as-goal.site Open in urlscan Pro
2606:4700:3034::6815:22b Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://as-goal.site/channel17/
Effective URL:
https://as-goal.site/channel17/
Submission Tags: falconsandbox
Submission: On June 29 via api (June 29th 2021, 3:32:15 pm UTC) from US

Summary HTTP 107 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 32 IPs in 3 countries across 20 domains to perform 107 HTTP transactions. The main IP is 2606:4700:3034::6815:22b, located in United States and belongs to CLOUDFLARENET, US. The main domain is as-goal.site.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 23rd 2021. Valid for: a year.

This is the only time as-goal.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 9	2606:4700:303... 2606:4700:3034::6815:22b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42::649 2a04:4e42::649	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3036::6815:1b69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:1b:... 2a04:4e42:1b::485	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
6 8	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
3 7	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
3 5	37.252.172.250 37.252.172.250	29990 (ASN-APPNEX) (ASN-APPNEX)
23	2a00:1450:400... 2a00:1450:4001:811::2006	15169 (GOOGLE) (GOOGLE)
2	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1 2	35.158.186.240 35.158.186.240	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	138.201.84.245 138.201.84.245	24940 (HETZNER-AS) (HETZNER-AS)
1 4	138.201.63.157 138.201.63.157	24940 (HETZNER-AS) (HETZNER-AS)
1	51.75.147.170 51.75.147.170	16276 (OVH) (OVH)
1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
107	32

9 2606:4700:3034::6815:22b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

as-goal.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tv.as-goal.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)

cdn.staticaly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::6815:1b69 (United States)

ASN13335 (CLOUDFLARENET, US)

memotec.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.185.162 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.18.234.21 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.252.172.250 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.158.186.240 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

d.adtriba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.84.245 (Germany)

ASN24940 (HETZNER-AS, DE)

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.63.157 (Lingenfeld, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.157.63.201.138.clients.your-server.de

hal90007.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.75.147.170 (France)

ASN16276 (OVH, FR)

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	googlesyndication.com f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com ade.googlesyndication.com	129 KB
23	2mdn.net s0.2mdn.net	86 KB
18	doubleclick.net 6 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net googleads4.g.doubleclick.net	195 KB
9	as-goal.site 1 redirects as-goal.site tv.as-goal.site	84 KB
7	casalemedia.com 3 redirects dsum-sec.casalemedia.com	6 KB
5	redintelligence.net 1 redirects hal9000.redintelligence.net hal90007.redintelligence.net	9 KB
5	adnxs.com 3 redirects ib.adnxs.com	5 KB
4	google.com adservice.google.com www.google.com	694 B
4	gstatic.com fonts.gstatic.com	97 KB
3	googletagservices.com www.googletagservices.com	103 KB
3	google-analytics.com www.google-analytics.com	39 KB
3	googleapis.com fonts.googleapis.com ajax.googleapis.com	31 KB
2	adtriba.com 1 redirects d.adtriba.com	757 B
2	googletagmanager.com www.googletagmanager.com	71 KB
2	blogspot.com 1.bp.blogspot.com	40 KB
1	contentspread.net cdn.contentspread.net	77 KB
1	jsdelivr.net cdn.jsdelivr.net	138 KB
1	memotec.xyz memotec.xyz	1 KB
1	google.de adservice.google.de	165 B
1	staticaly.com cdn.staticaly.com	17 KB
107	20

	Domain	Requested by
23	s0.2mdn.net	as-goal.site s0.2mdn.net
13	pagead2.googlesyndication.com	securepubads.g.doubleclick.net f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
10	tpc.googlesyndication.com	f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com googleads.g.doubleclick.net
8	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
8	as-goal.site	1 redirects as-goal.site
7	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	hal90007.redintelligence.net	1 redirects f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com hal90007.redintelligence.net
4	googleads.g.doubleclick.net	f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com as-goal.site
4	fonts.gstatic.com	as-goal.site fonts.googleapis.com
4	securepubads.g.doubleclick.net	as-goal.site securepubads.g.doubleclick.net
3	www.google.com	f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com tpc.googlesyndication.com
3	www.googletagservices.com	securepubads.g.doubleclick.net f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	d.adtriba.com	1 redirects f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com
2	googleads4.g.doubleclick.net	as-goal.site
2	www.googletagmanager.com	tv.as-goal.site memotec.xyz
2	fonts.googleapis.com	as-goal.site tv.as-goal.site
2	1.bp.blogspot.com	as-goal.site
1	ade.googlesyndication.com
1	cdn.contentspread.net	hal90007.redintelligence.net
1	hal9000.redintelligence.net	f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com
1	cdn.jsdelivr.net	memotec.xyz
1	memotec.xyz	tv.as-goal.site
1	ajax.googleapis.com	tv.as-goal.site
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	tv.as-goal.site	as-goal.site
1	cdn.staticaly.com	as-goal.site
107	30

This site contains links to these domains. Also see Links.

Domain
www.as-goal.com
www.facebook.com
twitter.com
pinterest.com
api.whatsapp.com
telegram.me
line.me

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-23` - `2022-03-22`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
cdn.staticaly.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-02-22` - `2022-03-26`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-31` - `2021-08-23`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-30` - `2022-06-01`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
*.adtriba.com Amazon	`2021-05-31` - `2022-06-29`	a year	crt.sh
redintelligence.net R3	`2021-06-21` - `2021-09-19`	3 months	crt.sh
contentspread.net R3	`2021-06-04` - `2021-09-02`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://as-goal.site/channel17/
Frame ID: 0806800F5E27D4A3E6BAF3F6F48BADF3
Requests: 26 HTTP requests in this frame

Frame: https://tv.as-goal.site/ch1-1/
Frame ID: 8A28335F2B127BE5EEE2213A773D584F
Requests: 6 HTTP requests in this frame

Frame: https://f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 52008912E35F88106192A55118764AFD
Requests: 1 HTTP requests in this frame

Frame: https://memotec.xyz/ch10/
Frame ID: BD3CF68ECF4B225F0F2B3CD04FD9FF7D
Requests: 4 HTTP requests in this frame

Frame: https://f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B61035CDB4B3C330738525146A899412
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRCYs44CGO3Xom4wAQ&v=APEucNVfebBsQw7Dz9yW5fz0mcmESkFxmBwdpmh6vxBrVtuXrUDTG4SIU4mNTDcjJ-w8wbWoXMz1lHApOuV7uO78-AnxfbmoDJ3RgCwto8is3i2YafRBt8opeunMw896KLvNt5fg8Q7k-yCkTEqjMAQOdUkDzP2HTT8mUJTzXk5XWRf5c63U2bg
Frame ID: 4571C5106B73C847C0CA4D21F16B47A7
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: BEA43D6EF9124BF089F6AC21CE5A5008
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 525ED3C7E74F83CFF7A1947A6C9183E8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3FA8AC8D2FCFD76CA7C03DBFF079DA14
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/9342312/1619625529694/index.html
Frame ID: 612CF31BA06D650F7F3D8ED42B2663FC
Requests: 22 HTTP requests in this frame

Frame: https://f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5C0BBC3E977F519421E40F175CCC2D9D
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYnMXFlQEwAQ&v=APEucNVMYL1qlFxbyng1jSelyUDWQa3uI5VZK7r3FCK1cUk3cjVMO0gc6MLrYo4uMV0Zs7U4BXKNl1ZaAbCmkaB8G_rewG-_tkNVN5M9ZRZ-REGcj-jPr8aiUmW7nLZMXpRV0_Ggs7YfIkhK5SQJrHVTX9_Yt0b1_99-ZZiLxci0bTcUaskoU64
Frame ID: 45A0578E34306BC94908958E41DE1D2A
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6B027A7CCDA4427F7B91338AEE0448EE
Requests: 3 HTTP requests in this frame

Frame: https://hal90007.redintelligence.net/request_content.php?s=39084700154555401084702011640007&a=e7acdc2e
Frame ID: D695DF20DA1C79565C5C9311756B6A9A
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://as-goal.site/channel17/ HTTP 301
https://as-goal.site/channel17/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

107
Requests

100 %
HTTPS

68 %
IPv6

20
Domains

30
Subdomains

32
IPs

3
Countries

1121 kB
Transfer

2830 kB
Size

4
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.as-goal.com/
Title: جدول المباريات

Search URL Search Domain Scan URL

URL: https://www.as-goal.com/leagues-rank/
Title: ترتيب الفرق

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https://as-goal.site/?p=110
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=&url=https://as-goal.site/?p=110
Title:

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https://as-goal.site/?p=110&description=&media=https://as-goal.site/wp-content/uploads/2021/04/223-1.png
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/send?app_id=5303202981&display=popup&link=https://as-goal.site/?p=110&redirect_uri=https://as-goal.site/?p=110
Title:

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=%20https://as-goal.site/?p=110
Title:

Search URL Search Domain Scan URL

URL: https://telegram.me/share/url?url=https://as-goal.site/?p=110&text=
Title:

Search URL Search Domain Scan URL

URL: https://line.me/R/msg/text/?%20https://as-goal.site/?p=110
Title:

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://as-goal.site/channel17/ HTTP 301
https://as-goal.site/channel17/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELOHbodIXRZilJ-TuhYkg0A&google_cver=1

Request Chain 44

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YNs87e.8SoeEOWi.KQs-ZwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELOHbodIXRZilJ-TuhYkg0A&google_cver=1&google_hm=2

Request Chain 45

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEB9omzeDKNxWSqg50OcYZM4&google_cver=1

Request Chain 46

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzg2NTMwNTMyODMzMzc1NDY1NA%3D%3D

Request Chain 57

https://d.adtriba.com/collect?atb_ptid=e774d0b4&atb_dpuid=adlicious&atb_dcaid=display_paket_l_alw-on HTTP 302
https://d.adtriba.com/px.gif

Request Chain 90

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELOHbodIXRZilJ-TuhYkg0A&google_cver=1

Request Chain 91

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YNs87e.8SoeEOWi.KQs-ZwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELOHbodIXRZilJ-TuhYkg0A&google_cver=1&google_hm=2

Request Chain 92

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEB9omzeDKNxWSqg50OcYZM4&google_cver=1

Request Chain 93

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzg2NTMwNTMyODMzMzc1NDY1NA%3D%3D

Request Chain 99

https://hal90007.redintelligence.net/request.php?zone=j7guwu45m6py&nw=20&renderingType=javascript&namespace=f5cb3a4c36&subid=&uid=33d9e64c136214e2&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC1DGT7TzbYMKSCY6_gQeazoiwB7XN-YNXzM-5q-UM8C4QASC52_MmYJUCyAEJqQKL6noP4vqzPqgDAaoE2gFP0N84TlfGO_yicYWXrXQ3twnsisdfiwnM-1QQR1Pzyl9F5kLORES0KtXWrQGF_y3_WMXXnCcqp_hZAlB7J-doE5WE2lBsvhK21eveojpkrl6tpFtn_tyDNVthpUvB0WCR_g6JP1sugCfhSeMDTCwhgui_V-xMp8Ybed4sKRoCwl9xHWKkP_hkjLX704r0LEXpMWCa5VhoVzvFEXveOVU46TU5mRPCnCrh0u4rPQZnjSQ1udPuTXbVz7TC5Je_FeGOdkd9SJp3HHU0q1JIpUpuURRE9C-N5UECTsAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi00ODkzODY3ODc4MTg4NzgzgAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASFeRoiX6WcaI9vsyZ6Jg7W8jKuiuoow%26sig%3DAOD64_3Jt9-QdKXdJn-ufytLE4TrXY184g%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-CXR3FjQ-JA8-5VFPq5OE9BEDa-Mxm79GvSwySRgP-dkXYkCTdRy4251n3dBBoPCNec_6jPkAbiKCbt0IDKZDwf8aGzv-UeuL_QQteDR1PYeoWHMHDQiJyAI0CL7vbB3T_94gQDcWk4Dkx7c8FKyRgR34wuag%26cry%3D1%26dbm_d%3DAKAmf-B_QiC972_fostoXj6IYmJtIOEQztHGB8nis8MM6o-1s0wMLeSgqAfsX6K99CFZMWYGqWBI2Mr8AdzehN6Vk_lEe71WL8d2_I-Q0TyX7iS8RmaM2ZUpYYtevwGPaDfhXbNya7hfzdY8qPo3lmeXNZdiHaETB8Wcnm2WVpoyzPpAkzRtq4zKomq_sIM6MVTbW2a2iXphC1QAiZfELIhpK-51qZ-1Ne0fjAHbJV5dsRH-2GB-FouakG5xgzfvCwruWXj2YdtIimKbw4TrIHHyJR11SWD5qupWy-_NT3-ZoF7kkDdlcHbWI8U7H3T6uJhOl4lfS9N2zt3030o7iaNGU8aYHTS2U4v7iLDLoDQ0HdZ1Dyppdq6cWgsRZ_oUp4C79AHheARzrPYZoXOJp1HPReo0fo-Ez5BIK-50AzJ2yK0tMtNpm0eInJTNyc5GimEMXLC15XkBB9aoKEmAmL7JdwjLIEMltQ%26adurl%3D&documentReferer=https%3A%2F%2Fas-goal.site%2F&ancestorOrigins=https%3A%2F%2Fas-goal.site&random=8496224999187&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0 HTTP 302
https://hal90007.redintelligence.net/request.php?zone=j7guwu45m6py&nw=20&renderingType=javascript&namespace=f5cb3a4c36&subid=&uid=33d9e64c136214e2&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC1DGT7TzbYMKSCY6_gQeazoiwB7XN-YNXzM-5q-UM8C4QASC52_MmYJUCyAEJqQKL6noP4vqzPqgDAaoE2gFP0N84TlfGO_yicYWXrXQ3twnsisdfiwnM-1QQR1Pzyl9F5kLORES0KtXWrQGF_y3_WMXXnCcqp_hZAlB7J-doE5WE2lBsvhK21eveojpkrl6tpFtn_tyDNVthpUvB0WCR_g6JP1sugCfhSeMDTCwhgui_V-xMp8Ybed4sKRoCwl9xHWKkP_hkjLX704r0LEXpMWCa5VhoVzvFEXveOVU46TU5mRPCnCrh0u4rPQZnjSQ1udPuTXbVz7TC5Je_FeGOdkd9SJp3HHU0q1JIpUpuURRE9C-N5UECTsAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi00ODkzODY3ODc4MTg4NzgzgAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASFeRoiX6WcaI9vsyZ6Jg7W8jKuiuoow%26sig%3DAOD64_3Jt9-QdKXdJn-ufytLE4TrXY184g%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-CXR3FjQ-JA8-5VFPq5OE9BEDa-Mxm79GvSwySRgP-dkXYkCTdRy4251n3dBBoPCNec_6jPkAbiKCbt0IDKZDwf8aGzv-UeuL_QQteDR1PYeoWHMHDQiJyAI0CL7vbB3T_94gQDcWk4Dkx7c8FKyRgR34wuag%26cry%3D1%26dbm_d%3DAKAmf-B_QiC972_fostoXj6IYmJtIOEQztHGB8nis8MM6o-1s0wMLeSgqAfsX6K99CFZMWYGqWBI2Mr8AdzehN6Vk_lEe71WL8d2_I-Q0TyX7iS8RmaM2ZUpYYtevwGPaDfhXbNya7hfzdY8qPo3lmeXNZdiHaETB8Wcnm2WVpoyzPpAkzRtq4zKomq_sIM6MVTbW2a2iXphC1QAiZfELIhpK-51qZ-1Ne0fjAHbJV5dsRH-2GB-FouakG5xgzfvCwruWXj2YdtIimKbw4TrIHHyJR11SWD5qupWy-_NT3-ZoF7kkDdlcHbWI8U7H3T6uJhOl4lfS9N2zt3030o7iaNGU8aYHTS2U4v7iLDLoDQ0HdZ1Dyppdq6cWgsRZ_oUp4C79AHheARzrPYZoXOJp1HPReo0fo-Ez5BIK-50AzJ2yK0tMtNpm0eInJTNyc5GimEMXLC15XkBB9aoKEmAmL7JdwjLIEMltQ%26adurl%3D&documentReferer=https%3A%2F%2Fas-goal.site%2F&ancestorOrigins=https%3A%2F%2Fas-goal.site&random=8496224999187&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1

