1yOwQzLHSYAFXxJVWDtSAFEean6hnuIdnwzs%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: hes-goals.tv
URL: https://hes-goals.tv/
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 16:48:30 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7e21188a7d199268-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 05 Jul 2023 16:48:29 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 321
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJWleZH12akrmlmVPZ5moz4&google_cver=1&google_push=AaAOQGHx9vrmyfvzGcuFI-EHJPOGR3P58No957j7E10AerxmrQ7t1fNVby_JoPjOJ-H1yOwQzLHSYAFXxJVWDtSAFEean6hnuIdnwzs&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGHx9vrmyfvzGcuFI-EHJPOGR3P58No957j7E10AerxmrQ7t1fNVby_JoPjOJ-H1yOwQzLHSYAFXxJVWDtSAFEean6hnuIdnwzs%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7e211888ea1e9268-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame C673
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEA9sYG92Ssskyy4UwnjDlXQ&google_cver=1&google_push=AaAOQGHSHclYhultpCKYDVAJHJZtDTfepqR82DkS8qMOOLaO0eG8PA4GxE_ss9H13uddhFFILlRZwLQqW3e62yTUDt5x05Tfnch8sA
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=121054A96B134A3D81927EF1AB81355B&google_push=AaAOQGHSHclYhultpCKYDVAJHJZtDTfepqR82DkS8qMOOLaO0eG8PA4GxE_ss9H13uddhFFILlRZwLQqW3e62yT...

170 B
243 B

33ms
32ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=121054A96B134A3D81927EF1AB81355B&google_push=AaAOQGHSHclYhultpCKYDVAJHJZtDTfepqR82DkS8qMOOLaO0eG8PA4GxE_ss9H13uddhFFILlRZwLQqW3e62yTUDt5x05Tfnch8sA

Requested by

Host: hes-goals.tv
URL: https://hes-goals.tv/

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 16:48:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 05 Jul 2023 16:48:29 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=121054A96B134A3D81927EF1AB81355B&google_push=AaAOQGHSHclYhultpCKYDVAJHJZtDTfepqR82DkS8qMOOLaO0eG8PA4GxE_ss9H13uddhFFILlRZwLQqW3e62yTUDt5x05Tfnch8sA
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 04 Jul 2023 16:48:29 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame C673 70 B
265 B 145ms
47ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESED3jVifmqDdKx1iEHgMuxzk&google_cver=1&google_push=AaAOQGGK5RQDtqukwmHDhvA6xpA7-9COLvavmvWv4r7IEb7rJWeD46tStJ5CjPYHKUP05b7mQ9vFlYRZJteyB7FHha-VQb85XOq_AQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=280&slotname=4370586668&adk=2813343204&adf=1668082725&pi=t.ma~as.4370586668&w=933&fwrn=4&fwrnh=100&lmt=1688575699&rafmt=1&format=933x280&url=https%3A%2F%2Fhes-goals.tv%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688575708496&bpp=3&bdt=797&idt=66&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2868777199370&frm=20&pv=1&ga_vid=37944306.1688575708&ga_sid=1688575708&ga_hid=367701350&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=501&ady=1578&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C31075644%2C31075757%2C31075811%2C44788441&oid=2&pvsid=2371316093786648&tmod=319273603&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=MSBsji8SsW&p=https%3A//hes-goals.tv&dtd=72
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 05 Jul 2023 16:48:29 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame C673
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&...
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-0Lhy9BM8BFry1UOsoStwX8o0AAvuiwP7SVA-gw&google_push=PUSH_DATA
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5

43 B
369 B

27ms
26ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5

Requested by

Host: hes-goals.tv
URL: https://hes-goals.tv/

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 16:48:28 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 131405
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 05 Jul 2023 16:48:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 274
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C673
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMbE63pjkrZO0bPxan1nv94&google_cver=1&google_push=AaAOQGFdYmwf3UEtwWqiQEYQp5oH1EUYAk-Ht__koPtVmblpvuVBLobKaDHLfM9lXsncoNXkGZiNGkN4...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMbE63pjkrZO0bPxan1nv94&google_cver=1&google_push=AaAOQGFdYmwf3UEtwWqiQEYQp5oH1EUYAk-Ht__koPtVmblpvuVBLobKaDHLfM9lXsncoNXkGZi...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODQ2MzUzMjQ3MTE1MjM1NDY2Ng&google_push=AaAOQGFdYmwf3UEtwWqiQEYQp5oH1EUYAk-Ht__koPtVmblpvuVBLobKaDHLfM9lXsncoNXkGZiNGk...

170 B
188 B

29ms
29ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODQ2MzUzMjQ3MTE1MjM1NDY2Ng&google_push=AaAOQGFdYmwf3UEtwWqiQEYQp5oH1EUYAk-Ht__koPtVmblpvuVBLobKaDHLfM9lXsncoNXkGZiNGkN4v73R9b2vpykhmWxWgJD2Bt0

Requested by

Host: hes-goals.tv
URL: https://hes-goals.tv/

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 16:48:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 05 Jul 2023 16:48:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODQ2MzUzMjQ3MTE1MjM1NDY2Ng&google_push=AaAOQGFdYmwf3UEtwWqiQEYQp5oH1EUYAk-Ht__koPtVmblpvuVBLobKaDHLfM9lXsncoNXkGZiNGkN4v73R9b2vpykhmWxWgJD2Bt0
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame C673 0
130 B 95ms
32ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JLfNV8g9pNxbAy51vK_ab_13YIuo5trtACKk5Hob9-U57W46j6fQCqtcjppmy-QLeHmiV9

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:29 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H2 200 mediation_batchUploadLogs Show response
mediation.magnetssp.com/json/ Frame ADCD 35 B
600 B 88ms
88ms XHR
application/json 108.138.36.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mediation.magnetssp.com/json/mediation_batchUploadLogs
Requested by: Host: mediation.magnetssp.com
URL: https://mediation.magnetssp.com/dist/bpads/js/page-XCXWEUPF.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-75.muc50.r.cloudfront.net
Software: nginx /
Resource Hash: 2869d4521c11b67c5464be455b4f81870ffc2f42a859262dbaaec63abc9b1142

Request headers

Referer: https://mediation.magnetssp.com/bpads/page?id=1a00190d4d0d800&slot=1c00790d4e4a400&adsid=C0DO0r5ZBeStGx-kxwBT&sdkVersion=v1.0.0&page_url=hes-goals.tv%2F&w=933.328125&h=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Wed, 05 Jul 2023 16:48:36 GMT
via: 1.1 67393fa6b3a865c1a8252acac0aa5cbc.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: MUC50-P2
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://mediation.magnetssp.com
access-control-allow-credentials: true
access-control-allow-headers: ,sentry-trace,x-requested-with,*
x-amz-cf-id: tgMtNmHAq6jrizSgdjvyrTqhHreW8VO0y7Bm47ZozoRtvAQsPG-9Jw==

POST
H2 200 mediation_batchUploadLogs Show response
mediation.magnetssp.com/json/ Frame ADCD 35 B
602 B 89ms
89ms XHR
application/json 108.138.36.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mediation.magnetssp.com/json/mediation_batchUploadLogs
Requested by: Host: mediation.magnetssp.com
URL: https://mediation.magnetssp.com/dist/bpads/js/page-XCXWEUPF.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-75.muc50.r.cloudfront.net
Software: nginx /
Resource Hash: 2869d4521c11b67c5464be455b4f81870ffc2f42a859262dbaaec63abc9b1142

Request headers

Referer: https://mediation.magnetssp.com/bpads/page?id=1a00190d4d0d800&slot=1c00790d4e4a400&adsid=C0DO0r5ZBeStGx-kxwBT&sdkVersion=v1.0.0&page_url=hes-goals.tv%2F&w=933.328125&h=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Wed, 05 Jul 2023 16:48:29 GMT
via: 1.1 67393fa6b3a865c1a8252acac0aa5cbc.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: MUC50-P2
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://mediation.magnetssp.com
access-control-allow-credentials: true
access-control-allow-headers: ,sentry-trace,x-requested-with,*
x-amz-cf-id: DcDoHflxLgZ0ddx7nPH1cxz0dTm-Xdu6DFXaBO7q9WyuemMnyKAY0Q==

GET
DATA 200
OK truncated
/ Frame 23E5 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43cccd4816bb99c9b539492e30d6a18a24702fea9b763c91b3cf91d403f10c93

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js Show response
pagead2.googlesyndication.com/bg/ Frame 70C5 38 KB
14 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 10:17:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23432
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14768
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jul 2024 10:17:57 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A98B 0
20 B 55ms
54ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=slotcar&preloadAdBreaks=on&onReady=true&event=adcf_cl&client=ca-pub-7731356227310930&bow_v=r20230627&js_v=m202306260101&fetcher=adsense&eid=44759876%2C44759837%2C44759927%2C42532266%2C44788441%2C44796476%2C21065724

Requested by

Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/afgegg?at=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.boomplaygames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 16:48:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A98B 0
20 B 55ms
55ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=slotcar&event=api_ld&time=592&time_pr=1688575709613&eid=44759876%2C44759837%2C44759927%2C42532266%2C44788441%2C44796476%2C21065724

Requested by

Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/afgegg?at=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.boomplaygames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 16:48:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A98B 0
20 B 53ms
52ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=afc_etu&etus=2&sig=1&tms=200&eid=44759876%2C44759837%2C44759927%2C42532266%2C44788441%2C44796476%2C21065724

Requested by

Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/afgegg?at=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.boomplaygames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 16:48:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame A98B 107 B
122 B 28ms
28ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.boomplaygames.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.boomplaygames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AA8A 162 KB
48 KB 1369ms
1368ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238076&w=1600&vpmute=0&format=1600x1200&url=https%3A%2F%2Fhes-goals.tv%2F&ea=0&pra=3&wgl=1&fa=10&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688575709617&bpp=1&bdt=758&idt=0&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=32668278212&frm=24&ife=1&pv=1&ga_vid=1263071458.1688575709&ga_sid=1688575709&ga_hid=785754829&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759837%2C44759927%2C42532266%2C44788441%2C44796476%2C21065724&oid=2&pvsid=1977473505638320&tmod=780174454&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=2&uci=2.whe44yr4zwzt&fsb=1&dtd=4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b186db623b650dc488d5c1ac1bb3bd231eeb3450ef21bd2ff5287cda1201acb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.boomplaygames.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 49344
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Jul 2023 16:48:30 GMT
observe-browsing-topics: true
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A98B 0
20 B 54ms
53ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=afc_etu&etus=2&sig=4&tms=200&eid=44759876%2C44759837%2C44759927%2C42532266%2C44788441%2C44796476%2C21065724

Requested by

Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/afgegg?at=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.boomplaygames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 16:48:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 957A 97 KB
22 KB 460ms
458ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=1300378849&w=1600&vpmute=0&format=1600x1200&url=https%3A%2F%2Fhes-goals.tv%2F&ea=0&pra=3&wgl=1&fa=11&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688575709624&bpp=1&bdt=766&idt=0&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&prev_fmts=0x0%2C1600x1200&nras=3&correlator=32668278212&frm=24&ife=1&pv=1&ga_vid=1263071458.1688575709&ga_sid=1688575709&ga_hid=785754829&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759837%2C44759927%2C42532266%2C44788441%2C44796476%2C21065724&oid=2&pvsid=1977473505638320&tmod=780174454&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=3&uci=3.gevd64ghekcm&fsb=1&dtd=6

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

692b46845c725581162b874de07dd36f32a92e1c77f44e83a51dc5fe66c1e1f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.boomplaygames.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 22924
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Jul 2023 16:48:30 GMT
observe-browsing-topics: true
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ Frame A98B 0
0 55ms
54ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306260101/slotcar_library_fy2021.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.boomplaygames.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 container.html Show response
446ca768f6101eb974d20754f4b8163a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 674E 6 KB
3 KB 19ms
19ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://446ca768f6101eb974d20754f4b8163a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js?cb=31075788

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hes-goals.tv/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 05 Jul 2023 16:48:28 GMT
expires: Thu, 04 Jul 2024 16:48:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
480 B 113ms
113ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=4.96&b=2&r=hes-goals.tv_auto_interstitial_desktop&sy=b88f5285-b368-4d2a-963f-2cdf781436ea&ts=78&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=hes-goals.tv&mlre=undefined&mlin=1&mlsi=undefinedxundefined&mlbw=4g&mlcs=NaN&mltp=24e2a4ae-5a44-4ecb-84e3-628e0a5f47fc&e=lm&dsReferer=aGVzLWdvYWxzLnR2Lw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.2.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nf-request-id: 01GZTVS3SE256M8E7S3AZNXWYY
date: Wed, 05 Jul 2023 16:48:30 GMT
cf-cache-status: HIT
age: 2584123
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "847d6f45a54b1a346481710a0a6f4147-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7e21188afd9c6916-FRA

GET
H2 200 css2
fonts.googleapis.com/ Frame 674E 4 KB
745 B 29ms
29ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 446ca768f6101eb974d20754f4b8163a.safeframe.googlesyndication.com
URL: https://446ca768f6101eb974d20754f4b8163a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://446ca768f6101eb974d20754f4b8163a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 05 Jul 2023 16:48:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 05 Jul 2023 15:56:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 05 Jul 2023 16:48:29 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 549D 14 KB
1 KB 29ms
29ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: hes-goals.tv
URL: https://hes-goals.tv/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://446ca768f6101eb974d20754f4b8163a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 05 Jul 2023 16:48:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 05 Jul 2023 15:47:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 05 Jul 2023 16:48:29 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 549D 2 KB
892 B 20ms
19ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: hes-goals.tv
URL: https://hes-goals.tv/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://446ca768f6101eb974d20754f4b8163a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 18:04:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81842
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Jul 2023 18:04:27 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/ Frame 549D 23 KB
9 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/abg_lite_fy2021.js

