heroesneverlose.com Open in urlscan Pro
23.226.8.98 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://heroesneverlose.com/
Submission: On July 19 via manual (July 19th 2022, 5:30:01 pm UTC) from US — Scanned from DE

Summary HTTP 155 Redirects Links 48 Behaviour Indicators

Summary

This website contacted 23 IPs in 7 countries across 21 domains to perform 155 HTTP transactions. The main IP is 23.226.8.98, located in Hong Kong and belongs to UDOMAIN-AS-AP UDomain Web Hosting Company Ltd, HK. The main domain is heroesneverlose.com.

This is the only time heroesneverlose.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Target (Retail)

Domain & IP information

	IP Address	AS Autonomous System
18	23.226.8.98 23.226.8.98	23881 (UDOMAIN-A...) (UDOMAIN-AS-AP UDomain Web Hosting Company Ltd)
3	2606:4700:303... 2606:4700:3037::ac43:c2db	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	47.253.50.2 47.253.50.2	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
10	2a02:26f0:350... 2a02:26f0:3500:596::9b6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
17	151.101.130.180 151.101.130.180	54113 (FASTLY) (FASTLY)
28	35.215.138.177 35.215.138.177	15169 (GOOGLE) (GOOGLE)
1	23.35.236.247 23.35.236.247	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	183.131.207.66 183.131.207.66	136190 (CHINATELE...) (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA)
7	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	151.101.2.132 151.101.2.132	54113 (FASTLY) (FASTLY)
1 2	3.218.155.137 3.218.155.137	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1 4	2a02:26f0:350... 2a02:26f0:3500:58b::4469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	23.35.229.201 23.35.229.201	16625 (AKAMAI-AS) (AKAMAI-AS)
6	213.254.244.106 213.254.244.106	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
5	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
155	23

18 23.226.8.98 (Hong Kong)

ASN23881 (UDOMAIN-AS-AP UDomain Web Hosting Company Ltd, HK)

heroesneverlose.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3037::ac43:c2db (United States)

ASN13335 (CLOUDFLARENET, US)

bd51static.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.253.50.2 (United States)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

sdk.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:26f0:3500:596::9b6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

target.scene7.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 151.101.130.180 (United States)

ASN54113 (FASTLY, US)

assets.targetimg1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
taglocker.target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gsp.target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 35.215.138.177 (Central, Hong Kong)

ASN15169 (GOOGLE, US)
PTR: 177.138.215.35.bc.googleusercontent.com

www.168xykai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.247 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 183.131.207.66 (China)

ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN)

collect-v6.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.132 (United States)

ASN54113 (FASTLY, US)

staging-ps.ispot.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.218.155.137 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-155-137.compute-1.amazonaws.com

idx.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

e9c29e174c780cd6c491d10963ef6127.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)

as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:3500:58b::4469 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.229.201 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-201.deploy.static.akamaitechnologies.com

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 213.254.244.106 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpsc-frc.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

api.api68.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	168xykai.com www.168xykai.com	133 KB
18	heroesneverlose.com heroesneverlose.com	1 MB
12	doubleverify.com 2 redirects cdn.doubleverify.com — Cisco Umbrella Rank: 491 tps.doubleverify.com — Cisco Umbrella Rank: 494 tpsc-frc.doubleverify.com — Cisco Umbrella Rank: 10922	224 KB
10	targetimg1.com assets.targetimg1.com — Cisco Umbrella Rank: 10265	422 KB
10	scene7.com target.scene7.com — Cisco Umbrella Rank: 6958	301 KB
7	googlesyndication.com e9c29e174c780cd6c491d10963ef6127.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 166	263 KB
7	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 231	143 KB
7	target.com api.target.com — Cisco Umbrella Rank: 7604 redsky.target.com Failed redoak.target.com Failed typeahead.target.com Failed taglocker.target.com — Cisco Umbrella Rank: 12829 gsp.target.com — Cisco Umbrella Rank: 10509 Failed	2 KB
5	api68.com api.api68.com — Cisco Umbrella Rank: 487254	5 KB
5	51.la sdk.51.la — Cisco Umbrella Rank: 53753 collect-v6.51.la — Cisco Umbrella Rank: 51857	15 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 196	114 KB
3	bd51static.com bd51static.com	4 KB
2	liadm.com 1 redirects idx.liadm.com — Cisco Umbrella Rank: 4932	687 B
2	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 410	806 B
1	casalemedia.com as-sec.casalemedia.com — Cisco Umbrella Rank: 1303	580 B
1	google.com adservice.google.com — Cisco Umbrella Rank: 103	549 B
1	google.de adservice.google.de — Cisco Umbrella Rank: 6937	792 B
1	ispot.tv staging-ps.ispot.tv — Cisco Umbrella Rank: 184268	430 B
1	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 637	33 KB
0	adsrvr.org Failed match.adsrvr.org Failed
0	rlcdn.com Failed api.rlcdn.com Failed
155	21

	Domain	Requested by
28	www.168xykai.com	heroesneverlose.com www.168xykai.com
18	heroesneverlose.com	heroesneverlose.com
10	assets.targetimg1.com	heroesneverlose.com
10	target.scene7.com	heroesneverlose.com
7	securepubads.g.doubleclick.net	www.googletagservices.com heroesneverlose.com e9c29e174c780cd6c491d10963ef6127.safeframe.googlesyndication.com
6	cdn.doubleverify.com	2 redirects e9c29e174c780cd6c491d10963ef6127.safeframe.googlesyndication.com heroesneverlose.com
5	api.api68.com	www.168xykai.com
4	tpsc-frc.doubleverify.com	e9c29e174c780cd6c491d10963ef6127.safeframe.googlesyndication.com cdn.doubleverify.com
4	tpc.googlesyndication.com	e9c29e174c780cd6c491d10963ef6127.safeframe.googlesyndication.com
4	collect-v6.51.la	heroesneverlose.com
3	e9c29e174c780cd6c491d10963ef6127.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	gsp.target.com	heroesneverlose.com
3	www.googletagservices.com	heroesneverlose.com e9c29e174c780cd6c491d10963ef6127.safeframe.googlesyndication.com
3	bd51static.com	heroesneverlose.com
2	tps.doubleverify.com	cdn.doubleverify.com
2	idx.liadm.com	1 redirects heroesneverlose.com
2	gum.criteo.com	1 redirects heroesneverlose.com
2	taglocker.target.com	heroesneverlose.com
2	api.target.com	heroesneverlose.com
1	as-sec.casalemedia.com	heroesneverlose.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	staging-ps.ispot.tv	heroesneverlose.com
1	js-sec.indexww.com	heroesneverlose.com
1	sdk.51.la	heroesneverlose.com
0	match.adsrvr.org Failed	heroesneverlose.com
0	api.rlcdn.com Failed	heroesneverlose.com
0	typeahead.target.com Failed	heroesneverlose.com
0	redoak.target.com Failed	heroesneverlose.com
0	redsky.target.com Failed	heroesneverlose.com
155	30

This site contains links to these domains. Also see Links.

Domain
weeklyad.target.com
www.target.com
www.cvs.com
corporate.target.com
help.target.com
roundel.com
www.bullseyeshop.com
investors.target.com
partners.target.com
plus.target.com
contactus.target.com
security.target.com
www.pinterest.com
www.facebook.com
www.instagram.com
www.twitter.com
www.youtube.com
www.tiktok.com
814146.com
es-csqz.com
disizm.com
gracemanpeter.com
birthl.com
huawenes.com
shangmsh.com
yangletou.com
trip92.com
bebsns.com
palmbeachstylist.com
azz1664blanc.com
dsn151.com

Subject Issuer	Validity	Valid
*.scene7.com DigiCert SHA2 Secure Server CA	`2022-01-23` - `2023-01-24`	a year	crt.sh
opus.target.com GlobalSign Atlas R3 OV TLS CA 2022 Q2	`2022-05-18` - `2023-06-19`	a year	crt.sh
www.168xykai.com R3	`2022-06-21` - `2022-09-19`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.ispot.tv R3	`2022-07-18` - `2022-10-16`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-24` - `2023-06-23`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.doubleverify.com DigiCert SHA2 Secure Server CA	`2021-12-23` - `2022-12-23`	a year	crt.sh

This page contains 8 frames:

Primary Page: http://heroesneverlose.com/
Frame ID: 8D50FC63C96BCDA3435B372D1F38EFE5
Requests: 80 HTTP requests in this frame

Frame: https://www.168xykai.com/webapp/html/aozxy5/index.html
Frame ID: 30E2D330F0E313C7757AE96A2EC6EE1C
Requests: 28 HTTP requests in this frame

Frame: https://e9c29e174c780cd6c491d10963ef6127.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 28DF1CDD9AE004679B5BEF9C97F508A0
Requests: 1 HTTP requests in this frame

Frame: https://e9c29e174c780cd6c491d10963ef6127.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 085493C6D071043A795C3E2EE3B0393B
Requests: 7 HTTP requests in this frame

Frame: https://e9c29e174c780cd6c491d10963ef6127.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CF12079AEF3A659E350B241ECAEA4FA0
Requests: 7 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements2916.js
Frame ID: F1DB356F9D49968851C46AB9E03DDC15
Requests: 4 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements2916.js
Frame ID: D5AC3D943393432A9F3C24D04E67C475
Requests: 4 HTTP requests in this frame

Frame: https://www.168xykai.com/webapp/js/lib/video/SSC/azxy5_index.html
Frame ID: B38EE472C802C85C0A3CA099580EF5C8
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

澳洲幸运5|澳洲五查询|澳洲5记录|澳洲幸运官网开奖|Target : Expect More. Pay Less.

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

155
Requests

57 %
HTTPS

41 %
IPv6

21
Domains

30
Subdomains

23
IPs

7
Countries

2763 kB
Transfer

9280 kB
Size

17
Cookies

48 Outgoing links

These are links going to different origins than the main page.

URL: https://weeklyad.target.com/
Title: Weekly Ad

Search URL Search Domain Scan URL

URL: https://www.target.com/yr/crush?lnk=acct_nav_crush
Title: Favorites

Search URL Search Domain Scan URL

URL: https://www.target.com/account/orders
Title: Orders

Search URL Search Domain Scan URL

URL: https://www.target.com/yr/crush
Title: Favorites

Search URL Search Domain Scan URL

URL: https://www.cvs.com/immunizations/covid-19-vaccine
Title: COVID-19 vaccines now available Make an appointment for your free vaccine through CVS Pharmacy® at Target. No cost with insurance or through a federal program for the uninsured.

Search URL Search Domain Scan URL

URL: https://corporate.target.com/corporate-responsibility/sustainability-strategy
Title: Target ForwardLet’s move toward a more equitable & regenerative future together. Explore our sustainability strategy.

Search URL Search Domain Scan URL

URL: https://corporate.target.com/about/purpose-history/our-commitments
Title: Our commitmentsLearn more about our commitments to ethics, human rights & more across our business.

Search URL Search Domain Scan URL

URL: https://www.target.com/c/target-privacy-policy/-/N-4sr7p
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://help.target.com/help/subcategoryarticle?childcat=Current+promotions&parentcat=Promotions+%26+Coupons&searchQuery=search+help
Title: *See offer details. Restrictions apply. Pricing, promotions and availability may vary by location and at Target.com

Search URL Search Domain Scan URL

URL: https://corporate.target.com/careers/
Title: Careers

Search URL Search Domain Scan URL

URL: https://corporate.target.com/#?lnk=fnav_t_spc_1_7
Title: News & Blog

Search URL Search Domain Scan URL

URL: https://corporate.target.com/about/products-services/Target-Brands
Title: Target Brands

Search URL Search Domain Scan URL

URL: https://roundel.com/?utm_source=Referral&utm_medium=Targetwebsite&utm_campaign=advertisewithus
Title: Advertise with Us

Search URL Search Domain Scan URL

URL: https://www.bullseyeshop.com/
Title: Bullseye Shop

Search URL Search Domain Scan URL

URL: https://corporate.target.com/about/purpose-history/our-commitments/target-coronavirus-hub
Title: Target's Coronavirus Response

Search URL Search Domain Scan URL

URL: https://corporate.target.com/corporate-responsibility
Title: Corporate Responsibility

Search URL Search Domain Scan URL

URL: https://corporate.target.com/press
Title: Pressroom

Search URL Search Domain Scan URL

URL: https://investors.target.com/investors?c=65828&p=irol-IRHome
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://partners.target.com/
Title: Affiliates & Partners

Search URL Search Domain Scan URL

URL: https://corporate.target.com/about/products-services/suppliers#?lnk=fnav_t_spc_1_16
Title: Suppliers

Search URL Search Domain Scan URL

URL: https://plus.target.com/
Title: TargetPlus

Search URL Search Domain Scan URL

URL: https://help.target.com/help
Title: Target Help

Search URL Search Domain Scan URL

URL: https://help.target.com/help/productrecallpage?childcat=Product+recalls&parentcat=news+%26+safety&searchQuery=search+help
Title: Recalls

Search URL Search Domain Scan URL

URL: https://contactus.target.com/ContactUs?Con=ContactUs&searchQuery=search+help
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://help.target.com/help/subcategoryarticle?parentcat=Compliance&childcat=Accessibility&lnk=fnav_t_spc_1_21
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://security.target.com/
Title: Security & Fraud

Search URL Search Domain Scan URL

URL: https://help.target.com/help/subcategoryarticle?childcat=Size+charts&parentcat=Product+Support+%26+Services&searchQuery=search+help
Title: Size Charts

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/target

Search URL Search Domain Scan URL

URL: https://www.facebook.com/target

Search URL Search Domain Scan URL

URL: https://www.instagram.com/target

Search URL Search Domain Scan URL

URL: https://www.twitter.com/Target

Search URL Search Domain Scan URL

URL: https://www.youtube.com/target

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@target

Search URL Search Domain Scan URL

URL: https://help.target.com/help/subcategoryarticle?childcat=CA+Transparency+in+Supply+Chains+Act&parentcat=Compliance
Title: CA Supply Chain

Search URL Search Domain Scan URL

URL: http://help.target.com/help/productrecallpage?childcat=Product+recalls&parentcat=news+%26+safety&searchQuery=search+help
Title: Recalls

Search URL Search Domain Scan URL

URL: http://814146.com/
Title: 168极速赛车官方网站

Search URL Search Domain Scan URL

URL: http://es-csqz.com/
Title: 幸运飞飞艇官网开奖网址

Search URL Search Domain Scan URL

URL: http://disizm.com/
Title: 168极速赛车在线开奖官方网站

Search URL Search Domain Scan URL

URL: http://gracemanpeter.com/
Title: 澳洲幸运8开奖直播结

Search URL Search Domain Scan URL

URL: http://birthl.com/
Title: 澳洲5历史开奖记录官方网app

Search URL Search Domain Scan URL

URL: http://huawenes.com/
Title: 幸运飞艇168官方开奖网

Search URL Search Domain Scan URL

URL: http://shangmsh.com/
Title: 澳洲幸运8历史查询

Search URL Search Domain Scan URL

URL: http://yangletou.com/
Title: 一分钟极速赛车官网

Search URL Search Domain Scan URL

URL: http://trip92.com/
Title: 幸运飞艇开奖历史号码

Search URL Search Domain Scan URL

URL: http://bebsns.com/
Title: 极速赛车开奖历史记录

Search URL Search Domain Scan URL

URL: http://palmbeachstylist.com/
Title: 澳洲幸运10

Search URL Search Domain Scan URL

URL: http://azz1664blanc.com/
Title: 澳洲幸运5分彩开奖记录

Search URL Search Domain Scan URL

URL: https://dsn151.com/
Title: 彩票官网

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 50

https://gum.criteo.com/sync?c=347&r=3&a=1 HTTP 302
https://gum.criteo.com/sync?s=1&c=347&r=3&a=1

Request Chain 66

http://idx.liadm.com/idex/ie/any HTTP 308
https://idx.liadm.com/idex/ie/any

Request Chain 117

https://cdn.doubleverify.com/redirect/?host=tpsc-frc&param=akipv6&impid=7d512051528e449cb82e18d40150d502&cbust=1658251796853558 HTTP 302
https://tpsc-frc.doubleverify.com/event.png?impid=7d512051528e449cb82e18d40150d502&akipv6=2001:1b60:2:240:3247::6

Request Chain 118

https://cdn.doubleverify.com/redirect/?host=tpsc-frc&param=akipv6&impid=a14958d432014688bfdac23388f277cc&cbust=1658251796858915 HTTP 302
https://tpsc-frc.doubleverify.com/event.png?impid=a14958d432014688bfdac23388f277cc&akipv6=

155 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
heroesneverlose.com/ 383 KB
75 KB 1318ms
230ms Document
text/html 23.226.8.98
UDOMAIN-AS-AP UDo...

General

Check archive.org

Show headers Download Go to

Full URL: http://heroesneverlose.com/
Protocol: HTTP/1.1
Server: 23.226.8.98 , Hong Kong, ASN23881 (UDOMAIN-AS-AP UDomain Web Hosting Company Ltd, HK),
Reverse DNS
Software: nginx /
Resource Hash: a9dd42bf071ee7b8446dc6ec88643c23bdf86f75aa1bef96cd40c0cb9fa04ff0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Tue, 19 Jul 2022 17:29:52 GMT
ETag: W/"61d94a6c-5fdc5"
Last-Modified: Sat, 08 Jan 2022 08:25:16 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK ssx.mod0df9.js Show response
heroesneverlose.com/images/ 979 B
1 KB 271ms
267ms Script
application/javascript 23.226.8.98
UDOMAIN-AS-AP UDo...

General

Check archive.org

Show headers Download Go to

Full URL: http://heroesneverlose.com/images/ssx.mod0df9.js?async
Requested by: Host: heroesneverlose.com
URL: http://heroesneverlose.com/
Protocol: HTTP/1.1
Server: 23.226.8.98 , Hong Kong, ASN23881 (UDOMAIN-AS-AP UDomain Web Hosting Company Ltd, HK),
Reverse DNS
Software: nginx /
Resource Hash: 046792693897976abb56b2c35ff75cb9d23967689c13490f197c7283280d00d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 17:29:53 GMT
Last-Modified: Fri, 07 Jan 2022 10:47:04 GMT
Server: nginx
ETag: "61d81a28-3d3"
Content-Type: application/javascript
Cache-Control: max-age=43200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 979
Expires: Wed, 20 Jul 2022 05:29:53 GMT

GET
H/1.1 200
OK web.4aadc855.js Show response
heroesneverlose.com/images/ 167 KB
52 KB 411ms
204ms Script
application/javascript 23.226.8.98
UDOMAIN-AS-AP UDo...

General

Check archive.org

Show headers Download Go to

Full URL: http://heroesneverlose.com/images/web.4aadc855.js
Requested by: Host: heroesneverlose.com
URL: http://heroesneverlose.com/
Protocol: HTTP/1.1
Server: 23.226.8.98 , Hong Kong, ASN23881 (UDOMAIN-AS-AP UDomain Web Hosting Company Ltd, HK),
Reverse DNS
Software: nginx /
Resource Hash: 1a0a0635fb1e006c86a6829a8819d9f16c5d092bed071dd1b1936dc93ded8b7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 17:29:53 GMT
Content-Encoding: gzip
Last-Modified: Tue, 14 Dec 2021 01:13:18 GMT
Server: nginx
ETag: W/"61b7efae-29ac5"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 20 Jul 2022 05:29:53 GMT

GET
H/1.1 200
OK nicollet.0cbdb86d.js Show response
heroesneverlose.com/images/ 174 KB
51 KB 440ms
227ms Script
application/javascript 23.226.8.98
UDOMAIN-AS-AP UDo...