107 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
as-goal.site/channel17/
Redirect Chain

http://as-goal.site/channel17/
https://as-goal.site/channel17/

27 KB
9 KB

58ms
31ms

Document
text/html

2606:4700:3034::6815:22b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as-goal.site/channel17/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:22b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71912cd1e6b4c89e035935fac8be6c9b8e91ce8b5d80fbd8aca09238572f4e80

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://as-goal.site
X-Frame-Options	ALLOW-FROM https://as-goal.site

Request headers

:method: GET
:authority: as-goal.site
:scheme: https
:path: /channel17/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:31:56 GMT
content-type: text/html
last-modified: Mon, 28 Jun 2021 17:56:03 GMT
x-frame-options: ALLOW-FROM https://as-goal.site
content-security-policy: frame-ancestors https://as-goal.site
cf-cache-status: DYNAMIC
cf-request-id: 0af9ff13700000060167346000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=to47i67gwlMTsglJ3FLBsJNbnz%2FEGKSXfrGkjAUJWzvjtWfJZJlMdAUh5q2iUAqRx4bQHb5eyH7VCn2unxtA8JvSK1XH1yhx7ve6gxUQ80O%2Bye8q9S2udM9yutSb%2B5900AHlC1i0"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 667034657d410601-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

Date: Tue, 29 Jun 2021 15:31:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 29 Jun 2021 16:31:56 GMT
Location: https://as-goal.site/channel17/
cf-request-id: 0af9ff133b000005d8c5b89000000001
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=XjQC9cOHGKkmdeomVzoJnZlU1BQTUjnySvZKa8Ti3FpAHTzJl0oMMuLzybrvlG6oegbkOftT6mgUR82K7MpxOVAHR5MVnwrW4WUqndNPMkyVgCGx8VGLUsIz47zn5wrX0hfNH3BF"}],"group":"cf-nel","max_age":604800}
NEL: {"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 667034652ac505d8-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 style.css
as-goal.site/wp-content/themes/as-goal/ 76 KB
17 KB 40ms
24ms Stylesheet
text/css 2606:4700:3034::6815:22b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as-goal.site/wp-content/themes/as-goal/style.css?ver=2.0

Requested by

Host: as-goal.site
URL: https://as-goal.site/channel17/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:22b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af3c481e09d4439764d7152ccb1067cf21c0067b850e9e59f23f8b9f2777d922

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://as-goal.site
X-Frame-Options	ALLOW-FROM https://as-goal.site

Request headers

:path: /wp-content/themes/as-goal/style.css?ver=2.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: as-goal.site
referer: https://as-goal.site/channel17/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://as-goal.site/channel17/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:31:56 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2926
cf-polished: origSize=79889
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0af9ff13a5000005b3c808e000000001
last-modified: Wed, 21 Apr 2021 15:33:14 GMT
server: cloudflare
etag: W/"608045ba-13811"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: ALLOW-FROM https://as-goal.site
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Wv5cAMvmNxER%2BskjEShguFffWrevdBi8pJ%2BcHIoy4OQbci%2FmiRtXg45JBeNfajmL%2FrShgTB96RMgwliTGtiWoDZQBKN3FPauVpNp%2FH6GXxoHUFMNSdzClZJf6PTLmI%2F9G706dUbJ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
content-security-policy: frame-ancestors https://as-goal.site
cf-ray: 66703465d98c05b3-FRA
cf-bgj: minify

GET
H3-29 200 logo.png
as-goal.site/wp-content/themes/as-goal/img/ 14 KB
15 KB 32ms
16ms Image
image/png 2606:4700:3034::6815:22b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://as-goal.site/wp-content/themes/as-goal/img/logo.png

Requested by

Host: as-goal.site
URL: https://as-goal.site/channel17/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:22b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e21d1f14994a263cfda9018dd11f035d792111ef036d9887db102107eec02ec

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://as-goal.site
X-Frame-Options	ALLOW-FROM https://as-goal.site

Request headers

:path: /wp-content/themes/as-goal/img/logo.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: as-goal.site
referer: https://as-goal.site/channel17/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://as-goal.site/channel17/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:31:56 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2926
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 14321
cf-request-id: 0af9ff13a6000005b39d8bf000000001
last-modified: Wed, 21 Apr 2021 15:33:14 GMT
server: cloudflare
etag: "608045ba-37f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: ALLOW-FROM https://as-goal.site
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=CUau9WAEmaDB1BVk0vZxKSf5cJ6X3ilEnR65%2B%2ByyZUgaPHx9w7%2Bco%2BP004ez8MhVyYkfyepVPNdcBHlxhaiRU0tmjMrtTrbg9jX3dPFnoN63dpTPx7zvKsPqbjP5dMcfSGqk8I4u"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
content-security-policy: frame-ancestors https://as-goal.site
accept-ranges: bytes
cf-ray: 66703465d99305b3-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 68 KB
24 KB 51ms
49ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: as-goal.site
URL: https://as-goal.site/channel17/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

fcde9d2b057fa20a1de9e117ff72b96dc112bf94956c0a3953e2ddffea4af595

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://as-goal.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:31:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "915 / 550 of 1000 / last-modified: 1624965047"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24253
x-xss-protection: 0
expires: Tue, 29 Jun 2021 15:31:56 GMT

GET
H2 200 live.jpg
1.bp.blogspot.com/-4LjdoMMtKcU/X0M_FhSqWXI/AAAAAAAAAaU/8w9YfBG73gMxAJ7D-D8A4SPPToy23bZXQCLcBGAsYHQ/s1600/ 19 KB
20 KB 9ms
6ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-4LjdoMMtKcU/X0M_FhSqWXI/AAAAAAAAAaU/8w9YfBG73gMxAJ7D-D8A4SPPToy23bZXQCLcBGAsYHQ/s1600/live.jpg

Requested by

Host: as-goal.site
URL: https://as-goal.site/channel17/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ad149986f04994085f915c8e6b4691f968637dd0ceeb792972be7fa33dba4e34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://as-goal.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 11:37:42 GMT
x-content-type-options: nosniff
age: 14054
content-disposition: inline;filename="live.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19881
x-xss-protection: 0
server: fife
etag: "v1a6"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 23 Jun 2021 22:51:32 GMT

GET
H2 200 2000%2B%25281%2529.png
1.bp.blogspot.com/-bDA4DNfCWow/X8kEQFuZqEI/AAAAAAAAAwg/rJDtLbr50eEwg9OomYvxFOg563rwtnsxgCLcBGAsYHQ/s16000/ 21 KB
21 KB 14ms
12ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-bDA4DNfCWow/X8kEQFuZqEI/AAAAAAAAAwg/rJDtLbr50eEwg9OomYvxFOg563rwtnsxgCLcBGAsYHQ/s16000/2000%2B%25281%2529.png

Requested by

Host: as-goal.site
URL: https://as-goal.site/channel17/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

526d8ec20ac4a7f4f45eeb52af8327bff355f3fe8659301791d9070826e88bef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://as-goal.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 11:39:26 GMT
x-content-type-options: nosniff
age: 13950
content-disposition: inline;filename="2000 (1).png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21083
x-xss-protection: 0
server: fife
etag: "v309"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 24 Jun 2021 11:01:43 GMT

GET
H3-29 200 jquery.min.js Show response
as-goal.site/wp-content/themes/as-goal/js/ 93 KB
31 KB 43ms
29ms Script
application/javascript 2606:4700:3034::6815:22b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as-goal.site/wp-content/themes/as-goal/js/jquery.min.js

Requested by

Host: as-goal.site
URL: https://as-goal.site/channel17/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:22b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7bd866c02b8a60761c6d07dff1e1f96b109b43816eefa1b3558bc10b4bbafb19

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://as-goal.site
X-Frame-Options	ALLOW-FROM https://as-goal.site

Request headers

:path: /wp-content/themes/as-goal/js/jquery.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: as-goal.site
referer: https://as-goal.site/channel17/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://as-goal.site/channel17/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:31:56 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2926
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0af9ff13a6000005b3af87b000000001
last-modified: Wed, 21 Apr 2021 15:33:14 GMT
server: cloudflare
etag: W/"608045ba-17294"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: ALLOW-FROM https://as-goal.site
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=KADMXWOzhablTlEjUScIi6Eii%2FTY4GpibREekdXeB%2BB72xhSoV9cv4%2FG7AZlWkiKZRTHPdTDEYhutpZhjZQW44r%2F0lImYOUOJjwiSVTWXCZ20xbGBHa07bKJ8wZRjs8%2FjuZQ%2Foby"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
content-security-policy: frame-ancestors https://as-goal.site
cf-ray: 66703465d99005b3-FRA

GET
H3-29 200 AlbaMin.js Show response
as-goal.site/wp-content/themes/as-goal/js/ 12 KB
5 KB 37ms
24ms Script
application/javascript 2606:4700:3034::6815:22b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as-goal.site/wp-content/themes/as-goal/js/AlbaMin.js?ver=2.0

Requested by

Host: as-goal.site
URL: https://as-goal.site/channel17/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:22b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c18d25db06a7184e5a89272ae51b7e55367916839109d2bc25415a0ebbe0f86

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://as-goal.site
X-Frame-Options	ALLOW-FROM https://as-goal.site

Request headers

:path: /wp-content/themes/as-goal/js/AlbaMin.js?ver=2.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: as-goal.site
referer: https://as-goal.site/channel17/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://as-goal.site/channel17/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:31:56 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2926
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0af9ff13a7000005b38b2a7000000001
last-modified: Wed, 21 Apr 2021 15:33:14 GMT
server: cloudflare
etag: W/"608045ba-31da"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: ALLOW-FROM https://as-goal.site
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=tlCjnt2Ym8gC5cyS37vUyCrRoRUCCKTFtFvrO46fA%2FwMWxG%2FEVdJGz6AWjRG%2Fv2Yrz%2BmVFnoQ9e4OQLI3Xsoo4Akv3O4yjAv7mXLR2dIoKJ6UmwipYCxA8PUKW80Py1Wat7Zvsvy"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
content-security-policy: frame-ancestors https://as-goal.site
cf-ray: 66703465d98805b3-FRA
cf-bgj: minify

GET
H2 200 mmt.min.js Show response
cdn.staticaly.com/gh/hemoafandy5/jsfiles/6671f2c5/ 50 KB
17 KB 57ms
12ms Script
application/javascript 2a04:4e42::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.staticaly.com/gh/hemoafandy5/jsfiles/6671f2c5/mmt.min.js?ver=2.24.0

Requested by

Host: as-goal.site
URL: https://as-goal.site/channel17/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::649 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

statically /

Resource Hash

b02c3188904d9a620795cdfb4f391bbed769407887e41f3bbbf52766bbc22da3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://as-goal.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:31:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1832175
x-cache: HIT
vary: Accept-Encoding
content-length: 16936
x-served-by: cache-hhn4034-HHN
st-id: qpg1269
server: statically
etag: W/"93edbdfc80215a7085bf752197e1c314f2a9bde7c682c803aed9684ed0b31a21"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
st-cache: HIT
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: *

GET
H3-29 200 AlbaSport.js Show response
as-goal.site/wp-content/themes/as-goal/AlbaSport/js/ 21 KB
4 KB 44ms
30ms Script
application/javascript 2606:4700:3034::6815:22b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as-goal.site/wp-content/themes/as-goal/AlbaSport/js/AlbaSport.js?ver=6.0

Requested by

Host: as-goal.site
URL: https://as-goal.site/channel17/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:22b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f178b64f0e2e2adb2f74a5879c4b8e68d0aad8b809760acbe8a0594d2c4fdfdf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://as-goal.site
X-Frame-Options	ALLOW-FROM https://as-goal.site

Request headers

:path: /wp-content/themes/as-goal/AlbaSport/js/AlbaSport.js?ver=6.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: as-goal.site
referer: https://as-goal.site/channel17/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://as-goal.site/channel17/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:31:56 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2925
cf-polished: origSize=21625
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0af9ff13a6000005b377185000000001
last-modified: Wed, 21 Apr 2021 15:33:14 GMT
server: cloudflare
etag: W/"608045ba-5479"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: ALLOW-FROM https://as-goal.site
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Gl97BratE7vRTZCllWfcJBqhr9r%2FGXg0JHtaDrx4zI05Eo%2FiPTMEv7XldmOGUpxWpr24MQvakMLt%2FLWyB75930c%2FbalBqTccAkzGT4b44IhydHsoUoStaGgzYK4N5nbW07EdCdiH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
content-security-policy: frame-ancestors https://as-goal.site
cf-ray: 66703465d99705b3-FRA
cf-bgj: minify

GET
H3-29 200 minimal-analytics.js Show response
as-goal.site/wp-content/plugins/flying-analytics/js/ 1 KB
1 KB 35ms
23ms Script
application/javascript 2606:4700:3034::6815:22b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as-goal.site/wp-content/plugins/flying-analytics/js/minimal-analytics.js

Requested by

Host: as-goal.site
URL: https://as-goal.site/channel17/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:22b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8a2e83955a77d82c9fd99a3a9595609f8fc55b956262bb10102982ccdc02305

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://as-goal.site
X-Frame-Options	ALLOW-FROM https://as-goal.site

Request headers

:path: /wp-content/plugins/flying-analytics/js/minimal-analytics.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: as-goal.site
referer: https://as-goal.site/channel17/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://as-goal.site/channel17/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:31:56 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2925
cf-polished: origSize=1444
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0af9ff13a8000005b3cb2ed000000001
last-modified: Sat, 27 Mar 2021 22:06:17 GMT
server: cloudflare
etag: W/"605fac59-5a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: ALLOW-FROM https://as-goal.site
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=pM7PnKf28vvZGd5kSrhPn5qw97TOe4T97QIZgp3jn5MIjGDYHb9YkCKEC7gkr7P3CBtUf08kGfkSesoL5bqfaIGW2FVu4Pp%2Bsi6pIqVo98EQtaymh4EIo5T1Fs%2FAgwUlr6D9UbQq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
content-security-policy: frame-ancestors https://as-goal.site
cf-ray: 66703465d98305b3-FRA
cf-bgj: minify

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
483 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Tajawal:wght@500;700&display=swap

Requested by

Host: as-goal.site
URL: https://as-goal.site/wp-content/themes/as-goal/style.css?ver=2.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3a3e9c51bc7e499210595a21a2fb91c21c17b8f57655d3577e2e1edd2f78cdcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://as-goal.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 15:31:56 GMT
server: ESF
date: Tue, 29 Jun 2021 15:31:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 29 Jun 2021 15:31:56 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0f171e8575efc0a46ffeb141491010c10df898d4a817aa67be0e5427af89e932

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 DroidNaskh-Bold.woff2
fonts.gstatic.com/ea/droidarabicnaskh/v7/ 40 KB
40 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/ea/droidarabicnaskh/v7/DroidNaskh-Bold.woff2

Requested by

Host: as-goal.site
URL: https://as-goal.site/wp-content/themes/as-goal/style.css?ver=2.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a6b3b2583f0b9ea7da829409bcde3dc1641adb9092100bf2e1415d61cde46d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://as-goal.site
Referer: https://as-goal.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 04:25:28 GMT
x-content-type-options: nosniff
age: 558388
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41252
x-xss-protection: 0
last-modified: Wed, 13 Aug 2014 16:50:04 GMT
server: sffe
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jun 2022 04:25:28 GMT

GET
H2 200 DroidNaskh-Regular.woff2
fonts.gstatic.com/ea/droidarabicnaskh/v7/ 38 KB
38 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/ea/droidarabicnaskh/v7/DroidNaskh-Regular.woff2