Requested by

Host: hes-goals.tv
URL: https://hes-goals.tv/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://446ca768f6101eb974d20754f4b8163a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 18:04:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81846
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Jul 2023 18:04:23 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1F56 143 B
166 B 21ms
19ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: hes-goals.tv
URL: https://hes-goals.tv/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://446ca768f6101eb974d20754f4b8163a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3159
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Jul 2023 15:55:50 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 549D 3 KB
1 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js

Requested by

Host: hes-goals.tv
URL: https://hes-goals.tv/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://446ca768f6101eb974d20754f4b8163a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 07:48:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32405
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Jul 2023 07:48:24 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 9811 1 KB
643 B 21ms
20ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: hes-goals.tv
URL: https://hes-goals.tv/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://446ca768f6101eb974d20754f4b8163a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 86153
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 04 Jul 2023 16:52:36 GMT
etag: 48472445140208031
expires: Wed, 05 Jul 2023 16:52:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 549D 20 KB
8 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: hes-goals.tv
URL: https://hes-goals.tv/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://446ca768f6101eb974d20754f4b8163a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 17:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82682
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8312
x-xss-protection: 0
server: cafe
etag: 5477749917372345267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Jul 2023 17:50:27 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 549D 179 KB
56 KB 30ms
28ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: hes-goals.tv
URL: https://hes-goals.tv/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://446ca768f6101eb974d20754f4b8163a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Jul 2023 16:48:29 GMT

GET
H2 200 77005c67fa3fd636ca667830ce382e45.js Show response
www.gstatic.com/mysidia/ Frame 549D 33 KB
14 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/77005c67fa3fd636ca667830ce382e45.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: hes-goals.tv
URL: https://hes-goals.tv/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

162c5ebe4d8983b62bbb17bdcbec49361953db02abb8ef83a527c25544b4de9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://446ca768f6101eb974d20754f4b8163a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 17:33:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 170087
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14190
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 18:45:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 01 Oct 2023 17:33:42 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/elements/html/ Frame 674E 20 KB
8 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 446ca768f6101eb974d20754f4b8163a.safeframe.googlesyndication.com
URL: https://446ca768f6101eb974d20754f4b8163a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

27c045f2414b6b6af54b601c46312a6cbeb5dff6da152d9aceea0272fc896d03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://446ca768f6101eb974d20754f4b8163a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 19:00:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78467
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8602
x-xss-protection: 0
server: cafe
etag: 5099012690780875661
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Jul 2023 19:00:42 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 674E 205 B
520 B 20ms
18ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 446ca768f6101eb974d20754f4b8163a.safeframe.googlesyndication.com
URL: https://446ca768f6101eb974d20754f4b8163a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://446ca768f6101eb974d20754f4b8163a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 06:46:51 GMT
x-content-type-options: nosniff
age: 36098
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 17:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 04 Jul 2024 06:46:51 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 674E 604 B
697 B 20ms
19ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 446ca768f6101eb974d20754f4b8163a.safeframe.googlesyndication.com
URL: https://446ca768f6101eb974d20754f4b8163a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://446ca768f6101eb974d20754f4b8163a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 06:54:59 GMT
x-content-type-options: nosniff
age: 35610
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 17:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 04 Jul 2024 06:54:59 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1F56
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

28ms
28ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 446ca768f6101eb974d20754f4b8163a.safeframe.googlesyndication.com
URL: https://446ca768f6101eb974d20754f4b8163a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Jul 2023 16:48:30 GMT
expires: Wed, 05 Jul 2023 16:48:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Jul 2023 16:48:30 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9607 42 B
64 B 55ms
54ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssQySmVEFQyaYV1reo1WzsqEgVf9iIV4l0t8VL1RuDBp-gtHJ52TV6Uv7a408bf7Mp__ouLxfHu9rVTFHnXcYojAdttLIeVeKdE7gxDR_R-CFv0eMdj&sig=Cg0ArKJSzEtT6Eb6dX8WEAE&id=lidar2&mcvt=1009&p=103,307,383,1331&mtos=1009,1009,1009,1009,1009&tos=1009,0,0,0,0&v=20230628&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=30&adk=3769805009&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1688575708622&rpt=309&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://446ca768f6101eb974d20754f4b8163a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 16:48:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 9811
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEMsZW-5oq8Q13Y7XpKms7B8&google_cver=1&google_push=AaAOQGE4TES6zYKfVBpyIz5-WEA8mhKH7bSmkDyDCvxKQTNPO7NCTHjbLu6gsSMpnP1SRKuyIaWK9CQc9DTLDVVugFv4zr6jTZyhcw
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODI1NTg1Mjk5MDQzMzIxNDA5Mg==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKs4S5235c3XjmIwLOj_4aE&google_cver=1

43 B
398 B

26ms
26ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKs4S5235c3XjmIwLOj_4aE&google_cver=1
Requested by: Host: hes-goals.tv
URL: https://hes-goals.tv/
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 05 Jul 2023 16:48:29 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Wed, 05 Jul 2023 16:48:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKs4S5235c3XjmIwLOj_4aE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 9811 70 B
264 B 46ms
44ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEMYb_bjTheOax32p-BUnZuU&google_cver=1&google_push=AaAOQGEahREgN4CyRSOPIXBfTV0ndj-T9DcHB2v_owTY4DV9xjl2vRc1Bcbx1_MNomd74_CxjMDrKXBC5Pfu3q5iKBbW8nyzF6EP
Requested by: Host: 446ca768f6101eb974d20754f4b8163a.safeframe.googlesyndication.com
URL: https://446ca768f6101eb974d20754f4b8163a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 05 Jul 2023 16:48:30 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 9811 0
187 B 163ms
24ms Image
text/plain 98.98.134.243
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEB8jvJ-bDrzon9AkLynY8MQ&google_cver=1&google_push=AaAOQGEmN0UAk8iUYX77xKFyvRG5rCQSAS-qMJlp8Cpm6882TqZegdSZ9chZmioYhxU-HWYnEsZVrCg12ReSQp1BRP9n5fJz99yG_w
Requested by: Host: 446ca768f6101eb974d20754f4b8163a.safeframe.googlesyndication.com
URL: https://446ca768f6101eb974d20754f4b8163a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Wed, 05 Jul 2023 16:48:29 GMT
cache-control: max-age=0,no-cache,no-store
server: A
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 9811 0
173 B 77ms
28ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEPcPMC_TfNRZgW8jIAdFQ3s&google_cver=1&google_push=AaAOQGHhlbgwqbIPxs4VR8JDP48ZrNrjKD-xccfeRT6Ap3ATmOpngoVclx96Wk7by85fCyFN444uZs6rHKXC9fFYd9oHO-K0ES3GcQ
Requested by: Host: 446ca768f6101eb974d20754f4b8163a.safeframe.googlesyndication.com
URL: https://446ca768f6101eb974d20754f4b8163a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:30 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9811
Redirect Chain

https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEPgy-U7tniYPIyWUOQdZbKY&google_cver=1&google_push=AaAOQGEUPKwcAXwqehGi32xJc7ihqcH4feyubaHmmCfuGk8hd0tw0T74IMM8aiO0mR0VSJA881V13JNTdq1...
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AaAOQGEUPKwcAXwqehGi32xJc7ihqcH4feyubaHmmCfuGk8hd0tw0T74IMM8aiO0mR0VSJA881V13JNTdq1pyBMliqyCx7ZRwhRLTw

170 B
188 B

30ms
29ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AaAOQGEUPKwcAXwqehGi32xJc7ihqcH4feyubaHmmCfuGk8hd0tw0T74IMM8aiO0mR0VSJA881V13JNTdq1pyBMliqyCx7ZRwhRLTw

Requested by

Host: hes-goals.tv
URL: https://hes-goals.tv/

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 16:48:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AaAOQGEUPKwcAXwqehGi32xJc7ihqcH4feyubaHmmCfuGk8hd0tw0T74IMM8aiO0mR0VSJA881V13JNTdq1pyBMliqyCx7ZRwhRLTw
Date: Wed, 05 Jul 2023 16:48:30 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9811
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEHmGiPN-cI2pKOHFBk1omP4&google_cver=1&google_push=AaAOQGEGn6weDx-Z_QQk-2_F8rEgcfloX-O0G6XyYGi47nOAESGsnJec27dBvX9JcOZT0RWDex_u7wXnGUzfazCzv23Ls3H...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEHmGiPN-cI2pKOHFBk1omP4&google_cver=1&google_push=AaAOQGEGn6weDx-Z_QQk-2_F8rEgcfloX-O0G6XyYGi47nOAESGsnJec27dBvX9JcOZT0RWDex_u7wXnGUzfazCzv23Ls...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGEGn6weDx-Z_QQk-2_F8rEgcfloX-O0G6XyYGi47nOAESGsnJec27dBvX9JcOZT0RWDex_u7wXnGUzfazCzv23Ls3HH2O-iHQ

170 B
188 B

32ms
32ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGEGn6weDx-Z_QQk-2_F8rEgcfloX-O0G6XyYGi47nOAESGsnJec27dBvX9JcOZT0RWDex_u7wXnGUzfazCzv23Ls3HH2O-iHQ

Requested by

Host: hes-goals.tv
URL: https://hes-goals.tv/

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 16:48:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGEGn6weDx-Z_QQk-2_F8rEgcfloX-O0G6XyYGi47nOAESGsnJec27dBvX9JcOZT0RWDex_u7wXnGUzfazCzv23Ls3HH2O-iHQ
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9811
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESED26xp0xuBoBZFmS4fy2wWo&google_cver=1&google_push=AaAOQGGGr9ZTYd5CAVeZfEv5aXvsyQ0FjmICvACgzVZizwYo21rpSnNf9MTG9I0BPjI-xG71peBxbkcV8lTuAVahF8IhYi...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESED26xp0xuBoBZFmS4fy2wWo&google_cver=1&google_push=AaAOQGGGr9ZTYd5CAVeZfEv5aXvsyQ0FjmICvACgzVZizwYo21rpSnNf9MTG9I0BPjI-xG71peBxbkcV8lTuAVah...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Jvrm7sM3RxKb1b6gh4pNJg&google_push=AaAOQGGGr9ZTYd5CAVeZfEv5aXvsyQ0FjmICvACgzVZizwYo21rpSnNf9MTG9I0BPjI-xG71peBxbkcV8lTuAVa...

170 B
188 B

30ms
30ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Jvrm7sM3RxKb1b6gh4pNJg&google_push=AaAOQGGGr9ZTYd5CAVeZfEv5aXvsyQ0FjmICvACgzVZizwYo21rpSnNf9MTG9I0BPjI-xG71peBxbkcV8lTuAVahF8IhYiO9wNJHzg

Requested by

Host: hes-goals.tv
URL: https://hes-goals.tv/

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 16:48:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Jvrm7sM3RxKb1b6gh4pNJg&google_push=AaAOQGGGr9ZTYd5CAVeZfEv5aXvsyQ0FjmICvACgzVZizwYo21rpSnNf9MTG9I0BPjI-xG71peBxbkcV8lTuAVahF8IhYiO9wNJHzg
access-control-allow-origin: *
date: Wed, 05 Jul 2023 16:48:30 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 9811 0
12 B 32ms
31ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IaxxANORpBa6Ov4yK4E2BVAu6Hp-9krpW3hW3L9dYyKYG57Tocg5DGSYmgrm2lXst9dv4D

Requested by

Host: 446ca768f6101eb974d20754f4b8163a.safeframe.googlesyndication.com
URL: https://446ca768f6101eb974d20754f4b8163a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:30 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js Show response
pagead2.googlesyndication.com/bg/ Frame 082F 38 KB
14 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js

Requested by

Host: hes-goals.tv
URL: https://hes-goals.tv/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://446ca768f6101eb974d20754f4b8163a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 10:17:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23433
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14768
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jul 2024 10:17:57 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 957A 2 KB
570 B 30ms
29ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=1300378849&w=1600&vpmute=0&format=1600x1200&url=https%3A%2F%2Fhes-goals.tv%2F&ea=0&pra=3&wgl=1&fa=11&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688575709624&bpp=1&bdt=766&idt=0&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&prev_fmts=0x0%2C1600x1200&nras=3&correlator=32668278212&frm=24&ife=1&pv=1&ga_vid=1263071458.1688575709&ga_sid=1688575709&ga_hid=785754829&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759837%2C44759927%2C42532266%2C44788441%2C44796476%2C21065724&oid=2&pvsid=1977473505638320&tmod=780174454&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=3&uci=3.gevd64ghekcm&fsb=1&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 05 Jul 2023 16:48:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 05 Jul 2023 15:25:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 05 Jul 2023 16:48:30 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/elements/html/ Frame 957A 20 KB
8 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

27c045f2414b6b6af54b601c46312a6cbeb5dff6da152d9aceea0272fc896d03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 19:00:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78468
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8602
x-xss-protection: 0
server: cafe
etag: 5099012690780875661
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Jul 2023 19:00:42 GMT

GET
H3 200 countdown_handler_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/elements/html/ Frame 957A 18 KB
7 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/elements/html/countdown_handler_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

980f0ef5cc8a1dd223ce90e7c93ecc6108d5d7c1fbf6a619e297ee635b908d40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 19:16:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77540
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7487
x-xss-protection: 0
server: cafe
etag: 14264408787527141045
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Jul 2023 19:16:10 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 5ABA 8 KB
750 B 30ms
30ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 05 Jul 2023 16:48:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 05 Jul 2023 14:55:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 05 Jul 2023 16:48:30 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/ Frame 5ABA 15 KB
3 KB 86ms
19ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d4095ea226f3f80d6d4fc62e3737dd5107fd9d4aa4a443cac11378b102f64b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:41:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 209239
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2883
x-xss-protection: 0
last-modified: Wed, 17 May 2023 00:43:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Jul 2024 06:41:11 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/ Frame 5ABA 371 KB
127 KB 87ms
20ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