General

Check archive.org

Show headers Download Go to

Full URL: http://heroesneverlose.com/images/nicollet.0cbdb86d.js
Requested by: Host: heroesneverlose.com
URL: http://heroesneverlose.com/
Protocol: HTTP/1.1
Server: 23.226.8.98 , Hong Kong, ASN23881 (UDOMAIN-AS-AP UDomain Web Hosting Company Ltd, HK),
Reverse DNS
Software: nginx /
Resource Hash: 39132c14b5a679cded4d3716ce574c2fd7f7dfe195567b667f6a7ca8e09d7f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 17:29:53 GMT
Content-Encoding: gzip
Last-Modified: Tue, 14 Dec 2021 01:13:18 GMT
Server: nginx
ETag: W/"61b7efae-2b82c"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 20 Jul 2022 05:29:53 GMT

GET
H/1.1 200
OK vendor.c5fc56c9.js Show response
heroesneverlose.com/images/ 855 KB
302 KB 422ms
209ms Script
application/javascript 23.226.8.98
UDOMAIN-AS-AP UDo...

General

Check archive.org

Show headers Download Go to

Full URL: http://heroesneverlose.com/images/vendor.c5fc56c9.js
Requested by: Host: heroesneverlose.com
URL: http://heroesneverlose.com/
Protocol: HTTP/1.1
Server: 23.226.8.98 , Hong Kong, ASN23881 (UDOMAIN-AS-AP UDomain Web Hosting Company Ltd, HK),
Reverse DNS
Software: nginx /
Resource Hash: 478d0bbd46898117c0c6c969a2b02f15892f485fdf1189e615596593231b6523

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 17:29:53 GMT
Content-Encoding: gzip
Last-Modified: Tue, 14 Dec 2021 01:13:19 GMT
Server: nginx
ETag: W/"61b7efaf-d5ce5"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 20 Jul 2022 05:29:53 GMT

GET
H/1.1 200
OK client.b33bca79.js Show response
heroesneverlose.com/images/ 1 MB
428 KB 475ms
262ms Script
application/javascript 23.226.8.98
UDOMAIN-AS-AP UDo...

General

Check archive.org

Show headers Download Go to

Full URL: http://heroesneverlose.com/images/client.b33bca79.js
Requested by: Host: heroesneverlose.com
URL: http://heroesneverlose.com/
Protocol: HTTP/1.1
Server: 23.226.8.98 , Hong Kong, ASN23881 (UDOMAIN-AS-AP UDomain Web Hosting Company Ltd, HK),
Reverse DNS
Software: nginx /
Resource Hash: 90f756d8c92a5128c97bd2f9529d12aa9a389114a0a9f46440ac2ba052483626

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 17:29:53 GMT
Content-Encoding: gzip
Last-Modified: Mon, 03 Jan 2022 20:45:13 GMT
Server: nginx
ETag: W/"61d36059-171461"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 20 Jul 2022 05:29:53 GMT

GET
H/1.1 200
OK default_axiom_axiom-advanced-returns_axiom-batch_brands_gift-card_gift-card-balance_home_order-track_cf849c24.98d69e40.js Show response
heroesneverlose.com/images/ 52 KB
11 KB 514ms
243ms Script
application/javascript 23.226.8.98
UDOMAIN-AS-AP UDo...

General

Check archive.org

Show headers Download Go to

Full URL: http://heroesneverlose.com/images/default_axiom_axiom-advanced-returns_axiom-batch_brands_gift-card_gift-card-balance_home_order-track_cf849c24.98d69e40.js
Requested by: Host: heroesneverlose.com
URL: http://heroesneverlose.com/
Protocol: HTTP/1.1
Server: 23.226.8.98 , Hong Kong, ASN23881 (UDOMAIN-AS-AP UDomain Web Hosting Company Ltd, HK),
Reverse DNS
Software: nginx /
Resource Hash: e79c6e8abe5bbf62f7bdb994e8ce35dac5fa4970f8201a4b3695cb7083cffb88

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 17:29:53 GMT
Content-Encoding: gzip
Last-Modified: Tue, 14 Dec 2021 01:13:14 GMT
Server: nginx
ETag: W/"61b7efaa-cf71"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 20 Jul 2022 05:29:53 GMT

GET
H/1.1 200
OK home.6dadbe60.js Show response
heroesneverlose.com/images/ 17 KB
6 KB 622ms
206ms Script
application/javascript 23.226.8.98
UDOMAIN-AS-AP UDo...

General

Check archive.org

Show headers Download Go to

Full URL: http://heroesneverlose.com/images/home.6dadbe60.js
Requested by: Host: heroesneverlose.com
URL: http://heroesneverlose.com/
Protocol: HTTP/1.1
Server: 23.226.8.98 , Hong Kong, ASN23881 (UDOMAIN-AS-AP UDomain Web Hosting Company Ltd, HK),
Reverse DNS
Software: nginx /
Resource Hash: 54c871fcad054977c3ae7fa603a999d734dd3260d04cdbc2b997366e5c9a9410

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 17:29:53 GMT
Content-Encoding: gzip
Last-Modified: Tue, 14 Dec 2021 01:13:15 GMT
Server: nginx
ETag: W/"61b7efab-4575"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 20 Jul 2022 05:29:53 GMT

GET
H/1.1 200
OK vendors_aisles-products-container_bia-carousel_brands_cart-routing-page_choose-options-content_choos_8ac81c83.11550f16.js Show response
heroesneverlose.com/images/ 17 KB
4 KB 755ms
208ms Script
application/javascript 23.226.8.98
UDOMAIN-AS-AP UDo...

General

Check archive.org

Show headers Download Go to

Full URL: http://heroesneverlose.com/images/vendors_aisles-products-container_bia-carousel_brands_cart-routing-page_choose-options-content_choos_8ac81c83.11550f16.js
Requested by: Host: heroesneverlose.com
URL: http://heroesneverlose.com/
Protocol: HTTP/1.1
Server: 23.226.8.98 , Hong Kong, ASN23881 (UDOMAIN-AS-AP UDomain Web Hosting Company Ltd, HK),
Reverse DNS
Software: nginx /
Resource Hash: 01a93dfbac49ab4011cc775caeaacb982c7c4d99fd58881a5ca39e5f3666c5cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 17:29:53 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Dec 2021 23:01:40 GMT
Server: nginx
ETag: W/"61b13954-4589"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 20 Jul 2022 05:29:53 GMT

GET
H/1.1 200
OK vendors_aisles-products-container_beautyarcontainer_bia-carousel_bundle-filmstrip-exp-2367_cart-rout_f770c74d.003e5fd6.js Show response
heroesneverlose.com/images/ 38 KB
13 KB 830ms
208ms Script
application/javascript 23.226.8.98
UDOMAIN-AS-AP UDo...

General

Check archive.org

Show headers Download Go to

Full URL: http://heroesneverlose.com/images/vendors_aisles-products-container_beautyarcontainer_bia-carousel_bundle-filmstrip-exp-2367_cart-rout_f770c74d.003e5fd6.js
Requested by: Host: heroesneverlose.com
URL: http://heroesneverlose.com/
Protocol: HTTP/1.1
Server: 23.226.8.98 , Hong Kong, ASN23881 (UDOMAIN-AS-AP UDomain Web Hosting Company Ltd, HK),
Reverse DNS
Software: nginx /
Resource Hash: 809620cef78af3e67e7f6c3deb2919aa90d07347178bae77791a723624981ede

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 17:29:53 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Dec 2021 23:01:40 GMT
Server: nginx
ETag: W/"61b13954-9639"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 20 Jul 2022 05:29:53 GMT

GET
H/1.1 200
OK vendors_aisles-products-container_bia-carousel_choose-options-content_content_custom-plp_deal-detail_51e04b4a.e233ea5c.js Show response
heroesneverlose.com/images/ 10 KB
3 KB 1235ms
479ms Script
application/javascript 23.226.8.98
UDOMAIN-AS-AP UDo...

General

Check archive.org

Show headers Download Go to

Full URL: http://heroesneverlose.com/images/vendors_aisles-products-container_bia-carousel_choose-options-content_content_custom-plp_deal-detail_51e04b4a.e233ea5c.js
Requested by: Host: heroesneverlose.com
URL: http://heroesneverlose.com/
Protocol: HTTP/1.1
Server: 23.226.8.98 , Hong Kong, ASN23881 (UDOMAIN-AS-AP UDomain Web Hosting Company Ltd, HK),
Reverse DNS
Software: nginx /
Resource Hash: 69306c3dd976f4d8e0c29cbddd3c9ca2264ed87e829001dcd2628d4e1a030786

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 17:29:53 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Dec 2021 23:01:40 GMT
Server: nginx
ETag: W/"61b13954-28ec"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 20 Jul 2022 05:29:53 GMT

GET
H/1.1 200
OK vendors_ar-filmstrip_bulk-box_content_delivery-hub-search-modal_exp-1705_lazy-recs-component_order-l_1a340b4b.1723a01c.js Show response
heroesneverlose.com/images/ 20 KB
6 KB 1043ms
220ms Script
application/javascript 23.226.8.98
UDOMAIN-AS-AP UDo...

General

Check archive.org

Show headers Download Go to

Full URL: http://heroesneverlose.com/images/vendors_ar-filmstrip_bulk-box_content_delivery-hub-search-modal_exp-1705_lazy-recs-component_order-l_1a340b4b.1723a01c.js
Requested by: Host: heroesneverlose.com
URL: http://heroesneverlose.com/
Protocol: HTTP/1.1
Server: 23.226.8.98 , Hong Kong, ASN23881 (UDOMAIN-AS-AP UDomain Web Hosting Company Ltd, HK),
Reverse DNS
Software: nginx /
Resource Hash: 733daa7484751548c4eec2749ef727cf72da020952bd868f6b7c78fb7564be88

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 17:29:53 GMT
Content-Encoding: gzip
Last-Modified: Wed, 11 Aug 2021 19:47:26 GMT
Server: nginx
ETag: W/"6114294e-50e4"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 20 Jul 2022 05:29:53 GMT

GET
H/1.1 200
OK content.f787458e.js Show response
heroesneverlose.com/images/ 417 KB
120 KB 1045ms
213ms Script
application/javascript 23.226.8.98
UDOMAIN-AS-AP UDo...

General

Check archive.org

Show headers Download Go to

Full URL: http://heroesneverlose.com/images/content.f787458e.js
Requested by: Host: heroesneverlose.com
URL: http://heroesneverlose.com/
Protocol: HTTP/1.1
Server: 23.226.8.98 , Hong Kong, ASN23881 (UDOMAIN-AS-AP UDomain Web Hosting Company Ltd, HK),
Reverse DNS
Software: nginx /
Resource Hash: ddbbac1ac090468fa41ce9b50b5c4bd86435866bd7cc1a0ead560ca55733e56f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 17:29:53 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Dec 2021 18:32:53 GMT
Server: nginx
ETag: W/"61bb8655-685fa"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 20 Jul 2022 05:29:53 GMT

GET
H/1.1 200
OK default_ar-filmstrip_bulk-box_exp-1705_lazy-recs-component_recently-viewed_sapphire-2527-personalize_46dcc199.f96801dc.js Show response
heroesneverlose.com/images/ 22 KB
8 KB 1060ms
213ms Script
application/javascript 23.226.8.98
UDOMAIN-AS-AP UDo...

General

Check archive.org

Show headers Download Go to

Full URL: http://heroesneverlose.com/images/default_ar-filmstrip_bulk-box_exp-1705_lazy-recs-component_recently-viewed_sapphire-2527-personalize_46dcc199.f96801dc.js
Requested by: Host: heroesneverlose.com
URL: http://heroesneverlose.com/
Protocol: HTTP/1.1
Server: 23.226.8.98 , Hong Kong, ASN23881 (UDOMAIN-AS-AP UDomain Web Hosting Company Ltd, HK),
Reverse DNS
Software: nginx /
Resource Hash: afe7c81e459667fb7addee71da365e8941bfa065e63438018d861351cfc0d33d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 17:29:54 GMT
Content-Encoding: gzip
Last-Modified: Fri, 12 Nov 2021 18:03:43 GMT
Server: nginx
ETag: W/"618eac7f-57d2"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 20 Jul 2022 05:29:54 GMT

GET
H/1.1 200
OK default_sapphire-2527-personalized-ugc-home_sapphire-2528-personalized-ugc-category_ugc-content.30e5b312.js Show response
heroesneverlose.com/images/ 15 KB
5 KB 1255ms
206ms Script
application/javascript 23.226.8.98
UDOMAIN-AS-AP UDo...

General

Check archive.org

Show headers Download Go to

Full URL: http://heroesneverlose.com/images/default_sapphire-2527-personalized-ugc-home_sapphire-2528-personalized-ugc-category_ugc-content.30e5b312.js
Requested by: Host: heroesneverlose.com
URL: http://heroesneverlose.com/
Protocol: HTTP/1.1
Server: 23.226.8.98 , Hong Kong, ASN23881 (UDOMAIN-AS-AP UDomain Web Hosting Company Ltd, HK),
Reverse DNS
Software: nginx /
Resource Hash: 0a81ea919d1a25e409516fd6518af325fde9d7718e6dc84c38fb696c607ef0d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 17:29:54 GMT
Content-Encoding: gzip
Last-Modified: Fri, 03 Dec 2021 01:46:56 GMT
Server: nginx
ETag: W/"61a97710-3b52"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 20 Jul 2022 05:29:54 GMT

GET
H/1.1 200
OK ugc-content.d57b9380.js Show response
heroesneverlose.com/images/ 57 KB
17 KB 1270ms
206ms Script
application/javascript 23.226.8.98
UDOMAIN-AS-AP UDo...

General

Check archive.org

Show headers Download Go to

Full URL: http://heroesneverlose.com/images/ugc-content.d57b9380.js
Requested by: Host: heroesneverlose.com
URL: http://heroesneverlose.com/
Protocol: HTTP/1.1
Server: 23.226.8.98 , Hong Kong, ASN23881 (UDOMAIN-AS-AP UDomain Web Hosting Company Ltd, HK),
Reverse DNS
Software: nginx /
Resource Hash: 9bb440bbe7f4688873a86d4b9c1dc1db13cc57210b365b269a38febbc8510ce3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 17:29:54 GMT
Content-Encoding: gzip
Last-Modified: Tue, 14 Dec 2021 01:13:16 GMT
Server: nginx
ETag: W/"61b7efac-e3c8"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 20 Jul 2022 05:29:54 GMT

GET
H/1.1 200
OK 2er.js Show response
bd51static.com/ 1 KB
1 KB 93ms
54ms Script
application/javascript 2606:4700:3037::ac43:c2db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://bd51static.com/2er.js
Requested by: Host: heroesneverlose.com
URL: http://heroesneverlose.com/
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:c2db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c3c6f6caa770ec53b05be3f22fe90bbe8f46545e2e554b1815b41658b491412

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 17:29:53 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 38121
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Thu, 16 Dec 2021 08:57:28 GMT
Server: cloudflare
ETag: W/"61baff78-456"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BUxuLGEAWCVez0n3vBCuP91%2BnsJJrRRj4T0ZtBYSHKcc0E%2BTvGSFORWyVc165U3x%2F9CdkJkyqlJCHseFW8%2FpZmto7tZ5JlzMHQ25fWj2cBlHuOVpKH42Kof%2F3RT6sabxMX5Ih%2Bf7k013d5TtEg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=43200
CF-RAY: 72d52e8ae9519244-FRA
Expires: Tue, 19 Jul 2022 18:54:32 GMT

GET
H/1.1 200
OK 0zq.js Show response
bd51static.com/ 554 B
1 KB 72ms
34ms Script
application/javascript 2606:4700:3037::ac43:c2db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://bd51static.com/0zq.js
Requested by: Host: heroesneverlose.com
URL: http://heroesneverlose.com/
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:c2db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e282ece85fdead2331e1d46c6ae38d8c3a82efa65496425b75de473ff1ae310

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 17:29:53 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 7597
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Thu, 16 Dec 2021 08:54:31 GMT
Server: cloudflare
ETag: W/"61bafec7-22a"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B0Yh%2FLtc1iijYg17IFjliEIiJtCmlCGTrhWY3Q3oIhDMK5fc6tGZMTXjIgZ3Ihwou%2B%2F3naZU%2BkGGzeJpTCKSM%2BSY2fHV29dNz7r%2BJe4t8ccBwAS2f%2B03pND7lhLhlMv40AqKKUpD7OrE4IbwMg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=43200
CF-RAY: 72d52e8ae9519b70-FRA
Expires: Wed, 20 Jul 2022 03:23:16 GMT

GET
H/1.1 200
OK 000zq.js Show response
bd51static.com/ 554 B
1 KB 78ms
40ms Script
application/javascript 2606:4700:3037::ac43:c2db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://bd51static.com/000zq.js
Requested by: Host: heroesneverlose.com
URL: http://heroesneverlose.com/
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:c2db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e7c94d6bc1fa1836b7656846998a9924de3741de5c9980fc08087a28020915c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 17:29:53 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 2666
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Thu, 16 Dec 2021 08:56:35 GMT
Server: cloudflare
ETag: W/"61baff43-22a"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HAO0aSeCW44sP2WXP02cB2H55kxNjwz%2B%2FPS18NB61DXddRuKemsLbauEojIsMC9eHdsQcWh1R0po9M7hkFmKy85FRz3sdIriPvmkUoYkaijHf3yvM5nFZCzABRTwfB8B%2F0HbrGioyKWPLd2maA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=43200
CF-RAY: 72d52e8aed9a5c3e-FRA
Expires: Wed, 20 Jul 2022 04:45:27 GMT

GET
H/1.1 200
OK main.js Show response
heroesneverlose.com/ 1 KB
908 B 1457ms
223ms Script
application/javascript 23.226.8.98
UDOMAIN-AS-AP UDo...