Requested by

Host: as-goal.site
URL: https://as-goal.site/wp-content/themes/as-goal/style.css?ver=2.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68b4ac5833d4474ef046db5c1495c5b70c16f6fe6f219656dbb7129b8faeed20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://as-goal.site
Referer: https://as-goal.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 02:20:22 GMT
x-content-type-options: nosniff
age: 565894
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39220
x-xss-protection: 0
last-modified: Wed, 13 Aug 2014 16:50:04 GMT
server: sffe
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jun 2022 02:20:22 GMT

GET
H2 200 Iurf6YBj_oCad4k1l4qkHrRpiYlJ.woff2
fonts.gstatic.com/s/tajawal/v4/ 8 KB
9 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/tajawal/v4/Iurf6YBj_oCad4k1l4qkHrRpiYlJ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Tajawal:wght@500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

453a980367e2c76aacb9c48ddab4f0732175bd0f2aefc257cfaa75dfb4dc2ae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://as-goal.site
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 23:29:20 GMT
x-content-type-options: nosniff
age: 489756
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8600
x-xss-protection: 0
last-modified: Thu, 01 Apr 2021 22:05:14 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jun 2022 23:29:20 GMT

GET
H3-29 200 Iurf6YBj_oCad4k1l4qkHrFpiQ.woff2
fonts.gstatic.com/s/tajawal/v4/ 10 KB
10 KB 15ms
13ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/tajawal/v4/Iurf6YBj_oCad4k1l4qkHrFpiQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Tajawal:wght@500;700&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

773d39d817342d38ff8203ede93c2280d9f4e6cbeac425fe09bdb7decddc65aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://as-goal.site
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 10:22:52 GMT
x-content-type-options: nosniff
age: 536944
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9988
x-xss-protection: 0
last-modified: Thu, 01 Apr 2021 22:05:12 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jun 2022 10:22:52 GMT

GET
H2 200 / Show response
tv.as-goal.site/ch1-1/ Frame 8A28 1 KB
1003 B 166ms
156ms Document
text/html 2606:4700:3034::6815:22b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tv.as-goal.site/ch1-1/
Requested by: Host: as-goal.site
URL: https://as-goal.site/channel17/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:22b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e04c6f562dc4acf59b855f53f65f0359a49b7ab899c21a522a6bd7f50f1d86b

Request headers

:method: GET
:authority: tv.as-goal.site
:scheme: https
:path: /ch1-1/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://as-goal.site/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://as-goal.site/

Response headers

date: Tue, 29 Jun 2021 15:31:56 GMT
content-type: text/html; charset=UTF-8
last-modified: Fri, 04 Jun 2021 01:58:22 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-request-id: 0af9ff140a00000601a6bcb000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=xjQ5PEwiivDKGoQaUCBi3%2FtA81MWWWpygcSnPc2hcvdfiBkWi6qe2XXl3DL422MkZMzsPnYUHv2yoxo1mmliXXHErN%2Bl5OpBRfMEZhKJaNUBEYAfPApCvJYSGvzNjarg5Q9uocGJnjCs"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 667034667fb10601-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 pubads_impl_2021062408.js Show response
securepubads.g.doubleclick.net/gpt/ 332 KB
116 KB 51ms
50ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

f852dfebba4af97add777a1d789b4739164d6cc93aa34db2c463141a5c3f4d09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://as-goal.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:31:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 24 Jun 2021 17:13:33 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118414
x-xss-protection: 0
expires: Tue, 29 Jun 2021 15:31:56 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=as-goal.site

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://as-goal.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Jun 2021 15:31:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=as-goal.site

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://as-goal.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Jun 2021 15:31:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 13 KB
7 KB 432ms
432ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=588773837464773&correlator=205722202107749&output=ldjh&impl=fif&eid=31061421&vrg=2021062408&ptt=17&sc=1&sfv=1-0-38&ecs=20210629&iu_parts=21633152309%2Casgoal%2Crich2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C336x280%7C336x280&cookie_enabled=1&bc=31&abxe=1&lmt=1624902963&dt=1624980716732&dlt=1624980716432&idt=269&frm=20&biw=1600&bih=1200&oid=3&adxs=582&adys=115&adks=2295158952&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fas-goal.site%2Fchannel17%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1020x0&msz=1020x0&ga_vid=582384545.1624980717&ga_sid=1624980717&ga_hid=914529189&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

d432aad61128f2f38d033168c9efae0610fd108fdc311a9f70b8ecf73ce7c222

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://as-goal.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:31:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7638
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://as-goal.site
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5200 6 KB
3 KB 55ms
14ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://as-goal.site/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://as-goal.site/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 29 Jun 2021 15:31:56 GMT
expires: Wed, 29 Jun 2022 15:31:56 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
8 KB 701ms
700ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=588773837464773&correlator=205722202107749&output=ldjh&impl=fif&eid=31061421&vrg=2021062408&ptt=17&sc=1&sfv=1-0-38&ecs=20210629&iu_parts=21633152309%2Casgoal%2Ccube2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=336x280%7C336x280&cookie_enabled=1&bc=31&abxe=1&lmt=1624902963&dt=1624980716739&dlt=1624980716432&idt=269&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=3694878404&ucis=2&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fas-goal.site%2Fchannel17%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=582384545.1624980717&ga_sid=1624980717&ga_hid=914529189&ga_fc=false&fws=644&ohw=1600&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ccc089ceb987ba6eb5cc978bb1960592ecdcd1ee186b399ca99bfc73bae390d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://as-goal.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:31:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8424
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://as-goal.site
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ Frame 8A28 85 KB
30 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: tv.as-goal.site
URL: https://tv.as-goal.site/ch1-1/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tv.as-goal.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 14:49:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2551
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30306
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jun 2022 14:49:25 GMT

GET
H3-29 200 css2
fonts.googleapis.com/ Frame 8A28 710 B
367 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Tajawal:wght@500&display=swap

Requested by

Host: tv.as-goal.site
URL: https://tv.as-goal.site/ch1-1/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9f4169e5cd2390babf73e19454bb55339366d3e2fd85b462b33f9ab96137556e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 15:29:32 GMT
server: ESF
date: Tue, 29 Jun 2021 15:31:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 29 Jun 2021 15:31:56 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 8A28 90 KB
36 KB 14ms
14ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-60503330-36

Requested by

Host: tv.as-goal.site
URL: https://tv.as-goal.site/ch1-1/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1ed5bd7f793417742f3fc498fd91160f8f536435fdfef7340d7af1d9ea0216ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://tv.as-goal.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:31:56 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36426
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 29 Jun 2021 15:31:56 GMT

GET
H2 200 / Show response
memotec.xyz/ch10/ Frame BD3C 1 KB
1 KB 200ms
147ms Document
text/html 2606:4700:3036::6815:1b69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://memotec.xyz/ch10/
Requested by: Host: tv.as-goal.site
URL: https://tv.as-goal.site/ch1-1/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1b69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.11
Resource Hash: c93497db1a0254b42f77ba6b7017100959bbe48618e8afd79ce923b1cd7a1510

Request headers

:method: GET
:authority: memotec.xyz
:scheme: https
:path: /ch10/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tv.as-goal.site/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://tv.as-goal.site/

Response headers

date: Tue, 29 Jun 2021 15:31:56 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.11
cf-cache-status: DYNAMIC
cf-request-id: 0af9ff152a00004dfac8272000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=R1jrzXlxzVC3mMSuvq6ZaMONatjEzLi4NzdmXXATalDhhWgjONC8o5vnjDSpKiSV05WtO7RtTuVp2iZO0GCeYf5MN12Fn%2BVIN%2FlNaX0clnTHPf5NecKUrREZKC5mKDudrYYue9w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 667034684bf64dfa-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 8A28 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-60503330-36

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://tv.as-goal.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 6708
date: Tue, 29 Jun 2021 13:40:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Tue, 29 Jun 2021 15:40:08 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ Frame 8A28 1 B
21 B 15ms
15ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j91&a=1974966940&t=pageview&_s=1&dl=https%3A%2F%2Ftv.as-goal.site%2Fch1-1%2F&dr=https%3A%2F%2Fas-goal.site%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=&je=0&_u=YEBAAUABAAAAAC~&jid=619346836&gjid=2076665940&cid=713928059.1624980717&tid=UA-60503330-36&_gid=295412618.1624980717&_r=1&gtm=2ou6n0&z=2037889058

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tv.as-goal.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:31:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tv.as-goal.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clappr.min.js Show response
cdn.jsdelivr.net/npm/clappr@latest/dist/ Frame BD3C 513 KB
138 KB 33ms
15ms Script
application/javascript 2a04:4e42:1b::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js

Requested by

Host: memotec.xyz
URL: https://memotec.xyz/ch10/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://memotec.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 15250
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 141142
etag: W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk"
x-served-by: cache-fra19168-FRA, cache-hhn4070-HHN
date: Tue, 29 Jun 2021 15:31:57 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ Frame BD3C 90 KB
36 KB 25ms
21ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-60503330-28

Requested by

Host: memotec.xyz
URL: https://memotec.xyz/ch10/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

66b9fca00e13d5641b8cc1eddd4c9888e93a26724f25683ac17450c836b05972

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://memotec.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:31:57 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36428
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 29 Jun 2021 15:31:57 GMT

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ Frame BD3C 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-60503330-28

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://memotec.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 6709
date: Tue, 29 Jun 2021 13:40:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Tue, 29 Jun 2021 15:40:08 GMT

GET
H3-29 200 container.html Show response
f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B610 6 KB
3 KB 21ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://as-goal.site/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://as-goal.site/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 29 Jun 2021 15:31:56 GMT
expires: Wed, 29 Jun 2022 15:31:56 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
28 KB 38ms
14ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29d592e34e3d2c8ca0c55ceafd75940de79cdb6381d8ceb372d226e7820e7220

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://as-goal.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:31:57 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1624879999447392"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27719
x-xss-protection: 0
expires: Tue, 29 Jun 2021 15:31:57 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 46ms
26ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021062408&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

094180f68277755a3a74776e416dc0a5bde0c7c498bbd9eeda3028f63685ff0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://as-goal.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Jun 2021 15:31:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7953
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 4571 624 B
597 B 16ms
16ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRCYs44CGO3Xom4wAQ&v=APEucNVfebBsQw7Dz9yW5fz0mcmESkFxmBwdpmh6vxBrVtuXrUDTG4SIU4mNTDcjJ-w8wbWoXMz1lHApOuV7uO78-AnxfbmoDJ3RgCwto8is3i2YafRBt8opeunMw896KLvNt5fg8Q7k-yCkTEqjMAQOdUkDzP2HTT8mUJTzXk5XWRf5c63U2bg

Requested by

Host: f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com
URL: https://f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=COD5IRCYs44CGO3Xom4wAQ&v=APEucNVfebBsQw7Dz9yW5fz0mcmESkFxmBwdpmh6vxBrVtuXrUDTG4SIU4mNTDcjJ-w8wbWoXMz1lHApOuV7uO78-AnxfbmoDJ3RgCwto8is3i2YafRBt8opeunMw896KLvNt5fg8Q7k-yCkTEqjMAQOdUkDzP2HTT8mUJTzXk5XWRf5c63U2bg
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 29 Jun 2021 15:31:57 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUlRHpWZXA3uxipYFoOZQj8qkU3I3cfn5dgIg8gybwZrqNjSfNZ3AIcPG0Yg; expires=Sun, 24-Jul-2022 15:31:57 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 29 Jun 2021 15:31:57 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame B610 58 KB
24 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AoaZ_a7BYvboRFvBxd8HzpJpeGFjdLzejD1i26oSmeBlTdFcIz6f7hBMMg2zdIWYMLtlmO6MoCrlYirb1RP6RpjP0gqUvkHlGFQcDz2KKswgQqCcsqdxmIJuoP8tNNO_wUdi5Bf6FxXEzxNJvnBfp1pyRFYQ&dbm_d=AKAmf-BMBrlLxOjX6fbsM4DpkRSXkPrNHN8X4ZwyvGzlPnFh6OFEOK6mUj1e8H9MUbW09ECYnT-S6jx7LaEOYWfHXTZpV3KgGAc9cG8cAWsD9cETC4LTdwAKcf9pw873MA5vMyUvNnBRFrMeIe0Xq1FxyfoZ61DJ8d9uABgO2z6YjC-eyXcBFV3DP5fWiBPQyDSusYSUnM6nb9rWqEozmKfISlom9kPvsBU6DgDYHDV1esC2MPvif01269IV_ErWLDvnsG_VlupStp5Gvf6FGQMVjQ3iL4KYRNuIOuPrn5h5G_b6hABba2ymfZljvqAZ6Ortf4hzbruwZok99hQyvGcxKCZDIxBKDOp_6MK4EYP1aDlFV6j6kDvKLu2n6ta3yFQXBy20cI7RqSqYWZxbG7xrIXUE4Kn6TbNgJ88F3mkVSfSgrS-t--hhI2X_Y84ICY7jXNMoBT0qd-HIq7rgp8qXTWY-rcrhPtftZuDiWvJFqElZF1LItpqwpTlyWAnJjjfJio59CMr15auGVuZXJHQ7QpsaB4koh9fn-iwidKOnArVVlbA5IMd7jEur_VxOEaDO7PyRBpFLxXKPnGSuWRMPhHAI1hgejALZ0n-6qHL80JKDHra7e_MgmiKtma4o3MsnmFaQEXM31wh7nIKiJ5TS7ZY6O7vwGBTnHhil5GOjfIjgBU1zJk1k0F4wfr9RvOgWXj3kTfO9oc4eyP8pqoUW7Mnx8rnV1x3tYNWx_tTcMfl6EHxn8vaCeDCcrxJ2Hjy1McCnuEDv3u7nPcKRlTfMyr1qJl9C6tJuJpBoWJpxEpLryl_0v0fq-kAzWkqDDMl-3IBkYFOIaV0sQxyUA8mayO1R87hKd69sLG759lWo3KMIDCYPBgyuW1dLi_h96J3W5mJ60yOxbeXh7OEn8vFKxOzdUgsAs5eGPAIJ4f0_gy6IUyJ9JsHXd5XTbNlo2QYME-jw_tib63o0e5oWK5t0imm_wac-EwkqTQDaZu9VOODeRxBe_zDVe0VHxjNRgZ-k-l5wKBv8KD26ezxF8nAT90RWmdAFLy5Z3en_WtRb_oiBFCZeYg_IELYAhDXzZFbBAy6Qg-5yutvtbUSzarTNi4Yhm2fZx_8REkLmx2PBkCMNjlsesd1qDb4HJtj0OiSPPvUeDW33XArRaIRvLxF7057PGK2yHH9iI0xSm0jTYpT_qM84D3t3vjyCqGeRmoxDmzcVht-AZ75VY5i3wfflHVuyuWVnvbums6tcRp5vItj8irNm0-hALAgVxjt4L12z8KPM7s_DcuyXXDBSFfxHVyku0T13zsCM1JUXCDNOq-Bl-pPmthwFxptam0dprC8jp61r_LPt6cXexFXQIDI-XgUwHju7n699xKi4kyaZukbqDc2qlLB5jdh7_RyXkSeDCCzr_Cqt1dIqZoQYdhgXy7Sv3TOFFJ7GYDOeYJsZDLcIUkGexxiKt0Mq_6LlaKRx5x7xhynSeJkEUWkGPt62C9JeJyjjDEjwhp_aItdYfI3ODQNWZA0ZJju6XKrhe-aNXEdQDY9E455LxjtZh8zYSKkgB4dRvDdX4h9sKFCDEhj0HsSD7RKYW5ZKGXy0EBocDZgawwqhcCzKfr1HOE1N-jRNbBmwLhMPIzt23tIYjAt9G3Yy7XwI67qE-P4sThrMj-7TcbRGM0hWV-ZALX0Q0BRDtB1v8UMYQuE28Ut4igWxwttqCsxHGEquqfI4g28UKDfkwJC_6PEgT-MsW8G6Hfnyj0s0T9SAY1zmB-1C39OvGuoW3DTi_0kYju3UWuTG0dCN5LNKCPyNyNIuVOjLT5JuQ_dUD4eO05YZk7N1INomSNXGxW5NCn7i5C3jTWQYezPZA3tW9s6BVtxHFA0b9evLRiACLiDCpJ9F4PdU2UpEMXPNfu5cXqcc_OeTr_zj94pYpQA5o0GHjA5UiDlaj8K-y2jSW5VYCWebww-UujvuYxDbIhTXH2w2_iPrCDSDZG7eVhv0W6E8f_6eK7lwRkQkWQgWOFUHUgr_pWvha6dKeqjNoBXD92t923RvwViGsTqB4oaeGreJp_BPnIr1yTxnype6-h8PPsHZGS-l7-A-enNWDQXV5_oAWctknkB2wOnpJ4HJ5lJv6Tve01MMCzkHqRJZMcTYlen7Miz20zeo6KSlqQd219Zhv_YxcF_wuQeTPjVj93sRhHfzq27gseddfjD7ItYB--J8SwvTyJ6weoEQ6qCiKWBFr5zornuMUWuV2HvptxvggOoE2zfPMWxaOdFelVBvrGl8hqBH2sxJvExaAlF13EA9MwORb5Yk4B3rwx1daOdMueQNmTIj2Yep0QuJM-N3FHlGvM2z-h9y-e9UZMs0zNNNNE_ImqCawBfLLjTbj0RNMTXd92GKBWigBloH05T-QxQiTZod9gnBCTKtzlSl6zklR6k2JuRTcn9LAZySXhFMyhA-Vzqj-Bbw6UB4uxmGgQKNZChB_-GHxZ0Lm42iMoBl7Ek4zPgiU-i0wtg48jJ64vKjzjNqJzLl4S6Er2ngabj9kzsIDU3nmjkwHxYbhzkkSPyPJ9lDdtAvFDFqUe7Q6SNeqem4pUA-6EXZC5Wi18hlssdCV4s_YDDo6NnyI0ELkpP2PX4QTLFvDsKFGRgo4Zulyfgzk_ogrpwJ-tJ8hOpD_jB79KDHZpEC03S0_oPMfis0m6qhDHQUtSXAMBPEhuoc7rk2sINhbqDK78oQfuU3cRiOdn0I88MvNfEjyl6t5aSDlaHhheCrjRBd5Ki-7a1jEOkk6FHqoLMCPeilBseZVYgQHWuaZHHrscX8sVTMbseO9HrQJuARrrXnFU-nGRgVXIV9w-GrbQ124HeiqVCQSpOwTvgtkV3C6HOu5-6RLTvSSMsvGEATowMyWS8DLnDMndnyEhJFjgxwH6nEOnQOzOC2aB1gCaDM0Gw4gem__HGhSdSJE_11oyAGwrxHEkIQuCd4roegv8xW5IZfh4PS3RNNxufR6pmtFHtUpX_U4OgtWocfdVLO9rp88RVOSOe8yCHGjA4ohyINtEvU_i8eLHAVf1ZAnDmjvQ12TM1hYoWb2DuJvX4npoa80eIY-5dSYBll3Ns-KjzkQHedDCoFZQeIU4k_oge-ml5vicGjXidMCVHJsabkzIXHFMAbm3KS-tn6ep_K7YVpCYni1tVt5FPj89J4JPDG7UWDSrCuGzSKl21XIHDIezLu5-m5jJqkjlc37P8c_5ytgFWScU-3bIezPrq8VWKrVTnLqImtjcl0uqlahEqO8VipvrIRxX6o4opJD6Thn8dzFkB0PhgvupxGsZZIymQOABJlReroCuYcQo1qUPnbBcXrrdADIW_0wypxhFORAR4jkaXEUwx2uu2daQFC4gbwFlVwPQKaC4l_IaiflkfoSCLagyvCK5_jXyqPewzBKkoLyw&cid=CAASFeRoiAz6JH1WLBO9tE5PzXV6570P8Q&rfl=1%2Chttps%253A%252F%252Fas-goal.site%252F%240