464be521d749b2ba1c7e8c1f87223b56a03ee0bd05484baa0e9067ce9eb9d2be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 06:41:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 209239
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 130330
x-xss-protection: 0
last-modified: Wed, 17 May 2023 00:43:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Jul 2024 06:41:11 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 5ABA 20 KB
8 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 17:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82683
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8312
x-xss-protection: 0
server: cafe
etag: 5477749917372345267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Jul 2023 17:50:27 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5ABA 0
0 27ms
26ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR-9FZLUSiyLsqZ3Dff7S9l-oLNNNmjY9qN0IpMCGydztXYkaUC1HRr4ht5_YYaGg5fL-iWyrmpOqyDf7xu-UAIFhzjIA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=1300378849&w=1600&vpmute=0&format=1600x1200&url=https%3A%2F%2Fhes-goals.tv%2F&ea=0&pra=3&wgl=1&fa=11&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688575709624&bpp=1&bdt=766&idt=0&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&prev_fmts=0x0%2C1600x1200&nras=3&correlator=32668278212&frm=24&ife=1&pv=1&ga_vid=1263071458.1688575709&ga_sid=1688575709&ga_hid=785754829&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759837%2C44759927%2C42532266%2C44788441%2C44796476%2C21065724&oid=2&pvsid=1977473505638320&tmod=780174454&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=3&uci=3.gevd64ghekcm&fsb=1&dtd=6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

POST
H2 204 csi
csi.gstatic.com/ Frame 5ABA 0
234 B 181ms
27ms Ping
image/gif 2a00:1450:4013:c1a::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~ljpydor8&c=8782262033701&slotId=4391131016850.5&qqid=CIHR69qC-P8CFQXDWwodKkwGSw&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4013:c1a::78 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 16:48:30 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5ABA 0
20 B 80ms
79ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CiJ2h3Z6lZMHuLIWG7wKqmJnYBMme0rFcvemV93DAjbcBEAEgAGCVgoCAyAeCARdjYS1wdWItNzczMTM1NjIyNzMxMDkzMMgBBakCNsTwkR9Hsj6oAwHIAwKqBMUBT9BPu7k-MXXXTFLP_qOHY2USNFlRM4g0t_VunCY6Hg9t-7W3k2WDi6qBjzLLKu4qhtQsiNB2Oiskqm8j6J0oDGOQ2rUMCfyVKNkJJ_12qK8BKuHALOAjRs1DfPzcPoJYombc4Cx5szqvtM7PIL-jtfU7J8Oy8-Pzwu9sFWA_7qTBRXkaul9iQNE5wI-YymbO-gB0IQfYt93NVHWKXJkaUoZyScqPKktC-MGe0AcUXyBIEcV3812uewtGavtnkszPI8d8TfyABti0qNT0kc7MNKAGKqgHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB&eventType=clickstring&clientTime=1688575710365&ai=CiJ2h3Z6lZMHuLIWG7wKqmJnYBMme0rFcvemV93DAjbcBEAEgAGCVgoCAyAeCARdjYS1wdWItNzczMTM1NjIyNzMxMDkzMMgBBakCNsTwkR9Hsj6oAwHIAwKqBMUBT9BPu7k-MXXXTFLP_qOHY2USNFlRM4g0t_VunCY6Hg9t-7W3k2WDi6qBjzLLKu4qhtQsiNB2Oiskqm8j6J0oDGOQ2rUMCfyVKNkJJ_12qK8BKuHALOAjRs1DfPzcPoJYombc4Cx5szqvtM7PIL-jtfU7J8Oy8-Pzwu9sFWA_7qTBRXkaul9iQNE5wI-YymbO-gB0IQfYt93NVHWKXJkaUoZyScqPKktC-MGe0AcUXyBIEcV3812uewtGavtnkszPI8d8TfyABti0qNT0kc7MNKAGKqgHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 16:48:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 5ABA 0
54 B 172ms
28ms Ping
image/gif 2a00:1450:4013:c1a::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~ljpydori&c=8782262033701&slotId=4391131016850.5&qqid=CIHR69qC-P8CFQXDWwodKkwGSw&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.kn&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4013:c1a::78 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 16:48:30 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast.php Show response
ads.eu.criteo.com/delivery/r/0.1/ Frame 5ABA 12 KB
7 KB 184ms
42ms XHR
text/xml 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/0.1/vast.php?z=ZKWe3QALN0EKW8MFAAZMKoy8a4KKKGDPrm-sfA&u=%7C1VV7slZ5497KOajCKi2CKh3Eq93AAMoWP1YPvQ6SatA%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5jSfwMInGQwVgkAr581akMSiH_fr7BMm_BzTo8qWaUW82kg8KaPIh8iZiovSinZIkslAIoPwFIl1MzMPoq4o8pwHC4lj9kzW-LAaGKv_L5yOMSjm9urzy-ZoHfoe0OJwoi-wCcA7KJVw0_asUUHkK4E8KsbEBblQYrQXCYIzx1RqjobY7yatW9NeOpKrxltSVnvfyHjL76EMtY3DNLFdAFl61pBWU1rKiu8bOsDjb6FEdgbF3FneSOzOqCg__u50WA_tfXNwTLqgb65Bcby_BdBOZ3cKJocTA_zjWamoZYTUfBPIexHsYDZdidYKoe1YECsZCAhiqcUGjXJtzEZBc4xgIz44UhuikXypOXuBlVzpkxwPHdmCRTqQEBJ5Vn8216FLvB1htkwxcm51L3kAOLCTzihI738eJXik62X85_C2U8S9ElRTu2XcBFes7KRbVLiZXjcMoMRAcpMKK5dVS7Oxc_L0--CaP-my5u7F65f1H30ordkq8doqJGE-6Yc2DVOue-xxWdhBkxezUu39ln97mMsnHXcSmnNsBoBs2tY0PrUCP_jZlgyttMkxMIBvkRPmCymmdX_zet9Ir22W2XlTp6GRBmUceQ&ct0=https://googleads.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiJ2h3Z6lZMHuLIWG7wKqmJnYBMme0rFcvemV93DAjbcBEAEgAGCVgoCAyAeCARdjYS1wdWItNzczMTM1NjIyNzMxMDkzMMgBBakCNsTwkR9Hsj6oAwHIAwKqBMUBT9BPu7k-MXXXTFLP_qOHY2USNFlRM4g0t_VunCY6Hg9t-7W3k2WDi6qBjzLLKu4qhtQsiNB2Oiskqm8j6J0oDGOQ2rUMCfyVKNkJJ_12qK8BKuHALOAjRs1DfPzcPoJYombc4Cx5szqvtM7PIL-jtfU7J8Oy8-Pzwu9sFWA_7qTBRXkaul9iQNE5wI-YymbO-gB0IQfYt93NVHWKXJkaUoZyScqPKktC-MGe0AcUXyBIEcV3812uewtGavtnkszPI8d8TfyABti0qNT0kc7MNKAGKqgHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0YfMzZIBKzexlGwLSVcYUTG-obcg%26client%3Dca-pub-7731356227310930%26adurl%3D

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

514462b829dd90b56ff75956be1db4427c0008312b048ab3a305aedee432b559

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:30 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
p3p: CP='CUR ADM OUR NOR STA NID'
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3127209
pragma: no-cache
server: Kestrel
access-control-max-age: 1000
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/xml
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0E3C 1 KB
643 B 38ms
38ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 86154
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 04 Jul 2023 16:52:36 GMT
etag: 48472445140208031
expires: Wed, 05 Jul 2023 16:52:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A98B 0
20 B 62ms
61ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=slotcar&type=2&src=1&stats=1&timing=769&event=prf_suc&client=ca-pub-7731356227310930&bow_v=r20230627&js_v=m202306260101&fetcher=adsense&eid=44759876%2C44759837%2C44759927%2C42532266%2C44788441%2C44796476%2C21065724

Requested by

Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/afgegg?at=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.boomplaygames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 16:48:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ Frame A98B 0
0 55ms
54ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306260101/slotcar_library_fy2021.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.boomplaygames.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0E3C
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEA9sYG92Ssskyy4UwnjDlXQ&google_cver=1&google_push=AaAOQGGBgGeI67oOlpVmR00o5kkIHxII63NYUkB3m2L3dbaZ0mOcJk__e8Lucvc8EnDk6Je-b0tnTFuVCr4FyNJ3mL1uPRj3RWtCFJ...
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=121054A96B134A3D81927EF1AB81355B&google_push=AaAOQGGBgGeI67oOlpVmR00o5kkIHxII63NYUkB3m2L3dbaZ0mOcJk__e8Lucvc8EnDk6Je-b0tnTFuVCr4FyNJ...

170 B
188 B

31ms
30ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=121054A96B134A3D81927EF1AB81355B&google_push=AaAOQGGBgGeI67oOlpVmR00o5kkIHxII63NYUkB3m2L3dbaZ0mOcJk__e8Lucvc8EnDk6Je-b0tnTFuVCr4FyNJ3mL1uPRj3RWtCFJ_wInUPHLXqxOaLNBpJ9-8RIzfoJaxv_e5pwGHJvPJ5LMsa0pwKvBaVVy4

Requested by

Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/afgegg?at=1

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 16:48:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 05 Jul 2023 16:48:30 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=121054A96B134A3D81927EF1AB81355B&google_push=AaAOQGGBgGeI67oOlpVmR00o5kkIHxII63NYUkB3m2L3dbaZ0mOcJk__e8Lucvc8EnDk6Je-b0tnTFuVCr4FyNJ3mL1uPRj3RWtCFJ_wInUPHLXqxOaLNBpJ9-8RIzfoJaxv_e5pwGHJvPJ5LMsa0pwKvBaVVy4
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 04 Jul 2023 16:48:30 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0E3C
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHsx6QbPEzTpbD-4JUKnIXE&google_cver=1&google_push=AaAOQGGM-sx4dHTHdmedNkPhWUrhSfvuzQ8d2Afg34iKIYw6r08OS5W-Ykip9ZrgbCMI6EgnVIo_JUMxclmkNDlkVwFG...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEHsx6QbPEzTpbD-4JUKnIXE&google_cver=1&google_push=AaAOQGGM-sx4dHTHdmedNkPhWUrhSfvuzQ8d2Afg34iKIYw6r08OS5W-Ykip9ZrgbCMI6EgnVIo_JUMxclmkND...
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=42b6ddd7-f111-4590-a488-df8693f819cb&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGGM-sx4dHTHdmedNkPhWUrhSfvuzQ8d2Afg34iKIYw6r08OS5W-Ykip9ZrgbCMI6EgnVIo_JUMxclmkNDlkVwFGmN_WNiLcuOv76OyVqHNsue9uGBL7_OV4nG0gFKY3bb...

170 B
188 B

30ms
30ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGGM-sx4dHTHdmedNkPhWUrhSfvuzQ8d2Afg34iKIYw6r08OS5W-Ykip9ZrgbCMI6EgnVIo_JUMxclmkNDlkVwFGmN_WNiLcuOv76OyVqHNsue9uGBL7_OV4nG0gFKY3bbwG1VIlZTQmKoa6qIcnKwo_Utk&google_hm=KRPZSQEKSoKGTkXF7voQxA==

Requested by

Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/afgegg?at=1

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 16:48:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGGM-sx4dHTHdmedNkPhWUrhSfvuzQ8d2Afg34iKIYw6r08OS5W-Ykip9ZrgbCMI6EgnVIo_JUMxclmkNDlkVwFGmN_WNiLcuOv76OyVqHNsue9uGBL7_OV4nG0gFKY3bbwG1VIlZTQmKoa6qIcnKwo_Utk&google_hm=KRPZSQEKSoKGTkXF7voQxA==
date: Wed, 05 Jul 2023 16:48:31 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 0E3C
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&...
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-0Lhy9BM8BFry1UOsoStwX8o0AAvuiwP7SVA-gw&google_push=PUSH_DATA
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5

43 B
369 B

27ms
27ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5

Requested by

Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/afgegg?at=1

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 16:48:29 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 149169
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 05 Jul 2023 16:48:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 274
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 0E3C 0
12 B 31ms
31ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J73dE1DQEXFoew_xUUqBmz0FNtdf0aDL8ms6SJaEiJFw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:30 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H2 204 csi
csi.gstatic.com/ Frame 5ABA 0
45 B 27ms
26ms Ping
image/gif 2a00:1450:4013:c1a::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~ljpydort&c=8782262033701&slotId=4391131016850.5&qqid=CIHR69qC-P8CFQXDWwodKkwGSw&fb=outstream-lima&vast_v=3.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=AdChoices&icdi=15x19&vmfc=1&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4013:c1a::78 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 16:48:30 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 5ABA 2 KB
1 KB 36ms
36ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/afgegg?at=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:30 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 29 Jun 2024 16:48:30 GMT

GET
H2 206 c9a566573dac44cf9270ad5b8db9b784_summer-sale-70-unisex_1920x1080.mp4
static.criteo.net/design/dt/48044/4775507/ Frame 5ABA 47 KB
0 47ms
45ms Media
video/mp4 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/48044/4775507/c9a566573dac44cf9270ad5b8db9b784_summer-sale-70-unisex_1920x1080.mp4