General

Check archive.org

Show headers Download Go to

Full URL: http://heroesneverlose.com/main.js
Requested by: Host: heroesneverlose.com
URL: http://heroesneverlose.com/
Protocol: HTTP/1.1
Server: 23.226.8.98 , Hong Kong, ASN23881 (UDOMAIN-AS-AP UDomain Web Hosting Company Ltd, HK),
Reverse DNS
Software: nginx /
Resource Hash: c939f66194c0917a84cf4bc054dd45a575f9b7b219b4127fe3915681c8bfd81f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 17:29:54 GMT
Content-Encoding: gzip
Last-Modified: Sat, 30 Apr 2022 03:56:40 GMT
Server: nginx
ETag: W/"626cb378-485"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 20 Jul 2022 05:29:54 GMT

GET
H/1.1 200
OK js-sdk-pro.min.js Show response
sdk.51.la/ 34 KB
13 KB 230ms
112ms Script
application/javascript 47.253.50.2
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: http://sdk.51.la/js-sdk-pro.min.js
Requested by: Host: heroesneverlose.com
URL: http://heroesneverlose.com/
Protocol: HTTP/1.1
Server: 47.253.50.2 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: openresty /
Resource Hash: d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 17:29:54 GMT
Content-Encoding: gzip
Last-Modified: Fri, 15 Jul 2022 04:05:56 GMT
Server: openresty
ETag: W/"62d0e7a4-861a"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=1296000
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H2 200 Wellness_Grid_Desktop-211209-1639077974803
target.scene7.com/is/image/Target/ 164 KB
164 KB 295ms
222ms Image
image/jpeg 2a02:26f0:3500:596::9b6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://target.scene7.com/is/image/Target/Wellness_Grid_Desktop-211209-1639077974803?wid=2160&qlt=80&fmt=pjpeg

Requested by

Host: heroesneverlose.com
URL: http://heroesneverlose.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:596::9b6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

01f555cd17b43727b8cc4cd18dedd0e733f66e5dddee1a28b002f6cf694e8836

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 17:29:54 GMT
last-modified: Thu, 09 Dec 2021 19:26:18 GMT
server: Unknown
etag: "43542a7f07fc0406649f7f1d7f144cb5"
strict-transport-security: max-age=86400
content-type: image/jpeg
access-control-allow-origin: *
content-length: 167522
expires: Wed, 20 Jul 2022 03:29:54 GMT

GET
H2 200 Wellness_SB_AIM_Djpgcopy_T-211222-1640196459617
target.scene7.com/is/image/Target/ 20 KB
20 KB 223ms
150ms Image
image/jpeg 2a02:26f0:3500:596::9b6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://target.scene7.com/is/image/Target/Wellness_SB_AIM_Djpgcopy_T-211222-1640196459617?wid=526&qlt=80&fmt=pjpeg

Requested by

Host: heroesneverlose.com
URL: http://heroesneverlose.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:596::9b6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

d2d6d7749d15f49caeb37cfc4170ce1d61e823627a36e7f349defd2429089646

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 17:29:54 GMT
last-modified: Wed, 22 Dec 2021 18:07:42 GMT
server: Unknown
etag: "cb744562c6ea8715497b5ac6a367f87c"
strict-transport-security: max-age=86400
content-type: image/jpeg
access-control-allow-origin: *
content-length: 20563
expires: Wed, 20 Jul 2022 03:29:54 GMT

GET
H2 200 Wellness_SB_AIM_Djpg_T-211222-1640196471023
target.scene7.com/is/image/Target/ 20 KB
20 KB 349ms
276ms Image
image/jpeg 2a02:26f0:3500:596::9b6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://target.scene7.com/is/image/Target/Wellness_SB_AIM_Djpg_T-211222-1640196471023?wid=526&qlt=80&fmt=pjpeg

Requested by

Host: heroesneverlose.com
URL: http://heroesneverlose.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:596::9b6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

2dd509be95d1bc89631a970c86f557f2c482ec5c42a8c3ec815b57dbd9358bea

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 17:29:54 GMT
last-modified: Wed, 22 Dec 2021 18:08:00 GMT
server: Unknown
etag: "161947fee68471a29e44483156f0f8d8"
strict-transport-security: max-age=86400
content-type: image/jpeg
access-control-allow-origin: *
content-length: 20323
expires: Wed, 20 Jul 2022 03:29:54 GMT

GET
H2 200 Wellness_SB_Fitness_Djpg-211227-1640624407360
target.scene7.com/is/image/Target/ 16 KB
16 KB 370ms
297ms Image
image/jpeg 2a02:26f0:3500:596::9b6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://target.scene7.com/is/image/Target/Wellness_SB_Fitness_Djpg-211227-1640624407360?wid=526&qlt=80&fmt=pjpeg

Requested by

Host: heroesneverlose.com
URL: http://heroesneverlose.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:596::9b6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

0cf298905a6876b2243e3e4c09127a089c1728d910bf171ac8bf1c5d4b954df8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 17:29:54 GMT
last-modified: Mon, 27 Dec 2021 17:00:10 GMT
server: Unknown
etag: "c14c736fe1a6949b034dabe8684e83f0"
strict-transport-security: max-age=86400
content-type: image/jpeg
access-control-allow-origin: *
content-length: 16090
expires: Wed, 20 Jul 2022 03:29:54 GMT

GET
H2 200 Wellness_SB_Nutrition_Djpg_T-211222-1640196488253
target.scene7.com/is/image/Target/ 26 KB
26 KB 266ms
194ms Image
image/jpeg 2a02:26f0:3500:596::9b6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://target.scene7.com/is/image/Target/Wellness_SB_Nutrition_Djpg_T-211222-1640196488253?wid=526&qlt=80&fmt=pjpeg

Requested by

Host: heroesneverlose.com
URL: http://heroesneverlose.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:596::9b6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

03b314f0ccde18fc10dee3b6359c0fd3cba040c776d9c9a2adc95b74531566d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 17:29:54 GMT
last-modified: Wed, 22 Dec 2021 18:08:15 GMT
server: Unknown
etag: "5dc4d78f7746f02c7bc3777f5eb6a551"
strict-transport-security: max-age=86400
content-type: image/jpeg
access-control-allow-origin: *
content-length: 26139
expires: Wed, 20 Jul 2022 03:29:54 GMT

GET
H2 404 ssx.mod.js
assets.targetimg1.com/ssx/ 0
0 189ms
122ms Script
text/plain 151.101.130.180
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.targetimg1.com/ssx/ssx.mod.js?seed=AECMFjR-AQAAhggUdc5Uq1I2H4xPHGnEHy94eOfqvC0XodhG72TWirfXhLs0&X-GyJwza5Z--z=q

Requested by

Host: heroesneverlose.com
URL: http://heroesneverlose.com/images/ssx.mod0df9.js?async

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.180 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

clientgeo: DE
date: Tue, 19 Jul 2022 17:29:54 GMT
age: 0
accept-ranges: bytes
clientip: 217.114.218.19
vary: Accept-Encoding
content-type: text/plain; charset=UTF-8
strict-transport-security: max-age=31536000; includeSubDomains
x-ssx-hop: 1
content-length: 0

GET
H2 200 index.html Show response
www.168xykai.com/webapp/html/aozxy5/ Frame 30E2 34 KB
8 KB 1138ms
558ms Document
text/html 35.215.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.168xykai.com/webapp/html/aozxy5/index.html

Requested by

Host: heroesneverlose.com
URL: http://heroesneverlose.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.215.138.177 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

84b939d80ed9f3f746372a752072f8f1f277c73e726b52c09341e42425b84b7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://heroesneverlose.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Tue, 19 Jul 2022 17:29:55 GMT
etag: W/"621587ca-891d"
last-modified: Wed, 23 Feb 2022 01:03:06 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET 99ecc614-958b-457a-be15-01e00c53057A.woff2
assets.targetimg1.com/ui/fonts/ 0
0

GET
DATA 200
OK truncated
/ 736 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc3b0b231b86320752165cde270fb8d7ecce1f2e40b1fb8a64965c30da33e131

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=US-ASCII

GET 3420ab8a-6ccf-4c75-9da7-efe26f1cedAA.woff2
assets.targetimg1.com/ui/fonts/ 0
0

GET 273cae72-9365-49ab-b24f-5d8e2d5e733A.woff2
assets.targetimg1.com/ui/fonts/ 0
0

GET 99ecc614-958b-457a-be15-01e00c53057A.woff
assets.targetimg1.com/ui/fonts/ 0
0

GET 3420ab8a-6ccf-4c75-9da7-efe26f1cedAA.woff
assets.targetimg1.com/ui/fonts/ 0
0

GET 273cae72-9365-49ab-b24f-5d8e2d5e733A.woff
assets.targetimg1.com/ui/fonts/ 0
0

OPTIONS
H2 403 MEDALLIA
api.target.com/guest_global_content/v1/structured_content/ Frame 0
0 222ms
213ms Preflight 151.101.130.180
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.target.com/guest_global_content/v1/structured_content/MEDALLIA

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.180 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains;

Request headers

Accept: */*
Access-Control-Request-Headers: x-api-key
Access-Control-Request-Method: GET
Origin: http://heroesneverlose.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

accept-ranges: bytes
content-length: 0
date: Tue, 19 Jul 2022 17:29:55 GMT
strict-transport-security: max-age=16000000; includeSubDomains;
via: HTTP/1.1 Go-Proxy (Go-Proxy/2.12.3), HTTP/1.1 haproxy (api-platform), 1.1 varnish
x-api-id: cff807298246ac5cd420eb56816d3f5d46f61b1571403e64f6de0665a4800a4b
x-b3-sampled: 0
x-b3-spanid: c3b4c7f40a49aeba
x-b3-traceid: a4097009dc6f88a459db39f0648c5c08
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-hhn4052-HHN
x-timer: S1658251795.215845,VS0,VE127

GET 99ecc614-958b-457a-be15-01e00c53057A.woff2
assets.targetimg1.com/ui/fonts/ 0
0

GET 52404
redsky.target.com/v3/stores/nearby/ 0
0

GET
H2 200 vendors~shipt-tip-drawer.4adba80b.js Show response
assets.targetimg1.com/ui/ 48 KB
12 KB 394ms
394ms Script
application/javascript 151.101.130.180
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.targetimg1.com/ui/vendors~shipt-tip-drawer.4adba80b.js

Requested by

Host: heroesneverlose.com
URL: http://heroesneverlose.com/images/client.b33bca79.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.180 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

beda50ffb37380e9bc0b802c16c12befd80cc200158460be51dea369d46f1e59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

clientgeo: DE
date: Tue, 19 Jul 2022 17:29:55 GMT
content-encoding: br
last-modified: Tue, 14 Dec 2021 01:13:22 GMT
server: UploadServer
age: 0
etag: "a9c9c14ff36b76c9ddb62d721e0be71c"
clientip: 217.114.218.19
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 11689

GET
H2 200 shipt-tip-drawer.eb049671.js Show response
assets.targetimg1.com/ui/ 45 KB
12 KB 400ms
400ms Script
application/javascript 151.101.130.180
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.targetimg1.com/ui/shipt-tip-drawer.eb049671.js

Requested by

Host: heroesneverlose.com
URL: http://heroesneverlose.com/images/client.b33bca79.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.180 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

31b9ee97691d5c575c28a17402684407a2783e32d14b7683769046ab290c6a60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

clientgeo: DE
date: Tue, 19 Jul 2022 17:29:55 GMT
content-encoding: br
last-modified: Tue, 14 Dec 2021 01:13:21 GMT
server: UploadServer
age: 0
etag: "a4aad1c7208faf9c8df34dd6249b6eb8"
clientip: 217.114.218.19
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 12665

GET
H2 200 vendors~lazy-footer.71ad5748.js Show response
assets.targetimg1.com/ui/ 73 KB
20 KB 402ms
402ms Script
application/javascript 151.101.130.180
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.targetimg1.com/ui/vendors~lazy-footer.71ad5748.js

Requested by

Host: heroesneverlose.com
URL: http://heroesneverlose.com/images/client.b33bca79.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.180 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

78c32fe5f5d69190c29668c1e72dceaf733f582165a1e89f58ff7d66108862ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

clientgeo: DE
date: Tue, 19 Jul 2022 17:29:55 GMT
content-encoding: br
last-modified: Tue, 14 Dec 2021 01:13:23 GMT
server: UploadServer
age: 0
etag: "97d8d34d4bc250692e56c97280c4c6c9"
clientip: 217.114.218.19
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 20094

GET
H2 200 lazy-footer.e1809ae3.js Show response
assets.targetimg1.com/ui/ 842 B
562 B 391ms
390ms Script
application/javascript 151.101.130.180
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.targetimg1.com/ui/lazy-footer.e1809ae3.js

Requested by

Host: heroesneverlose.com
URL: http://heroesneverlose.com/images/client.b33bca79.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.180 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

a6dd77ecea1a7beda91ec84889673721d83a12a946879fc4c4cba442ab2ecf14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

clientgeo: DE
date: Tue, 19 Jul 2022 17:29:55 GMT
content-encoding: br
last-modified: Thu, 21 Oct 2021 17:28:32 GMT
server: UploadServer
age: 0
etag: "3aec0ddbe604ae22b5050cf4a9184da5"
clientip: 217.114.218.19
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 476

GET
H2 200 crush-redirect-handler.f40ba832.js Show response
assets.targetimg1.com/ui/ 3 KB
1 KB 472ms
472ms Script
application/javascript 151.101.130.180
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.targetimg1.com/ui/crush-redirect-handler.f40ba832.js

Requested by

Host: heroesneverlose.com
URL: http://heroesneverlose.com/images/client.b33bca79.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.180 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

91ace93a65853b38d31565f87bc6c7cb45a675f938b771fc72bdb05804968c89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

clientgeo: DE
date: Tue, 19 Jul 2022 17:29:55 GMT
content-encoding: br
last-modified: Wed, 08 Dec 2021 23:01:45 GMT
server: UploadServer
age: 0
etag: "a189653da55c87300ea703c71e2378aa"
clientip: 217.114.218.19
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1418

GET
H/1.1 200
OK 189336-210459012582455.js Show response
js-sec.indexww.com/ht/p/ 109 KB
33 KB 107ms
30ms Script
text/javascript 23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/189336-210459012582455.js
Requested by: Host: heroesneverlose.com
URL: http://heroesneverlose.com/images/client.b33bca79.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 1658f2df4d6ecec829a89fd58160c8c607b0be2b041799df9c06e11fffa7014b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 17:29:55 GMT
Content-Encoding: gzip
Last-Modified: Tue, 19 Jul 2022 17:21:52 GMT
Server: Apache
ETag: "da16fb-1b206-5e42bb869cd5a"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3399
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 33120
Expires: Tue, 19 Jul 2022 18:26:34 GMT

GET MEDALLIA
api.target.com/guest_global_content/v1/structured_content/ 0
0

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ 83 KB
28 KB 59ms
34ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: heroesneverlose.com
URL: http://heroesneverlose.com/images/vendor.c5fc56c9.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0947539230d06a28da12e2b924b539011bdfbfab8e9c53f7719bb9767eb749a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 17:29:55 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "1277 / 410 of 1000 / last-modified: 1658228785"
Vary: Accept-Encoding
Report-To: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Content-Length: 28491
X-XSS-Protection: 0
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="ads-gpt-scs"
Expires: Tue, 19 Jul 2022 17:29:55 GMT

GET
H2 200 atdfm.72dbf2eb.js Show response
assets.targetimg1.com/ui/ 25 KB
12 KB 436ms
435ms Script
application/javascript 151.101.130.180
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.targetimg1.com/ui/atdfm.72dbf2eb.js

Requested by

Host: heroesneverlose.com
URL: http://heroesneverlose.com/images/client.b33bca79.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.180 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

b172da75fa18117aa61bec83dda67860e78a53340456a940eaf3167c0a205a48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

clientgeo: DE
date: Tue, 19 Jul 2022 17:29:55 GMT
content-encoding: br
last-modified: Thu, 18 Nov 2021 22:14:54 GMT
server: UploadServer
age: 0
etag: "4c13ec0dcb47b5b7f909ede46849f2c6"
clientip: 217.114.218.19
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 11932

GET v1
redoak.target.com/content-publish/pages/ 0
0

GET v2
typeahead.target.com/autocomplete/TypeAheadSearch/ 0
0

GET
H2 200 tp-rules-react.json Show response
taglocker.target.com/tag-locker-config/ 105 B
703 B 160ms
152ms Fetch
application/json 151.101.130.180
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://taglocker.target.com/tag-locker-config/tp-rules-react.json
Requested by: Host: heroesneverlose.com
URL: http://heroesneverlose.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.180 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 16e939f8b7ed5985fd8f6ce1937f481917afc14c52ee75c1546213e52f510a78

Request headers

Accept: application/json
Referer: http://heroesneverlose.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

clientgeo: DE
date: Tue, 19 Jul 2022 17:29:55 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1620226525
age: 2107
x-guploader-uploadid: ADPycdtRAKUL7EEdtdIyfPTD-wu1MGDG9e8lVufzPTByPWr145Gb9bbR-L1-EeGkgZmSYW7yeb0PmNYAFqaz9NXbDpuKXw
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 106
via: 1.1 varnish
x-served-by: cache-hhn4052-HHN
last-modified: Wed, 05 May 2021 14:55:30 GMT
server: UploadServer
x-timer: S1658251795.274772,VS0,VE1
etag: "451e7f9a4a8d7585a743e0abff41795b"
clientip: 217.114.218.19
vary: Accept-Encoding,Origin
x-goog-hash: crc32c=oRvWIQ==, md5=RR5/mkqNdYWnQ+Cr/0F5Ww==
x-goog-generation: 1620226530739747
access-control-allow-origin: http://heroesneverlose.com
expires: Sun, 17 Jul 2022 04:59:40 GMT
cache-control: public, max-age=3600
x-goog-stored-content-length: 105
accept-ranges: bytes
content-type: application/json
x-cache-hits: 1

GET
H2 200 rules-react.json Show response
taglocker.target.com/tag-locker-config/ 5 KB
961 B 161ms
153ms Fetch
application/json 151.101.130.180
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://taglocker.target.com/tag-locker-config/rules-react.json
Requested by: Host: heroesneverlose.com
URL: http://heroesneverlose.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.180 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: c1aa9f948b6d1336bbcc6970af451432da85643c3136a7c5ebee7ddb61af9c64

Request headers

Accept: application/json
Referer: http://heroesneverlose.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

clientgeo: DE
date: Tue, 19 Jul 2022 17:29:55 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1620226525
age: 2728
x-guploader-uploadid: ADPycdsRJu4MyFrbydeIhBVwIJ5q1IfKFuUVxa_jEHQ1Eq1sJY2-GtQunm55rmtl8dsB0spKIYaRa5te77OkWE4DqKJltL5Ba38m
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 651
via: 1.1 varnish
x-served-by: cache-hhn4052-HHN
last-modified: Wed, 05 May 2021 14:55:30 GMT
server: UploadServer
x-timer: S1658251795.274800,VS0,VE1
etag: "f6a75d588a7a84649133f69c8a1d62aa"
clientip: 217.114.218.19
vary: Accept-Encoding,Origin
x-goog-hash: crc32c=xdwMsQ==, md5=9qddWIp6hGSRM/acih1iqg==
x-goog-generation: 1620226530747805
access-control-allow-origin: http://heroesneverlose.com
expires: Mon, 11 Jul 2022 10:25:26 GMT
cache-control: public, max-age=3600
x-goog-stored-content-length: 5455
accept-ranges: bytes
content-type: application/json
x-cache-hits: 1

GET
H2

200

sync Show response
gum.criteo.com/
Redirect Chain

https://gum.criteo.com/sync?c=347&r=3&a=1
https://gum.criteo.com/sync?s=1&c=347&r=3&a=1

59 B
377 B

288ms
288ms

Fetch
application/json

2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?s=1&c=347&r=3&a=1

Requested by

Host: heroesneverlose.com
URL: http://heroesneverlose.com/

Protocol

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

b4b614943ff651db6f501b9ca03fc94abaf5d5d3f649fbe3eaf5fd4005db7609

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 17:29:54 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: http://heroesneverlose.com
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4031
strict-transport-security: max-age=31536000; preload;

Redirect headers

date: Tue, 19 Jul 2022 17:29:54 GMT
location: /sync?s=1&c=347&r=3&a=1
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
access-control-allow-origin: http://heroesneverlose.com
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4063
content-length: 152

GET v1
redoak.target.com/content-publish/pages/ 0
0

GET
H/1.1 404
Not Found 02af86f652c55c872fd6.worker.js
heroesneverlose.com/assets/ 548 B
696 B 1174ms
1173ms Other
text/html 23.226.8.98
UDOMAIN-AS-AP UDo...