Requested by

Host: as-goal.site
URL: https://as-goal.site/channel17/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

525664abdd2aff523cfb5e9c7a2bc242e482815f73acba82b46ee450ead3a4ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:31:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24426
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame B610 42 B
515 B 60ms
39ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DVBwjJZJNDQXMmf_xSJpcROyHQwrscludZS2Htt1TrHFf06BfWsiU-JKIGs0Yu8TPjp7r4fkewfQp20FaxIWzTzldv0GUPAABDGQRxwcc3kiIH3w0

Requested by

Host: f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com
URL: https://f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:31:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame B610 3 KB
1 KB 30ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/window_focus_fy2019.js

Requested by

Host: f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com
URL: https://f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:31:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Jul 2021 15:31:15 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame B610 14 KB
7 KB 27ms
5ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com
URL: https://f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a029ad1de22249db15e4a05e5e168cf70b256ce05cdef7f7e7927c2df030f57b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:30:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 115
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6207
x-xss-protection: 0
server: cafe
etag: 17140096307539089235
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Jul 2021 15:30:02 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame B610 0
0 14ms
13ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS3BHvk95gyVY1BVkq49hT_boPeAnZGETCzFtYnYrOHipGJ2FPvNWuW4fflYgWJ31Fp7A9p4doA7l9Y-CN9eULXh7lOvg
Requested by: Host: f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com
URL: https://f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B610 125 KB
38 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com
URL: https://f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2f5a99d439c1d7bc8cd4e02f39d77d0dab1eba4e1fae40d3fc5d06ac3aaf1ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:31:57 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1624879993577808"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38803
x-xss-protection: 0
expires: Tue, 29 Jun 2021 15:31:57 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 29ms
14ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://as-goal.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:31:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Tue, 29 Jun 2021 15:31:57 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4571
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELOHbodIXRZilJ-TuhYkg0A&google_cver=1

43 B
1014 B

99ms
38ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELOHbodIXRZilJ-TuhYkg0A&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRCYs44CGO3Xom4wAQ&v=APEucNVfebBsQw7Dz9yW5fz0mcmESkFxmBwdpmh6vxBrVtuXrUDTG4SIU4mNTDcjJ-w8wbWoXMz1lHApOuV7uO78-AnxfbmoDJ3RgCwto8is3i2YafRBt8opeunMw896KLvNt5fg8Q7k-yCkTEqjMAQOdUkDzP2HTT8mUJTzXk5XWRf5c63U2bg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 29 Jun 2021 15:31:57 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 29 Jun 2021 15:31:57 GMT

Redirect headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:31:57 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELOHbodIXRZilJ-TuhYkg0A&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4571
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YNs87e.8SoeEOWi.KQs-ZwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELOHbodIXRZilJ-TuhYkg0A&google_cver=1&google_hm=2

43 B
894 B

37ms
37ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELOHbodIXRZilJ-TuhYkg0A&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRCYs44CGO3Xom4wAQ&v=APEucNVfebBsQw7Dz9yW5fz0mcmESkFxmBwdpmh6vxBrVtuXrUDTG4SIU4mNTDcjJ-w8wbWoXMz1lHApOuV7uO78-AnxfbmoDJ3RgCwto8is3i2YafRBt8opeunMw896KLvNt5fg8Q7k-yCkTEqjMAQOdUkDzP2HTT8mUJTzXk5XWRf5c63U2bg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 29 Jun 2021 15:31:57 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 29 Jun 2021 15:31:57 GMT

Redirect headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:31:57 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELOHbodIXRZilJ-TuhYkg0A&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 4571
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEB9omzeDKNxWSqg50OcYZM4&google_cver=1

43 B
1006 B

101ms
40ms

Image
image/gif

37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEB9omzeDKNxWSqg50OcYZM4&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRCYs44CGO3Xom4wAQ&v=APEucNVfebBsQw7Dz9yW5fz0mcmESkFxmBwdpmh6vxBrVtuXrUDTG4SIU4mNTDcjJ-w8wbWoXMz1lHApOuV7uO78-AnxfbmoDJ3RgCwto8is3i2YafRBt8opeunMw896KLvNt5fg8Q7k-yCkTEqjMAQOdUkDzP2HTT8mUJTzXk5XWRf5c63U2bg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 29 Jun 2021 15:31:57 GMT
X-Proxy-Origin: 89.187.168.221; 89.187.168.221; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: f860994e-9349-4231-bb72-1e16b65c54ce
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:31:57 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEB9omzeDKNxWSqg50OcYZM4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 4571
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzg2NTMwNTMyODMzMzc1NDY1NA%3D%3D

170 B
188 B

81ms
45ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzg2NTMwNTMyODMzMzc1NDY1NA%3D%3D

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:31:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 29 Jun 2021 15:31:57 GMT
X-Proxy-Origin: 89.187.168.221; 89.187.168.221; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: be5c45ab-3801-4863-a5eb-6014d1333650
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzg2NTMwNTMyODMzMzc1NDY1NA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_271.js Show response
s0.2mdn.net/879366/ Frame B610 111 KB
39 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Requested by

Host: as-goal.site
URL: https://as-goal.site/channel17/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com
Referer: https://f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 08:40:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24711
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39287
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 18:02:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Jun 2021 08:40:06 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210624/r20110914/elements/html/ Frame B610 8 KB
3 KB 23ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210624/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AoaZ_a7BYvboRFvBxd8HzpJpeGFjdLzejD1i26oSmeBlTdFcIz6f7hBMMg2zdIWYMLtlmO6MoCrlYirb1RP6RpjP0gqUvkHlGFQcDz2KKswgQqCcsqdxmIJuoP8tNNO_wUdi5Bf6FxXEzxNJvnBfp1pyRFYQ&dbm_d=AKAmf-BMBrlLxOjX6fbsM4DpkRSXkPrNHN8X4ZwyvGzlPnFh6OFEOK6mUj1e8H9MUbW09ECYnT-S6jx7LaEOYWfHXTZpV3KgGAc9cG8cAWsD9cETC4LTdwAKcf9pw873MA5vMyUvNnBRFrMeIe0Xq1FxyfoZ61DJ8d9uABgO2z6YjC-eyXcBFV3DP5fWiBPQyDSusYSUnM6nb9rWqEozmKfISlom9kPvsBU6DgDYHDV1esC2MPvif01269IV_ErWLDvnsG_VlupStp5Gvf6FGQMVjQ3iL4KYRNuIOuPrn5h5G_b6hABba2ymfZljvqAZ6Ortf4hzbruwZok99hQyvGcxKCZDIxBKDOp_6MK4EYP1aDlFV6j6kDvKLu2n6ta3yFQXBy20cI7RqSqYWZxbG7xrIXUE4Kn6TbNgJ88F3mkVSfSgrS-t--hhI2X_Y84ICY7jXNMoBT0qd-HIq7rgp8qXTWY-rcrhPtftZuDiWvJFqElZF1LItpqwpTlyWAnJjjfJio59CMr15auGVuZXJHQ7QpsaB4koh9fn-iwidKOnArVVlbA5IMd7jEur_VxOEaDO7PyRBpFLxXKPnGSuWRMPhHAI1hgejALZ0n-6qHL80JKDHra7e_MgmiKtma4o3MsnmFaQEXM31wh7nIKiJ5TS7ZY6O7vwGBTnHhil5GOjfIjgBU1zJk1k0F4wfr9RvOgWXj3kTfO9oc4eyP8pqoUW7Mnx8rnV1x3tYNWx_tTcMfl6EHxn8vaCeDCcrxJ2Hjy1McCnuEDv3u7nPcKRlTfMyr1qJl9C6tJuJpBoWJpxEpLryl_0v0fq-kAzWkqDDMl-3IBkYFOIaV0sQxyUA8mayO1R87hKd69sLG759lWo3KMIDCYPBgyuW1dLi_h96J3W5mJ60yOxbeXh7OEn8vFKxOzdUgsAs5eGPAIJ4f0_gy6IUyJ9JsHXd5XTbNlo2QYME-jw_tib63o0e5oWK5t0imm_wac-EwkqTQDaZu9VOODeRxBe_zDVe0VHxjNRgZ-k-l5wKBv8KD26ezxF8nAT90RWmdAFLy5Z3en_WtRb_oiBFCZeYg_IELYAhDXzZFbBAy6Qg-5yutvtbUSzarTNi4Yhm2fZx_8REkLmx2PBkCMNjlsesd1qDb4HJtj0OiSPPvUeDW33XArRaIRvLxF7057PGK2yHH9iI0xSm0jTYpT_qM84D3t3vjyCqGeRmoxDmzcVht-AZ75VY5i3wfflHVuyuWVnvbums6tcRp5vItj8irNm0-hALAgVxjt4L12z8KPM7s_DcuyXXDBSFfxHVyku0T13zsCM1JUXCDNOq-Bl-pPmthwFxptam0dprC8jp61r_LPt6cXexFXQIDI-XgUwHju7n699xKi4kyaZukbqDc2qlLB5jdh7_RyXkSeDCCzr_Cqt1dIqZoQYdhgXy7Sv3TOFFJ7GYDOeYJsZDLcIUkGexxiKt0Mq_6LlaKRx5x7xhynSeJkEUWkGPt62C9JeJyjjDEjwhp_aItdYfI3ODQNWZA0ZJju6XKrhe-aNXEdQDY9E455LxjtZh8zYSKkgB4dRvDdX4h9sKFCDEhj0HsSD7RKYW5ZKGXy0EBocDZgawwqhcCzKfr1HOE1N-jRNbBmwLhMPIzt23tIYjAt9G3Yy7XwI67qE-P4sThrMj-7TcbRGM0hWV-ZALX0Q0BRDtB1v8UMYQuE28Ut4igWxwttqCsxHGEquqfI4g28UKDfkwJC_6PEgT-MsW8G6Hfnyj0s0T9SAY1zmB-1C39OvGuoW3DTi_0kYju3UWuTG0dCN5LNKCPyNyNIuVOjLT5JuQ_dUD4eO05YZk7N1INomSNXGxW5NCn7i5C3jTWQYezPZA3tW9s6BVtxHFA0b9evLRiACLiDCpJ9F4PdU2UpEMXPNfu5cXqcc_OeTr_zj94pYpQA5o0GHjA5UiDlaj8K-y2jSW5VYCWebww-UujvuYxDbIhTXH2w2_iPrCDSDZG7eVhv0W6E8f_6eK7lwRkQkWQgWOFUHUgr_pWvha6dKeqjNoBXD92t923RvwViGsTqB4oaeGreJp_BPnIr1yTxnype6-h8PPsHZGS-l7-A-enNWDQXV5_oAWctknkB2wOnpJ4HJ5lJv6Tve01MMCzkHqRJZMcTYlen7Miz20zeo6KSlqQd219Zhv_YxcF_wuQeTPjVj93sRhHfzq27gseddfjD7ItYB--J8SwvTyJ6weoEQ6qCiKWBFr5zornuMUWuV2HvptxvggOoE2zfPMWxaOdFelVBvrGl8hqBH2sxJvExaAlF13EA9MwORb5Yk4B3rwx1daOdMueQNmTIj2Yep0QuJM-N3FHlGvM2z-h9y-e9UZMs0zNNNNE_ImqCawBfLLjTbj0RNMTXd92GKBWigBloH05T-QxQiTZod9gnBCTKtzlSl6zklR6k2JuRTcn9LAZySXhFMyhA-Vzqj-Bbw6UB4uxmGgQKNZChB_-GHxZ0Lm42iMoBl7Ek4zPgiU-i0wtg48jJ64vKjzjNqJzLl4S6Er2ngabj9kzsIDU3nmjkwHxYbhzkkSPyPJ9lDdtAvFDFqUe7Q6SNeqem4pUA-6EXZC5Wi18hlssdCV4s_YDDo6NnyI0ELkpP2PX4QTLFvDsKFGRgo4Zulyfgzk_ogrpwJ-tJ8hOpD_jB79KDHZpEC03S0_oPMfis0m6qhDHQUtSXAMBPEhuoc7rk2sINhbqDK78oQfuU3cRiOdn0I88MvNfEjyl6t5aSDlaHhheCrjRBd5Ki-7a1jEOkk6FHqoLMCPeilBseZVYgQHWuaZHHrscX8sVTMbseO9HrQJuARrrXnFU-nGRgVXIV9w-GrbQ124HeiqVCQSpOwTvgtkV3C6HOu5-6RLTvSSMsvGEATowMyWS8DLnDMndnyEhJFjgxwH6nEOnQOzOC2aB1gCaDM0Gw4gem__HGhSdSJE_11oyAGwrxHEkIQuCd4roegv8xW5IZfh4PS3RNNxufR6pmtFHtUpX_U4OgtWocfdVLO9rp88RVOSOe8yCHGjA4ohyINtEvU_i8eLHAVf1ZAnDmjvQ12TM1hYoWb2DuJvX4npoa80eIY-5dSYBll3Ns-KjzkQHedDCoFZQeIU4k_oge-ml5vicGjXidMCVHJsabkzIXHFMAbm3KS-tn6ep_K7YVpCYni1tVt5FPj89J4JPDG7UWDSrCuGzSKl21XIHDIezLu5-m5jJqkjlc37P8c_5ytgFWScU-3bIezPrq8VWKrVTnLqImtjcl0uqlahEqO8VipvrIRxX6o4opJD6Thn8dzFkB0PhgvupxGsZZIymQOABJlReroCuYcQo1qUPnbBcXrrdADIW_0wypxhFORAR4jkaXEUwx2uu2daQFC4gbwFlVwPQKaC4l_IaiflkfoSCLagyvCK5_jXyqPewzBKkoLyw&cid=CAASFeRoiAz6JH1WLBO9tE5PzXV6570P8Q&rfl=1%2Chttps%253A%252F%252Fas-goal.site%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:31:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Jul 2021 15:31:43 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210624/r20110914/ Frame B610 22 KB
8 KB 19ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210624/r20110914/abg_lite.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