Requested by

Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/afgegg?at=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 05 Jul 2023 16:48:30 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Jun 2023 08:55:30 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "64819782-24c17a"
content-type: video/mp4
access-control-allow-origin: *
Content-Range: bytes 0-2408825/2408826
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
Content-Length: 2408826
expires: Sat, 29 Jun 2024 16:48:30 GMT

GET
H2 206 c9a566573dac44cf9270ad5b8db9b784_summer-sale-70-unisex_1920x1080.mp4
static.criteo.net/design/dt/48044/4775507/ Frame 5ABA 16 KB
17 KB 90ms
90ms Media
video/mp4 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/48044/4775507/c9a566573dac44cf9270ad5b8db9b784_summer-sale-70-unisex_1920x1080.mp4

Requested by

Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/afgegg?at=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

23de17aeb7ee137d285a2cacba75f32d415fc30b480707edca2c00d7d993b18b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Range: bytes=2392064-

Response headers

date: Wed, 05 Jul 2023 16:48:30 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Jun 2023 08:55:30 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "64819782-24c17a"
content-type: video/mp4
access-control-allow-origin: *
Content-Range: bytes 2392064-2408825/2408826
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
Content-Length: 16762
expires: Sat, 29 Jun 2024 16:48:30 GMT

GET
H2 206 c9a566573dac44cf9270ad5b8db9b784_summer-sale-70-unisex_1920x1080.mp4
static.criteo.net/design/dt/48044/4775507/ Frame 5ABA 2 MB
2 MB 35ms
35ms Media
video/mp4 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/48044/4775507/c9a566573dac44cf9270ad5b8db9b784_summer-sale-70-unisex_1920x1080.mp4

Requested by

Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/afgegg?at=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0364a2a3a2e3b6abcee9f28a49f6c4d07ee728277f97a872f6e8c30ae8c0808b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Range: bytes=32768-

Response headers

date: Wed, 05 Jul 2023 16:48:30 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Jun 2023 08:55:30 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "64819782-24c17a"
content-type: video/mp4
access-control-allow-origin: *
Content-Range: bytes 32768-2408825/2408826
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
Content-Length: 2376058
expires: Sat, 29 Jun 2024 16:48:30 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame AA8A 4 KB
671 B 29ms
29ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238076&w=1600&vpmute=0&format=1600x1200&url=https%3A%2F%2Fhes-goals.tv%2F&ea=0&pra=3&wgl=1&fa=10&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688575709617&bpp=1&bdt=758&idt=0&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=32668278212&frm=24&ife=1&pv=1&ga_vid=1263071458.1688575709&ga_sid=1688575709&ga_hid=785754829&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759837%2C44759927%2C42532266%2C44788441%2C44796476%2C21065724&oid=2&pvsid=1977473505638320&tmod=780174454&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=2&uci=2.whe44yr4zwzt&fsb=1&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 05 Jul 2023 16:48:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 05 Jul 2023 15:30:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 05 Jul 2023 16:48:31 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame AA8A 205 B
229 B 22ms
21ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238076&w=1600&vpmute=0&format=1600x1200&url=https%3A%2F%2Fhes-goals.tv%2F&ea=0&pra=3&wgl=1&fa=10&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688575709617&bpp=1&bdt=758&idt=0&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=32668278212&frm=24&ife=1&pv=1&ga_vid=1263071458.1688575709&ga_sid=1688575709&ga_hid=785754829&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759837%2C44759927%2C42532266%2C44788441%2C44796476%2C21065724&oid=2&pvsid=1977473505638320&tmod=780174454&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=2&uci=2.whe44yr4zwzt&fsb=1&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 06:46:51 GMT
x-content-type-options: nosniff
age: 36100
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 17:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 04 Jul 2024 06:46:51 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame AA8A 604 B
628 B 20ms
19ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238076&w=1600&vpmute=0&format=1600x1200&url=https%3A%2F%2Fhes-goals.tv%2F&ea=0&pra=3&wgl=1&fa=10&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688575709617&bpp=1&bdt=758&idt=0&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=32668278212&frm=24&ife=1&pv=1&ga_vid=1263071458.1688575709&ga_sid=1688575709&ga_hid=785754829&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759837%2C44759927%2C42532266%2C44788441%2C44796476%2C21065724&oid=2&pvsid=1977473505638320&tmod=780174454&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=2&uci=2.whe44yr4zwzt&fsb=1&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 06:54:59 GMT
x-content-type-options: nosniff
age: 35612
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 17:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 04 Jul 2024 06:54:59 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/elements/html/ Frame AA8A 20 KB
8 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238076&w=1600&vpmute=0&format=1600x1200&url=https%3A%2F%2Fhes-goals.tv%2F&ea=0&pra=3&wgl=1&fa=10&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688575709617&bpp=1&bdt=758&idt=0&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=32668278212&frm=24&ife=1&pv=1&ga_vid=1263071458.1688575709&ga_sid=1688575709&ga_hid=785754829&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759837%2C44759927%2C42532266%2C44788441%2C44796476%2C21065724&oid=2&pvsid=1977473505638320&tmod=780174454&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=2&uci=2.whe44yr4zwzt&fsb=1&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

27c045f2414b6b6af54b601c46312a6cbeb5dff6da152d9aceea0272fc896d03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 19:00:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78469
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8602
x-xss-protection: 0
server: cafe
etag: 5099012690780875661
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Jul 2023 19:00:42 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame B58F 2 KB
892 B 20ms
19ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238076&w=1600&vpmute=0&format=1600x1200&url=https%3A%2F%2Fhes-goals.tv%2F&ea=0&pra=3&wgl=1&fa=10&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688575709617&bpp=1&bdt=758&idt=0&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=32668278212&frm=24&ife=1&pv=1&ga_vid=1263071458.1688575709&ga_sid=1688575709&ga_hid=785754829&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759837%2C44759927%2C42532266%2C44788441%2C44796476%2C21065724&oid=2&pvsid=1977473505638320&tmod=780174454&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=2&uci=2.whe44yr4zwzt&fsb=1&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 18:04:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81844
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Jul 2023 18:04:27 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/ Frame B58F 23 KB
9 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238076&w=1600&vpmute=0&format=1600x1200&url=https%3A%2F%2Fhes-goals.tv%2F&ea=0&pra=3&wgl=1&fa=10&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688575709617&bpp=1&bdt=758&idt=0&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=32668278212&frm=24&ife=1&pv=1&ga_vid=1263071458.1688575709&ga_sid=1688575709&ga_hid=785754829&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759837%2C44759927%2C42532266%2C44788441%2C44796476%2C21065724&oid=2&pvsid=1977473505638320&tmod=780174454&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=2&uci=2.whe44yr4zwzt&fsb=1&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 18:04:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81848
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Jul 2023 18:04:23 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 742B 143 B
166 B 19ms
18ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238076&w=1600&vpmute=0&format=1600x1200&url=https%3A%2F%2Fhes-goals.tv%2F&ea=0&pra=3&wgl=1&fa=10&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688575709617&bpp=1&bdt=758&idt=0&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=32668278212&frm=24&ife=1&pv=1&ga_vid=1263071458.1688575709&ga_sid=1688575709&ga_hid=785754829&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759837%2C44759927%2C42532266%2C44788441%2C44796476%2C21065724&oid=2&pvsid=1977473505638320&tmod=780174454&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=2&uci=2.whe44yr4zwzt&fsb=1&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238076&w=1600&vpmute=0&format=1600x1200&url=https%3A%2F%2Fhes-goals.tv%2F&ea=0&pra=3&wgl=1&fa=10&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688575709617&bpp=1&bdt=758&idt=0&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=32668278212&frm=24&ife=1&pv=1&ga_vid=1263071458.1688575709&ga_sid=1688575709&ga_hid=785754829&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759837%2C44759927%2C42532266%2C44788441%2C44796476%2C21065724&oid=2&pvsid=1977473505638320&tmod=780174454&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=2&uci=2.whe44yr4zwzt&fsb=1&dtd=4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3161
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Jul 2023 15:55:50 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame B58F 3 KB
1 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238076&w=1600&vpmute=0&format=1600x1200&url=https%3A%2F%2Fhes-goals.tv%2F&ea=0&pra=3&wgl=1&fa=10&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688575709617&bpp=1&bdt=758&idt=0&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=32668278212&frm=24&ife=1&pv=1&ga_vid=1263071458.1688575709&ga_sid=1688575709&ga_hid=785754829&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759837%2C44759927%2C42532266%2C44788441%2C44796476%2C21065724&oid=2&pvsid=1977473505638320&tmod=780174454&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=2&uci=2.whe44yr4zwzt&fsb=1&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 07:48:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32407
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Jul 2023 07:48:24 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame EF4A 1 KB
643 B 19ms
19ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238076&w=1600&vpmute=0&format=1600x1200&url=https%3A%2F%2Fhes-goals.tv%2F&ea=0&pra=3&wgl=1&fa=10&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688575709617&bpp=1&bdt=758&idt=0&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=32668278212&frm=24&ife=1&pv=1&ga_vid=1263071458.1688575709&ga_sid=1688575709&ga_hid=785754829&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759837%2C44759927%2C42532266%2C44788441%2C44796476%2C21065724&oid=2&pvsid=1977473505638320&tmod=780174454&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=2&uci=2.whe44yr4zwzt&fsb=1&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 86155
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 04 Jul 2023 16:52:36 GMT
etag: 48472445140208031
expires: Wed, 05 Jul 2023 16:52:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame B58F 20 KB
8 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238076&w=1600&vpmute=0&format=1600x1200&url=https%3A%2F%2Fhes-goals.tv%2F&ea=0&pra=3&wgl=1&fa=10&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688575709617&bpp=1&bdt=758&idt=0&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=32668278212&frm=24&ife=1&pv=1&ga_vid=1263071458.1688575709&ga_sid=1688575709&ga_hid=785754829&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759837%2C44759927%2C42532266%2C44788441%2C44796476%2C21065724&oid=2&pvsid=1977473505638320&tmod=780174454&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=2&uci=2.whe44yr4zwzt&fsb=1&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 17:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82684
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8312
x-xss-protection: 0
server: cafe
etag: 5477749917372345267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Jul 2023 17:50:27 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B58F 0
0 27ms
27ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQyZawXO1SVsN4D-qhqwkaUhxT2p8Pv45Tpik4d-6WW4W4IfjDZNiLtjTR0FLhameZ1IlzBg1PiXliYzklhlQCzZkp7XA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238076&w=1600&vpmute=0&format=1600x1200&url=https%3A%2F%2Fhes-goals.tv%2F&ea=0&pra=3&wgl=1&fa=10&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688575709617&bpp=1&bdt=758&idt=0&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=32668278212&frm=24&ife=1&pv=1&ga_vid=1263071458.1688575709&ga_sid=1688575709&ga_hid=785754829&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759837%2C44759927%2C42532266%2C44788441%2C44796476%2C21065724&oid=2&pvsid=1977473505638320&tmod=780174454&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=2&uci=2.whe44yr4zwzt&fsb=1&dtd=4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B58F 179 KB
56 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238076&w=1600&vpmute=0&format=1600x1200&url=https%3A%2F%2Fhes-goals.tv%2F&ea=0&pra=3&wgl=1&fa=10&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688575709617&bpp=1&bdt=758&idt=0&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=32668278212&frm=24&ife=1&pv=1&ga_vid=1263071458.1688575709&ga_sid=1688575709&ga_hid=785754829&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759837%2C44759927%2C42532266%2C44788441%2C44796476%2C21065724&oid=2&pvsid=1977473505638320&tmod=780174454&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=2&uci=2.whe44yr4zwzt&fsb=1&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Jul 2023 16:48:31 GMT

GET
H3 200 77005c67fa3fd636ca667830ce382e45.js Show response
www.gstatic.com/mysidia/ Frame B58F 33 KB
14 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/77005c67fa3fd636ca667830ce382e45.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238076&w=1600&vpmute=0&format=1600x1200&url=https%3A%2F%2Fhes-goals.tv%2F&ea=0&pra=3&wgl=1&fa=10&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688575709617&bpp=1&bdt=758&idt=0&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=32668278212&frm=24&ife=1&pv=1&ga_vid=1263071458.1688575709&ga_sid=1688575709&ga_hid=785754829&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759837%2C44759927%2C42532266%2C44788441%2C44796476%2C21065724&oid=2&pvsid=1977473505638320&tmod=780174454&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=2&uci=2.whe44yr4zwzt&fsb=1&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

162c5ebe4d8983b62bbb17bdcbec49361953db02abb8ef83a527c25544b4de9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 17:33:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 170089
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14190
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 18:45:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 01 Oct 2023 17:33:42 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 742B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

36ms
35ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238076&w=1600&vpmute=0&format=1600x1200&url=https%3A%2F%2Fhes-goals.tv%2F&ea=0&pra=3&wgl=1&fa=10&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688575709617&bpp=1&bdt=758&idt=0&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=32668278212&frm=24&ife=1&pv=1&ga_vid=1263071458.1688575709&ga_sid=1688575709&ga_hid=785754829&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759837%2C44759927%2C42532266%2C44788441%2C44796476%2C21065724&oid=2&pvsid=1977473505638320&tmod=780174454&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=2&uci=2.whe44yr4zwzt&fsb=1&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Jul 2023 16:48:31 GMT
expires: Wed, 05 Jul 2023 16:48:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Jul 2023 16:48:31 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame EF4A
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEKs4S5235c3XjmIwLOj_4aE&google_cver=1&google_push=AaAOQGERsY7fZ6F4OxdCUs53yN0YhX4Bt3xB7Vze3SSDz9GQDq36eZuxhE6uEr3OhwYXn0u84HQNIw4LfHH0WDFpfNS_0naC1iGptVU
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODI1NTg1Mjk5MDQzMzIxNDA5Mg==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKs4S5235c3XjmIwLOj_4aE&google_cver=1

43 B
398 B

26ms
26ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKs4S5235c3XjmIwLOj_4aE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238076&w=1600&vpmute=0&format=1600x1200&url=https%3A%2F%2Fhes-goals.tv%2F&ea=0&pra=3&wgl=1&fa=10&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688575709617&bpp=1&bdt=758&idt=0&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=32668278212&frm=24&ife=1&pv=1&ga_vid=1263071458.1688575709&ga_sid=1688575709&ga_hid=785754829&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759837%2C44759927%2C42532266%2C44788441%2C44796476%2C21065724&oid=2&pvsid=1977473505638320&tmod=780174454&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=2&uci=2.whe44yr4zwzt&fsb=1&dtd=4
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 05 Jul 2023 16:48:30 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Wed, 05 Jul 2023 16:48:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKs4S5235c3XjmIwLOj_4aE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EF4A
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJUvAYEYJCdErxNojCtKZVU&google_cver=1&google_push=AaAOQGEkSEOA1ERy9wC8fDOwjd-ggpYVzY548wFWI-cxGR8t6PFYkmsH_g...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AaAOQGEkSEOA1ERy9wC8fDOwjd-ggpYVzY548wFWI-cxGR8t6PFYkmsH_gaLnCYJHZRrt2Q2wt-lpXUjysa4MiTGQ_3FvS2rhR2ZFqg&google_hm=evBQJeR2G...