General

Check archive.org

Show headers Download Go to

Full URL: http://heroesneverlose.com/assets/02af86f652c55c872fd6.worker.js
Requested by: Host: heroesneverlose.com
URL: http://heroesneverlose.com/
Protocol: HTTP/1.1
Server: 23.226.8.98 , Hong Kong, ASN23881 (UDOMAIN-AS-AP UDomain Web Hosting Company Ltd, HK),
Reverse DNS
Software: nginx /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 17:29:55 GMT
Server: nginx
Connection: keep-alive
Content-Length: 548
Content-Type: text/html

GET preferred_stores
api.target.com/location_fulfillment_aggregations/v1/ 0
0

POST client_tokens
gsp.target.com/gsp/oauth_tokens/v2/ 0
0

OPTIONS
H2 403 client_tokens
gsp.target.com/gsp/oauth_tokens/v2/ Frame 0
0 30ms
21ms Preflight 151.101.130.180
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://gsp.target.com/gsp/oauth_tokens/v2/client_tokens

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.180 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.target.com https://.targetimg1.com https://.tgtneptune.com https://.scene7.com; style-src 'self' 'unsafe-inline'; script-src 'self' https://.target.com https://.targetimg1.com https://cdn.userreplay.net https://.scene7.com 'unsafe-inline'; img-src 'self' data: https://.target.com https://.targetimg1.com https://.scene7.com; frame-src 'self' https://.target.com https://.targetimg1.com https://.scene7.com; frame-ancestors 'self' https://.target.com https://.targetimg1.com https://.scene7.com; connect-src 'self' https://.target.com https://.targetimg1.com https://ur-ikoley.userreplay.net https://cdn.userreplay.net https://.scene7.com https://.zeronaught.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://heroesneverlose.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: no-store
clientgeo: DE
clientip: 217.114.218.19
content-length: 0
content-security-policy: default-src 'self' https://*.target.com https://*.targetimg1.com https://*.tgtneptune.com https://*.scene7.com; style-src 'self' 'unsafe-inline'; script-src 'self' https://*.target.com https://*.targetimg1.com https://cdn.userreplay.net https://*.scene7.com 'unsafe-inline'; img-src 'self' data: https://*.target.com https://*.targetimg1.com https://*.scene7.com; frame-src 'self' https://*.target.com https://*.targetimg1.com https://*.scene7.com; frame-ancestors 'self' https://*.target.com https://*.targetimg1.com https://*.scene7.com; connect-src 'self' https://*.target.com https://*.targetimg1.com https://ur-ikoley.userreplay.net https://cdn.userreplay.net https://*.scene7.com https://*.zeronaught.com;
date: Tue, 19 Jul 2022 17:29:55 GMT
referrer-policy: no-referrer-when-downgrade
retry-after: 0
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

POST
H/1.1 200 collect Show response
collect-v6.51.la/v6/ 0
401 B 531ms
248ms XHR
text/plain 183.131.207.66
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to

Full URL: http://collect-v6.51.la/v6/collect?dt=4
Requested by: Host: heroesneverlose.com
URL: http://heroesneverlose.com/
Protocol: HTTP/1.1
Server: 183.131.207.66 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: CloudWAF /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Origin: http://heroesneverlose.com
Date: Tue, 19 Jul 2022 17:29:56 GMT
Access-Control-Allow-Credentials: true
Server: CloudWAF
Connection: keep-alive
Content-Length: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

POST
H/1.1 200 collect Show response
collect-v6.51.la/v6/ 0
400 B 1436ms
1129ms XHR
text/plain 183.131.207.66
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to

Full URL: http://collect-v6.51.la/v6/collect?dt=4
Requested by: Host: heroesneverlose.com
URL: http://heroesneverlose.com/
Protocol: HTTP/1.1
Server: 183.131.207.66 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: CloudWAF /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Origin: http://heroesneverlose.com
Date: Tue, 19 Jul 2022 17:29:56 GMT
Access-Control-Allow-Credentials: true
Server: CloudWAF
Connection: keep-alive
Content-Length: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

POST
H/1.1 200 collect Show response
collect-v6.51.la/v6/ 0
401 B 1379ms
1075ms XHR
text/plain 183.131.207.66
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to

Full URL: http://collect-v6.51.la/v6/collect?dt=4
Requested by: Host: heroesneverlose.com
URL: http://heroesneverlose.com/
Protocol: HTTP/1.1
Server: 183.131.207.66 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: CloudWAF /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Origin: http://heroesneverlose.com
Date: Tue, 19 Jul 2022 17:29:57 GMT
Access-Control-Allow-Credentials: true
Server: CloudWAF
Connection: keep-alive
Content-Length: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

POST
H/1.1 200 collect Show response
collect-v6.51.la/v6/ 0
401 B 606ms
311ms XHR
text/plain 183.131.207.66
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to

Full URL: http://collect-v6.51.la/v6/collect?dt=4
Requested by: Host: heroesneverlose.com
URL: http://heroesneverlose.com/
Protocol: HTTP/1.1
Server: 183.131.207.66 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: CloudWAF /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Origin: http://heroesneverlose.com
Date: Tue, 19 Jul 2022 17:29:56 GMT
Access-Control-Allow-Credentials: true
Server: CloudWAF
Connection: keep-alive
Content-Length: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

POST client_tokens
gsp.target.com/gsp/oauth_tokens/v2/ 0
0

OPTIONS
H2 403 client_tokens
gsp.target.com/gsp/oauth_tokens/v2/ Frame 0
0 21ms
21ms Preflight 151.101.130.180
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://gsp.target.com/gsp/oauth_tokens/v2/client_tokens

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.180 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.target.com https://.targetimg1.com https://.tgtneptune.com https://.scene7.com; style-src 'self' 'unsafe-inline'; script-src 'self' https://.target.com https://.targetimg1.com https://cdn.userreplay.net https://.scene7.com 'unsafe-inline'; img-src 'self' data: https://.target.com https://.targetimg1.com https://.scene7.com; frame-src 'self' https://.target.com https://.targetimg1.com https://.scene7.com; frame-ancestors 'self' https://.target.com https://.targetimg1.com https://.scene7.com; connect-src 'self' https://.target.com https://.targetimg1.com https://ur-ikoley.userreplay.net https://cdn.userreplay.net https://.scene7.com https://.zeronaught.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://heroesneverlose.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: no-store
clientgeo: DE
clientip: 217.114.218.19
content-length: 0
content-security-policy: default-src 'self' https://*.target.com https://*.targetimg1.com https://*.tgtneptune.com https://*.scene7.com; style-src 'self' 'unsafe-inline'; script-src 'self' https://*.target.com https://*.targetimg1.com https://cdn.userreplay.net https://*.scene7.com 'unsafe-inline'; img-src 'self' data: https://*.target.com https://*.targetimg1.com https://*.scene7.com; frame-src 'self' https://*.target.com https://*.targetimg1.com https://*.scene7.com; frame-ancestors 'self' https://*.target.com https://*.targetimg1.com https://*.scene7.com; connect-src 'self' https://*.target.com https://*.targetimg1.com https://ur-ikoley.userreplay.net https://cdn.userreplay.net https://*.scene7.com https://*.zeronaught.com;
date: Tue, 19 Jul 2022 17:29:55 GMT
referrer-policy: no-referrer-when-downgrade
retry-after: 0
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 pubads_impl_2022071401.js Show response
securepubads.g.doubleclick.net/gpt/ 377 KB
129 KB 134ms
57ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

fe7bd8cacf9680625b7da9649a92bee8ab705909190040bad2396b2d6ca9436e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 16:51:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2294
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131659
x-xss-protection: 0
last-modified: Thu, 14 Jul 2022 08:36:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 19 Jul 2023 16:51:41 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 41 B
691 B 133ms
57ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=heroesneverlose.com

Requested by

Host: heroesneverlose.com
URL: http://heroesneverlose.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

0a51a3cbb5360477da05fb14837f3aec71db6b3ae7e6ff842ce6d63a0b038a31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 19 Jul 2022 17:29:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55
x-xss-protection: 0
expires: Tue, 19 Jul 2022 17:29:55 GMT

GET
H2 200 / Show response
staging-ps.ispot.tv/TC-3298-1/ 146 B
430 B 1092ms
22ms Fetch
application/json 151.101.2.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://staging-ps.ispot.tv/TC-3298-1/
Requested by: Host: heroesneverlose.com
URL: http://heroesneverlose.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1a3f16f108ac724c7589e24ea3a51b1042d0b910dc3bb22f651a073454061040

Request headers

Accept: application/json
Referer: http://heroesneverlose.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: http://heroesneverlose.com
date: Tue, 19 Jul 2022 17:29:56 GMT
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 146
retry-after: 0
content-type: application/json

GET identity
api.rlcdn.com/api/ 0
0

GET
H2

200

any Show response
idx.liadm.com/idex/ie/
Redirect Chain

http://idx.liadm.com/idex/ie/any
https://idx.liadm.com/idex/ie/any

54 B
388 B

1308ms
836ms

XHR
application/json

3.218.155.137
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://idx.liadm.com/idex/ie/any

Requested by

Host: heroesneverlose.com
URL: http://heroesneverlose.com/

Protocol

Server

3.218.155.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-218-155-137.compute-1.amazonaws.com

Software

Resource Hash

cff2fddd0382a2f4113ce84ee9e019eb1e60da60f02cd1dbc968d93f9142e17c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 17:29:56 GMT
request-time: 1
vary: Origin
content-type: application/json
access-control-allow-origin: null
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
trace-id: 4af1a46b51f89bbf
content-length: 54

Redirect headers

Date: Tue, 19 Jul 2022 17:29:55 GMT
Location: https://idx.liadm.com/idex/ie/any
Vary: Origin
Access-Control-Allow-Origin: http://heroesneverlose.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
trace-id: ac8bff5116e9619c
Content-Length: 0

GET rid
match.adsrvr.org/track/ 0
0

POST access_invalidate
gsp.target.com/gsp/oauth_tokens/v2/tokens/ 0
0

OPTIONS
H2 403 access_invalidate
gsp.target.com/gsp/oauth_tokens/v2/tokens/ Frame 0
0 29ms
28ms Preflight 151.101.130.180
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://gsp.target.com/gsp/oauth_tokens/v2/tokens/access_invalidate?preserve_refresh_token=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.180 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.target.com https://.targetimg1.com https://.tgtneptune.com https://.scene7.com; style-src 'self' 'unsafe-inline'; script-src 'self' https://.target.com https://.targetimg1.com https://cdn.userreplay.net https://.scene7.com 'unsafe-inline'; img-src 'self' data: https://.target.com https://.targetimg1.com https://.scene7.com; frame-src 'self' https://.target.com https://.targetimg1.com https://.scene7.com; frame-ancestors 'self' https://.target.com https://.targetimg1.com https://.scene7.com; connect-src 'self' https://.target.com https://.targetimg1.com https://ur-ikoley.userreplay.net https://cdn.userreplay.net https://.scene7.com https://.zeronaught.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://heroesneverlose.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: no-store
clientgeo: DE
clientip: 217.114.218.19
content-length: 0
content-security-policy: default-src 'self' https://*.target.com https://*.targetimg1.com https://*.tgtneptune.com https://*.scene7.com; style-src 'self' 'unsafe-inline'; script-src 'self' https://*.target.com https://*.targetimg1.com https://cdn.userreplay.net https://*.scene7.com 'unsafe-inline'; img-src 'self' data: https://*.target.com https://*.targetimg1.com https://*.scene7.com; frame-src 'self' https://*.target.com https://*.targetimg1.com https://*.scene7.com; frame-ancestors 'self' https://*.target.com https://*.targetimg1.com https://*.scene7.com; connect-src 'self' https://*.target.com https://*.targetimg1.com https://ur-ikoley.userreplay.net https://cdn.userreplay.net https://*.scene7.com https://*.zeronaught.com;
date: Tue, 19 Jul 2022 17:29:55 GMT
referrer-policy: no-referrer-when-downgrade
retry-after: 0
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 GUEST_b3cea7ef-22bf-4cdf-92bb-e100a10ec623
target.scene7.com/is/content/Target/ 545 B
704 B 25ms
23ms Image
image/svg+xml 2a02:26f0:3500:596::9b6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://target.scene7.com/is/content/Target/GUEST_b3cea7ef-22bf-4cdf-92bb-e100a10ec623

Requested by

Host: heroesneverlose.com
URL: http://heroesneverlose.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:596::9b6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

a8c98f1872e0c0a4932d4d5c978f666c1b99f0e90a6ed000f4d5aed5a6dff76d

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 17:29:55 GMT
last-modified: Mon, 16 Aug 2021 07:02:34 GMT
server: Unknown
strict-transport-security: max-age=86400
content-type: image/svg+xml
access-control-allow-origin: *
accept-ranges: bytes
content-length: 545
expires: Tue, 19 Jul 2022 19:54:35 GMT

GET
H2 200 GUEST_adf88fa5-9437-443e-8ddd-674dde6c3a82
target.scene7.com/is/content/Target/ 545 B
704 B 34ms
33ms Image
image/svg+xml 2a02:26f0:3500:596::9b6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://target.scene7.com/is/content/Target/GUEST_adf88fa5-9437-443e-8ddd-674dde6c3a82

Requested by

Host: heroesneverlose.com
URL: http://heroesneverlose.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:596::9b6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

a8c98f1872e0c0a4932d4d5c978f666c1b99f0e90a6ed000f4d5aed5a6dff76d

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 17:29:55 GMT
last-modified: Mon, 16 Aug 2021 07:02:34 GMT
server: Unknown
strict-transport-security: max-age=86400
content-type: image/svg+xml
access-control-allow-origin: *
accept-ranges: bytes
content-length: 545
expires: Tue, 19 Jul 2022 21:30:39 GMT

GET
H2 200 GUEST_1e7d1a3c-3927-49e3-8ef7-bac2397fb36c
target.scene7.com/is/content/Target/ 946 B
1 KB 40ms
39ms Image
image/svg+xml 2a02:26f0:3500:596::9b6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://target.scene7.com/is/content/Target/GUEST_1e7d1a3c-3927-49e3-8ef7-bac2397fb36c

Requested by

Host: heroesneverlose.com
URL: http://heroesneverlose.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:596::9b6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

44914fe79fff029aba62ab355d38c487ca9fd57b9e041bd435930b578d772c21

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 17:29:55 GMT
last-modified: Mon, 16 Aug 2021 07:02:43 GMT
server: Unknown
strict-transport-security: max-age=86400
content-type: image/svg+xml
access-control-allow-origin: *
accept-ranges: bytes
content-length: 946
expires: Tue, 19 Jul 2022 22:00:58 GMT

GET
H2 200 GUEST_77400a3e-7081-4c52-8feb-7126a78353e1
target.scene7.com/is/content/Target/ 2 KB
2 KB 44ms
43ms Image
image/svg+xml 2a02:26f0:3500:596::9b6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://target.scene7.com/is/content/Target/GUEST_77400a3e-7081-4c52-8feb-7126a78353e1

Requested by

Host: heroesneverlose.com
URL: http://heroesneverlose.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:596::9b6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

36fb5f6d85fee772ec2776fa91b23eab9185e1bda2bf535d5cd05cd930f24bdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 17:29:55 GMT
last-modified: Mon, 23 Aug 2021 18:12:49 GMT
server: Unknown
strict-transport-security: max-age=86400
content-type: image/svg+xml
access-control-allow-origin: *
accept-ranges: bytes
content-length: 1762
expires: Tue, 19 Jul 2022 20:48:52 GMT

GET
H2 200 GUEST_ca8f1d56-9000-4407-be78-2c33be983dab
target.scene7.com/is/content/Target/ 50 KB
51 KB 48ms
47ms Image
image/svg+xml 2a02:26f0:3500:596::9b6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://target.scene7.com/is/content/Target/GUEST_ca8f1d56-9000-4407-be78-2c33be983dab

Requested by

Host: heroesneverlose.com
URL: http://heroesneverlose.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:596::9b6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

93c66c5b66764b601d7d5d701a4dd3eba2fa449b3d8a6fb559f66eca70af3f28

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 17:29:55 GMT
last-modified: Mon, 16 Aug 2021 07:03:09 GMT
server: Unknown
strict-transport-security: max-age=86400
content-type: image/svg+xml
access-control-allow-origin: *
accept-ranges: bytes
content-length: 51602
expires: Tue, 19 Jul 2022 21:45:53 GMT

GET 99ecc614-958b-457a-be15-01e00c53057A.woff
assets.targetimg1.com/ui/fonts/ 0
0

OPTIONS
H2 403 MEDALLIA
api.target.com/guest_global_content/v1/structured_content/ Frame 0
0 140ms
140ms Preflight 151.101.130.180
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.target.com/guest_global_content/v1/structured_content/MEDALLIA

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.180 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains;

Request headers

Accept: */*
Access-Control-Request-Headers: x-api-key
Access-Control-Request-Method: GET
Origin: http://heroesneverlose.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

accept-ranges: bytes
content-length: 0
date: Tue, 19 Jul 2022 17:29:55 GMT
strict-transport-security: max-age=16000000; includeSubDomains;
via: HTTP/1.1 Go-Proxy (Go-Proxy/2.12.3), HTTP/1.1 haproxy (api-platform), 1.1 varnish
x-api-id: 850555573ada3b7abdf8149863788e3f42e360a7146b96cef4d3e739459c8aa9
x-b3-sampled: 0
x-b3-spanid: c47c7bbccdce92bf
x-b3-traceid: b2b6ee9baa01af6c0b258966d37e02dc
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-hhn4052-HHN
x-timer: S1658251796.697925,VS0,VE119

GET MEDALLIA
api.target.com/guest_global_content/v1/structured_content/ 0
0

GET
H2 200 pk10.css
www.168xykai.com/webapp/css/ Frame 30E2 21 KB
4 KB 280ms
277ms Stylesheet
text/css 35.215.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.168xykai.com/webapp/css/pk10.css

Requested by

Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/html/aozxy5/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.215.138.177 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

ce537293741ba0dbc920bd27a9bcfb575ce7382ea545f812071851932bf5a8f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.168xykai.com/webapp/html/aozxy5/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 17:29:55 GMT
content-encoding: gzip
last-modified: Wed, 23 Feb 2022 01:02:48 GMT
server: nginx
etag: W/"621587b8-53fc"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Wed, 20 Jul 2022 05:29:55 GMT

GET
H2 200 common.css
www.168xykai.com/webapp/css/ Frame 30E2 4 KB
1 KB 281ms
277ms Stylesheet
text/css 35.215.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.168xykai.com/webapp/css/common.css

Requested by

Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/html/aozxy5/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.215.138.177 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

eb16c5bca8654e4bc4ea5ea9798ab144aa2cc4fac9eb172424065ac0e6827801

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.168xykai.com/webapp/html/aozxy5/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 17:29:55 GMT
content-encoding: gzip
last-modified: Wed, 10 Feb 2021 10:25:40 GMT
server: nginx
etag: W/"6023b4a4-f5c"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Wed, 20 Jul 2022 05:29:55 GMT

GET
H2 200 public.css
www.168xykai.com/webapp/css/ Frame 30E2 22 KB
5 KB 556ms
552ms Stylesheet
text/css 35.215.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.168xykai.com/webapp/css/public.css