598a6c545ec2b27cf7388041cb424a0f4ecc1884dc06e37781b927fbd3cd58fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:24:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 419
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8676
x-xss-protection: 0
server: cafe
etag: 11618055936852703379
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Jul 2021 15:24:58 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame BEA4 12 KB
5 KB 8ms
6ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://as-goal.site/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://as-goal.site/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Tue, 29 Jun 2021 15:23:38 GMT
expires: Wed, 29 Jun 2022 15:23:38 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 499
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 525E 783 B
529 B 16ms
15ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a279d85cf5fa3ddaa85f2a50a79a738bfc711a65ffbdb1c1ad7d65cfc0f3ec0c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XuwOar+rhaHniKBZpHfSgg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://as-goal.site/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://as-goal.site/

Response headers

expires: Tue, 29 Jun 2021 15:31:57 GMT
date: Tue, 29 Jun 2021 15:31:57 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-XuwOar+rhaHniKBZpHfSgg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 510
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame B610 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com
URL: https://f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 12:39:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10327
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jun 2022 12:39:50 GMT

GET
DATA 200
OK truncated
/ Frame B610 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b906a0350b44cfd808dde5820202a7f08cfd61fc9cc72532f74fa4291cf065d9

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 3FA8 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Tue, 29 Jun 2021 10:28:06 GMT
expires: Wed, 29 Jun 2022 10:28:06 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 18231
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 index.html Show response
s0.2mdn.net/9342312/1619625529694/ Frame 612C 41 KB
6 KB 21ms
7ms Document
text/html 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9342312/1619625529694/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd5d189901092f36d382a5cd39053f8c5aa2dbc40032dc3f539555ef6ce95280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /9342312/1619625529694/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 6098
date: Mon, 28 Jun 2021 23:04:11 GMT
expires: Tue, 29 Jun 2021 23:04:11 GMT
last-modified: Wed, 28 Apr 2021 15:58:49 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 59266
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame B610 0
592 B 131ms
50ms Ping
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssCNK3NJeVOlSoFAmVjzLhjQVqmwl4BDcPrAxH3S8k1EIhw6F2AEfpxZRJI_bI8Xo8GBUhd1lo0sZzJ2eIqVnIhadQNLXNzBxmetoAHIadi-jR8cEz3x5QVFIjPUbGsARXygvLOewe6XkwXbfZwpj3QVvPpZ4tYvswPG6idCveE6crFLznHcLw9dmfsZSCEhMziE13GQVs6oPg-g4br4WRe_xx02WsXfWJOgxkDFA5s0i01_Pk0joldeNz2RcqBVmW9rEfejP7JJRdyHCvrk_KP1EqxB0s2RJ4AllYA5CBo2mWwY40X9UPxUpnO5KD27_0NlpQvucQmdiW8r_7RsQA3cr7Os38clSPYlcdqqaHrlornSaRtVwZpBJzmPE-EjeDK8xZEI7-9I870zXGREpJP2nVkNm0ish4l0ynGGhF0X7iXVCDqQ-Nep8xj1RYMaepBzxT-lgVJC_G_LYF9DbvAXjVT0HNGkUvzGbVMBj1V1L-nJLkRXV9RGZ8hi4hSS_MsjmxIIQRiw-8xu74Lu-Cf-J860q3gJvgNgn_Al924ZiItRiNC23YLE7Km1wYZZNt80ViF_ZPCMa8DiwcydDFe0dAc-9gr02IkhhfLva-hT0qcQkwuZcgWO1NKrsntKAviKsL5cLjYSCb_Mi7HmwgtEbgVitUBcWtEgHlE-YnxQBFzJax22-yiXC1D3UBCd0iSYpErIFkTbQN6TVIJ74DZ01AlONZWsRkqi0gCl0V7iMZYxgaRixZgMum_2Lar0U9xCEsGqI4e75g-0ICVJnXcf_uG6E19ftcAeoihGDQR-1iIUGwWYhJBPLtP8sBQg-zdmAO2AdnRPDgWYm7tFPAq-WeqCyeUpwaokYnFZRrGBGVoJISFEinRsOBFbfXINXEGJIxZOjaPTjuP3wMPdEELVUiiLsAdLXpwMIPN_sEok5ldi1Ery24yplL9QXJaUFg5elck1ELIamWHKEkI1Obs_Bhzh_sGpv1wzuv8v24ZVEfhOPZQd7-8d2232ZpCEhucW_qkaqxneUFZauFIdOpGsnSrBqMCj72peiylPs12zRLuQ98CKabCPbwpfsCo_fU89UvtWXY4fG9OVwEn7PbHZnUk0kQs3Wnk1MAim55XKn6OQnwTvlCYq1ryrOG7_UrBRfPPN7kWjRKrMAXNZtqZSfwLasOfDAy4Sh7Xp4KOoeBlSTjvBaDw0S2BzSBX5uAYfPgbxBWvWGfHumncJ3vhDMOdqj36U8xJDcbjUQ&sai=AMfl-YRMeH2GaJAFTufX13gfE3o7u-pfiTSLwdt51YkDorObAMlSI6owPDFy00mgsJ0yDoN7iI7g4mM-kcf2pfuwEkOVHH9aU7-1jUaplv39nN7vKiqUg_aou_3Nawn_z5SmoxE8iNCXuFBBzUuD4SCoU7E5WPbblx2804xGAdY&sig=Cg0ArKJSzCz4t5hoqjsvEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=113&cbvp=1&cstd=110&cisv=r20210624.04101&adurl=

Requested by

Host: as-goal.site
URL: https://as-goal.site/channel17/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Tue, 29 Jun 2021 15:31:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1

200
OK

px.gif
d.adtriba.com/ Frame B610
Redirect Chain

https://d.adtriba.com/collect?atb_ptid=e774d0b4&atb_dpuid=adlicious&atb_dcaid=display_paket_l_alw-on
https://d.adtriba.com/px.gif

42 B
227 B

39ms
38ms

Image
image/gif

35.158.186.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adtriba.com/px.gif
Requested by: Host: f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com
URL: https://f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.186.240 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 29 Jun 2021 15:31:57 GMT
Cache-Control: public, max-age=86400
Server: nginx/1.16.1
Connection: keep-alive
Content-Length: 42
Content-Type: image/gif

Redirect headers

Date: Tue, 29 Jun 2021 15:31:57 GMT
Last-Modified: Tue, 29 Jun 2021 15:31:57 GMT
Server: nginx/1.16.1
P3P: CP="This is not a P3P policy! See https://www.adtriba.com/privacy-policy.html for more info."
Location: /px.gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 01:00:00 GMT

GET
H3-29 200 DbygjneaO4DVyaaVGwd-ToFDSMFkJodatxAyqShhIKw.js Show response
pagead2.googlesyndication.com/bg/ Frame BEA4 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DbygjneaO4DVyaaVGwd-ToFDSMFkJodatxAyqShhIKw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dbca08e779a3b80d5c9a6951b077e4e814348c16426875ab71032a9286120ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 10:45:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17166
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5767
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 16:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 29 Jun 2022 10:45:51 GMT

GET
H3-29 200 DbygjneaO4DVyaaVGwd-ToFDSMFkJodatxAyqShhIKw.js Show response
pagead2.googlesyndication.com/bg/ Frame 3FA8 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DbygjneaO4DVyaaVGwd-ToFDSMFkJodatxAyqShhIKw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dbca08e779a3b80d5c9a6951b077e4e814348c16426875ab71032a9286120ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 10:45:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17166
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5767
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 16:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 29 Jun 2022 10:45:51 GMT

GET
H3-29 200 1084a50b73c9613b95e05c012b8366dc.js Show response
s0.2mdn.net/9342312/1619625529694/ Frame 612C 71 KB
18 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9342312/1619625529694/1084a50b73c9613b95e05c012b8366dc.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9342312/1619625529694/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebc367bcdd2873f80bae9d08b1d6316d0d158241e5f1a6ad843e094c8be6cb1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9342312/1619625529694/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 23:04:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59265
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18313
x-xss-protection: 0
last-modified: Wed, 28 Apr 2021 15:58:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Tue, 29 Jun 2021 23:04:12 GMT

GET
H3-29 200 container.html Show response
f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5C0B 6 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://as-goal.site/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://as-goal.site/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 29 Jun 2021 15:31:56 GMT
expires: Wed, 29 Jun 2022 15:31:56 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 342b3ad099d1206643171867e9ec3e46.svg
s0.2mdn.net/9342312/1619625529694/media/ Frame 612C 6 KB
2 KB 6ms
6ms Image
image/svg+xml 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9342312/1619625529694/media/342b3ad099d1206643171867e9ec3e46.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9342312/1619625529694/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

633ff8da1bc38b48c5c96bf180889d32dc151df8ddc1e6b848c80762ef1e3250

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9342312/1619625529694/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 09:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20237
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2111
x-xss-protection: 0
last-modified: Wed, 28 Apr 2021 15:58:49 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 30 Jun 2021 09:54:40 GMT

GET
H3-29 200 8390b93a9c186729ed2345d9fd812a5e.svg
s0.2mdn.net/9342312/1619625529694/media/ Frame 612C 1 KB
598 B 7ms
6ms Image
image/svg+xml 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9342312/1619625529694/media/8390b93a9c186729ed2345d9fd812a5e.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9342312/1619625529694/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34b0d0396320f78f4a0371e6d58014dda2c73a95bd5683450465e6030e564539

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9342312/1619625529694/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:55:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52578
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 574
x-xss-protection: 0
last-modified: Wed, 28 Apr 2021 15:58:50 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 30 Jun 2021 00:55:39 GMT

GET
H3-29 200 88a850981629dc607bb3c50dd9b3665d.svg
s0.2mdn.net/9342312/1619625529694/media/ Frame 612C 796 B
476 B 7ms
6ms Image
image/svg+xml 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9342312/1619625529694/media/88a850981629dc607bb3c50dd9b3665d.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9342312/1619625529694/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a5249886653b630dee050e6934a371610a6ab81243b36fadc37730c909eabc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9342312/1619625529694/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 06:44:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31649
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 452
x-xss-protection: 0
last-modified: Wed, 28 Apr 2021 15:58:50 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 30 Jun 2021 06:44:28 GMT

GET
H3-29 200 9b16023982f0585b2adc7163f725c742.svg
s0.2mdn.net/9342312/1619625529694/media/ Frame 612C 5 KB
2 KB 9ms
6ms Image
image/svg+xml 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9342312/1619625529694/media/9b16023982f0585b2adc7163f725c742.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9342312/1619625529694/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84cfe81c7b675808917d7d014eef40275b0001364c5abadf15fc8cd27397bb5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9342312/1619625529694/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:00:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55871
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1687
x-xss-protection: 0
last-modified: Wed, 28 Apr 2021 15:58:50 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 30 Jun 2021 00:00:46 GMT

GET
H3-29 200 eab840bc6ee1119a139b4f734d1fdb50.svg
s0.2mdn.net/9342312/1619625529694/media/ Frame 612C 1 KB
495 B 9ms
6ms Image
image/svg+xml 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9342312/1619625529694/media/eab840bc6ee1119a139b4f734d1fdb50.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9342312/1619625529694/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c268fc5ce52b646b09f65d4f0f1b1749f9f94ca7854fd45072fa8cd2f45b0798

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9342312/1619625529694/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 06:44:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31649
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 471
x-xss-protection: 0
last-modified: Wed, 28 Apr 2021 15:58:49 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 30 Jun 2021 06:44:28 GMT

GET
H3-29 200 73048b86a86de7bedbb62c23af6da7df.svg
s0.2mdn.net/9342312/1619625529694/media/ Frame 612C 4 KB
2 KB 11ms
7ms Image
image/svg+xml 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9342312/1619625529694/media/73048b86a86de7bedbb62c23af6da7df.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9342312/1619625529694/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcc28cabdb870eb9d1397edfbedd60151959559bfe87be2cb75e09bff5ca41de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9342312/1619625529694/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 23:04:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59265
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1524
x-xss-protection: 0
last-modified: Wed, 28 Apr 2021 15:58:49 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Tue, 29 Jun 2021 23:04:12 GMT

GET
H3-29 200 4e556d550f2695d06b7cf16e16015af9.svg
s0.2mdn.net/9342312/1619625529694/media/ Frame 612C 936 B
378 B 10ms
7ms Image
image/svg+xml 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9342312/1619625529694/media/4e556d550f2695d06b7cf16e16015af9.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9342312/1619625529694/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d59572b7482e805e1e1fa211d3194d35a961b1bc654bc2bf0199e65ac2f23e8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9342312/1619625529694/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:00:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55871
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 354
x-xss-protection: 0
last-modified: Wed, 28 Apr 2021 15:58:50 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 30 Jun 2021 00:00:46 GMT

GET
H3-29 200 dcf0ff08305962765617ec8aab99f5c9.svg
s0.2mdn.net/9342312/1619625529694/media/ Frame 612C 664 B
399 B 13ms
10ms Image
image/svg+xml 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9342312/1619625529694/media/dcf0ff08305962765617ec8aab99f5c9.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9342312/1619625529694/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b04c7dea40d8f0e0ef9b5561940becdedf9c2252691a5453d25f906ed94864c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9342312/1619625529694/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:00:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55871
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 375
x-xss-protection: 0
last-modified: Wed, 28 Apr 2021 15:58:50 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 30 Jun 2021 00:00:46 GMT

GET
H3-29 200 6e72533e724fb638eb4b4f1e5e7b49b8.svg
s0.2mdn.net/9342312/1619625529694/media/ Frame 612C 252 B
222 B 12ms
9ms Image
image/svg+xml 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9342312/1619625529694/media/6e72533e724fb638eb4b4f1e5e7b49b8.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9342312/1619625529694/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fdc88ccc0e10bbc87372fd245028d17169e9b3576713c2f20ac7fc90c3fa299