170 B
188 B

31ms
30ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AaAOQGEkSEOA1ERy9wC8fDOwjd-ggpYVzY548wFWI-cxGR8t6PFYkmsH_gaLnCYJHZRrt2Q2wt-lpXUjysa4MiTGQ_3FvS2rhR2ZFqg&google_hm=evBQJeR2Gq4jqGABMOUxgw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238076&w=1600&vpmute=0&format=1600x1200&url=https%3A%2F%2Fhes-goals.tv%2F&ea=0&pra=3&wgl=1&fa=10&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688575709617&bpp=1&bdt=758&idt=0&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=32668278212&frm=24&ife=1&pv=1&ga_vid=1263071458.1688575709&ga_sid=1688575709&ga_hid=785754829&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759837%2C44759927%2C42532266%2C44788441%2C44796476%2C21065724&oid=2&pvsid=1977473505638320&tmod=780174454&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=2&uci=2.whe44yr4zwzt&fsb=1&dtd=4

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 16:48:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AaAOQGEkSEOA1ERy9wC8fDOwjd-ggpYVzY548wFWI-cxGR8t6PFYkmsH_gaLnCYJHZRrt2Q2wt-lpXUjysa4MiTGQ_3FvS2rhR2ZFqg&google_hm=evBQJeR2Gq4jqGABMOUxgw
date: Wed, 05 Jul 2023 16:48:31 GMT
cache-control: private, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0

GET
H2 200 i.match
a.tribalfusion.com/ Frame EF4A 43 B
422 B 232ms
226ms Image
image/gif 2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESEJWleZH12akrmlmVPZ5moz4&google_cver=1&google_push=AaAOQGHL_ijf_s11uNqB4toZxCKKOwMFIXIE3sjaUCwiAY0LaUvHa7Wc1uVlWv_3l80LYA9alqGY1pPdc1Z4bRC9HUusvcWTQ42IQKA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGHL_ijf_s11uNqB4toZxCKKOwMFIXIE3sjaUCwiAY0LaUvHa7Wc1uVlWv_3l80LYA9alqGY1pPdc1Z4bRC9HUusvcWTQ42IQKA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238076&w=1600&vpmute=0&format=1600x1200&url=https%3A%2F%2Fhes-goals.tv%2F&ea=0&pra=3&wgl=1&fa=10&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688575709617&bpp=1&bdt=758&idt=0&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=32668278212&frm=24&ife=1&pv=1&ga_vid=1263071458.1688575709&ga_sid=1688575709&ga_hid=785754829&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759837%2C44759927%2C42532266%2C44788441%2C44796476%2C21065724&oid=2&pvsid=1977473505638320&tmod=780174454&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=2&uci=2.whe44yr4zwzt&fsb=1&dtd=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 16:48:31 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7e2118925e9e9268-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame EF4A 70 B
264 B 51ms
45ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESED3jVifmqDdKx1iEHgMuxzk&google_cver=1&google_push=AaAOQGHpjZeNKQdBEp8XaB3_5XELtp8KmQXARcQAljjk5tEe90Al4YH9sUvuS1JbpBcP6LhxlCiQftaPFi2Tw1jjZjy96wLYlk4YOIg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238076&w=1600&vpmute=0&format=1600x1200&url=https%3A%2F%2Fhes-goals.tv%2F&ea=0&pra=3&wgl=1&fa=10&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688575709617&bpp=1&bdt=758&idt=0&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=32668278212&frm=24&ife=1&pv=1&ga_vid=1263071458.1688575709&ga_sid=1688575709&ga_hid=785754829&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759837%2C44759927%2C42532266%2C44788441%2C44796476%2C21065724&oid=2&pvsid=1977473505638320&tmod=780174454&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=2&uci=2.whe44yr4zwzt&fsb=1&dtd=4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 05 Jul 2023 16:48:31 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EF4A
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMbE63pjkrZO0bPxan1nv94&google_cver=1&google_push=AaAOQGFkv4DtK0arnJZc5qpVNyK6ZajhOrLbypzoiS7q8Q1fks3CHDQiO6DnamnNMwYDdlSKp5okZgbP...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODQ2MzUzMjQ3MTE1MjM1NDY2Ng&google_push=AaAOQGFkv4DtK0arnJZc5qpVNyK6ZajhOrLbypzoiS7q8Q1fks3CHDQiO6DnamnNMwYDdlSKp5okZg...

170 B
188 B

30ms
30ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODQ2MzUzMjQ3MTE1MjM1NDY2Ng&google_push=AaAOQGFkv4DtK0arnJZc5qpVNyK6ZajhOrLbypzoiS7q8Q1fks3CHDQiO6DnamnNMwYDdlSKp5okZgbPnE0-3lYtVJew3cHSZYBv2ZU

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238076&w=1600&vpmute=0&format=1600x1200&url=https%3A%2F%2Fhes-goals.tv%2F&ea=0&pra=3&wgl=1&fa=10&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688575709617&bpp=1&bdt=758&idt=0&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=32668278212&frm=24&ife=1&pv=1&ga_vid=1263071458.1688575709&ga_sid=1688575709&ga_hid=785754829&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759837%2C44759927%2C42532266%2C44788441%2C44796476%2C21065724&oid=2&pvsid=1977473505638320&tmod=780174454&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=2&uci=2.whe44yr4zwzt&fsb=1&dtd=4

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 16:48:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 05 Jul 2023 16:48:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODQ2MzUzMjQ3MTE1MjM1NDY2Ng&google_push=AaAOQGFkv4DtK0arnJZc5qpVNyK6ZajhOrLbypzoiS7q8Q1fks3CHDQiO6DnamnNMwYDdlSKp5okZgbPnE0-3lYtVJew3cHSZYBv2ZU
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EF4A
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEPFRIMj-E8UnM9E9KFhbwF0&google_cver=1&google_push=AaAOQGH5oX1An25OCuTxvnAIAlK4rPgu6EcXaz_is2wJoUZsNp4KnykuVQDUFllC2P6xHYNt6cMv-PTDg8Hb...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGH5oX1An25OCuTxvnAIAlK4rPgu6EcXaz_is2wJoUZsNp4KnykuVQDUFllC2P6xHYNt6cMv-PTDg8HbonwUn_p0-1xzOlZi9NU

170 B
188 B

32ms
31ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGH5oX1An25OCuTxvnAIAlK4rPgu6EcXaz_is2wJoUZsNp4KnykuVQDUFllC2P6xHYNt6cMv-PTDg8HbonwUn_p0-1xzOlZi9NU

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238076&w=1600&vpmute=0&format=1600x1200&url=https%3A%2F%2Fhes-goals.tv%2F&ea=0&pra=3&wgl=1&fa=10&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688575709617&bpp=1&bdt=758&idt=0&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=32668278212&frm=24&ife=1&pv=1&ga_vid=1263071458.1688575709&ga_sid=1688575709&ga_hid=785754829&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759837%2C44759927%2C42532266%2C44788441%2C44796476%2C21065724&oid=2&pvsid=1977473505638320&tmod=780174454&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=2&uci=2.whe44yr4zwzt&fsb=1&dtd=4

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 16:48:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGH5oX1An25OCuTxvnAIAlK4rPgu6EcXaz_is2wJoUZsNp4KnykuVQDUFllC2P6xHYNt6cMv-PTDg8HbonwUn_p0-1xzOlZi9NU
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EF4A
Redirect Chain

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEILu8MvIPeinTQsuy_LIyNc&google_cver=1&google_push=AaAOQGEbq0tjd1TiGsFWtoqg7BjPoNidQADtnLbo_7NhdPcJMvlK2qO3-WUQRby-EU...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AaAOQGEbq0tjd1TiGsFWtoqg7BjPoNidQADtnLbo_7NhdPcJMvlK2qO3-WUQRby-EUd17u88X9qU8fvFnwb4sj98OF2YJ7a0Ak4W09at&google_hm...

170 B
188 B

32ms
32ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AaAOQGEbq0tjd1TiGsFWtoqg7BjPoNidQADtnLbo_7NhdPcJMvlK2qO3-WUQRby-EUd17u88X9qU8fvFnwb4sj98OF2YJ7a0Ak4W09at&google_hm=Wks9XHsbQF-B_2iVI88EgRs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238076&w=1600&vpmute=0&format=1600x1200&url=https%3A%2F%2Fhes-goals.tv%2F&ea=0&pra=3&wgl=1&fa=10&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688575709617&bpp=1&bdt=758&idt=0&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=32668278212&frm=24&ife=1&pv=1&ga_vid=1263071458.1688575709&ga_sid=1688575709&ga_hid=785754829&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759837%2C44759927%2C42532266%2C44788441%2C44796476%2C21065724&oid=2&pvsid=1977473505638320&tmod=780174454&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=2&uci=2.whe44yr4zwzt&fsb=1&dtd=4

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 16:48:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 05 Jul 2023 16:48:30 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AaAOQGEbq0tjd1TiGsFWtoqg7BjPoNidQADtnLbo_7NhdPcJMvlK2qO3-WUQRby-EUd17u88X9qU8fvFnwb4sj98OF2YJ7a0Ak4W09at&google_hm=Wks9XHsbQF-B_2iVI88EgRs
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame EF4A 0
12 B 30ms
27ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JU-rbK8TltvUrw2cPmTY8rxbIQwxk7RqXoc2mkF1IVY_KqCctRXpIINTXeoKI7PqbhAS1enQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238076&w=1600&vpmute=0&format=1600x1200&url=https%3A%2F%2Fhes-goals.tv%2F&ea=0&pra=3&wgl=1&fa=10&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688575709617&bpp=1&bdt=758&idt=0&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=32668278212&frm=24&ife=1&pv=1&ga_vid=1263071458.1688575709&ga_sid=1688575709&ga_hid=785754829&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759837%2C44759927%2C42532266%2C44788441%2C44796476%2C21065724&oid=2&pvsid=1977473505638320&tmod=780174454&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=2&uci=2.whe44yr4zwzt&fsb=1&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:31 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A98B 0
20 B 56ms
56ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=slotcar&type=1&src=1&stats=1&timing=1512&event=prf_suc&client=ca-pub-7731356227310930&bow_v=r20230627&js_v=m202306260101&fetcher=adsense&eid=44759876%2C44759837%2C44759927%2C42532266%2C44788441%2C44796476%2C21065724

Requested by

Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/afgegg?at=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.boomplaygames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 16:48:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A98B 0
20 B 52ms
52ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=slotcar&type=start&name=bp-game-afg-egg&frequency_cap=30&last_intr=1688575711129&event=adbr_cl&client=ca-pub-7731356227310930&bow_v=r20230627&js_v=m202306260101&fetcher=adsense&eid=44759876%2C44759837%2C44759927%2C42532266%2C44788441%2C44796476%2C21065724

Requested by

Host: www.boomplaygames.com
URL: https://www.boomplaygames.com/afgegg?at=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.boomplaygames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 16:48:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame AA8A 15 KB
16 KB 19ms
19ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 17:04:15 GMT
x-content-type-options: nosniff
age: 344656
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Jun 2024 17:04:15 GMT

GET
DATA 200
OK truncated
/ Frame B58F 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 83f0ab6013485bf0bc5b7dd069ee648de9311fa6a6b86a34b96a7c4ffbd42479