Requested by

Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/html/aozxy5/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.215.138.177 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

5256fc07502ba8b4af3949b231c9bece358850eb090c6c547e187ef423527f78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.168xykai.com/webapp/html/aozxy5/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 17:29:55 GMT
content-encoding: gzip
last-modified: Wed, 23 Feb 2022 01:43:46 GMT
server: nginx
etag: W/"62159152-59ac"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Wed, 20 Jul 2022 05:29:55 GMT

GET
H2 200 ssc_index_add.css
www.168xykai.com/webapp/css/ Frame 30E2 21 KB
5 KB 557ms
553ms Stylesheet
text/css 35.215.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.168xykai.com/webapp/css/ssc_index_add.css

Requested by

Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/html/aozxy5/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.215.138.177 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

257c2ba09ca5560c8c0a7b2772beb6e040fcda0dee139896a1901bb0080ea725

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.168xykai.com/webapp/html/aozxy5/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 17:29:55 GMT
content-encoding: gzip
last-modified: Wed, 23 Feb 2022 01:02:48 GMT
server: nginx
etag: W/"621587b8-55a8"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Wed, 20 Jul 2022 05:29:55 GMT

GET
H2 200 ssc_newVersion.css
www.168xykai.com/webapp/css/ Frame 30E2 22 KB
4 KB 558ms
554ms Stylesheet
text/css 35.215.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.168xykai.com/webapp/css/ssc_newVersion.css

Requested by

Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/html/aozxy5/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.215.138.177 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

55d8170581789fd2baf42f160038645f58d3d1af667c0ce888880af5dde1e25e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.168xykai.com/webapp/html/aozxy5/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 17:29:55 GMT
content-encoding: gzip
last-modified: Wed, 23 Feb 2022 01:02:48 GMT
server: nginx
etag: W/"621587b8-5771"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Wed, 20 Jul 2022 05:29:55 GMT

GET
H2 200 jquery-1.9.1.js Show response
www.168xykai.com/webapp/js/lib/ Frame 30E2 91 KB
36 KB 832ms
829ms Script
application/javascript 35.215.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.168xykai.com/webapp/js/lib/jquery-1.9.1.js

Requested by

Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/html/aozxy5/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.215.138.177 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

7196db5ce1154dda0f62614999dfd169a0e5fa9db634c12c308f9f9b22cb6f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.168xykai.com/webapp/html/aozxy5/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 17:29:55 GMT
content-encoding: gzip
last-modified: Wed, 10 Feb 2021 10:25:40 GMT
server: nginx
etag: W/"6023b4a4-16b57"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Wed, 20 Jul 2022 05:29:55 GMT

GET
H2 200 Sortable.min.js Show response
www.168xykai.com/webapp/js/lib/ Frame 30E2 0
201 B 1383ms
1380ms Script
application/javascript 35.215.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.168xykai.com/webapp/js/lib/Sortable.min.js

Requested by

Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/html/aozxy5/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.215.138.177 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.168xykai.com/webapp/html/aozxy5/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 17:29:55 GMT
last-modified: Wed, 10 Feb 2021 10:25:40 GMT
server: nginx
etag: "6023b4a4-0"
strict-transport-security: max-age=31536000
content-type: application/javascript
cache-control: max-age=43200
accept-ranges: bytes
content-length: 0
expires: Wed, 20 Jul 2022 05:29:55 GMT

GET
H2 200 jquery.async.js Show response
www.168xykai.com/webapp/js/lib/ Frame 30E2 902 B
1 KB 1383ms
1380ms Script
application/javascript 35.215.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.168xykai.com/webapp/js/lib/jquery.async.js

Requested by

Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/html/aozxy5/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.215.138.177 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

9b52ff42b1430595e38ae165b5a8ac6719c0bfddf9407ef9bc720dc30f2d3e5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.168xykai.com/webapp/html/aozxy5/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 17:29:55 GMT
last-modified: Wed, 10 Feb 2021 10:25:40 GMT
server: nginx
etag: "6023b4a4-386"
strict-transport-security: max-age=31536000
content-type: application/javascript
cache-control: max-age=43200
accept-ranges: bytes
content-length: 902
expires: Wed, 20 Jul 2022 05:29:55 GMT

GET
H2 200 drawLines.js Show response
www.168xykai.com/webapp/js/lib/ Frame 30E2 24 KB
9 KB 1383ms
1380ms Script
application/javascript 35.215.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.168xykai.com/webapp/js/lib/drawLines.js

Requested by

Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/html/aozxy5/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.215.138.177 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

8a3eec9c6525ce4aad8b37e0a188f4716a8fcdec24ee894d2f8ffec447872fbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.168xykai.com/webapp/html/aozxy5/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 17:29:55 GMT
content-encoding: gzip
last-modified: Wed, 10 Feb 2021 10:25:40 GMT
server: nginx
etag: W/"6023b4a4-613b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Wed, 20 Jul 2022 05:29:55 GMT

GET
H2 200 pk10BaseTrend.js Show response
www.168xykai.com/webapp/js/lib/ Frame 30E2 7 KB
2 KB 1383ms
1381ms Script
application/javascript 35.215.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.168xykai.com/webapp/js/lib/pk10BaseTrend.js

Requested by

Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/html/aozxy5/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.215.138.177 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

441c3db4288867eb549306e2797b1075d745408c6674660096a9ed695435391e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.168xykai.com/webapp/html/aozxy5/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 17:29:55 GMT
content-encoding: gzip
last-modified: Wed, 10 Feb 2021 10:25:40 GMT
server: nginx
etag: W/"6023b4a4-1a2d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Wed, 20 Jul 2022 05:29:55 GMT

GET
H2 200 date.js Show response
www.168xykai.com/webapp/js/lib/ Frame 30E2 8 KB
3 KB 1383ms
1381ms Script
application/javascript 35.215.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.168xykai.com/webapp/js/lib/date.js

Requested by

Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/html/aozxy5/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.215.138.177 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

5de11f7b517d7f89c70ea78a8fe23a2f86bd848c8eb098003623b9faaff42d2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.168xykai.com/webapp/html/aozxy5/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 17:29:56 GMT
content-encoding: gzip
last-modified: Wed, 10 Feb 2021 10:25:40 GMT
server: nginx
etag: W/"6023b4a4-1edd"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Wed, 20 Jul 2022 05:29:56 GMT

GET
H2 200 iscroll.js Show response
www.168xykai.com/webapp/js/lib/ Frame 30E2 19 KB
7 KB 1383ms
1381ms Script
application/javascript 35.215.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.168xykai.com/webapp/js/lib/iscroll.js

Requested by

Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/html/aozxy5/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.215.138.177 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

3b294972fe3c686a14d4195e17abc43199da904d959c9ffa128b3649b6bd925c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.168xykai.com/webapp/html/aozxy5/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 17:29:56 GMT
content-encoding: gzip
last-modified: Wed, 10 Feb 2021 10:25:40 GMT
server: nginx
etag: W/"6023b4a4-4db3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Wed, 20 Jul 2022 05:29:56 GMT

GET
H2 200 config.js Show response
www.168xykai.com/webapp/js/lib/ Frame 30E2 9 KB
3 KB 1383ms
1382ms Script
application/javascript 35.215.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.168xykai.com/webapp/js/lib/config.js

Requested by

Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/html/aozxy5/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.215.138.177 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

a78ee11327bd03c29b067ce5302c92e172971221bf34d152414c2a9fdda9a3f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.168xykai.com/webapp/html/aozxy5/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 17:29:56 GMT
content-encoding: gzip
last-modified: Fri, 25 Feb 2022 23:59:20 GMT
server: nginx
etag: W/"62196d58-22c5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Wed, 20 Jul 2022 05:29:56 GMT

GET
H2 200 tools.js Show response
www.168xykai.com/webapp/js/local/tools/ Frame 30E2 100 KB
17 KB 1384ms
1383ms Script
application/javascript 35.215.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.168xykai.com/webapp/js/local/tools/tools.js

Requested by

Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/html/aozxy5/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.215.138.177 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

9799dd932883288a3c6e2d4dba933ba58903621a0ca026a1b935d6c1d282d89a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.168xykai.com/webapp/html/aozxy5/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 17:29:56 GMT
content-encoding: gzip
last-modified: Wed, 23 Mar 2022 12:27:02 GMT
server: nginx
etag: W/"623b1216-18fe7"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Wed, 20 Jul 2022 05:29:56 GMT

GET
H2 200 head_aozxy5.js Show response
www.168xykai.com/webapp/js/local/ssc/ Frame 30E2 338 B
551 B 1385ms
1383ms Script
application/javascript 35.215.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.168xykai.com/webapp/js/local/ssc/head_aozxy5.js

Requested by

Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/html/aozxy5/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.215.138.177 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

a4cd3a4af2595491fd9ea98f5faeb959eb00bf0d04c9dfb358dca7685a27ab97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.168xykai.com/webapp/html/aozxy5/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 17:29:56 GMT
last-modified: Wed, 10 Feb 2021 10:25:42 GMT
server: nginx
etag: "6023b4a6-152"
strict-transport-security: max-age=31536000
content-type: application/javascript
cache-control: max-age=43200
accept-ranges: bytes
content-length: 338
expires: Wed, 20 Jul 2022 05:29:56 GMT

GET
H2 200 index.js Show response
www.168xykai.com/webapp/js/local/ssc/ Frame 30E2 79 KB
17 KB 1385ms
1383ms Script
application/javascript 35.215.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.168xykai.com/webapp/js/local/ssc/index.js

Requested by

Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/html/aozxy5/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.215.138.177 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

ae8b3e11044bfe4ada3cbe02de1e3a8b9f7476b4cb8cf6e8a29074e423d254e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.168xykai.com/webapp/html/aozxy5/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 17:29:56 GMT
content-encoding: gzip
last-modified: Fri, 07 Jan 2022 06:15:08 GMT
server: nginx
etag: W/"61d7da6c-13afa"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Wed, 20 Jul 2022 05:29:56 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 405ms
29ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=heroesneverlose.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 19 Jul 2022 17:29:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 430ms
122ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=heroesneverlose.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 19 Jul 2022 17:29:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 45 KB
13 KB 141ms
141ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1607897225399853&correlator=3520548828628665&eid=31068502%2C42531605&output=ldjh&gdfp_req=1&vrg=2022071401&ptt=17&impl=fifs&iu_parts=7079046%2Ctgt%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=320x50%7C1200x75%7C1200x100%7C1000x75%7C1000x100%2C320x50%7C1000x450%7C1200x450&fluid=height%2Cheight&ifi=1&adks=4090763119%2C2485956694&sfv=1-0-38&ecs=20220719&fsapi=false&prev_scp=adp%3D1%26as%3Dhomeclpu%26au%3D%252F7079046%252Ftgt%252Fhomepage%26pflag%3Dno%26pos%3Dclpu%26pt%3Dhome%26storeId%3D3909%7Cadp%3D1%26as%3Dhomemega%26au%3D%252F7079046%252Ftgt%252Fhomepage%26pflag%3Dno%26pos%3Dmega%26pt%3Dhome%26storeId%3D3909&cust_params=n_cat%3Dhomepage%26s_t%3D%26cat%3D%26fly%3D018217825A130101778E86F3597CE6D3%26item%3D%26pt%3Dhome&sc=0&cookie_enabled=1&abxe=1&dt=1658251795755&lmt=1641630316&dlt=1658251793054&idt=2648&adxs=-12245933%2C-12245933&adys=-12245933%2C-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fheroesneverlose.com%2F&frm=20&vis=1&psz=0x0%7C0x0&msz=0x0%7C0x0&fws=132%2C132&ohw=1600%2C1600&ga_vid=1516262892.1658251796&ga_sid=1658251796&ga_hid=179949165&ga_fc=false

Requested by

Host: heroesneverlose.com
URL: http://heroesneverlose.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

d2be16ddb2a23c011b72e06cbce8ab63a0ab8c9a2b9423df1ca266620a244055

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 17:29:55 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12447
x-xss-protection: 0
google-lineitem-id: 5936703507,6010522780
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138383093207,138391137854
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://heroesneverlose.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
e9c29e174c780cd6c491d10963ef6127.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 28DF 6 KB
4 KB 145ms
59ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e9c29e174c780cd6c491d10963ef6127.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://heroesneverlose.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Jul 2022 17:29:55 GMT
expires: Wed, 19 Jul 2023 17:29:55 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 headerstats Show response
as-sec.casalemedia.com/ 0
580 B 340ms
44ms XHR
text/plain 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=557845&u=http%3A%2F%2Fheroesneverlose.com%2F&v=3
Requested by: Host: heroesneverlose.com
URL: http://heroesneverlose.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://heroesneverlose.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 17:29:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1zw%2BqXGbXrt68p6SOyE5KOKtSI2F1MztuzHpZ%2BgI0ADawU443RJ2NZ9r%2FtJFy0xgxuwmDa9ARC4TtOptkpcigIFK1K6MJtjpA0fGv%2FMFbciMU%2FUPcq8J8ToxhQZSxkW%2B2DYPwRmOMyg%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: http://heroesneverlose.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 72d52e9dea646922-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3 200 container.html Show response
e9c29e174c780cd6c491d10963ef6127.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0854 6 KB
3 KB 100ms
31ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e9c29e174c780cd6c491d10963ef6127.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://heroesneverlose.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Jul 2022 17:29:55 GMT
expires: Wed, 19 Jul 2023 17:29:55 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
e9c29e174c780cd6c491d10963ef6127.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CF12 6 KB
3 KB 87ms
22ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e9c29e174c780cd6c491d10963ef6127.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://heroesneverlose.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Jul 2022 17:29:55 GMT
expires: Wed, 19 Jul 2023 17:29:55 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame CF12 22 KB
7 KB 82ms
21ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: e9c29e174c780cd6c491d10963ef6127.safeframe.googlesyndication.com
URL: https://e9c29e174c780cd6c491d10963ef6127.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e9c29e174c780cd6c491d10963ef6127.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 11:14:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 195353
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 17 Jul 2023 11:14:03 GMT

GET
H2 200 3234789754001132262
tpc.googlesyndication.com/simgad/ Frame CF12 194 KB
194 KB 118ms
57ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3234789754001132262?

Requested by

Host: e9c29e174c780cd6c491d10963ef6127.safeframe.googlesyndication.com
URL: https://e9c29e174c780cd6c491d10963ef6127.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16a0045771816aa3476aaabf643498bcf8f33abf2e3009a4fbe9cd2c1294d416

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e9c29e174c780cd6c491d10963ef6127.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 07:28:22 GMT
x-content-type-options: nosniff
age: 208894
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 198587
x-xss-protection: 0
last-modified: Mon, 09 May 2022 17:16:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 17 Jul 2023 07:28:22 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CF12 137 KB
43 KB 96ms
34ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e9c29e174c780cd6c491d10963ef6127.safeframe.googlesyndication.com
URL: https://e9c29e174c780cd6c491d10963ef6127.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0de50a799ee39bde80bfb0943ba85616975f5c71e0e746b49c27c5b0d1731ef6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e9c29e174c780cd6c491d10963ef6127.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 17:29:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43203
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1658144321100200"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 19 Jul 2022 17:29:56 GMT

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame CF12 8 KB
4 KB 355ms
25ms Script
application/javascript 2a02:26f0:3500:58b::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?t2te=0&seltag=1&adsrv=104&cmp=DV503696&ctx=21728514&sadv=24321326&ord=2948394446&litm=6010522780&scrt=138391137854&splc=/7079046/tgt/homepage&adu=107197886&unit=0x0&dvp_qtpid=&dvp_qtsid=&btreg=6010522780138391137854&btadsrv=6010522780138391137854&spos=mega&c1=home&c2=&c3=homemega&c4=
Requested by: Host: e9c29e174c780cd6c491d10963ef6127.safeframe.googlesyndication.com
URL: https://e9c29e174c780cd6c491d10963ef6127.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:58b::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 1a42b9801e4571ef971f9e6490c5d46d894e1ea433654ab003dcc0c2ab44e86e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e9c29e174c780cd6c491d10963ef6127.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 17:29:56 GMT
Content-Encoding: gzip
Last-Modified: Tue, 19 Jul 2022 15:02:12 GMT
Server: Microsoft-IIS/10.0
ETag: "0326086809bd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3301

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 0854 22 KB
7 KB 71ms
23ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: e9c29e174c780cd6c491d10963ef6127.safeframe.googlesyndication.com
URL: https://e9c29e174c780cd6c491d10963ef6127.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e9c29e174c780cd6c491d10963ef6127.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 11:14:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 195353
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 17 Jul 2023 11:14:03 GMT

GET
H2 200 3308328512682953765
tpc.googlesyndication.com/simgad/ Frame 0854 45 KB
45 KB 74ms
27ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3308328512682953765?