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9342312/1619625529694/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 01:24:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50833
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 198
x-xss-protection: 0
last-modified: Wed, 28 Apr 2021 15:58:50 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 30 Jun 2021 01:24:44 GMT

GET
H3-29 200 0e96a7c24fd4b20d9b9dcd872a4d9ca2.svg
s0.2mdn.net/9342312/1619625529694/media/ Frame 612C 2 KB
1006 B 11ms
8ms Image
image/svg+xml 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9342312/1619625529694/media/0e96a7c24fd4b20d9b9dcd872a4d9ca2.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9342312/1619625529694/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e500f39a8b6996962214b7bb2d37a9e52e3b36c3113279beeccba9168adffb3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9342312/1619625529694/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:51:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52850
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 982
x-xss-protection: 0
last-modified: Wed, 28 Apr 2021 15:58:50 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 30 Jun 2021 00:51:07 GMT

GET
H3-29 200 6b41b62869b39ed8239e5eeebc9b7096.svg
s0.2mdn.net/9342312/1619625529694/media/ Frame 612C 1 KB
643 B 10ms
8ms Image
image/svg+xml 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9342312/1619625529694/media/6b41b62869b39ed8239e5eeebc9b7096.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9342312/1619625529694/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fe40a0fd2a9b337440874c1aad58bff0f153d952da7f83dfacb9303b6771350

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9342312/1619625529694/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:00:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55871
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 619
x-xss-protection: 0
last-modified: Wed, 28 Apr 2021 15:58:49 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 30 Jun 2021 00:00:46 GMT

GET
H3-29 200 20cd3c9c87a3dcad42074ff89b4391e0.svg
s0.2mdn.net/9342312/1619625529694/media/ Frame 612C 8 KB
2 KB 10ms
7ms Image
image/svg+xml 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9342312/1619625529694/media/20cd3c9c87a3dcad42074ff89b4391e0.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9342312/1619625529694/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16dde9a1942cbd39c1f882ebd1e6f3768b933c64051c589feb1243c4fcd050ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9342312/1619625529694/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:00:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55871
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2458
x-xss-protection: 0
last-modified: Wed, 28 Apr 2021 15:58:50 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 30 Jun 2021 00:00:46 GMT

GET
H3-29 200 8cc05b6ea379ae3ce855c8e91d3a6a6f.svg
s0.2mdn.net/9342312/1619625529694/media/ Frame 612C 3 KB
1 KB 13ms
11ms Image
image/svg+xml 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9342312/1619625529694/media/8cc05b6ea379ae3ce855c8e91d3a6a6f.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9342312/1619625529694/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5515223ac2cb272d4dcf91a4aefced55a3d51bb3207cee2f11fae692b8dbabc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9342312/1619625529694/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 04:52:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38361
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1505
x-xss-protection: 0
last-modified: Wed, 28 Apr 2021 15:58:49 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 30 Jun 2021 04:52:36 GMT

GET
H3-29 200 aaeae5592a41b6cd27787062b1d6eeb9.svg
s0.2mdn.net/9342312/1619625529694/media/ Frame 612C 3 KB
1 KB 13ms
10ms Image
image/svg+xml 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9342312/1619625529694/media/aaeae5592a41b6cd27787062b1d6eeb9.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9342312/1619625529694/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

396ba6baecc7e52df5599ffdc5f55c87c8969d7b4cde477f6ca9bda366e183ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9342312/1619625529694/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 23:04:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59265
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1129
x-xss-protection: 0
last-modified: Wed, 28 Apr 2021 15:58:49 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Tue, 29 Jun 2021 23:04:12 GMT

GET
H3-29 200 d06417b172417aef6815e6c350139607.jpg
s0.2mdn.net/9342312/1619625529694/media/ Frame 612C 3 KB
3 KB 12ms
10ms Image
image/jpeg 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9342312/1619625529694/media/d06417b172417aef6815e6c350139607.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9342312/1619625529694/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9aec6ab050597b79eb2a99674bd2dabab7aa591a39a11611fedac3e68a2cb87a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9342312/1619625529694/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 01:59:30 GMT
x-content-type-options: nosniff
last-modified: Wed, 28 Apr 2021 15:58:49 GMT
server: sffe
age: 48747
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2607
x-xss-protection: 0
expires: Wed, 30 Jun 2021 01:59:30 GMT

GET
H3-29 200 9df77a337f3145b390840724585d64ce.svg
s0.2mdn.net/9342312/1619625529694/media/ Frame 612C 3 KB
979 B 11ms
9ms Image
image/svg+xml 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9342312/1619625529694/media/9df77a337f3145b390840724585d64ce.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9342312/1619625529694/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c300b3c2b03066424f6ca0b34b91ee8e372d67d0e9a376cbf14be081bf48653

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9342312/1619625529694/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 01:47:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49457
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 955
x-xss-protection: 0
last-modified: Wed, 28 Apr 2021 15:58:50 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 30 Jun 2021 01:47:40 GMT

GET
H3-29 200 232b6f6f4921d2fb5ebd202d50cd7586.svg
s0.2mdn.net/9342312/1619625529694/media/ Frame 612C 2 KB
745 B 11ms
9ms Image
image/svg+xml 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9342312/1619625529694/media/232b6f6f4921d2fb5ebd202d50cd7586.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9342312/1619625529694/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a49c18b08b36cf4c3a57f57f5d98024135b7ea6b3626d4067aef31ab1101d285

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9342312/1619625529694/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 09:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20237
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 721
x-xss-protection: 0
last-modified: Wed, 28 Apr 2021 15:58:49 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 30 Jun 2021 09:54:40 GMT

GET
H3-29 200 b73db3884cabb8e89c3a7b05d585f3bf.svg
s0.2mdn.net/9342312/1619625529694/media/ Frame 612C 3 KB
889 B 7ms
7ms Image
image/svg+xml 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9342312/1619625529694/media/b73db3884cabb8e89c3a7b05d585f3bf.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9342312/1619625529694/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ac20d5066298115f37da2bec1b3df1cd13a7204ff6f0d21202d982022db845b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9342312/1619625529694/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:00:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55870
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 863
x-xss-protection: 0
last-modified: Wed, 28 Apr 2021 15:58:50 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 30 Jun 2021 00:00:47 GMT

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 45A0 624 B
299 B 31ms
22ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYnMXFlQEwAQ&v=APEucNVMYL1qlFxbyng1jSelyUDWQa3uI5VZK7r3FCK1cUk3cjVMO0gc6MLrYo4uMV0Zs7U4BXKNl1ZaAbCmkaB8G_rewG-_tkNVN5M9ZRZ-REGcj-jPr8aiUmW7nLZMXpRV0_Ggs7YfIkhK5SQJrHVTX9_Yt0b1_99-ZZiLxci0bTcUaskoU64

Requested by

Host: f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com
URL: https://f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CN-KGhCn9EsYnMXFlQEwAQ&v=APEucNVMYL1qlFxbyng1jSelyUDWQa3uI5VZK7r3FCK1cUk3cjVMO0gc6MLrYo4uMV0Zs7U4BXKNl1ZaAbCmkaB8G_rewG-_tkNVN5M9ZRZ-REGcj-jPr8aiUmW7nLZMXpRV0_Ggs7YfIkhK5SQJrHVTX9_Yt0b1_99-ZZiLxci0bTcUaskoU64
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnA_U5epESwB5rS7gvDxK_i7MyEnjybllRo4DLtpQS6OewvNY6LasWPUEYXL3s; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 29 Jun 2021 15:31:57 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 29 Jun 2021 15:31:57 GMT

GET
H3-29 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 5C0B 25 KB
13 KB 50ms
42ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D2qvAFxQC0y3_OBJXsL58hzxjtWq7HivUnnKNbFspHfKaz5YIGxczPtNi4z-qduSg4HaVhx6S9XsWIaDqC_MvvIT5I6yqE6MWLF-nALnmu-2Lz1ewsfw_DHlh90ZJ2aEuhjg5iIP3gYo5DmgKt3X18Nhu0Dg&cry=1&dbm_d=AKAmf-BVML1B6cOM-lyrj5hHe2zno0NskdQ2Imy7ijXNJCgGCGy8kZvEAz9gre_hTfelm2_pcJ3TATZtua2uNpZ0EkvYJXDUlLQyueXvrUr3ngzvTAmiM2MVA9smW3ZBQCDsq37DfsxDBq-Jdp5nfMi77fI0XKcDcm5XswEY9W89emspUsU2TGb0sUM4_OpUDMK2oboIds5EwyCX_rRvBBN6OiFVVPcvxgt2SVaoOADNUfByxMvL3yYCmz3XtbiojRifwk96u_CgXH-DRO3b-uYM7SVpmavttqJo4lYGSKX3KMlAjovY3wgo0v6AbFOYpLUIVYpQAYGZWgpmyRBrCzn0SSog7gjQUyS_G615IkIGh_uHQcvh_LLkskyUVC8YeZBmkw2aAQrePO4viu41GdEHVDGiOY2S3cPR6CMZByHBh1P-EPgqZn73zyXq3ppkJV3j456pZS5XO5W22d_esnKHHXeiuvDJd2SZkeFg2cMTemdUIB5JVByOdNJ-GscPHQSnwl_Jcuq7eB7iY25yhT-FhMv_dIuYJr5dLqUY94MIp4rjWHjXws5FOX0DHzSIbh2h1vdEssy7u3q4AU01vYR_W_GR198Uwu-bj2WvQBPOkTsVlFtgA6YvvTQREYuYku5KPULg_5WPvFWuUvmfOYJoEiqZcHCVtPdqU62J4h1PE04CnMwyWeUGpiHEc7Kt2M3Jr_pVIvqnjjeJVWaEiLJPy6VAEknB33D8y9SQRhtC8D-Yq_u--FYU29_p8SxZLWPWCNcQHxo-THuyjakZjhdEaigrQqtDOaZsGJjuUmX-mWW5MuOJPkurWun-RBg2WJOGDzf7ZkHf4t7YYlOngoVCIFyovpRdv392cDjvXFWfT-GxtBRoQXIFSEsIGAML4v4lbjtu5uiy9-O0qUoMFW8pac3KFXa_D3liCRYPyzsXgP5m5YgOOw4r6_3_I4LzIcgmxB2a9GRgts6XFzYeikeKQcuDj-FSwcC5r5nQsawRHNYEmBgb-lGOzH2HmsbJHBjQlAI3yBL0R98rZWyss6avDvxeEU12ceK4V8o7ZT24mDBFCFt7DL60IPGU_Qy81VsGTReZeR9pkUYdaqMgPh_7D-9h9SaJcylWF0Ddq6qQ3HhU8XpjXAZT_7b7UeT_zJIlpsmwdSnKuLEncvXk3Mwnmb3_MLQf637eUyv6070e9ZadugYIcjrnfPPwHd6d2IjrM34JFg3YMgKSwn2e50pv7aM_6NTWAMGALgXU6uNWkUcxLrT1_Vj0ZLt3UVtLnIx7raL1FssP8Qozr7LlfSGNqMGspwPiPvhJwKICfD2TE0b8uNY5p-vcuIM286Cs3IhyuhNo9lpQC1i_GG_SoJDGFOWZI5Jyhjh7v7YiLD7cd13jN6TWD7tGK1AO9DC2TgkFxjYXmMesMJR0f8RQ6QG6a46-OhvhjamsgfeY1OEyanYqNEE-lKhXoQKDk55jpEEHc5c4dEay24H0ZGlDhyjDhIzmHKG6LcfFtWDQXwhxMF0OBSz0vaIZnxW1PYInRA14x0tH3XRkLqSI_ki6KQvXjp0iw-5o4r_NubtROhBlCY1uW150nlvVIwl63NfWrfC6j2i6OTvOgpeZMeGsAhAygJ1Cf52n6LYqr_x4JbX9b1WOtnT1T_XsmIB9JrbUIr9a7UJlF3iaLMSMAupInDSeqcf6inU2YU5sh1_XubR4NtPUAMteb4ZbMqQvIpKJ8S97To6hql1rxDcLvkxw6RAEUDPEYrCXEQItX_w02ZxRaNGQQUcN5lA4BzGkY9JEnyDdoC-x0q3rDELGCAN3GDDv83mh1QC21R2siHT-jDKNbjZC6mVfxVXR65s3iSsxh_W2vR2uIljSduLWwk0h4SLZm5WjnqWYGQx02Efa7zHPSGooxpbVRjollE8qPSX6r73w-9mliZqK19cxSqSPA7njphAhldPU_YY9p2lKmlQ0ZAkZuM4VdUIOitARox3J_6hplxjkSYP7BsI8YMhBdpKk-CkIZTlBqvgxvn0LA-VpWTxgWFrCv9Mfz-_z0ycyVfytO6Xw35ofNJU5iefLvQdEbjH97P5ZSy6seEe-ln90SQH1XE9o0qJaw781EqhyM2EWDegX5Flu6zWWzzgtEWVvHHDEUBkLYz67HzqRrnpVgPzIsTuSjNWa7c-1hYLK9x3e2RCUgSqw-AuSPNylpgiNw7Nwhxl9WBSM50eAQbRxhs0YKzymM7cALH9kfI-5U7aFBOfdylc2mw31v_3VZsKM5k-qeLYv4-3l7yYkVrfiM8KQLnIJDu3Fsph37OphqQoK0L_j_JGQDAvxDFJq4HTNL0eVoICv_BMl-VmRhG-Lte39qo5mxvZZlsG19L462lWgGzpDGukpmyifyWr5_ugcdBCHpFdrrNfMh13TP5FmoXKsuEZ8_62n-58JOA4F7Fi7vvCqNpfRHkQPxXOnuhnuk5FDAaOFXKhCk9aG_OjSSJJckF-JkTHV0lepDnV7if1Sx-blqyLc0ZMpsOeNap9g91EU3ePNs8OCQSbN_diluus_E0YwbXHK2PPnQuGJohRIy2BtiUqqjxOWLuP5yEJ-k-GiRFV31w4R-WQHzfmMvHY7pNZqavutVX52kaAWabXfbAaBPo06g1uKQC5gPfFNdJdp00CORAhC1pJQVYfU-eKzH3vfn6xBUuWF6dy6PCXow98CgH0EZRdgsmSRY47UyFKJTPHLoVrN8LjIRTTp4LYChGO6vW25T_kpMYroip_bJoVQTZHIPEoERsL2M2kLxhUaZhuJtDADR7j7Pm1cv14dNhuBH8EQL3abwDIO_mOpPbmKUbwPy-XHR6Q6LLKoGu2RIz9vgQTJCh6j1I0lJ8TsbcaGtvo5kc1EC9k0jBdRSdruSKwMU3BMMUQ5jGj0jeGK9sXsNyy6dvM8wxo9rZapmk1Kkj8mV4xIzhkUa6nj352MChHtLPOq0HZMy5TWjQMoh5q9u0lceWXpmRoBDTJB_Vc286ypLsK_5OJdvlfAs0JwrXnWnBriiEWBRKBCIabjoT7xbLom5_kyvpYLQC73SLWXzySYYcPCSyRIx6OF6tG44rItPq_OXvNlKvtQHqJ98mV4g4Fk3KNnT9xExvKJ7jNI9gnlmraiA5TIUx_c72vs4tFQ1N82kVd-xLEP7MRrU5QYvGvQKXrk3jJIFbPxlaHnoLBms-9oUeFlN7_N9EiHIiwETP-2kvg29usw64ABVbjx5_gNY5VCaYlvjG21Q3L4csTQrikGRShFVvAR7oWESvA2B3BMIRLGNefjH0u8tzGWlOjp4s0w5wnOEevNlGR2ZIR6hroPY5GtWv4J5P28ub79I19orznbAcDVFpmuGE5gnXelZAbMTqg_AFUc-ZrBxwM&cid=CAASFeRoiX6WcaI9vsyZ6Jg7W8jKuiuoow&rfl=1%2Chttps%253A%252F%252Fas-goal.site%252F%240