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame B58F 33 KB
33 KB 21ms
21ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238076&w=1600&vpmute=0&format=1600x1200&url=https%3A%2F%2Fhes-goals.tv%2F&ea=0&pra=3&wgl=1&fa=10&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688575709617&bpp=1&bdt=758&idt=0&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=32668278212&frm=24&ife=1&pv=1&ga_vid=1263071458.1688575709&ga_sid=1688575709&ga_hid=785754829&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759837%2C44759927%2C42532266%2C44788441%2C44796476%2C21065724&oid=2&pvsid=1977473505638320&tmod=780174454&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=2&uci=2.whe44yr4zwzt&fsb=1&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 19:09:17 GMT
x-content-type-options: nosniff
age: 77954
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Jul 2024 19:09:17 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B58F 0
19 B 65ms
65ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CI3is3Z6lZOjlK4uE5LcPzJWy0AX99JvncOyqu9LLDIiU-IezAhABIJOY4HdglYKAgMgHoAHp9Iu_A8gBAakCNsTwkR9Hsj6oAwHIA8sEqgTIAU_QfMpwzcVPZqQJiu04lgQ7zTozh7UFT3rcVmffZ18J4X9Kjfglh2OjxGrPvOTsgy2SbbiBN86DRrNmJo2uUTkAfVKLkMik4c3k1VxpxFO2o3JD2MpTc_V2iecyeUUZfUFfkRraZd52J5ayZKqd9FzGKkMGxcKpMNzPF3pa2xhfI70D9uH4AGdUudBbjSxSmcOU0ojOXHpPCpu6tDCVJWE_fofsBcRDK28dHJafiavkWS0miL1zV2xI4ofIrE9x2HO89a-MEMbnwATo3vj5owOSBQQIBBgBkgUECAUYBIAHxaWDQqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEO2UOdIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHYEwqIFAXQFQGAFwGyFxwKGggAEhRwdWItNzczMTM1NjIyNzMxMDkzMBgA&sigh=M74g4G1omyI&uach_m=[UACH]&cid=CAQSKQBygQiDH1BMhRA_tlmR7uNWDX-B6mSiqRR7k7dUO2xjSvX6GpbKy1AaGAE&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238076&w=1600&vpmute=0&format=1600x1200&url=https%3A%2F%2Fhes-goals.tv%2F&ea=0&pra=3&wgl=1&fa=10&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688575709617&bpp=1&bdt=758&idt=0&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=32668278212&frm=24&ife=1&pv=1&ga_vid=1263071458.1688575709&ga_sid=1688575709&ga_hid=785754829&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759837%2C44759927%2C42532266%2C44788441%2C44796476%2C21065724&oid=2&pvsid=1977473505638320&tmod=780174454&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=2&uci=2.whe44yr4zwzt&fsb=1&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7731356227310930&output=html&h=1200&adk=2310436509&adf=2873238076&w=1600&vpmute=0&format=1600x1200&url=https%3A%2F%2Fhes-goals.tv%2F&ea=0&pra=3&wgl=1&fa=10&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688575709617&bpp=1&bdt=758&idt=0&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=32668278212&frm=24&ife=1&pv=1&ga_vid=1263071458.1688575709&ga_sid=1688575709&ga_hid=785754829&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1592238476&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759837%2C44759927%2C42532266%2C44788441%2C44796476%2C21065724&oid=2&pvsid=1977473505638320&tmod=780174454&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=2&uci=2.whe44yr4zwzt&fsb=1&dtd=4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 05 Jul 2023 16:48:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ Frame A98B 0
0 54ms
54ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306260101/slotcar_library_fy2021.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.boomplaygames.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame A98B 15 KB
11 KB 75ms
75ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230627&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac8f2d65a53b1f870d2e2b8535e7c2e1a7e4a45a28836a6ad7ac39d55edc06fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.boomplaygames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11226
x-xss-protection: 0

GET
H2 200 twk-main.js Show response
embed.tawk.to/_s/v4/app/64795e77f7f/js/ 121 B
293 B 31ms
28ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/64795e77f7f/js/twk-main.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/62b84c937b967b1179968f61/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hes-goals.tv/
Origin: https://hes-goals.tv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:31 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 281952
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 02 Jun 2023 03:15:39 GMT
server: cloudflare
etag: W/"da5bb1dc647470204df0e49f5afac2de"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7e2118939c599004-FRA

GET
H2 200 twk-vendor.js Show response
embed.tawk.to/_s/v4/app/64795e77f7f/js/ 81 KB
29 KB 35ms
33ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/64795e77f7f/js/twk-vendor.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/62b84c937b967b1179968f61/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

916c13b184fbc42c59463a47bf90611461bec9e17a10a37def3c751ade00dced

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hes-goals.tv/
Origin: https://hes-goals.tv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:31 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 281952
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 02 Jun 2023 03:15:39 GMT
server: cloudflare
etag: W/"ce3014b09c6dfbd6f92bc585fd840580"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7e2118939c5b9004-FRA

GET
H2 200 twk-chunk-vendors.js Show response
embed.tawk.to/_s/v4/app/64795e77f7f/js/ 210 KB
62 KB 40ms
38ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/64795e77f7f/js/twk-chunk-vendors.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/62b84c937b967b1179968f61/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d6b969806080e1a761470b1f28859f3ff7d1bf3b6b41a2392ef6143af5b0d13

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hes-goals.tv/
Origin: https://hes-goals.tv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:31 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 281952
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 02 Jun 2023 03:15:39 GMT
server: cloudflare
etag: W/"01b31f3e100a09c2fbb450c0599a9d8e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7e2118939c5c9004-FRA

GET
H2 200 twk-chunk-common.js Show response
embed.tawk.to/_s/v4/app/64795e77f7f/js/ 205 KB
41 KB 56ms
54ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/64795e77f7f/js/twk-chunk-common.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/62b84c937b967b1179968f61/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9e3acc3ea33954ac74406b8bbd9489bba42631dda3b1ebfa20bb8874226a95a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hes-goals.tv/
Origin: https://hes-goals.tv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:31 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 282180
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 02 Jun 2023 03:15:39 GMT
server: cloudflare
etag: W/"00aa43670bf94cf802dd5797a4416a00"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7e2118939c5d9004-FRA

GET
H2 200 twk-runtime.js Show response
embed.tawk.to/_s/v4/app/64795e77f7f/js/ 2 KB
1 KB 32ms
30ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/64795e77f7f/js/twk-runtime.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/62b84c937b967b1179968f61/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed25316f9b1fa338342fa7af622e15a20c0123d200c4bdcbfca53ce5fede3a23

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hes-goals.tv/
Origin: https://hes-goals.tv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:31 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 282180
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 02 Jun 2023 03:15:39 GMT
server: cloudflare
etag: W/"471fc97e0f884da442b8dc6ac18e204a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7e2118939c5e9004-FRA

GET
H2 200 twk-app.js Show response
embed.tawk.to/_s/v4/app/64795e77f7f/js/ 151 B
212 B 31ms
30ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/64795e77f7f/js/twk-app.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/62b84c937b967b1179968f61/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hes-goals.tv/
Origin: https://hes-goals.tv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:31 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 282180
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 02 Jun 2023 03:15:39 GMT
server: cloudflare
etag: W/"e736e189edb5d0d9d5b8e7f23dd9114a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7e2118939c5f9004-FRA

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 71ms
70ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306290101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js?cb=31075788

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b834a49e932bd9e5f2c6daf5eb08cac9688e46ec89b781fa9694285114feb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11393
x-xss-protection: 0

GET
H3 200 AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js Show response
pagead2.googlesyndication.com/bg/ Frame ED76 38 KB
14 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js

Requested by

Host: hes-goals.tv
URL: https://hes-goals.tv/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 10:17:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23434
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14768
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jul 2024 10:17:57 GMT

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 35ms
35ms Image
text/html 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?v=3&t=l&pid=1596984406&rv=36s0&cid=125316994&l=125316994.EC1.TC0.HTC0~*~GA241

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:31 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 44ms
44ms Image
text/html 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?v=3&t=l&pid=2132865890&rv=36s0&cid=G-098V1SPXWN&l=G-098V1SPXWN.L175.S19.E3302.EC5.TC12.HTC0~gtm.init.S0.V0.E20.TS5ogtgasend.TI16.TE1.TS5ogtreferralexclusion.TI18.TE0.TS5ogtsessiontimeout.TI19.TE0.TS5ogt1pdatav2.TI20.TE2.TS5ccdgalast.TI21.TE0.TS5ccdautoredact.TI22.TE0.TS5ccdconversionmarking.TI23.TE0.TS5ccdgaregscope.TI24.TE0.TS5ogtgooglesignals.TI25.TE0.TS5setproductsettings.TI26.TE1.TS5ccdgafirst.TI27.TE0~gtm.js.S0.V0.E11.TS5gct.TI13.TE0~gtm.dom.S0.V0.E9~gtm.load.S0.V0.E3~gtm.init_consent.S1.V0.E20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:31 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame A98B 17 KB
6 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.boomplaygames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 05 Jul 2023 16:48:31 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js?cb=31075788

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 05 Jul 2023 16:48:31 GMT

GET
H2 200 widget-settings Show response
va.tawk.to/v1/ 3 KB
2 KB 52ms
34ms Fetch
application/json 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/widget-settings?propertyId=62b84c937b967b1179968f61&widgetId=default&sv=undefined

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/64795e77f7f/js/twk-chunk-common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f9fbd34503d41dcca2af8275ebaf2e0a4ad70df617bec80b9bb0a0189e4bc8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:31 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 814
alt-svc: h3=":443"; ma=86400
x-served-by: visitor-application-preemptive-p98d
server: cloudflare
etag: W/"2-51-0"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=1800
cf-ray: 7e2118946d6d9004-FRA
access-control-allow-headers: content-type,x-tawk-token

POST
H3 400 start Show response
va.tawk.to/v1/session/ 64 B
317 B 152ms
151ms Fetch
application/json 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/session/start

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/64795e77f7f/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe384d6150fae0d1a52854c9a928969917ca8f715d6eb6045506292d0d017b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hes-goals.tv/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Wed, 05 Jul 2023 16:48:31 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://hes-goals.tv
access-control-allow-credentials: true
cf-ray: 7e2118954f403aa2-FRA
access-control-allow-headers: content-type,x-tawk-token
content-length: 64
alt-svc: h3=":443"; ma=86400
x-served-by: visitor-application-preemptive-48s7

OPTIONS
H2 200 start
va.tawk.to/v1/session/ Frame 0
0 154ms
141ms Preflight 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/session/start

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://hes-goals.tv
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-tawk-token
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://hes-goals.tv
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7e2118946d709004-FRA
date: Wed, 05 Jul 2023 16:48:31 GMT
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
x-served-by: visitor-application-preemptive-93ml

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D0A1 13 KB
5 KB 21ms
19ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.boomplaygames.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 7109
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 05 Jul 2023 14:50:02 GMT
expires: Thu, 04 Jul 2024 14:50:02 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 29DB 783 B
535 B 31ms
29ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

feff721651a5948909737e16e3259ec5f71c05365a0ebd8936fa4e5065545cd1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PzbDH9Lsx16JvOurAHxvqw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.boomplaygames.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-PzbDH9Lsx16JvOurAHxvqw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 05 Jul 2023 16:48:31 GMT
expires: Wed, 05 Jul 2023 16:48:31 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1357 13 KB
5 KB 21ms
19ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hes-goals.tv/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 7109
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 05 Jul 2023 14:50:02 GMT
expires: Thu, 04 Jul 2024 14:50:02 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5AE7 783 B
536 B 49ms
49ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2fb529bea7e99244c537e9df4eb6eac31db1c0ac16154f19e453eb08c3a1bb67

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9zyjziSW06LD0-n5ai2zIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hes-goals.tv/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-9zyjziSW06LD0-n5ai2zIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 05 Jul 2023 16:48:31 GMT
expires: Wed, 05 Jul 2023 16:48:31 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js Show response
pagead2.googlesyndication.com/bg/ Frame D0A1 38 KB
14 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 10:17:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23434
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14768
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jul 2024 10:17:57 GMT

GET
H3 200 en.js Show response
embed.tawk.to/_s/v4/app/64795e77f7f/languages/ 16 KB
4 KB 56ms
35ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/64795e77f7f/languages/en.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/64795e77f7f/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e924ffe8bcc65483510a22a7286bd6d4d204e72ffe5927eec50158f7a7be50c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:31 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 306387
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 02 Jun 2023 03:15:39 GMT
server: cloudflare
etag: W/"585ba00b2c167b90c210161454f843b5"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7e211894eea03aa2-FRA