Requested by

Host: e9c29e174c780cd6c491d10963ef6127.safeframe.googlesyndication.com
URL: https://e9c29e174c780cd6c491d10963ef6127.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6cd83ff88a9b93e661d3e4ddbd7a2b5561087bc1fd4a90792a6ad1846f4fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e9c29e174c780cd6c491d10963ef6127.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 06:31:06 GMT
x-content-type-options: nosniff
age: 471530
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45856
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 13:48:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 14 Jul 2023 06:31:06 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0854 137 KB
42 KB 113ms
66ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e9c29e174c780cd6c491d10963ef6127.safeframe.googlesyndication.com
URL: https://e9c29e174c780cd6c491d10963ef6127.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0de50a799ee39bde80bfb0943ba85616975f5c71e0e746b49c27c5b0d1731ef6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e9c29e174c780cd6c491d10963ef6127.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 17:29:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43203
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1658144321100200"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 19 Jul 2022 17:29:56 GMT

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 0854 8 KB
4 KB 364ms
22ms Script
application/javascript 2a02:26f0:3500:58b::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?t2te=0&seltag=1&adsrv=104&cmp=DV503696&ctx=21728514&sadv=24321326&ord=2948394446&litm=5936703507&scrt=138383093207&splc=/7079046/tgt/homepage&adu=107197886&unit=0x0&dvp_qtpid=&dvp_qtsid=&btreg=5936703507138383093207&btadsrv=5936703507138383093207&spos=clpu&c1=home&c2=&c3=homeclpu&c4=
Requested by: Host: e9c29e174c780cd6c491d10963ef6127.safeframe.googlesyndication.com
URL: https://e9c29e174c780cd6c491d10963ef6127.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:58b::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 1a42b9801e4571ef971f9e6490c5d46d894e1ea433654ab003dcc0c2ab44e86e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e9c29e174c780cd6c491d10963ef6127.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 17:29:56 GMT
Content-Encoding: gzip
Last-Modified: Tue, 19 Jul 2022 15:02:12 GMT
Server: Microsoft-IIS/10.0
ETag: "0326086809bd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3301

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CF12 0
0 57ms
57ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvBUnxfq1IhOay_AAyHspOw0NboxHJVzhqIAhL1AsmXYYesjBu_NJVKn-Y4J4YoWg7Ntgo76L6Z_YPMzgzaIF6M5wCt7NabdQiTfLRJGjzvLdY-UeWW6NOzQD4hv6T4Noos3mPXgZ8gmnyQUZSWWIvqbpbhrN8okUTrvpQLBFaLOnq6A43_RhlOuF691mpZXt-TAqdrSKpu7yJwFjvMys_frSJ7D-AmgNip7g-oc4HfJhsNEYLbGWN4WkKi0HNGS_xU8k7-NX71dsLjAaMiRaZQg4H5LApt4sz732WJEjjX0TjVLDWxc4YiMadEdJbiqccjl12l_kyq&sai=AMfl-YQwbpzKcbxGXW0iNRFaJ-nd1c4OXUY9Oy0Ss_EIjV1Crlw6rw1SHQ-ljShVIOgEk5Uj-KVw5MDvYwv7WzjhRVyq72kluUh9edhE-2px9YYe5vXMrd5u03YsKGgk-5Q&sig=Cg0ArKJSzGYkkUFsOO73EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: e9c29e174c780cd6c491d10963ef6127.safeframe.googlesyndication.com
URL: https://e9c29e174c780cd6c491d10963ef6127.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e9c29e174c780cd6c491d10963ef6127.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 19 Jul 2022 17:29:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 19 Jul 2022 17:29:56 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0854 0
0 60ms
60ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstu5t5TXYRz5Odl4C9XCSnvZZ_TKpDkhFVfeahegBN1kDJPDDYyVoRzcKBXE7V0ZlfJWLjfIfD22HRzjb_23RW5XcIdDpLncsWqKYNMd83TBMtn564hPpkmmvF36eYLDWgIN0y8bvYAhD3-S4zB27wtlnqci5Z95wKJc2ffTdjOjsHp0X_Yy0Jlu53Hm3EO1BCrEpINw-z8GjeTghpK1VNDqPatpZWa7swlWf10rmsy36T9I2oLmGqAXjBl4njHTS3PiJW19Bc8qKWJQ7T7nPaob6_QBqolLgR_sxKWiLzsiPkYNWcyHS6MkM4RCL5APgWZw0uKhRVV&sai=AMfl-YToDGjkLlSriVUkGSqxZvFjzPtyBsqgWSBw3MyL7_LrX6BsW3v47VEWJVYYMyA5tytgN8wwwWTEjB0-FI9aCPGhKbUSLwJPKlAKEUzBtEwfqH04ykim9JrcTOD9UEs&sig=Cg0ArKJSzNDrZWaTSfK_EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: e9c29e174c780cd6c491d10963ef6127.safeframe.googlesyndication.com
URL: https://e9c29e174c780cd6c491d10963ef6127.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e9c29e174c780cd6c491d10963ef6127.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 19 Jul 2022 17:29:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 19 Jul 2022 17:29:56 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame CF12 0
0 365ms
62ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuhzjBTgbwIljfQ_WwJyZ4JIPyLpSKi8GVx0f8dxQqsDQeAVmiyVR5QB0aVu_P_uqChKLMQulzCyHYq68PQDYQKmstMeNO4_B39rTScAS9DEEEr_gpf9KOJvb5tEpFNT2wXaMHypI50qi03EoniuJ8UYwRLY7wQuVDmoVdBrcq91g5mXnhjc6fMSjqH2yLhz0kd1p_LriLw9SfJUkXVu8fJd4MqJfHYUXOwQssmdPw2PCgWB9pijQtysp5FIB8NkB9nDR8aXqeFrBqVYIAFmF755RzYy7RZy2VGQ55dr4y2OICeHblxjdWONLlaVRcM9PiqEZIh_J1kAg0&sai=AMfl-YQEBdFy1IdZYVmakLZofIk62a7mKoSI7CV3ABl3gIZgljx7Dh8fcXEEPoAWfzy59SJXQqjrhOD0sp2NmzgQBsr_cTFHIA9ibLO1CeurH0xcKIFaF7sT3bKK_hfuSpc&sig=Cg0ArKJSzAehySG2iPy6EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e9c29e174c780cd6c491d10963ef6127.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 19 Jul 2022 17:29:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 19 Jul 2022 17:29:56 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0854 0
0 368ms
66ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstEvDPhasveRQAFwqOEGaPkhtgp-jhbdpmmkNv29bnRlsILKB_chwkzfL-c4OwA38G0IGVAvgzLLJrhKpGE4jaLP8fItgAr1DQhKWuKf1EXliLMFyXvqqtKDsTzB9EXEEibrYwK__VkD6B3cLA2t8VrikvPoC-MtzEckmqDFGPcZgKs3-ecF85UpvuzVy7Eo8Cb4i3OfZo-AN_brtyM8CO2gTVA3UlcH3-MLvFgdqA6pOzi1ELrwIbUdu-k-RycUJanWJ5KrJckYPLgMMHiGGzGgWej-qDQyA3F01oioYnIzR42mo-Bj2r1RVnCe839tSpVHOpym2Kq4ic&sai=AMfl-YSLzhcn107SFA_batHLy4j51NWdkEt8Qsx8VbQJUcMaF7SidEgBb_OCTIQf1x8xRqs0aiimJviMOHOj9u6b4vpaT_yh0AgNBtW4l_wAHCLKK_WsAVytyw_aS5gVUVk&sig=Cg0ArKJSzNpeoiMeAh8OEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e9c29e174c780cd6c491d10963ef6127.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 19 Jul 2022 17:29:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 19 Jul 2022 17:29:56 GMT

GET
H/1.1 200
OK dv-measurements2916.js Show response
cdn.doubleverify.com/ Frame F1DB 558 KB
107 KB 22ms
21ms Script
application/javascript 23.35.229.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements2916.js
Requested by: Host: heroesneverlose.com
URL: http://heroesneverlose.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-201.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 37e5a95d2df1bf01d9d068cb68a27708d9bd318034d0ef120304fdb2927e503b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e9c29e174c780cd6c491d10963ef6127.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 17:29:56 GMT
Content-Encoding: gzip
Last-Modified: Tue, 19 Jul 2022 11:56:46 GMT
Server: Microsoft-IIS/10.0
ETag: "053c39e669bd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 109162

GET
H/1.1 200
OK dv-measurements2916.js Show response
cdn.doubleverify.com/ Frame D5AC 558 KB
107 KB 27ms
27ms Script
application/javascript 2a02:26f0:3500:58b::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements2916.js
Requested by: Host: heroesneverlose.com
URL: http://heroesneverlose.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:58b::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 37e5a95d2df1bf01d9d068cb68a27708d9bd318034d0ef120304fdb2927e503b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e9c29e174c780cd6c491d10963ef6127.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 17:29:56 GMT
Content-Encoding: gzip
Last-Modified: Tue, 19 Jul 2022 11:56:46 GMT
Server: Microsoft-IIS/10.0
ETag: "053c39e669bd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 109162

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame F1DB 1 KB
904 B 233ms
43ms Script
text/javascript 213.254.244.106
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=93&ttfrms=38&brid=3&brver=103.0.5060.53&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEATbpTauTau96C%406D%3F6G6C%3D%40D6%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEATbpTauTau96C%406D%3F6G6C%3D%40D6%5D4%40%3ETar9EEADTbpTauTau6h4ah6%60fc4fg_45e4ch%605%60_heb67e%60af%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=100&ddur=356&uid=1658251796521389&jsCallback=dvCallback_1658251796521169&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F103.0.5060.53%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=0&winw=0&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=2916&tgjsver=2916&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fe9c29e174c780cd6c491d10963ef6127.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&sfe=1&fcifrms=5&brh=2&sdf=2&dvp_epl=237&noc=4&nav_pltfrm=Win32&ctx=21728514&cmp=DV503696&btreg=6010522780138391137854&btadsrv=6010522780138391137854&adsrv=104&unit=0x0&seltag=1&sadv=24321326&ord=2948394446&litm=6010522780&scrt=138391137854&splc=/7079046/tgt/homepage&adu=107197886&spos=mega&c1=home&c3=homemega&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&t2te=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=1316563202.245414&dvp_tukv=3431215901.7900624&dvp_uuid=13769619.966364816&dvp_strhd=0.5&dvpx_strhd=0.5&dvp_tuid=487831691974
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2916.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.106 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: 098073defdeabac9f281ed75ea3c963653505381c83280f99e27e201fe559ab2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e9c29e174c780cd6c491d10963ef6127.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 19 Jul 2022 17:29:55 GMT
Content-Encoding: br
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 07/18/2022 17:29:56

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame D5AC 1 KB
906 B 96ms
36ms Script
text/javascript 213.254.244.106
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=277&ttfrms=10&brid=3&brver=103.0.5060.53&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEATbpTauTau96C%406D%3F6G6C%3D%40D6%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEATbpTauTau96C%406D%3F6G6C%3D%40D6%5D4%40%3ETar9EEADTbpTauTau6h4ah6%60fc4fg_45e4ch%605%60_heb67e%60af%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=118&ddur=365&uid=1658251796702359&jsCallback=dvCallback_1658251796702599&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F103.0.5060.53%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=0&winw=0&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=2916&tgjsver=2916&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fe9c29e174c780cd6c491d10963ef6127.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&sfe=1&fcifrms=5&brh=2&sdf=2&dvp_epl=237&noc=4&nav_pltfrm=Win32&ctx=21728514&cmp=DV503696&btreg=5936703507138383093207&btadsrv=5936703507138383093207&adsrv=104&unit=0x0&seltag=1&sadv=24321326&ord=2948394446&litm=5936703507&scrt=138383093207&splc=/7079046/tgt/homepage&adu=107197886&spos=clpu&c1=home&c3=homeclpu&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&t2te=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=33886315.10629627&dvp_tukv=2647919211.265035&dvp_uuid=552624463161.4427&dvp_strhd=0.20000076293945312&dvpx_strhd=0.20000076293945312&dvp_tuid=1258194737452
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2916.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.106 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: 846854331e841e72dc1b0fab70419ef0f5f3c1d4d8cfa676ae02a303aa6224f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e9c29e174c780cd6c491d10963ef6127.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 19 Jul 2022 17:29:56 GMT
Content-Encoding: br
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 07/18/2022 17:29:56

GET
H/1.1

204
No Content

event.png
tpsc-frc.doubleverify.com/ Frame F1DB
Redirect Chain

https://cdn.doubleverify.com/redirect/?host=tpsc-frc&param=akipv6&impid=7d512051528e449cb82e18d40150d502&cbust=1658251796853558
https://tpsc-frc.doubleverify.com/event.png?impid=7d512051528e449cb82e18d40150d502&akipv6=2001:1b60:2:240:3247::6

0
138 B

76ms
24ms

Image
text/plain

213.254.244.106
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpsc-frc.doubleverify.com/event.png?impid=7d512051528e449cb82e18d40150d502&akipv6=2001:1b60:2:240:3247::6
Requested by: Host: e9c29e174c780cd6c491d10963ef6127.safeframe.googlesyndication.com
URL: https://e9c29e174c780cd6c491d10963ef6127.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 213.254.244.106 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e9c29e174c780cd6c491d10963ef6127.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 19 Jul 2022 17:29:56 GMT
Cache-Control: max-age=0
Expires: 07/18/2022 17:29:56

Redirect headers

Location: https://tpsc-frc.doubleverify.com/event.png?impid=7d512051528e449cb82e18d40150d502&akipv6=2001:1b60:2:240:3247::6
Date: Tue, 19 Jul 2022 17:29:56 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H/1.1

204
No Content

event.png
tpsc-frc.doubleverify.com/ Frame D5AC
Redirect Chain

https://cdn.doubleverify.com/redirect/?host=tpsc-frc&param=akipv6&impid=a14958d432014688bfdac23388f277cc&cbust=1658251796858915
https://tpsc-frc.doubleverify.com/event.png?impid=a14958d432014688bfdac23388f277cc&akipv6=

0
138 B

98ms
23ms

Image
text/plain

213.254.244.106
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpsc-frc.doubleverify.com/event.png?impid=a14958d432014688bfdac23388f277cc&akipv6=
Requested by: Host: e9c29e174c780cd6c491d10963ef6127.safeframe.googlesyndication.com
URL: https://e9c29e174c780cd6c491d10963ef6127.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 213.254.244.106 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e9c29e174c780cd6c491d10963ef6127.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 19 Jul 2022 17:29:56 GMT
Cache-Control: max-age=0
Expires: 07/18/2022 17:29:56

Redirect headers

Location: https://tpsc-frc.doubleverify.com/event.png?impid=a14958d432014688bfdac23388f277cc&akipv6=
Date: Tue, 19 Jul 2022 17:29:56 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H2 200 azxy5_index.html Show response
www.168xykai.com/webapp/js/lib/video/SSC/ Frame B38E 5 KB
1 KB 811ms
810ms Document
text/html 35.215.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.168xykai.com/webapp/js/lib/video/SSC/azxy5_index.html

Requested by

Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/html/aozxy5/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.215.138.177 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

a68414d4126341df887b34672dad89ae3657328127e341736328f0124eabf8a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.168xykai.com/webapp/html/aozxy5/index.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Tue, 19 Jul 2022 17:29:57 GMT
etag: W/"621587b8-1302"
last-modified: Wed, 23 Feb 2022 01:02:48 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H2 200 haomaimg.png
www.168xykai.com/webapp/img/ Frame 30E2 128 KB
0 1084ms
1082ms Image
image/png 35.215.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.168xykai.com/webapp/img/haomaimg.png

Requested by

Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/css/public.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.215.138.177 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.168xykai.com/webapp/css/public.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 17:29:57 GMT
last-modified: Wed, 10 Feb 2021 10:25:40 GMT
server: nginx
etag: "6023b4a4-2c891"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 182417
expires: Thu, 18 Aug 2022 17:29:57 GMT

GET
H2 200 px10obj.png
www.168xykai.com/webapp/img/cltj_img/ Frame 30E2 3 KB
3 KB 2188ms
2187ms Image
image/png 35.215.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.168xykai.com/webapp/img/cltj_img/px10obj.png

Requested by

Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/css/pk10.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.215.138.177 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

124aeafaabb57da5126971cd6c763b317cde9003ff1690e447a494952f156139

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.168xykai.com/webapp/css/pk10.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 17:29:57 GMT
last-modified: Wed, 10 Feb 2021 10:25:40 GMT
server: nginx
etag: "6023b4a4-b3a"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2874
expires: Thu, 18 Aug 2022 17:29:57 GMT

GET
H2 200 icon-168index.png
www.168xykai.com/webapp/img/cltj_img/ Frame 30E2 0
0 2189ms
2188ms Image
image/png 35.215.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.168xykai.com/webapp/img/cltj_img/icon-168index.png

Requested by

Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/css/ssc_newVersion.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.215.138.177 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.168xykai.com/webapp/css/ssc_newVersion.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 17:29:57 GMT
last-modified: Wed, 10 Feb 2021 10:25:40 GMT
server: nginx
etag: "6023b4a4-7031"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 28721
expires: Thu, 18 Aug 2022 17:29:57 GMT

GET
H2 200 getNoAdvertisingDomain.do Show response
api.api68.com/parameters/ Frame 30E2 698 B
822 B 357ms
283ms XHR
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.api68.com/parameters/getNoAdvertisingDomain.do
Requested by: Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/js/lib/jquery-1.9.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9aa12cc36090af70707717a1453c986e1f453196f2d56ffe841a4a07ff2fa1c4

Request headers

Accept: */*
Referer: https://www.168xykai.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 17:29:57 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wAZjUhXjf%2Bd27DNPXP3Y4gIt8uiiWs%2B5QX%2FfaC7m1A43tBDXtVHik7NWeQgPNG3Q%2Bs79FEbitRQkdXOmwxH2w0PV99e1G2h1klUiKVW7T1KO%2B%2Bu3yT9Tg%2BPEJrLUh%2Fzp"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=UTF-8
access-control-allow-origin: https://www.168xykai.com
access-control-expose-headers: Set-Cookie
access-control-allow-credentials: true
content-disposition: inline;filename=f.txt
cf-ray: 72d52ea60e8c91ff-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 head.html Show response
www.168xykai.com/webapp/html/public/ Frame 30E2 1 KB
809 B 1657ms
1656ms XHR
text/html 35.215.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.168xykai.com/webapp/html/public/head.html

Requested by

Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/js/lib/jquery-1.9.1.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.215.138.177 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

dd52e302a990d06a8fc622322474888af94376f4ca6c245503a580de99e7d328

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: text/html, */*; q=0.01
Referer: https://www.168xykai.com/webapp/html/aozxy5/index.html
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 17:29:57 GMT
content-encoding: gzip
last-modified: Fri, 25 Feb 2022 20:21:08 GMT
server: nginx
etag: W/"62193a34-50a"
vary: Accept-Encoding
content-type: text/html
strict-transport-security: max-age=31536000

GET
H2 200 footer.html Show response
www.168xykai.com/webapp/html/public/ Frame 30E2 193 B
345 B 1658ms
1658ms XHR
text/html 35.215.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.168xykai.com/webapp/html/public/footer.html

Requested by

Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/js/lib/jquery-1.9.1.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.215.138.177 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

310decd547d1d8e6b28dd54d81215476ed3d42373a3cced655a076eae80fc2b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: text/html, */*; q=0.01
Referer: https://www.168xykai.com/webapp/html/aozxy5/index.html
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 17:29:57 GMT
last-modified: Wed, 23 Mar 2022 13:46:46 GMT
server: nginx
etag: "623b24c6-c1"
strict-transport-security: max-age=31536000
content-type: text/html
accept-ranges: bytes
content-length: 193

GET
H2 200 style.css
www.168xykai.com/webapp/js/lib/video/SSC/css/ Frame B38E 10 KB
2 KB 1947ms
1947ms Stylesheet
text/css 35.215.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.168xykai.com/webapp/js/lib/video/SSC/css/style.css

Requested by

Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/js/lib/video/SSC/azxy5_index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.215.138.177 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

b2bdceccb2ac9fa71b5b159abea0b97cfbb05e8094d26bd6c88bf995fa559dd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.168xykai.com/webapp/js/lib/video/SSC/azxy5_index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 17:29:58 GMT
content-encoding: gzip
last-modified: Wed, 10 Feb 2021 10:25:40 GMT
server: nginx
etag: W/"6023b4a4-28b6"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Wed, 20 Jul 2022 05:29:58 GMT

GET
H2 200 animateTool.css
www.168xykai.com/webapp/js/lib/video/SSC/css/ Frame B38E 14 KB
2 KB 1948ms
1947ms Stylesheet
text/css 35.215.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.168xykai.com/webapp/js/lib/video/SSC/css/animateTool.css

Requested by

Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/js/lib/video/SSC/azxy5_index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.215.138.177 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

ef3b65f6b8dbb36ca310c2bc5f03f8ca3b1eb3ae8a005fdef82c00c37e0a71e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.168xykai.com/webapp/js/lib/video/SSC/azxy5_index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 17:29:58 GMT
content-encoding: gzip
last-modified: Wed, 10 Feb 2021 10:25:40 GMT
server: nginx
etag: W/"6023b4a4-3893"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Wed, 20 Jul 2022 05:29:58 GMT

GET
H2 200 bodybg.jpg
www.168xykai.com/webapp/js/lib/video/SSC/img/cqssc/ Frame B38E 0
0 1934ms
1933ms Image
image/jpeg 35.215.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.168xykai.com/webapp/js/lib/video/SSC/img/cqssc/bodybg.jpg

Requested by

Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/js/lib/video/SSC/azxy5_index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.215.138.177 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.168xykai.com/webapp/js/lib/video/SSC/azxy5_index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 17:29:58 GMT
last-modified: Wed, 10 Feb 2021 10:25:40 GMT
server: nginx
etag: "6023b4a4-2f502"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 193794
expires: Thu, 18 Aug 2022 17:29:58 GMT