Requested by

Host: as-goal.site
URL: https://as-goal.site/channel17/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87a24719642024b46e06f46e98edb913b6eb6ca0f4a034330bee564cafaaf251

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:31:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12906
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5C0B 42 B
63 B 45ms
39ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CE7acopnetXhPkMGqi2icKpTdDdDjfon4T16SDKYyn4_uLl5yqYF5Y3S8weAXbeRRqC_O5ReA0Dc77QEKazzJs8Duk-A-8Pg12bXOSD4CMpLXl4rM

Requested by

Host: f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com
URL: https://f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:31:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame 5C0B 3 KB
1 KB 12ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/window_focus_fy2019.js

Requested by

Host: f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com
URL: https://f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:30:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 115
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Jul 2021 15:30:02 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5C0B 125 KB
38 KB 26ms
13ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com
URL: https://f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2f5a99d439c1d7bc8cd4e02f39d77d0dab1eba4e1fae40d3fc5d06ac3aaf1ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:31:57 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1624879993577808"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38803
x-xss-protection: 0
expires: Tue, 29 Jun 2021 15:31:57 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame 5C0B 14 KB
6 KB 11ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com
URL: https://f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a029ad1de22249db15e4a05e5e168cf70b256ce05cdef7f7e7927c2df030f57b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:30:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 115
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6207
x-xss-protection: 0
server: cafe
etag: 17140096307539089235
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Jul 2021 15:30:02 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 5C0B 0
0 20ms
14ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQBmSBHv1JKzXOobImXPahLUnFmALK1kwajiLsWB_OdYrZp5MPBm7_dsN1I3K2M-Aq0FTOOs1ekqyYrbHIDj57cNFKi-w
Requested by: Host: f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com
URL: https://f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame B610 0
23 B 115ms
72ms Ping
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: as-goal.site
URL: https://as-goal.site/channel17/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 29 Jun 2021 15:31:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210624/r20110914/ Frame 5C0B 22 KB
8 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210624/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D2qvAFxQC0y3_OBJXsL58hzxjtWq7HivUnnKNbFspHfKaz5YIGxczPtNi4z-qduSg4HaVhx6S9XsWIaDqC_MvvIT5I6yqE6MWLF-nALnmu-2Lz1ewsfw_DHlh90ZJ2aEuhjg5iIP3gYo5DmgKt3X18Nhu0Dg&cry=1&dbm_d=AKAmf-BVML1B6cOM-lyrj5hHe2zno0NskdQ2Imy7ijXNJCgGCGy8kZvEAz9gre_hTfelm2_pcJ3TATZtua2uNpZ0EkvYJXDUlLQyueXvrUr3ngzvTAmiM2MVA9smW3ZBQCDsq37DfsxDBq-Jdp5nfMi77fI0XKcDcm5XswEY9W89emspUsU2TGb0sUM4_OpUDMK2oboIds5EwyCX_rRvBBN6OiFVVPcvxgt2SVaoOADNUfByxMvL3yYCmz3XtbiojRifwk96u_CgXH-DRO3b-uYM7SVpmavttqJo4lYGSKX3KMlAjovY3wgo0v6AbFOYpLUIVYpQAYGZWgpmyRBrCzn0SSog7gjQUyS_G615IkIGh_uHQcvh_LLkskyUVC8YeZBmkw2aAQrePO4viu41GdEHVDGiOY2S3cPR6CMZByHBh1P-EPgqZn73zyXq3ppkJV3j456pZS5XO5W22d_esnKHHXeiuvDJd2SZkeFg2cMTemdUIB5JVByOdNJ-GscPHQSnwl_Jcuq7eB7iY25yhT-FhMv_dIuYJr5dLqUY94MIp4rjWHjXws5FOX0DHzSIbh2h1vdEssy7u3q4AU01vYR_W_GR198Uwu-bj2WvQBPOkTsVlFtgA6YvvTQREYuYku5KPULg_5WPvFWuUvmfOYJoEiqZcHCVtPdqU62J4h1PE04CnMwyWeUGpiHEc7Kt2M3Jr_pVIvqnjjeJVWaEiLJPy6VAEknB33D8y9SQRhtC8D-Yq_u--FYU29_p8SxZLWPWCNcQHxo-THuyjakZjhdEaigrQqtDOaZsGJjuUmX-mWW5MuOJPkurWun-RBg2WJOGDzf7ZkHf4t7YYlOngoVCIFyovpRdv392cDjvXFWfT-GxtBRoQXIFSEsIGAML4v4lbjtu5uiy9-O0qUoMFW8pac3KFXa_D3liCRYPyzsXgP5m5YgOOw4r6_3_I4LzIcgmxB2a9GRgts6XFzYeikeKQcuDj-FSwcC5r5nQsawRHNYEmBgb-lGOzH2HmsbJHBjQlAI3yBL0R98rZWyss6avDvxeEU12ceK4V8o7ZT24mDBFCFt7DL60IPGU_Qy81VsGTReZeR9pkUYdaqMgPh_7D-9h9SaJcylWF0Ddq6qQ3HhU8XpjXAZT_7b7UeT_zJIlpsmwdSnKuLEncvXk3Mwnmb3_MLQf637eUyv6070e9ZadugYIcjrnfPPwHd6d2IjrM34JFg3YMgKSwn2e50pv7aM_6NTWAMGALgXU6uNWkUcxLrT1_Vj0ZLt3UVtLnIx7raL1FssP8Qozr7LlfSGNqMGspwPiPvhJwKICfD2TE0b8uNY5p-vcuIM286Cs3IhyuhNo9lpQC1i_GG_SoJDGFOWZI5Jyhjh7v7YiLD7cd13jN6TWD7tGK1AO9DC2TgkFxjYXmMesMJR0f8RQ6QG6a46-OhvhjamsgfeY1OEyanYqNEE-lKhXoQKDk55jpEEHc5c4dEay24H0ZGlDhyjDhIzmHKG6LcfFtWDQXwhxMF0OBSz0vaIZnxW1PYInRA14x0tH3XRkLqSI_ki6KQvXjp0iw-5o4r_NubtROhBlCY1uW150nlvVIwl63NfWrfC6j2i6OTvOgpeZMeGsAhAygJ1Cf52n6LYqr_x4JbX9b1WOtnT1T_XsmIB9JrbUIr9a7UJlF3iaLMSMAupInDSeqcf6inU2YU5sh1_XubR4NtPUAMteb4ZbMqQvIpKJ8S97To6hql1rxDcLvkxw6RAEUDPEYrCXEQItX_w02ZxRaNGQQUcN5lA4BzGkY9JEnyDdoC-x0q3rDELGCAN3GDDv83mh1QC21R2siHT-jDKNbjZC6mVfxVXR65s3iSsxh_W2vR2uIljSduLWwk0h4SLZm5WjnqWYGQx02Efa7zHPSGooxpbVRjollE8qPSX6r73w-9mliZqK19cxSqSPA7njphAhldPU_YY9p2lKmlQ0ZAkZuM4VdUIOitARox3J_6hplxjkSYP7BsI8YMhBdpKk-CkIZTlBqvgxvn0LA-VpWTxgWFrCv9Mfz-_z0ycyVfytO6Xw35ofNJU5iefLvQdEbjH97P5ZSy6seEe-ln90SQH1XE9o0qJaw781EqhyM2EWDegX5Flu6zWWzzgtEWVvHHDEUBkLYz67HzqRrnpVgPzIsTuSjNWa7c-1hYLK9x3e2RCUgSqw-AuSPNylpgiNw7Nwhxl9WBSM50eAQbRxhs0YKzymM7cALH9kfI-5U7aFBOfdylc2mw31v_3VZsKM5k-qeLYv4-3l7yYkVrfiM8KQLnIJDu3Fsph37OphqQoK0L_j_JGQDAvxDFJq4HTNL0eVoICv_BMl-VmRhG-Lte39qo5mxvZZlsG19L462lWgGzpDGukpmyifyWr5_ugcdBCHpFdrrNfMh13TP5FmoXKsuEZ8_62n-58JOA4F7Fi7vvCqNpfRHkQPxXOnuhnuk5FDAaOFXKhCk9aG_OjSSJJckF-JkTHV0lepDnV7if1Sx-blqyLc0ZMpsOeNap9g91EU3ePNs8OCQSbN_diluus_E0YwbXHK2PPnQuGJohRIy2BtiUqqjxOWLuP5yEJ-k-GiRFV31w4R-WQHzfmMvHY7pNZqavutVX52kaAWabXfbAaBPo06g1uKQC5gPfFNdJdp00CORAhC1pJQVYfU-eKzH3vfn6xBUuWF6dy6PCXow98CgH0EZRdgsmSRY47UyFKJTPHLoVrN8LjIRTTp4LYChGO6vW25T_kpMYroip_bJoVQTZHIPEoERsL2M2kLxhUaZhuJtDADR7j7Pm1cv14dNhuBH8EQL3abwDIO_mOpPbmKUbwPy-XHR6Q6LLKoGu2RIz9vgQTJCh6j1I0lJ8TsbcaGtvo5kc1EC9k0jBdRSdruSKwMU3BMMUQ5jGj0jeGK9sXsNyy6dvM8wxo9rZapmk1Kkj8mV4xIzhkUa6nj352MChHtLPOq0HZMy5TWjQMoh5q9u0lceWXpmRoBDTJB_Vc286ypLsK_5OJdvlfAs0JwrXnWnBriiEWBRKBCIabjoT7xbLom5_kyvpYLQC73SLWXzySYYcPCSyRIx6OF6tG44rItPq_OXvNlKvtQHqJ98mV4g4Fk3KNnT9xExvKJ7jNI9gnlmraiA5TIUx_c72vs4tFQ1N82kVd-xLEP7MRrU5QYvGvQKXrk3jJIFbPxlaHnoLBms-9oUeFlN7_N9EiHIiwETP-2kvg29usw64ABVbjx5_gNY5VCaYlvjG21Q3L4csTQrikGRShFVvAR7oWESvA2B3BMIRLGNefjH0u8tzGWlOjp4s0w5wnOEevNlGR2ZIR6hroPY5GtWv4J5P28ub79I19orznbAcDVFpmuGE5gnXelZAbMTqg_AFUc-ZrBxwM&cid=CAASFeRoiX6WcaI9vsyZ6Jg7W8jKuiuoow&rfl=1%2Chttps%253A%252F%252Fas-goal.site%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

598a6c545ec2b27cf7388041cb424a0f4ecc1884dc06e37781b927fbd3cd58fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:24:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 419
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8676
x-xss-protection: 0
server: cafe
etag: 11618055936852703379
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Jul 2021 15:24:58 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 5C0B 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 12:39:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10327
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jun 2022 12:39:50 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 45A0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELOHbodIXRZilJ-TuhYkg0A&google_cver=1

43 B
894 B

39ms
39ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELOHbodIXRZilJ-TuhYkg0A&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYnMXFlQEwAQ&v=APEucNVMYL1qlFxbyng1jSelyUDWQa3uI5VZK7r3FCK1cUk3cjVMO0gc6MLrYo4uMV0Zs7U4BXKNl1ZaAbCmkaB8G_rewG-_tkNVN5M9ZRZ-REGcj-jPr8aiUmW7nLZMXpRV0_Ggs7YfIkhK5SQJrHVTX9_Yt0b1_99-ZZiLxci0bTcUaskoU64
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 29 Jun 2021 15:31:57 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 29 Jun 2021 15:31:57 GMT

Redirect headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:31:57 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELOHbodIXRZilJ-TuhYkg0A&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 45A0
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YNs87e.8SoeEOWi.KQs-ZwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELOHbodIXRZilJ-TuhYkg0A&google_cver=1&google_hm=2

43 B
894 B

38ms
37ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELOHbodIXRZilJ-TuhYkg0A&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYnMXFlQEwAQ&v=APEucNVMYL1qlFxbyng1jSelyUDWQa3uI5VZK7r3FCK1cUk3cjVMO0gc6MLrYo4uMV0Zs7U4BXKNl1ZaAbCmkaB8G_rewG-_tkNVN5M9ZRZ-REGcj-jPr8aiUmW7nLZMXpRV0_Ggs7YfIkhK5SQJrHVTX9_Yt0b1_99-ZZiLxci0bTcUaskoU64
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 29 Jun 2021 15:31:57 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 29 Jun 2021 15:31:57 GMT

Redirect headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:31:57 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELOHbodIXRZilJ-TuhYkg0A&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 45A0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEB9omzeDKNxWSqg50OcYZM4&google_cver=1

43 B
1006 B

73ms
72ms

Image
image/gif

37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEB9omzeDKNxWSqg50OcYZM4&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYnMXFlQEwAQ&v=APEucNVMYL1qlFxbyng1jSelyUDWQa3uI5VZK7r3FCK1cUk3cjVMO0gc6MLrYo4uMV0Zs7U4BXKNl1ZaAbCmkaB8G_rewG-_tkNVN5M9ZRZ-REGcj-jPr8aiUmW7nLZMXpRV0_Ggs7YfIkhK5SQJrHVTX9_Yt0b1_99-ZZiLxci0bTcUaskoU64

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 29 Jun 2021 15:31:57 GMT
X-Proxy-Origin: 89.187.168.221; 89.187.168.221; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 6427f937-3c5a-491c-b0c9-c9cb217e7f86
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:31:57 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEB9omzeDKNxWSqg50OcYZM4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 45A0
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzg2NTMwNTMyODMzMzc1NDY1NA%3D%3D

170 B
188 B

44ms
44ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzg2NTMwNTMyODMzMzc1NDY1NA%3D%3D

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:31:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 29 Jun 2021 15:31:57 GMT
X-Proxy-Origin: 89.187.168.221; 89.187.168.221; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: ad939ef7-15b7-4d29-819a-9c64f7e5f90f
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzg2NTMwNTMyODMzMzc1NDY1NA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 6B02 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Tue, 29 Jun 2021 10:28:06 GMT
expires: Wed, 29 Jun 2022 10:28:06 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 18231
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK j7guwu45m6py Show response
hal9000.redintelligence.net/zone/ Frame 5C0B 11 KB
4 KB 115ms
38ms Script
text/html 138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/j7guwu45m6py?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC1DGT7TzbYMKSCY6_gQeazoiwB7XN-YNXzM-5q-UM8C4QASC52_MmYJUCyAEJqQKL6noP4vqzPqgDAaoE2gFP0N84TlfGO_yicYWXrXQ3twnsisdfiwnM-1QQR1Pzyl9F5kLORES0KtXWrQGF_y3_WMXXnCcqp_hZAlB7J-doE5WE2lBsvhK21eveojpkrl6tpFtn_tyDNVthpUvB0WCR_g6JP1sugCfhSeMDTCwhgui_V-xMp8Ybed4sKRoCwl9xHWKkP_hkjLX704r0LEXpMWCa5VhoVzvFEXveOVU46TU5mRPCnCrh0u4rPQZnjSQ1udPuTXbVz7TC5Je_FeGOdkd9SJp3HHU0q1JIpUpuURRE9C-N5UECTsAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi00ODkzODY3ODc4MTg4NzgzgAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASFeRoiX6WcaI9vsyZ6Jg7W8jKuiuoow%26sig%3DAOD64_3Jt9-QdKXdJn-ufytLE4TrXY184g%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-CXR3FjQ-JA8-5VFPq5OE9BEDa-Mxm79GvSwySRgP-dkXYkCTdRy4251n3dBBoPCNec_6jPkAbiKCbt0IDKZDwf8aGzv-UeuL_QQteDR1PYeoWHMHDQiJyAI0CL7vbB3T_94gQDcWk4Dkx7c8FKyRgR34wuag%26cry%3D1%26dbm_d%3DAKAmf-B_QiC972_fostoXj6IYmJtIOEQztHGB8nis8MM6o-1s0wMLeSgqAfsX6K99CFZMWYGqWBI2Mr8AdzehN6Vk_lEe71WL8d2_I-Q0TyX7iS8RmaM2ZUpYYtevwGPaDfhXbNya7hfzdY8qPo3lmeXNZdiHaETB8Wcnm2WVpoyzPpAkzRtq4zKomq_sIM6MVTbW2a2iXphC1QAiZfELIhpK-51qZ-1Ne0fjAHbJV5dsRH-2GB-FouakG5xgzfvCwruWXj2YdtIimKbw4TrIHHyJR11SWD5qupWy-_NT3-ZoF7kkDdlcHbWI8U7H3T6uJhOl4lfS9N2zt3030o7iaNGU8aYHTS2U4v7iLDLoDQ0HdZ1Dyppdq6cWgsRZ_oUp4C79AHheARzrPYZoXOJp1HPReo0fo-Ez5BIK-50AzJ2yK0tMtNpm0eInJTNyc5GimEMXLC15XkBB9aoKEmAmL7JdwjLIEMltQ%26adurl%3D
Requested by: Host: f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com
URL: https://f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 97687beb43215f6630ac8bcd2a547ba1965067d49a35adaca03674711129bd5e