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 29DB 0
0 53ms
52ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230627&jk=1977473505638320&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js Show response
pagead2.googlesyndication.com/bg/ Frame 1357 38 KB
14 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 10:17:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23434
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14768
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jul 2024 10:17:57 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5AE7 0
0 53ms
53ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306290101&jk=2371316093786648&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D0A1 0
10 B 20ms
20ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?MC3c5Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:31 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1357 0
10 B 20ms
19ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?BfwVkQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 16:48:31 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 csi
csi.gstatic.com/ Frame 5ABA 0
17 B 27ms
27ms Ping
image/gif 2a00:1450:4013:c1a::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~ljpydox3&c=8782262033701&slotId=4391131016850.5&qqid=CIHR69qC-P8CFQXDWwodKkwGSw&fb=outstream-lima&gpm_i=1&gpm_c=1&gpm_a=1&smb=1000&mt=video%2Fmp4&vs=1920x1080&msm=1&aits=0&webm=0&vp9=0&vamt=video%2Fmp4&hvmf=false&vms=1&bit=0&hcn=0&met.4=arp_a_e.q4&umsem=0&ape=1&ple=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4013:c1a::78 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 16:48:31 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A98B 0
0 55ms
55ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230627&jk=1977473505638320&bg=!t7SltODNAAb90kgr3dI7ADkAdvg8WsVBEZunmWt3gdoG9ghIkrpCIWFjMBbLvLmIDSNPCSC_urJjho52-05do7bLipk55bCajAwCAAAAjFIAAAAEaAEHmQLDKFXqTqNJ-v640QZpkCGfQbFmjt61U-B-cM40z7rN3CZBrY5llMDnmPm4tdL59F8vJp-R-rRXU5QtFa9IHRLzNrAZPzmHunT3URr_7uOGl_tS9mmDwknOpO9fLwP6VBUkmlQCLN-PNomMhAYrQYBYCdoPpD5gXpzvHqGcon8LwEDj2f4N_R5G_w-TKUMHoBlAQSeodYJiaG7h-uskMl_OXUbcFKjpicFgDzz3pyETD4I560zVPAoEJMqgskinMW7e0vfZBTVaXjKOrq74wsh54-p_6m_8Ic5ZekYtxSjNgOkEy7fMusolurbh_6xyfi8QYSjIcV9AzGsZQz1BbRgMa693lQPLpAqeYVCThnaJqA78g5nytvzSB841VgrDXcyKNLPf3Rb1RNl3zOi2LbGRmgx_o_umc4bT_Fmig-t_KMVeCmx7ByqWck3xfrcr1M_Yp_cZ9ZKwJqCQNWD8e0VPvxLYdDHV6lqNl3oAfuXJcHfyDWpmC11AHRSaQlnKjNhkbsxgjM043p85tojDtVZbc3iKmbQhp8IYywmOFiToNZWoSC_uxONZT5C_SlXd6uyAJ3j3E6FKy46HU_wyNplVLUDw2h_2NfhqMZsb76qWxEo2AJ9mzsyQ2dmglZHzPlzTc1__zMBKXzYe8VNTjUifufzWH4NWWIX3k02yG-FytNI1VsmoT399rTBjsduHONJcC89KuDXhYuiqsAT0KXDT75RZjJ46x-C7TeF7EQorYPw9-y8Wd5PJWIwZN3b5_g0Y8mCuwXy7IVt01Cae2MDBJ8Pp7Lfkisu1w5JBInP3kEIEACVBUtRiOKkYnz9zALOz1n3J3znL3Ie7auH4OiH-Ervn7Kp8CU0jI2Lhc5KpsNA5h5OBvlksUEiIW_tj_B5w1jcVnUVG98BaNiVu4HICVtzGcNn-Q8kSYNBSmS7JTLmAXhs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.boomplaygames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 55ms
55ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306290101&jk=2371316093786648&bg=!3t2l3YnNAAb90kgr3dI7ADkAdvg8WuQI7imuOx5z7xKjIMZQc5d6tePj6TxgMzXs_dVMlBGkdMNZRMvaAj08lVYPiWhnLtOgAuMCAAAAflIAAAADaAEHmQKiOmVl0476oKhYZhBZqKNByiJTx8KBsr95g1ydCRr0cC7bVxAsyNidHw8a_ImdBNPlXco6Sm9sBtKgM5joNilQWt3FX_pT04JctT-pJ2y7ltRT4UKwM6ZQmgm2kgqBx3uCsowunUCDNdChm2X0g42x8xaulrilR1B_hwjt_vFMfXtpi6TBLvwJK_hGG1ADC1GeWnnsEzYV12OMZ4E0zEOpYyDn2_pqxoiFdfcTuhiyGjqcZqnqtRFto7O5hPxcv6H0xx3uYvkj70iyTjBJDg_IRfKI1wbf4o7XEEzNezjlm_sel1cWzzI0bZLz-2PovlLYZBMopFlcuozoUEmsgbakis2hhtvdOEB9OhCv-ZKSmx5Q6vQD1j3Vlop9g5E3iL9q1aiz_CO5W19GLaUJaQgzNku-eFKHQ3s3my7x25Fb3GHM_6gvVsdneeUaLKLxGXfBlvMxQLh5kZaI4qtorGLkOkKohRnwLkekcyQxOadI-Aup6SNID4svfjqyW75nm5uZH9KtHo_-eFy9Joe9ncnk-SjF1W5D3Ck9f5T5Z1yevsi05Pki81IuzMT-qDCA4lcBO-JxNscPvv5Nboqk2HvAHCWjDvTkikEib0C_bb9_XhIuiDjihQup-_jO3il1v1Wlhi-6fkdIN0pqYETjxQRe4hCaggM-21AafCaYfiKCzuRktr_2E271tE2kCW9n4arSiKwSYqDIY_cv3eZB1D8Yi9Ih-x50oFDoPRA5Uo6pU8vWno3oG8tt8l4iM--rCCNsS-36PZlEw_-DGtwLPgHW3TXkhzh09zzlBNhEi_9l2QCMqS8DIGSsjgM3JfrS1gQtf2xD8jJRDdE-M91uwx49mmjUuBvjlRssnZktDhqqEWO_LkQBgwjJz3GwvxcSqmynX1U
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hes-goals.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B58F 42 B
64 B 64ms
63ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvaKVaW38hdys6VBFITbO9nllaVb6SOCFjNTLIDF_Pjjx_Ioyd2Jcbk6bJbNe3h-t2X0cxXJb1cEWuJ7If9kXUPVAqz858zk_KQmRVrBYIAi892yQfuNwXOu9fxWQCgOT-U450ZiEVc9UU3lJ8Lf6KZtZ2--MSoIzvpGswreDk&sai=AMfl-YS49OTp4gHX3e5okug8PmLxkWmYed0Gt-FOjs-zX0DYuoZDEBxQxN3mfvuAwYq9Pu5qtZGP0JKXNh6pIqAyx3gbHigRySp1dl4&sig=Cg0ArKJSzMa1FLDKJQFgEAE&cid=CAQSKQBygQiDH1BMhRA_tlmR7uNWDX-B6mSiqRR7k7dUO2xjSvX6GpbKy1AaGAE&id=lidar2&mcvt=1000&p=0,0,248,620&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230628&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2310436509&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1688575711003&rpt=272&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 16:48:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

228 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

37 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hes-goals.tv/	1970-01-20 22:38:55	Name: _ga_098V1SPXWN Value: GS1.1.1688575707.1.0.1688575707.0.0.0
.hes-goals.tv/	1970-01-20 22:38:55	Name: _ga Value: GA1.2.37944306.1688575708
.hes-goals.tv/	1970-01-20 13:04:22	Name: _gid Value: GA1.2.1322896429.1688575708
live.demand.supply/	1970-01-20 22:38:55	Name: demandSupplyTi Value: 24e2a4ae-5a44-4ecb-84e3-628e0a5f47fc
.demand.supply/	1970-01-20 13:02:57	Name: __cf_bm Value: R3vuYJLQXwJ5bPBlg6VG7.MIKB._xOPWY5WU2PYWbA8-1688575707-0-AfCgnKrYvLjxTC7Sg5TX+T096qMgCMQr8do92pBM0lFl6nzsw4/HEBKpwkGCEAzFfEIB92mJJyCc01LT/qRkKNc=
.hes-goals.tv/	1970-01-20 13:02:55	Name: _gat_gtag_UA_262345773_1 Value: 1
.criteo.com/	1970-01-20 22:24:31	Name: uid Value: eed602ed-72a5-4583-9531-256be10c6f16
.hes-goals.tv/	1970-01-20 22:24:31	Name: cto_bundle Value: fT01R190ck4zUHl3bXA1R3JEM0daJTJCMXVjdE5DbEdTdHAweUM1ZERSMXhuMjljOVlHUEcxbndROEp6N1hHWEN6M0J0Tm5tUFA2VnJCQXk5UXZVTGhWYlVDUTdGanR4WG9LalZ2Qmc3THFjUkZGWjJzN1EwVzYyQlJTZ1F2ZWVMb3R5TCUyQmRKdDRUQ0JJa2tmVSUyQmFQZiUyRldaenE4dyUzRCUzRA
.hes-goals.tv/	1970-01-20 22:24:31	Name: __gads Value: ID=f688b5ba705df737:T=1688575708:RT=1688575708:S=ALNI_MYHDYp6hWbBV2xXQ8mYovcNDMqwWA
.hes-goals.tv/	1970-01-20 22:24:31	Name: __gpi Value: UID=00000c3733671c39:T=1688575708:RT=1688575708:S=ALNI_MawkSvU7ZD5Jj1WeDwz1tR06iliJQ
.doubleclick.net/	1970-01-20 22:24:31	Name: IDE Value: AHWqTUnn9Fkix6hj6JpXuAwOfPFkj6iiYWoKr7FwVmtQgfT4Qye-_7isNJ9DfNVa-Cg
.quantserve.com/	1970-01-20 15:12:31	Name: d Value: EAMBCQGyKYEA
.quantserve.com/	1970-01-20 22:33:10	Name: mc Value: 64a59edd-8cc13-661f1-269c9
.simpli.fi/	1970-01-20 21:49:58	Name: suid Value: 121054A96B134A3D81927EF1AB81355B
.turn.com/	1970-01-20 17:22:07	Name: uid Value: 8255852990433214092
.adform.net/	1970-01-20 13:47:34	Name: C Value: 1
.adform.net/	1970-01-20 14:29:19	Name: uid Value: 8463532471152354666
.doubleclick.net/	1970-01-20 13:02:59	Name: DSID Value: NO_DATA
.blismedia.com/	1970-01-20 21:48:35	Name: b Value: 64A59EDE55309A7C7E7FDD00BLIS
.de17a.com/	1970-01-20 21:41:19	Name: guid Value: 1.7616381758796102879
.adsby.bidtheatre.com/	1970-01-20 13:13:00	Name: __kuid Value: e7d327b1-d857-4ee4-b18c-daef261ee3cc.457789710
.360yield.com/	1970-01-20 15:12:31	Name: tuuid Value: 26fae6ee-c337-4712-9bd5-bea0878a4d26
.360yield.com/	1970-01-20 15:12:31	Name: tuuid_lu Value: 1688575710
.bidswitch.net/	1970-01-20 21:48:31	Name: tuuid Value: 2913d949-010a-4a82-864e-45c5eefa10c4
.bidswitch.net/	1970-01-20 21:48:31	Name: c Value: 1688575710
.bidswitch.net/	1970-01-20 21:48:31	Name: tuuid_lu Value: 1688575710
.sportradarserving.com/	1970-01-20 21:48:31	Name: zuuid Value: 42b6ddd7-f111-4590-a488-df8693f819cb
.sportradarserving.com/	1970-01-20 21:48:31	Name: c Value: 1688575711
.sportradarserving.com/	1970-01-20 21:48:31	Name: zuuid_lu Value: 1688575711
.sportradarserving.com/	1970-01-20 21:48:31	Name: zuuid_k Value: 1
.sportradarserving.com/	1970-01-20 21:48:31	Name: zuuid_k_lu Value: 1688575711
.quantserve.com/	1970-01-20 15:12:31	Name: sp Value: CgsI2WUSBgjfvZalBg==
.ctnsnet.com/	1970-01-20 21:48:31	Name: gid_CAESEILu8MvIPeinTQsuy_LIyNc Value: 1
.ctnsnet.com/	1970-01-20 21:48:31	Name: cid_5a4b3d5c7b1b405f81ff689523cf0481 Value: 1
.tribalfusion.com/	1970-01-20 15:12:31	Name: ANON_ID Value: amntuJy4ZawFBA9MAJT7lNPff3KrMvZco1lJWGFgQc6biZc6gYAxMI7nrH56WZbZdYaP70VJThOTaFjXSMUPtdaNr3atP
hes-goals.tv/	1969-12-31 23:59:59	Name: twk_idm_key Value: 9mzfesktwMShrjcHazy5x
hes-goals.tv/	1969-12-31 23:59:59	Name: TawkConnectionTime Value: 0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://va.tawk.to/v1/session/start Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