GET
H2 200 jquery-1.9.1.js
www.168xykai.com/webapp/js/lib/video/SSC/js/ Frame B38E 14 KB
0 1933ms
1933ms Script
application/javascript 35.215.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.168xykai.com/webapp/js/lib/video/SSC/js/jquery-1.9.1.js

Requested by

Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/js/lib/video/SSC/azxy5_index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.215.138.177 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.168xykai.com/webapp/js/lib/video/SSC/azxy5_index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 17:29:58 GMT
content-encoding: gzip
last-modified: Wed, 10 Feb 2021 10:25:40 GMT
server: nginx
etag: W/"6023b4a4-16b57"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Wed, 20 Jul 2022 05:29:58 GMT

GET
H2 200 victor1.0.js
www.168xykai.com/webapp/js/lib/video/SSC/js/ Frame B38E 0
0 1933ms
1933ms Script
application/javascript 35.215.138.177
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.168xykai.com/webapp/js/lib/video/SSC/js/victor1.0.js

Requested by

Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/js/lib/video/SSC/azxy5_index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.215.138.177 Central, Hong Kong, ASN15169 (GOOGLE, US),

Reverse DNS

177.138.215.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.168xykai.com/webapp/js/lib/video/SSC/azxy5_index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 17:29:58 GMT
content-encoding: gzip
last-modified: Wed, 10 Feb 2021 10:25:40 GMT
server: nginx
etag: W/"6023b4a4-1824"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Wed, 20 Jul 2022 05:29:58 GMT

GET
H3 200 getBaseCQShiCai.do Show response
api.api68.com/CQShiCai/ Frame 30E2 954 B
1022 B 541ms
511ms XHR
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.api68.com/CQShiCai/getBaseCQShiCai.do?issue=&lotCode=10010
Requested by: Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/js/lib/jquery-1.9.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64016ee579307d5cce6e3d75e5454eb8b07262eddf25674ca49f47bca5f4f887

Request headers

Accept: */*
Referer: https://www.168xykai.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 17:29:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6GYD2ELr4bO9H8NN%2B8d3rgbNt96b%2FjSeRRVV7%2Fws2qD08A21RNSsJve53eEYgv9uT3O9E6WUwjg8hE%2BBc8OB0zELJMO2lCSmJEcRZ%2FbIOjQIWiMUu%2B1%2B%2FuiJngPMjugC"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=UTF-8
access-control-allow-origin: https://www.168xykai.com
access-control-expose-headers: Set-Cookie
access-control-allow-credentials: true
content-disposition: inline;filename=f.txt
cf-ray: 72d52ea94ff9bb3b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 getBaseCQShiCaiList.do Show response
api.api68.com/CQShiCai/ Frame 30E2 7 KB
1 KB 529ms
499ms XHR
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.api68.com/CQShiCai/getBaseCQShiCaiList.do?date=&lotCode=10010
Requested by: Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/js/lib/jquery-1.9.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7cfbf68ea8302a4a678b3315c8a751fc58e9f6f59271b01dbc39f0cc7ac7027c

Request headers

Accept: */*
Referer: https://www.168xykai.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 17:29:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eja2NBUdc6w%2BU6xVCLIaDre889iFCUztvVfhFLW6PrFyh2EqmyE7YnfJAQMDCPkv%2FtdsYjR5%2BvExySY%2BxLy36rapWJrGaMZNL8BgMj8906epR%2F0X0kr7ellm2R4Q89tI"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=UTF-8
access-control-allow-origin: https://www.168xykai.com
access-control-expose-headers: Set-Cookie
access-control-allow-credentials: true
content-disposition: inline;filename=f.txt
cf-ray: 72d52ea94ffcbb3b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 vendors~aisles-products-container~bia-carousel~choose-options-content~custom-plp~deal-details-contai~977bdf03.027dae72.js Show response
assets.targetimg1.com/ui/ 22 KB
3 KB 27ms
26ms Script
application/javascript 151.101.130.180
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.targetimg1.com/ui/vendors~aisles-products-container~bia-carousel~choose-options-content~custom-plp~deal-details-contai~977bdf03.027dae72.js

Requested by

Host: heroesneverlose.com
URL: http://heroesneverlose.com/images/client.b33bca79.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.180 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

5ef5f1815c9e6c51df20644d8ec8df92a15136db6292345aa1984e3cf0382005

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

clientgeo: DE
date: Tue, 19 Jul 2022 17:29:58 GMT
content-encoding: br
last-modified: Wed, 08 Dec 2021 23:01:44 GMT
server: UploadServer
age: 1268691
etag: "ce86f49afb678dba3c14eeadff40968d"
clientip: 217.114.218.19
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 3351

GET
H2 200 product-grid.127ab4f0.js Show response
assets.targetimg1.com/ui/ 916 KB
165 KB 433ms
433ms Script
application/javascript 151.101.130.180
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.targetimg1.com/ui/product-grid.127ab4f0.js

Requested by

Host: heroesneverlose.com
URL: http://heroesneverlose.com/images/client.b33bca79.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.180 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

1aed9325345db549cfa775f5991cbd99ff99ff9716aa1e22ff008b2f66136325

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

clientgeo: DE
date: Tue, 19 Jul 2022 17:29:58 GMT
content-encoding: br
last-modified: Mon, 03 Jan 2022 08:19:22 GMT
server: UploadServer
age: 0
etag: "f62aeb3c29fa46ae7168d6f3c79b6e37"
clientip: 217.114.218.19
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 169090

GET
H3 200 queryDoubleNumber.do Show response
api.api68.com/CQShiCai/ Frame 30E2 625 B
838 B 283ms
283ms XHR
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.api68.com/CQShiCai/queryDoubleNumber.do?date=&lotCode=10010
Requested by: Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/js/lib/jquery-1.9.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4851baef383137363fc0fca169de6d690793ec480cd6b70fe370eba36fda70f

Request headers

Accept: */*
Referer: https://www.168xykai.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 17:29:59 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FGIDBojddTAfTh0Fy1zC6WDoZCcwGZhhrLhZGsRzR%2FWaylxjJAaYQ%2Bn3CX%2FV5OBKucnAOtQh5GFdSjyglHn3cZZ2X6erkooONodVAY8tY2xtR%2BaJRBOJY%2BDFZ3Dlet3y"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=UTF-8
access-control-allow-origin: https://www.168xykai.com
access-control-expose-headers: Set-Cookie
access-control-allow-credentials: true
content-disposition: inline;filename=f.txt
cf-ray: 72d52eaf795dbb3b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 pdp.5f90b300.js Show response
assets.targetimg1.com/ui/ 1 MB
196 KB 391ms
391ms Script
application/javascript 151.101.130.180
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.targetimg1.com/ui/pdp.5f90b300.js

Requested by

Host: heroesneverlose.com
URL: http://heroesneverlose.com/images/client.b33bca79.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.180 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

985e168d77e2d6aeae05b7e7de106a6326882657d7741f8d5e38fdedec5fa805

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://heroesneverlose.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

clientgeo: DE
date: Tue, 19 Jul 2022 17:29:59 GMT
content-encoding: br
last-modified: Wed, 15 Dec 2021 17:30:37 GMT
server: UploadServer
age: 0
etag: "29a5ddbaf0c5af25259d1abdfd9756ce"
clientip: 217.114.218.19
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 200158

POST
H/1.1 204
No Content event.png
tpsc-frc.doubleverify.com/ Frame F1DB 0
210 B 25ms
24ms Ping
text/plain 213.254.244.106
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-frc.doubleverify.com/event.png?impid=7d512051528e449cb82e18d40150d502&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_ealrgx=1&dvp_ealmp=1&dvp_ealslr=1&vdur=237&eoid=12&msrjs=2916&sdf=2&vit=2&isvelg=1&rmi=16&tltms=356&tetms=9&msltms=69&vltms=237&sei=289&vetms=91&engms=1&engisel=1&dvp_dtcov=2&msrcanlm=264&msrcannum=2&ismms=50&isumms=50&nvr=2&isgmmims=50&isgmv4mims=50&elmtp=4&isbxdms=3052&b0=3109&dvp_vsosnmr=3&lftb=3109&sftb=3109&naral=256&vct=512&vphgt=1200&vpwdth=1600&chgt=0&cwdth=0&invcs=true&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=49&dvp_dpr=1&dvp_itg=HEAD:1,META:1,TITLE:1,SCRIPT:9,STYLE:2,BODY:1,SPAN:1,DIV:5,A:1,PICTURE:1,SOURCE:2,IMG:1,IFRAME:15,&ttfurm=3364&cbust=1658251799852524
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2916.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.106 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e9c29e174c780cd6c491d10963ef6127.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Tue, 19 Jul 2022 17:29:59 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Expires: 07/18/2022 17:29:59

POST
H/1.1 204
No Content event.png
tpsc-frc.doubleverify.com/ Frame D5AC 0
210 B 25ms
24ms Ping
text/plain 213.254.244.106
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-frc.doubleverify.com/event.png?impid=a14958d432014688bfdac23388f277cc&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=97&eoid=12&msrjs=2916&sdf=2&vit=2&isvelg=1&rmi=16&tltms=365&tetms=9&msltms=71&vltms=97&sei=289&vetms=58&engms=1&engisel=1&dvp_dtcov=2&msrcanlm=264&msrcannum=2&ismms=14&isumms=14&nvr=2&isgmmims=14&isgmv4mims=14&elmtp=4&isbxdms=3015&b0=3188&dvp_vsosnmr=3&lftb=3188&sftb=3188&naral=256&vct=512&vphgt=1200&vpwdth=1600&chgt=0&cwdth=0&invcs=true&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=14&dvp_dpr=1&dvp_itg=HEAD:1,META:1,TITLE:1,SCRIPT:9,STYLE:2,BODY:1,SPAN:1,DIV:5,A:1,PICTURE:1,SOURCE:3,IMG:1,IFRAME:15,&ttfurm=3164&cbust=1658251799858640
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2916.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.106 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e9c29e174c780cd6c491d10963ef6127.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Tue, 19 Jul 2022 17:29:59 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Expires: 07/18/2022 17:29:59

GET azxy5_logo.png
www.168xykai.com/webapp/js/lib/video/SSC/img/cqssc/ Frame B38E 0
0

GET afterbg.png
www.168xykai.com/webapp/js/lib/video/SSC/img/cqssc/ Frame B38E 0
0

GET big.png
www.168xykai.com/webapp/js/lib/video/SSC/img/cqssc/ Frame B38E 0
0

GET small.png
www.168xykai.com/webapp/js/lib/video/SSC/img/cqssc/ Frame B38E 0
0

GET before.png
www.168xykai.com/webapp/js/lib/video/SSC/img/cqssc/ Frame B38E 0
0

GET 2.png
www.168xykai.com/webapp/js/lib/video/SSC/img/cqssc/num/ Frame B38E 0
0

GET 1.png
www.168xykai.com/webapp/js/lib/video/SSC/img/cqssc/num/ Frame B38E 0
0

GET 0.png
www.168xykai.com/webapp/js/lib/video/SSC/img/cqssc/num/ Frame B38E 0
0

GET 9.png
www.168xykai.com/webapp/js/lib/video/SSC/img/cqssc/num/ Frame B38E 0
0

GET 6.png
www.168xykai.com/webapp/js/lib/video/SSC/img/cqssc/num/ Frame B38E 0
0

GET single.png
www.168xykai.com/webapp/js/lib/video/SSC/img/cqssc/ Frame B38E 0
0

GET double.png
www.168xykai.com/webapp/js/lib/video/SSC/img/cqssc/ Frame B38E 0
0

GET trybtn.png
www.168xykai.com/webapp/js/lib/video/SSC/img/cqssc/ Frame B38E 0
0

GET vulebtn.png
www.168xykai.com/webapp/js/lib/video/SSC/img/cqssc/ Frame B38E 0
0

GET
H3 200 getShiCaiDailyDragonCount.do Show response
api.api68.com/CQShiCai/ Frame 30E2 289 B
671 B 270ms
270ms XHR
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.api68.com/CQShiCai/getShiCaiDailyDragonCount.do?date=&lotCode=10010
Requested by: Host: www.168xykai.com
URL: https://www.168xykai.com/webapp/js/lib/jquery-1.9.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae6fd56ceccd26b8f12467cc6c7ac1e02c40b08cf9a7093ae211b5fda20ebf93

Request headers

Accept: */*
Referer: https://www.168xykai.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 17:30:00 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=isLtHfSsdJ0MwgvR5qmVjsziolzrHc0u%2BVS5UdRxY4qdVnFgFkZ2AXLDSu9YmM%2BpoG6J3uKG3UiMpsdWwKgy9Pxa0S7axV7WhhUc%2B1urg3S7zW38utuQToUXaYSnD59Q"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=UTF-8
access-control-allow-origin: https://www.168xykai.com
access-control-expose-headers: Set-Cookie
access-control-allow-credentials: true
content-disposition: inline;filename=f.txt
cf-ray: 72d52eb5aa80bb3b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET bg_icon.png
www.168xykai.com/webapp/img/ Frame 30E2 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: assets.targetimg1.com
URL: https://assets.targetimg1.com/ui/fonts/99ecc614-958b-457a-be15-01e00c53057A.woff2

Domain: assets.targetimg1.com
URL: https://assets.targetimg1.com/ui/fonts/3420ab8a-6ccf-4c75-9da7-efe26f1cedAA.woff2

Domain: assets.targetimg1.com
URL: https://assets.targetimg1.com/ui/fonts/273cae72-9365-49ab-b24f-5d8e2d5e733A.woff2

Domain: assets.targetimg1.com
URL: https://assets.targetimg1.com/ui/fonts/99ecc614-958b-457a-be15-01e00c53057A.woff

Domain: assets.targetimg1.com
URL: https://assets.targetimg1.com/ui/fonts/3420ab8a-6ccf-4c75-9da7-efe26f1cedAA.woff

Domain: assets.targetimg1.com
URL: https://assets.targetimg1.com/ui/fonts/273cae72-9365-49ab-b24f-5d8e2d5e733A.woff

Domain: assets.targetimg1.com
URL: https://assets.targetimg1.com/ui/fonts/99ecc614-958b-457a-be15-01e00c53057A.woff2

Domain: redsky.target.com
URL: https://redsky.target.com/v3/stores/nearby/52404?key=ff457966e64d5e877fdbad070f276d18ecec4a01&limit=1&within=100&unit=mile

Domain: api.target.com
URL: https://api.target.com/guest_global_content/v1/structured_content/MEDALLIA

Domain: redoak.target.com
URL: https://redoak.target.com/content-publish/pages/v1?url=/c/-/-/N-4nav

Domain: typeahead.target.com
URL: https://typeahead.target.com/autocomplete/TypeAheadSearch/v2?q=&ctgryVal=0%7CALL%7Cmatchallpartial%7Call+categories&channel=web&visitor_id=018217825A130101778E86F3597CE6D3

Domain: redoak.target.com
URL: https://redoak.target.com/content-publish/pages/v1?url=/c/-/-/N-4nav

Domain: api.target.com
URL: https://api.target.com/location_fulfillment_aggregations/v1/preferred_stores?zipcode=52404&key=ff457966e64d5e877fdbad070f276d18ecec4a01

Domain: gsp.target.com
URL: https://gsp.target.com/gsp/oauth_tokens/v2/client_tokens

Domain: gsp.target.com
URL: https://gsp.target.com/gsp/oauth_tokens/v2/client_tokens

Domain: api.rlcdn.com
URL: http://api.rlcdn.com/api/identity?pid=2&rt=envelope

Domain: match.adsrvr.org
URL: http://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=189336

Domain: gsp.target.com
URL: https://gsp.target.com/gsp/oauth_tokens/v2/tokens/access_invalidate?preserve_refresh_token=false

Domain: assets.targetimg1.com
URL: https://assets.targetimg1.com/ui/fonts/99ecc614-958b-457a-be15-01e00c53057A.woff

Domain: api.target.com
URL: https://api.target.com/guest_global_content/v1/structured_content/MEDALLIA

Domain: www.168xykai.com
URL: https://www.168xykai.com/webapp/js/lib/video/SSC/img/cqssc/azxy5_logo.png

Domain: www.168xykai.com
URL: https://www.168xykai.com/webapp/js/lib/video/SSC/img/cqssc/afterbg.png

Domain: www.168xykai.com
URL: https://www.168xykai.com/webapp/js/lib/video/SSC/img/cqssc/big.png

Domain: www.168xykai.com
URL: https://www.168xykai.com/webapp/js/lib/video/SSC/img/cqssc/small.png

Domain: www.168xykai.com
URL: https://www.168xykai.com/webapp/js/lib/video/SSC/img/cqssc/before.png

Domain: www.168xykai.com
URL: https://www.168xykai.com/webapp/js/lib/video/SSC/img/cqssc/num/2.png

Domain: www.168xykai.com
URL: https://www.168xykai.com/webapp/js/lib/video/SSC/img/cqssc/num/1.png

Domain: www.168xykai.com
URL: https://www.168xykai.com/webapp/js/lib/video/SSC/img/cqssc/num/0.png

Domain: www.168xykai.com
URL: https://www.168xykai.com/webapp/js/lib/video/SSC/img/cqssc/num/9.png

Domain: www.168xykai.com
URL: https://www.168xykai.com/webapp/js/lib/video/SSC/img/cqssc/num/6.png

Domain: www.168xykai.com
URL: https://www.168xykai.com/webapp/js/lib/video/SSC/img/cqssc/single.png

Domain: www.168xykai.com
URL: https://www.168xykai.com/webapp/js/lib/video/SSC/img/cqssc/double.png

Domain: www.168xykai.com
URL: https://www.168xykai.com/webapp/js/lib/video/SSC/img/cqssc/trybtn.png

Domain: www.168xykai.com
URL: https://www.168xykai.com/webapp/js/lib/video/SSC/img/cqssc/vulebtn.png

Domain: www.168xykai.com
URL: https://www.168xykai.com/webapp/img/bg_icon.png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Target (Retail)