446ca768f6101eb974d20754f4b8163a.safeframe.googlesyndication.com
a.sportradarserving.com
a.tribalfusion.com
ad.turn.com
ads.eu.criteo.com
adservice.google.com
api.scorarab.com
bcp.crwdcntrl.net
c1.adform.net
cdn-ima.33across.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cm.g.doubleclick.net
cms.quantserve.com
csi.gstatic.com
d5p.de17a.com
dis.criteo.com
embed.tawk.to
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
esp.rtbhouse.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
hes-goals.tv
id5-sync.com
imasdk.googleapis.com
invstatic101.creativecdn.com
ius.ctnsnet.com
live.demand.supply
match.360yield.com
match.adsby.bidtheatre.com
match.adsrvr.org
mediation.magnetssp.com
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
r.turn.com
region1.google-analytics.com
s.tribalfusion.com
s0.2mdn.net
securepubads.g.doubleclick.net
static.criteo.net
tags.crwdcntrl.net
tpc.googlesyndication.com
tr.blismedia.com
um.simpli.fi
va.tawk.to
web-api.scorarab.com
www.boomplaygames.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
104.18.35.34
104.21.235.61
104.21.4.192
108.138.36.43
108.138.36.75
134.122.57.34
141.95.33.111
15.197.193.217
172.217.18.98
178.250.1.11
178.250.1.9
18.155.129.34
18.197.42.180
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
213.155.156.168
2600:9000:2250:d000:a:e047:753:be1
2606:4700:10::ac43:2642
2606:4700:10::ac43:266a
2606:4700::6810:8616
2606:4700::6812:18ad
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:806::2003
2a00:1450:4001:808::200a
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2002
2a00:1450:4001:811::2006
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:827::2001
2a00:1450:4001:828::200a
2a00:1450:4001:828::200e
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::200e
2a00:1450:4001:831::2004
2a00:1450:4013:c1a::78
2a02:2638:3::12
2a02:2638:3::3
2a02:2638:d::d
2a04:4e42:400::485
3.121.111.240
34.96.105.8
34.96.70.87
35.186.193.173
35.190.39.111
35.204.158.49
37.157.4.28
51.89.9.253
54.171.151.8
54.194.100.120
98.98.134.243
00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387
02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2
02b209928f54d5bab5517ca9dea9af1f2675bce2d98c96203a82b756e7444d75
0364a2a3a2e3b6abcee9f28a49f6c4d07ee728277f97a872f6e8c30ae8c0808b
04c19866871960d5f764a0e629213d45cb3670fa273ded92884b05f1310bfbc1
081fa2dae56dba7ea3b94b69124bf7dac4bb19691146089ecf8c8cb91d764569
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0a2b45b99a2c8cdb8ee20b4a1ab53375594044248f7d33070b636ce06d11bdce
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bbf7ee31ad3e09d42ecd4b3458b9e06113d0c9744e26289db7da1b8fd557ffd
0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea
0dc6468a3e77397fedf2e7befb19600dc7111f3f7fc165a08f7b352ac6997f7f
0f920698736a8067fc75fd59138bd0d610f01d8dbf4f0ca6db7110b9e3970200
1374b8f07fff158a285cae4f10364b53b430f5460c29a56e7069c5044541d12b
13a80ef3063448c00840e283e683dd30c9ce6dd3a2727acb807939161f69cc4a
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
162c5ebe4d8983b62bbb17bdcbec49361953db02abb8ef83a527c25544b4de9a
17e12bf7b8cffd82257eae0499a2f1d89c500c2342fc09b9d8e950edc63bb8ba
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
20e74dbf3ee183f6fe1447dd7efef616905f78e10733e618dfd67f54c8a25ca8
22c4ecbc437ca2d24fa436ef7c1636b6e2dd08f8ed35d7dfaf4966f2e5af7a03
23de17aeb7ee137d285a2cacba75f32d415fc30b480707edca2c00d7d993b18b
251e698350d71b2099fca45f78c5400fa102df568973b193d25e7f79aea7e922
26c593439d52db01fdada987d794fdbebca4c3057c4189f382e9030a536e33ad
27c045f2414b6b6af54b601c46312a6cbeb5dff6da152d9aceea0272fc896d03
2869d4521c11b67c5464be455b4f81870ffc2f42a859262dbaaec63abc9b1142
289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf
2a04078f9550381b5148170ceaf5b378a1b31ed8274c6d0094aeba6f599462cc
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2fb529bea7e99244c537e9df4eb6eac31db1c0ac16154f19e453eb08c3a1bb67
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32ab67033bbf505e26b3abb5317160c34ccc866bcdcecb84014c26a75ca7e582
3371ba6cd8c41da32f0c4a26906282126e1229b336f9516295b722c11c80fdd2
33852fd93af285f5f764ba5a64a5dc274f176c9975ba6bfa26a18615fff7839b
3a0fa1432d03ea6463f191daf6cba5087f6a3889c94b8dc231f992c7474e0a42
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b
3cc0b563084ab3f3f982828651c83e32b01aacaeecca60f0edffbf4e29905218
3e635e6c39fcb9637407a910b39111671ba82d0f9380cb7f83b0d48548d343bd
4036a7185b162d10f29251fd3a9cc441dd9231dd1e04c31db545d39581ccf40a
40d116f6e6bf9b32cbfa92d9192dc17522dd56764750a1c2dbd17c64913a051e
410caaf712162d6c453260d9907e548a53092ad3a86b1f019d9867aa6a93b8b0
416e4d0f6bc2bdddb348dcf8fa16b87e698b0c3a40e42303298b9ef8683ea200
43cccd4816bb99c9b539492e30d6a18a24702fea9b763c91b3cf91d403f10c93
464be521d749b2ba1c7e8c1f87223b56a03ee0bd05484baa0e9067ce9eb9d2be
46694a456711f854acf918bf369e0ce435264b9bb101fe05b5605ef4aa68fe22
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
471d1441e10580906ddefbe4cfb90f60ba5a73ff217739fdb927a06d38694ab5
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5
4bb033ea7a2a04c5459311db0d05fdf49fa1c1478b61e7db9e8358dcebfc9504
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4dc1555887b8868234b3d67cf28cda945f83e7bef9dbac50e418091f1cac9ca8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
514462b829dd90b56ff75956be1db4427c0008312b048ab3a305aedee432b559
5304014e622ac98de071a2c770367be73b02febed61706a5570ec18011a896c0
53b834a49e932bd9e5f2c6daf5eb08cac9688e46ec89b781fa9694285114feb7
53c8e12b1eecfdd19a3dd422e55c59fa464b5b8d79c1c3a496c5464012a7c2e0
553ae0bf096177f4d85b26a41d255124f5e812a830cc2b47a7fda8d2c05a4cb9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55f8164fc4d266417200fa79515999810bd90f88c2e7ff2b92a8de8a5a9e9e65
56c7c259204af647ab87fff5af225230b7c086ff68217fb411d4bcd7a4c6a91b
5b611e89fa1a6b58cbc1db830dffd3ff972ce5727f6397510a60332cc2218055
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5cbfdba5871eaddafdcea0b9eaf328fb4c1fc338adf5526f7f991c3f087865c7
5f18028a8c8f9685c4c8b79a102de82aefe1786bc627d1af57db26834903e1a9
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62bf4b5a9f50e5f894564da29105683eddc709f3511c08fe628db41dd52d9c30
642a0bd8ae906593d947df50fe877f4055de38b225a0c41c42aca1636efa5c2e
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
692b46845c725581162b874de07dd36f32a92e1c77f44e83a51dc5fe66c1e1f1
6a3c9c69544c839d178db96a6e58336a41fe05d41cb6de5ec0fd85e9fa6f3cbf
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d285ae6755d52c452904f5bdfa4a6c2082186d695304b242e9db2f12461f02e
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
6d6996455ef875c8e74b317f198c28048626813d28ca154244cd9e86134fcd22
6d6b969806080e1a761470b1f28859f3ff7d1bf3b6b41a2392ef6143af5b0d13
6f491106c4564f17841d49d018efaf5e4671fe8b0200d2612aaf74d76a0320d3
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
72fe8c33fe10e9e43164ef94d9a35b9a3549ef6501e0eedea8693f86cc3756d4
76a110577feffe879a6a5321da0f937b26f6f779b35891f882896abcdde3cba7
771f240b104a02793da605bcf6c5d4c3c7760d5f315a7736a7e8a355fdfda51e
78007c2c998efc58a117a755e2151f0b3db2f5b7e21c8a960b2384287d424411
798216b41863d068ba10c6d81dff0e44f59cca71f4e0761e160934774d0aa777
7a7738e3b4ced86866bc4b9745aa9375eb3c2da2a93dfc7e7a52ab41a50da4b1
7d4095ea226f3f80d6d4fc62e3737dd5107fd9d4aa4a443cac11378b102f64b6
7f9fbd34503d41dcca2af8275ebaf2e0a4ad70df617bec80b9bb0a0189e4bc8b
8187dcb05ebcfc94502aeec0524c23c7d22afbafe17aff1d39acc1d59a3a52db
8387b57a118935f8019c446fd39e34f5c72f0dd3ab3f56a090f4a42dba73fcf7
83f0ab6013485bf0bc5b7dd069ee648de9311fa6a6b86a34b96a7c4ffbd42479
84956bd6e1589e89b06898b6dcdc954ee9d6cd0066d53bab308e4fa797e633bb
84eb928b53866586291fbc8dd8fce5ab58341fc0e46afc858f2436350b71f80d
85b11773eb90e2899f2944954ba836cc43c0535a1cbc05e75cbe8f54aa87706d
870fe3ad57f364db1b1d4376a052dbc10e9ebb62f59e389e075fe3b4e7c1ac94
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e22df30974dbc894ac8902a184d73fab4bac48257b32e4dba9a46b4c6e3ac31
916c13b184fbc42c59463a47bf90611461bec9e17a10a37def3c751ade00dced
979b564456810f2a7c3f5f808bf473242eb85747580fdf53bf99856a4167be64
980f0ef5cc8a1dd223ce90e7c93ecc6108d5d7c1fbf6a619e297ee635b908d40
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
9a192048906ff3ff26b970b22681b6f995bc963f1952fdfd7fe2fe8447deeee9
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b115ab2bfee0ecb367bcc5a4870cac98d54aa613c73dd6a79f9be6bb2ccf362
9cd1336841f9b6a47bfefd1304c8f86d2a04a768358ef88a6144130074555e30
9d07b247a5737c7c856df82bfcec6691d22ab84c4983b6c98a33ed192f3f95a4
a0a5cb9c599aeb2464d76dd343c31dabc25bd06497024a59de3abb576585e3fa
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0fd8366f85ca9b53a88fba4c1a9a2a043d273e1152b923af231ebcd708fbb26
a43e5ef4e08adc47c6cd09cccf45a037743c09fc5c97250fa324706c80d8f046
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a6482849860cec9c85f0b28a58d829013b52b1c774f20255cf6100f66c1ab46d
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a6f1fb3a353b36584814bd6f0b8915e5f8a7cd6c32b4dd19579ac0f577e2ff05
a6f3c4eb8378e0bd2852618eacf0a02ff8147155da4d5fb765d89989327cd1cc
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a725e32f71488cc1f0cb0e25b6f3a4ba8ee76a8218c5e7969d4b9dee002bb4eb
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af
ac8f2d65a53b1f870d2e2b8535e7c2e1a7e4a45a28836a6ad7ac39d55edc06fb
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
b186db623b650dc488d5c1ac1bb3bd231eeb3450ef21bd2ff5287cda1201acb7
b24b97eba7a64f23317020f937bf3852cf87bc699bca89c65df2893773654d7f
b5ad4f7fe1de2ea12066252dfc254958ce71d33f1abec36e537928e6f56deae8
b5c3f51b47bbb58a51f038cfd86c6222d614ff7a586d931daa99d58ab1b11fc6
b9e3acc3ea33954ac74406b8bbd9489bba42631dda3b1ebfa20bb8874226a95a
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7
c334fe640b85a39b39afcb3fb696fb65a0f38f61d4aa04e4daeb4b2736721a53
c5a8cec60b5774c8e0ea5d3feed60f15820528d3cf18a4634cd29c6b23baa2b4
c6e448c90506bfb14bbb711d307a2e4f6aa79062fdc35c8224e1849c76ba368a
c9af2879b74e7fdaedf2ba271f9eebf592a7068f8a48bae63693ec9e45d2efbe
ccadf91ea6b253cde980f628757f2108644f3aceebabff1f109f87ceb713fdb1
cdb89e8e7f3b2aca3261b9b82d5712d14b4a44d30e3823b2a452114ef31d7f6b
cf923ba7808582538fe2d8b53ff2dba1a85df20156e67bb9284ff36f788f7023
d4afcd9f5c6ed612b8d826b1cab671242751bf28bb91a2f321f91d40722a4696
d50e12b32a9f597e7db520fcf93c0db0703ce8b2f22977ca7e8b8d7297f06bad
d5935bd4c9f228a9ab62c6ef3684fb301a4386e19ffc4323cffdc9eed11035b4
d93b2ad3f1c0e8b5a43c517d409b28d015eb3ccd5f11beed827d6ecfbf16cf4a
daf7cc0ceb592620be8a91d4cd7658e166f9f1bed4423d584632d9fe5465696d
dc4ee6fd5625e3388a2180c439508e6bd7e1affd4b7a74e23a02ea735253296a
dc8075a55cee5d7614df571fab514c2108024826f009287327a2bf9938a976a5
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e924ffe8bcc65483510a22a7286bd6d4d204e72ffe5927eec50158f7a7be50c0
e99b649854621c01ca000e9b0c3f5e2115592a4f73b33395fac5b7c648e29820
ea1761bc55feeb90d28161e8cd9be009554508bff69eb35367bad32a600da940
ecc6ccff0a918981f75bc00d318fb0f30a422c2d48d63fa6e0dc0f123d91a33b
ed25316f9b1fa338342fa7af622e15a20c0123d200c4bdcbfca53ce5fede3a23
eeff21a699dabd0291e0f9677c7cdd5e198f2c70abcea9afe1329c4f9e528e8c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef812cd33b232e61ac15a916b88aa527de30d12e88ae3cef5f56b6ef6f23d28d
f034bd8f875925a386dcfe81dd78d184e4b473552a6c34700d9f6355fb5b2f2c
f05360cfc3cd26232144b02b779fb3b5a43d49c0f32ff4cee143483fe69566d8
f1346360729e77380edf8f17fa421b76452289ae1b5f4be290b19c4d204e9587
f5aaa92dcc869c3873f221c39a6e2e3da467946be14d5dd7a3c376e6f0a89c21
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39
f7ead8acc98b6a7af25bbfe2a100d23bcabfc6cc32a04f8ad733ddd149020445
f94a0b25ed421e6643ca8ae21ccd63cf5630e8db8a3b64f63a669936d068c427
f99bc745cc2417fc3b9fa7813042d516d77385fdbf5e95ef870f2c1afcec9b6c
fcd9c6fbad9f836bf9779d5d585cc45d2604c454d0b2bd9d46923ba8c5cfe202
fd281e860ca39a5f29c0d3483ce6cf03ef62d263f901d8bb5f66eb21b4187b5f
fe384d6150fae0d1a52854c9a928969917ca8f715d6eb6045506292d0d017b39
fe98d3a5568bb80babecb5a468ae76be08171334656bcf826779951b5cfa415e
feff721651a5948909737e16e3259ec5f71c05365a0ebd8936fa4e5065545cd1
ff24e055ee2587d6a90d6256a9aa1fb460ed6b4842a44bac39d81656959d7d61

hes-goals.tv Open in urlscan Pro 104.21.235.61 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

275 Requests

93 %HTTPS

55 %IPv6

40 Domains

60 Subdomains

47 IPs

9 Countries

6195 kBTransfer

10068 kBSize

37 Cookies

4 Outgoing links

Redirected requests

275 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

hes-goals.tv Open in urlscan Pro
104.21.235.61 Public Scan

Screenshot
Live screenshot

Full Image

275
Requests

93 %
HTTPS

55 %
IPv6

40
Domains

60
Subdomains

47
IPs

9
Countries

6195 kB
Transfer

10068 kB
Size

37
Cookies

275 HTTP transactions
4 data transactions