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.criteo.com/	1970-01-20 13:59:07	Name: uid Value: eecaf5f8-0513-4db4-8311-1b41b1708d38
heroesneverlose.com/	1978-01-11 21:31:40	Name: __51uvsct__JWt5y7kp2GoqVv83 Value: 1
heroesneverlose.com/	1978-01-11 21:31:40	Name: __51vcke__JWt5y7kp2GoqVv83 Value: 82554e33-3d6e-5005-b21f-c9386db93bba
heroesneverlose.com/	1978-01-11 21:31:40	Name: __51vuft__JWt5y7kp2GoqVv83 Value: 1658251795397
heroesneverlose.com/	1969-12-31 23:59:59	Name: __vtins__JWu0PIT6g30HpM4D Value: %7B%22sid%22%3A%20%2292af4002-cb0b-5061-9673-a9acc2626b5a%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201658253595404%2C%20%22ct%22%3A%201658251795404%7D
heroesneverlose.com/	1978-01-11 21:31:40	Name: __51uvsct__JWu0PIT6g30HpM4D Value: 1
heroesneverlose.com/	1978-01-11 21:31:40	Name: __51vcke__JWu0PIT6g30HpM4D Value: 494e8782-95c1-5b63-a5df-c4fd6215f7f2
heroesneverlose.com/	1978-01-11 21:31:40	Name: __51vuft__JWu0PIT6g30HpM4D Value: 1658251795406
heroesneverlose.com/	1969-12-31 23:59:59	Name: __vtins__JWt5y7kp2GoqVv83 Value: %7B%22sid%22%3A%20%2258d73374-c84e-539c-a0a8-64735c07bf2c%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2022%2C%20%22dr%22%3A%2022%2C%20%22expires%22%3A%201658253595416%2C%20%22ct%22%3A%201658251795416%7D
heroesneverlose.com/	1969-12-31 23:59:59	Name: __vtins__JWtzv9REIOATXrd1 Value: %7B%22sid%22%3A%20%22fb6cf59c-b6ea-507d-b7a1-ffa6409458ed%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201658253595426%2C%20%22ct%22%3A%201658251795426%7D
heroesneverlose.com/	1978-01-11 21:31:40	Name: __51uvsct__JWtzv9REIOATXrd1 Value: 1
heroesneverlose.com/	1978-01-11 21:31:40	Name: __51vcke__JWtzv9REIOATXrd1 Value: 6e107ef2-3ea5-53a7-9163-52fbe6c5c618
heroesneverlose.com/	1978-01-11 21:31:40	Name: __51vuft__JWtzv9REIOATXrd1 Value: 1658251795430
.heroesneverlose.com/	1970-01-20 13:59:07	Name: __gads Value: ID=59fcf7f7caab6e74-221e54cfd3cd007c:T=1658251795:S=ALNI_MaW8YVxoUTujOHmmSHwF1CwqSG4Qw
.doubleclick.net/	1970-01-20 13:59:07	Name: IDE Value: AHWqTUmKFUQSUzWAwA6WPZgRwdK-ti94iTnRAmGchjq8S75dZ1RwA121gHL7RbsJrBo
.ispot.tv/	1970-01-20 22:08:43	Name: pt Value: v2:493ce56a8163162ecca3defd517cce8ab57c913df2bfd9130b1ed70bca9d5ffe\|8c40e2b6161c4c8a552c377a805715ffd14e15be853f9bffd94423ec26898925
.liadm.com/	1970-01-20 22:08:43	Name: lidid Value: 00f7a928-c5f1-40cc-9bce-9b85dc2a8f13

42 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: http://heroesneverlose.com/ Message: Access to font at 'https://assets.targetimg1.com/ui/fonts/99ecc614-958b-457a-be15-01e00c53057A.woff2' from origin 'http://heroesneverlose.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://assets.targetimg1.com/ui/fonts/99ecc614-958b-457a-be15-01e00c53057A.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://heroesneverlose.com/ Message: Access to font at 'https://assets.targetimg1.com/ui/fonts/3420ab8a-6ccf-4c75-9da7-efe26f1cedAA.woff2' from origin 'http://heroesneverlose.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://assets.targetimg1.com/ui/fonts/3420ab8a-6ccf-4c75-9da7-efe26f1cedAA.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://heroesneverlose.com/ Message: Access to font at 'https://assets.targetimg1.com/ui/fonts/273cae72-9365-49ab-b24f-5d8e2d5e733A.woff2' from origin 'http://heroesneverlose.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://assets.targetimg1.com/ui/fonts/273cae72-9365-49ab-b24f-5d8e2d5e733A.woff2 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://assets.targetimg1.com/ssx/ssx.mod.js?seed=AECMFjR-AQAAhggUdc5Uq1I2H4xPHGnEHy94eOfqvC0XodhG72TWirfXhLs0&X-GyJwza5Z--z=q Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: http://heroesneverlose.com/ Message: Access to font at 'https://assets.targetimg1.com/ui/fonts/3420ab8a-6ccf-4c75-9da7-efe26f1cedAA.woff' from origin 'http://heroesneverlose.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://assets.targetimg1.com/ui/fonts/3420ab8a-6ccf-4c75-9da7-efe26f1cedAA.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://heroesneverlose.com/ Message: Access to font at 'https://assets.targetimg1.com/ui/fonts/273cae72-9365-49ab-b24f-5d8e2d5e733A.woff' from origin 'http://heroesneverlose.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://assets.targetimg1.com/ui/fonts/273cae72-9365-49ab-b24f-5d8e2d5e733A.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://heroesneverlose.com/ Message: Access to font at 'https://assets.targetimg1.com/ui/fonts/99ecc614-958b-457a-be15-01e00c53057A.woff' from origin 'http://heroesneverlose.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://assets.targetimg1.com/ui/fonts/99ecc614-958b-457a-be15-01e00c53057A.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://heroesneverlose.com/ Message: Access to font at 'https://assets.targetimg1.com/ui/fonts/99ecc614-958b-457a-be15-01e00c53057A.woff2' from origin 'http://heroesneverlose.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://assets.targetimg1.com/ui/fonts/99ecc614-958b-457a-be15-01e00c53057A.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://heroesneverlose.com/ Message: Access to fetch at 'https://redsky.target.com/v3/stores/nearby/52404?key=ff457966e64d5e877fdbad070f276d18ecec4a01&limit=1&within=100&unit=mile' from origin 'http://heroesneverlose.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://redsky.target.com/v3/stores/nearby/52404?key=ff457966e64d5e877fdbad070f276d18ecec4a01&limit=1&within=100&unit=mile Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://heroesneverlose.com/ Message: Access to fetch at 'https://redoak.target.com/content-publish/pages/v1?url=/c/-/-/N-4nav' from origin 'http://heroesneverlose.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://redoak.target.com/content-publish/pages/v1?url=/c/-/-/N-4nav Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://heroesneverlose.com/ Message: Access to fetch at 'https://redoak.target.com/content-publish/pages/v1?url=/c/-/-/N-4nav' from origin 'http://heroesneverlose.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://redoak.target.com/content-publish/pages/v1?url=/c/-/-/N-4nav Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://heroesneverlose.com/ Message: Access to fetch at 'https://typeahead.target.com/autocomplete/TypeAheadSearch/v2?q=&ctgryVal=0%7CALL%7Cmatchallpartial%7Call+categories&channel=web&visitor_id=018217825A130101778E86F3597CE6D3' from origin 'http://heroesneverlose.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://typeahead.target.com/autocomplete/TypeAheadSearch/v2?q=&ctgryVal=0%7CALL%7Cmatchallpartial%7Call+categories&channel=web&visitor_id=018217825A130101778E86F3597CE6D3 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://heroesneverlose.com/ Message: Access to fetch at 'https://api.target.com/guest_global_content/v1/structured_content/MEDALLIA' from origin 'http://heroesneverlose.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://api.target.com/guest_global_content/v1/structured_content/MEDALLIA Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://heroesneverlose.com/ Message: Access to fetch at 'https://api.target.com/location_fulfillment_aggregations/v1/preferred_stores?zipcode=52404&key=ff457966e64d5e877fdbad070f276d18ecec4a01' from origin 'http://heroesneverlose.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://api.target.com/location_fulfillment_aggregations/v1/preferred_stores?zipcode=52404&key=ff457966e64d5e877fdbad070f276d18ecec4a01 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://heroesneverlose.com/ Message: Access to XMLHttpRequest at 'https://gsp.target.com/gsp/oauth_tokens/v2/client_tokens' from origin 'http://heroesneverlose.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://gsp.target.com/gsp/oauth_tokens/v2/client_tokens Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://heroesneverlose.com/ Message: Access to XMLHttpRequest at 'https://gsp.target.com/gsp/oauth_tokens/v2/client_tokens' from origin 'http://heroesneverlose.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://gsp.target.com/gsp/oauth_tokens/v2/client_tokens Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://heroesneverlose.com/ Message: Access to XMLHttpRequest at 'https://gsp.target.com/gsp/oauth_tokens/v2/tokens/access_invalidate?preserve_refresh_token=false' from origin 'http://heroesneverlose.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://gsp.target.com/gsp/oauth_tokens/v2/tokens/access_invalidate?preserve_refresh_token=false Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://heroesneverlose.com/ Message: Access to XMLHttpRequest at 'http://api.rlcdn.com/api/identity?pid=2&rt=envelope' from origin 'http://heroesneverlose.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: http://api.rlcdn.com/api/identity?pid=2&rt=envelope Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://heroesneverlose.com/ Message: Access to XMLHttpRequest at 'http://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=189336' from origin 'http://heroesneverlose.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: http://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=189336 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://heroesneverlose.com/ Message: Access to font at 'https://assets.targetimg1.com/ui/fonts/99ecc614-958b-457a-be15-01e00c53057A.woff' from origin 'http://heroesneverlose.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://assets.targetimg1.com/ui/fonts/99ecc614-958b-457a-be15-01e00c53057A.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://heroesneverlose.com/ Message: Access to fetch at 'https://api.target.com/guest_global_content/v1/structured_content/MEDALLIA' from origin 'http://heroesneverlose.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://api.target.com/guest_global_content/v1/structured_content/MEDALLIA Message: Failed to load resource: net::ERR_FAILED
network	error	URL: http://heroesneverlose.com/assets/02af86f652c55c872fd6.worker.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
api.api68.com
api.rlcdn.com
api.target.com
as-sec.casalemedia.com
assets.targetimg1.com
bd51static.com
cdn.doubleverify.com
collect-v6.51.la
e9c29e174c780cd6c491d10963ef6127.safeframe.googlesyndication.com
gsp.target.com
gum.criteo.com
heroesneverlose.com
idx.liadm.com
js-sec.indexww.com
match.adsrvr.org
redoak.target.com
redsky.target.com
sdk.51.la
securepubads.g.doubleclick.net
staging-ps.ispot.tv
taglocker.target.com
target.scene7.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-frc.doubleverify.com
typeahead.target.com
www.168xykai.com
www.googletagservices.com
api.rlcdn.com
api.target.com
assets.targetimg1.com
gsp.target.com
match.adsrvr.org
redoak.target.com
redsky.target.com
typeahead.target.com
www.168xykai.com
104.18.18.126
142.250.186.66
151.101.130.180
151.101.2.132
183.131.207.66
188.114.96.3
213.254.244.106
23.226.8.98
23.35.229.201
23.35.236.247
2606:4700:3037::ac43:c2db
2a00:1450:4001:813::2002
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2001
2a02:2638:1::13
2a02:26f0:3500:58b::4469
2a02:26f0:3500:596::9b6
3.218.155.137
35.215.138.177
47.253.50.2
01a93dfbac49ab4011cc775caeaacb982c7c4d99fd58881a5ca39e5f3666c5cb
01f555cd17b43727b8cc4cd18dedd0e733f66e5dddee1a28b002f6cf694e8836
03b314f0ccde18fc10dee3b6359c0fd3cba040c776d9c9a2adc95b74531566d5
046792693897976abb56b2c35ff75cb9d23967689c13490f197c7283280d00d2
098073defdeabac9f281ed75ea3c963653505381c83280f99e27e201fe559ab2
0a51a3cbb5360477da05fb14837f3aec71db6b3ae7e6ff842ce6d63a0b038a31
0a81ea919d1a25e409516fd6518af325fde9d7718e6dc84c38fb696c607ef0d6
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0cf298905a6876b2243e3e4c09127a089c1728d910bf171ac8bf1c5d4b954df8
0de50a799ee39bde80bfb0943ba85616975f5c71e0e746b49c27c5b0d1731ef6
124aeafaabb57da5126971cd6c763b317cde9003ff1690e447a494952f156139
1658f2df4d6ecec829a89fd58160c8c607b0be2b041799df9c06e11fffa7014b
16a0045771816aa3476aaabf643498bcf8f33abf2e3009a4fbe9cd2c1294d416
16e939f8b7ed5985fd8f6ce1937f481917afc14c52ee75c1546213e52f510a78
1a0a0635fb1e006c86a6829a8819d9f16c5d092bed071dd1b1936dc93ded8b7d
1a3f16f108ac724c7589e24ea3a51b1042d0b910dc3bb22f651a073454061040
1a42b9801e4571ef971f9e6490c5d46d894e1ea433654ab003dcc0c2ab44e86e
1aed9325345db549cfa775f5991cbd99ff99ff9716aa1e22ff008b2f66136325
257c2ba09ca5560c8c0a7b2772beb6e040fcda0dee139896a1901bb0080ea725
2dd509be95d1bc89631a970c86f557f2c482ec5c42a8c3ec815b57dbd9358bea
310decd547d1d8e6b28dd54d81215476ed3d42373a3cced655a076eae80fc2b5
31b9ee97691d5c575c28a17402684407a2783e32d14b7683769046ab290c6a60
36fb5f6d85fee772ec2776fa91b23eab9185e1bda2bf535d5cd05cd930f24bdd
37e5a95d2df1bf01d9d068cb68a27708d9bd318034d0ef120304fdb2927e503b
39132c14b5a679cded4d3716ce574c2fd7f7dfe195567b667f6a7ca8e09d7f98
3b294972fe3c686a14d4195e17abc43199da904d959c9ffa128b3649b6bd925c
3e7c94d6bc1fa1836b7656846998a9924de3741de5c9980fc08087a28020915c
441c3db4288867eb549306e2797b1075d745408c6674660096a9ed695435391e
44914fe79fff029aba62ab355d38c487ca9fd57b9e041bd435930b578d772c21
478d0bbd46898117c0c6c969a2b02f15892f485fdf1189e615596593231b6523
4e282ece85fdead2331e1d46c6ae38d8c3a82efa65496425b75de473ff1ae310
5256fc07502ba8b4af3949b231c9bece358850eb090c6c547e187ef423527f78
54c871fcad054977c3ae7fa603a999d734dd3260d04cdbc2b997366e5c9a9410
55d8170581789fd2baf42f160038645f58d3d1af667c0ce888880af5dde1e25e
5de11f7b517d7f89c70ea78a8fe23a2f86bd848c8eb098003623b9faaff42d2e
5ef5f1815c9e6c51df20644d8ec8df92a15136db6292345aa1984e3cf0382005
64016ee579307d5cce6e3d75e5454eb8b07262eddf25674ca49f47bca5f4f887
69306c3dd976f4d8e0c29cbddd3c9ca2264ed87e829001dcd2628d4e1a030786
7196db5ce1154dda0f62614999dfd169a0e5fa9db634c12c308f9f9b22cb6f90
733daa7484751548c4eec2749ef727cf72da020952bd868f6b7c78fb7564be88
78c32fe5f5d69190c29668c1e72dceaf733f582165a1e89f58ff7d66108862ad
7c3c6f6caa770ec53b05be3f22fe90bbe8f46545e2e554b1815b41658b491412
7cfbf68ea8302a4a678b3315c8a751fc58e9f6f59271b01dbc39f0cc7ac7027c
809620cef78af3e67e7f6c3deb2919aa90d07347178bae77791a723624981ede
846854331e841e72dc1b0fab70419ef0f5f3c1d4d8cfa676ae02a303aa6224f3
84b939d80ed9f3f746372a752072f8f1f277c73e726b52c09341e42425b84b7c
8a3eec9c6525ce4aad8b37e0a188f4716a8fcdec24ee894d2f8ffec447872fbb
90f756d8c92a5128c97bd2f9529d12aa9a389114a0a9f46440ac2ba052483626
91ace93a65853b38d31565f87bc6c7cb45a675f938b771fc72bdb05804968c89
93c66c5b66764b601d7d5d701a4dd3eba2fa449b3d8a6fb559f66eca70af3f28
9799dd932883288a3c6e2d4dba933ba58903621a0ca026a1b935d6c1d282d89a
985e168d77e2d6aeae05b7e7de106a6326882657d7741f8d5e38fdedec5fa805
9aa12cc36090af70707717a1453c986e1f453196f2d56ffe841a4a07ff2fa1c4
9b52ff42b1430595e38ae165b5a8ac6719c0bfddf9407ef9bc720dc30f2d3e5f
9bb440bbe7f4688873a86d4b9c1dc1db13cc57210b365b269a38febbc8510ce3
a0947539230d06a28da12e2b924b539011bdfbfab8e9c53f7719bb9767eb749a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4cd3a4af2595491fd9ea98f5faeb959eb00bf0d04c9dfb358dca7685a27ab97
a68414d4126341df887b34672dad89ae3657328127e341736328f0124eabf8a9
a6dd77ecea1a7beda91ec84889673721d83a12a946879fc4c4cba442ab2ecf14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a78ee11327bd03c29b067ce5302c92e172971221bf34d152414c2a9fdda9a3f5
a8c98f1872e0c0a4932d4d5c978f666c1b99f0e90a6ed000f4d5aed5a6dff76d
a9dd42bf071ee7b8446dc6ec88643c23bdf86f75aa1bef96cd40c0cb9fa04ff0
ae6fd56ceccd26b8f12467cc6c7ac1e02c40b08cf9a7093ae211b5fda20ebf93
ae8b3e11044bfe4ada3cbe02de1e3a8b9f7476b4cb8cf6e8a29074e423d254e9
afe7c81e459667fb7addee71da365e8941bfa065e63438018d861351cfc0d33d
b172da75fa18117aa61bec83dda67860e78a53340456a940eaf3167c0a205a48
b2bdceccb2ac9fa71b5b159abea0b97cfbb05e8094d26bd6c88bf995fa559dd8
b4851baef383137363fc0fca169de6d690793ec480cd6b70fe370eba36fda70f
b4b614943ff651db6f501b9ca03fc94abaf5d5d3f649fbe3eaf5fd4005db7609
bc3b0b231b86320752165cde270fb8d7ecce1f2e40b1fb8a64965c30da33e131
beda50ffb37380e9bc0b802c16c12befd80cc200158460be51dea369d46f1e59
c1aa9f948b6d1336bbcc6970af451432da85643c3136a7c5ebee7ddb61af9c64
c939f66194c0917a84cf4bc054dd45a575f9b7b219b4127fe3915681c8bfd81f
ce537293741ba0dbc920bd27a9bcfb575ce7382ea545f812071851932bf5a8f9
cff2fddd0382a2f4113ce84ee9e019eb1e60da60f02cd1dbc968d93f9142e17c
d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27
d2be16ddb2a23c011b72e06cbce8ab63a0ab8c9a2b9423df1ca266620a244055
d2d6d7749d15f49caeb37cfc4170ce1d61e823627a36e7f349defd2429089646
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
dd52e302a990d06a8fc622322474888af94376f4ca6c245503a580de99e7d328
ddbbac1ac090468fa41ce9b50b5c4bd86435866bd7cc1a0ead560ca55733e56f
de6cd83ff88a9b93e661d3e4ddbd7a2b5561087bc1fd4a90792a6ad1846f4fc5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e79c6e8abe5bbf62f7bdb994e8ce35dac5fa4970f8201a4b3695cb7083cffb88
eb16c5bca8654e4bc4ea5ea9798ab144aa2cc4fac9eb172424065ac0e6827801
ef3b65f6b8dbb36ca310c2bc5f03f8ca3b1eb3ae8a005fdef82c00c37e0a71e6
fe7bd8cacf9680625b7da9649a92bee8ab705909190040bad2396b2d6ca9436e

heroesneverlose.com Open in urlscan Pro 23.226.8.98 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

155 Requests

57 %HTTPS

41 %IPv6

21 Domains

30 Subdomains

23 IPs

7 Countries

2763 kBTransfer

9280 kBSize

17 Cookies

48 Outgoing links

Redirected requests

155 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

heroesneverlose.com Open in urlscan Pro
23.226.8.98 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

155
Requests

57 %
HTTPS

41 %
IPv6

21
Domains

30
Subdomains

23
IPs

7
Countries

2763 kB
Transfer

9280 kB
Size

17
Cookies

155 HTTP transactions
1 data transactions