Request headers

Referer: https://f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 29 Jun 2021 15:31:57 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3935
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021062408&jk=588773837464773&bg=!9fal9rLNAAYo4NJEKOA7ACkAdvg8Wo2_8RdBkbuwIZ6q43eLUAEOBukxOjx57QLXpYTLkriJzCXeWwIAAAEMUgAAAB1oAQcKAQJBLwwL814tVCxYITTxy9Qtt0NbYM9e1dACyW_pt6hjeRu2q8vkT0G9L4RrdQg7ASk_8VkqNDynlrgaujAhKsOSQouy9FWXCGcyS7tdu9bK5JNrgskkKFngCKLpTzhYmkmd21kyBQonm_YungM5FAVoUJZOFDFh2aVTUoBVHR8b0zyqgy7eoxZBxSc8Mp49qNPea4Jl9s8_ZznacLDCytA-RxCIC_qIR6M5qx1dK8vJXE3nbwzj0uZmlO-w6guXuCeEVJ9r9exa3M7W_iiNujnDqfLyCRUpZpYD5nhSCWmGSWmtJ7QikrHIMY7h7iRgqjmCBMeCH7a1yHNFLH9U131b4Y6ZAmalVIuplM8viJpGDW2EC0ejB8ipm3cK2zUs1kBDhDMwwP06NPFj-UUBmYS3LwUEgpbsIjDl2jGJoSyVUVniFIcK_kjdRx5vnbOhBc8BKpYvOV-HHH6GkN58ofXV87Z7BaUGfWLytQiOGncj5T6sTTLCJWLGTbhoa_AxeavwVtIYqwPs0sAh763Qm-cJP8j-lF9HAOzUAO4-grf0txebC2d7DF_eVxe57ZtriAJfAX4VvHWEWrvYBA1S2GFydHoXnNT-3_tS-CYCxrMXKh9F6by-FyKgt2SR2CqdSCmkRy7eD7YnQnxjkiq0DXLo6kWHFxYctNRogV1Fk_QJErHu9TkCfcW00z8qTMo2BnY0tIIHN6Ldf6yVchn_kwaIlMhgJgi6ZLV_lkZU5iK8_quYyCpkJ2FGxZX4vG7PfxFQZenvomMqItuizEntshgbrNGvkKtNMI6G1RQOC1d_HAkmNDo5uFJe5HoiULG2Ib1EFbEFPKpXHNvaZua7PupUHpSOIHWT10vClFFgcaS99bt6zezqlTywODV1Q9ddL0lmjgMqnMEX_dPdhA15g3xmE6YKM8Rgtepj2xBNJzXnSi81f1G4XBjPVgEYy4S8R0t0d3ZOOlzRI_dqAUdVZXgkVBQuvWig1ZBsI0UZuviMUVJKgyWk6biP0495PPRlv_3-CgcEBIg1mrh-xwIEifI_E0lyQVrgrtQFySiC2Jrv9tqB8d9twlgqhdmq0_QOevlWH6MVV7ABoEFVNrptCNwv-8Jw5PNyEKTgWlwUMPGzv6aVwHNWXIu3Q6cQ5p0paLz0XvePkrTkCKtWBA

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://as-goal.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:31:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 DbygjneaO4DVyaaVGwd-ToFDSMFkJodatxAyqShhIKw.js Show response
pagead2.googlesyndication.com/bg/ Frame 6B02 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DbygjneaO4DVyaaVGwd-ToFDSMFkJodatxAyqShhIKw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dbca08e779a3b80d5c9a6951b077e4e814348c16426875ab71032a9286120ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 10:45:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17166
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5767
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 16:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 29 Jun 2022 10:45:51 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3FA8 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BA3JY7TzbYJ7PDqKGjuwPq_yWmAEAAAAAOAHgBAI&bg=!cXKlcjbNAAYo4NJEKOA7ACkAdvg8WqSSsGoFw2aG1wdTxG8873c43LiMwec2Y1Q-JjREcpmqE3et8QIAAAEYUgAAAA9oAQcKAJo8ZsyhexxGt1nm3bS37bwLKzGtsKGKY1Kw03MzSi0_p75TN_pHzdlP2Cv3-XDVGwyw5K68aCNVXLM5YyYBoXuEMhpSnVeEsIeRIZjKzxrAOOu0rveqDFRCXEH9ciOGcnvCoxmBywma3aNtyiZraBsszuXhgC1WZrVtDw73d5OzkVdrtY1P4-1nwGyQqnBQu4Zt10Hd74snHis_mQK84Ud_dLJjuc4M0BQUxJsueWOz92v3XVvZaSXlsaMvmYrnGL3goSC7kBpCFD4F3TDcIDpMNIxzpsMJC5Nx3JsDiT76bbxUeT6C9tGWWut8BRjZ_qDAVXFFmvrjLFzEkIgnGFNckLVX_OYbMhXJ0BAwviGrBh5awAfUOnO6QJlpntfJlDkf2yofKOWeQ4-oyulspVcKTXyiOwIvIfVITRti-CNPsje5r1nJucuHsSBh8MggtH5WFBexd8h_23yPR-7aVkxaQKirQlVhg0_dC6KYcvnV1AVl4eVfEK1aVMuMRAMm5ZB9wsl7rRFRiAxu0oNk_UnRvWOlvg5d2yECxERcTCP5cL1GqwP21ZjCWc6af5944_YtaPeFU_SAMVSd13PBjN2vLPcs1m3MaGEiqFKrviSovrCelDyitOy_ik95Xdcn2ApoZ8wHFs4zgqO2WX7ZnG9ruonZrEkej4RF7rm8V4MwL2byfE6IpBOn6ZDDksOYlAyc6cDxJLys79fRPyDi517ormcxGSz3I8IkTsXfvrAhJxho2kYgVyUbV38m-oq1UK3HqlZTCEXtVoWmWG99o9wBxcEhKKKQ7Vq1CNJBf3CHexAyfDiMZGRnL6Q2m0ch_VyEF8wbRnJ3R4XzWKHcsGu8QddP5AD2HDl5YQSR0NTszHHbzJZbZI1MWo46DDFLXr4OeBoiEQtUaRVqN9Ag4R3Zleq9rgsMkHP71MybFJ-JAzuLH5CvpE_r7dwn2FrE7GZbyAl3vElb4Ai63BdfVOEKElJS1LtyACGqOXC8Df1tkrJbcoSQ_jR9qUQzkk88-qUS3k3ntEPfhgbRzu_NNNwJtfHh9u9fmlNQbgoOOqjw5jDekkFuy43SsZELIBrZ2Nu-VCF9LgkC6nisLF6WaV5Gv_8s1wfsHgir8GPQlBf3NyzoYMDtvuzI2A

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:31:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

request.php Show response
hal90007.redintelligence.net/ Frame 5C0B
Redirect Chain

https://hal90007.redintelligence.net/request.php?zone=j7guwu45m6py&nw=20&renderingType=javascript&namespace=f5cb3a4c36&subid=&uid=33d9e64c136214e2&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90007.redintelligence.net/request.php?zone=j7guwu45m6py&nw=20&renderingType=javascript&namespace=f5cb3a4c36&subid=&uid=33d9e64c136214e2&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

612 B
935 B

183ms
103ms

Script
application/x-javascript

138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90007.redintelligence.net/request.php?zone=j7guwu45m6py&nw=20&renderingType=javascript&namespace=f5cb3a4c36&subid=&uid=33d9e64c136214e2&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC1DGT7TzbYMKSCY6_gQeazoiwB7XN-YNXzM-5q-UM8C4QASC52_MmYJUCyAEJqQKL6noP4vqzPqgDAaoE2gFP0N84TlfGO_yicYWXrXQ3twnsisdfiwnM-1QQR1Pzyl9F5kLORES0KtXWrQGF_y3_WMXXnCcqp_hZAlB7J-doE5WE2lBsvhK21eveojpkrl6tpFtn_tyDNVthpUvB0WCR_g6JP1sugCfhSeMDTCwhgui_V-xMp8Ybed4sKRoCwl9xHWKkP_hkjLX704r0LEXpMWCa5VhoVzvFEXveOVU46TU5mRPCnCrh0u4rPQZnjSQ1udPuTXbVz7TC5Je_FeGOdkd9SJp3HHU0q1JIpUpuURRE9C-N5UECTsAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi00ODkzODY3ODc4MTg4NzgzgAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASFeRoiX6WcaI9vsyZ6Jg7W8jKuiuoow%26sig%3DAOD64_3Jt9-QdKXdJn-ufytLE4TrXY184g%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-CXR3FjQ-JA8-5VFPq5OE9BEDa-Mxm79GvSwySRgP-dkXYkCTdRy4251n3dBBoPCNec_6jPkAbiKCbt0IDKZDwf8aGzv-UeuL_QQteDR1PYeoWHMHDQiJyAI0CL7vbB3T_94gQDcWk4Dkx7c8FKyRgR34wuag%26cry%3D1%26dbm_d%3DAKAmf-B_QiC972_fostoXj6IYmJtIOEQztHGB8nis8MM6o-1s0wMLeSgqAfsX6K99CFZMWYGqWBI2Mr8AdzehN6Vk_lEe71WL8d2_I-Q0TyX7iS8RmaM2ZUpYYtevwGPaDfhXbNya7hfzdY8qPo3lmeXNZdiHaETB8Wcnm2WVpoyzPpAkzRtq4zKomq_sIM6MVTbW2a2iXphC1QAiZfELIhpK-51qZ-1Ne0fjAHbJV5dsRH-2GB-FouakG5xgzfvCwruWXj2YdtIimKbw4TrIHHyJR11SWD5qupWy-_NT3-ZoF7kkDdlcHbWI8U7H3T6uJhOl4lfS9N2zt3030o7iaNGU8aYHTS2U4v7iLDLoDQ0HdZ1Dyppdq6cWgsRZ_oUp4C79AHheARzrPYZoXOJp1HPReo0fo-Ez5BIK-50AzJ2yK0tMtNpm0eInJTNyc5GimEMXLC15XkBB9aoKEmAmL7JdwjLIEMltQ%26adurl%3D&documentReferer=https%3A%2F%2Fas-goal.site%2F&ancestorOrigins=https%3A%2F%2Fas-goal.site&random=8496224999187&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Requested by: Host: f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com
URL: https://f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.157 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 90a42e071f396104e5922c4367fbb48085bb1c12d76a63da8f81dddfd7f4d529

Request headers

Referer: https://f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 29 Jun 2021 15:31:58 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 39084700154555401084702011640007
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 329
Expires: Tue, 29 Jun 2021 16:31:58 +0200

Redirect headers

Pragma: no-cache
Date: Tue, 29 Jun 2021 15:31:57 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=j7guwu45m6py&nw=20&renderingType=javascript&namespace=f5cb3a4c36&subid=&uid=33d9e64c136214e2&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC1DGT7TzbYMKSCY6_gQeazoiwB7XN-YNXzM-5q-UM8C4QASC52_MmYJUCyAEJqQKL6noP4vqzPqgDAaoE2gFP0N84TlfGO_yicYWXrXQ3twnsisdfiwnM-1QQR1Pzyl9F5kLORES0KtXWrQGF_y3_WMXXnCcqp_hZAlB7J-doE5WE2lBsvhK21eveojpkrl6tpFtn_tyDNVthpUvB0WCR_g6JP1sugCfhSeMDTCwhgui_V-xMp8Ybed4sKRoCwl9xHWKkP_hkjLX704r0LEXpMWCa5VhoVzvFEXveOVU46TU5mRPCnCrh0u4rPQZnjSQ1udPuTXbVz7TC5Je_FeGOdkd9SJp3HHU0q1JIpUpuURRE9C-N5UECTsAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi00ODkzODY3ODc4MTg4NzgzgAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASFeRoiX6WcaI9vsyZ6Jg7W8jKuiuoow%26sig%3DAOD64_3Jt9-QdKXdJn-ufytLE4TrXY184g%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-CXR3FjQ-JA8-5VFPq5OE9BEDa-Mxm79GvSwySRgP-dkXYkCTdRy4251n3dBBoPCNec_6jPkAbiKCbt0IDKZDwf8aGzv-UeuL_QQteDR1PYeoWHMHDQiJyAI0CL7vbB3T_94gQDcWk4Dkx7c8FKyRgR34wuag%26cry%3D1%26dbm_d%3DAKAmf-B_QiC972_fostoXj6IYmJtIOEQztHGB8nis8MM6o-1s0wMLeSgqAfsX6K99CFZMWYGqWBI2Mr8AdzehN6Vk_lEe71WL8d2_I-Q0TyX7iS8RmaM2ZUpYYtevwGPaDfhXbNya7hfzdY8qPo3lmeXNZdiHaETB8Wcnm2WVpoyzPpAkzRtq4zKomq_sIM6MVTbW2a2iXphC1QAiZfELIhpK-51qZ-1Ne0fjAHbJV5dsRH-2GB-FouakG5xgzfvCwruWXj2YdtIimKbw4TrIHHyJR11SWD5qupWy-_NT3-ZoF7kkDdlcHbWI8U7H3T6uJhOl4lfS9N2zt3030o7iaNGU8aYHTS2U4v7iLDLoDQ0HdZ1Dyppdq6cWgsRZ_oUp4C79AHheARzrPYZoXOJp1HPReo0fo-Ez5BIK-50AzJ2yK0tMtNpm0eInJTNyc5GimEMXLC15XkBB9aoKEmAmL7JdwjLIEMltQ%26adurl%3D&documentReferer=https%3A%2F%2Fas-goal.site%2F&ancestorOrigins=https%3A%2F%2Fas-goal.site&random=8496224999187&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Tue, 29 Jun 2021 16:31:57 +0200

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6B02 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BdkwY7TzbYJHmJ42PgAewiLXwBgAAAAA4AeAEAg&bg=!NzSlNHDNAAYo4NJEKOA7ACkAdvg8Wu0jvhgknxYxrakW2qXZdE6gdgcj-WJ1MJx9y1yn8Y9jOPTEdgIAAABwUgAAAAxoAQcKAIjYp-xWhEAgJBBkYu7YmCFYdcfiyAQbD553TPgeRXoF0rrFRbjBH0lcQp_ZR9tsw-HTLqH1APUY296qWHeReKdz4xnAg9zH0ZK4gGhCyvt8YmWvAsjitWMIwpdrp94XpwHHpIBKDQXOmQsGtQbA2VgQHn9voUYFLzDmInMe7RI4zvVcGpUmqaU2mQLAwRXip--twMJ8gqyDRpF9NKply_qfZdy1hoqkeON__1qaicUhrIEzXz7xUb8eCnb5qaAzx4q2n1HbbX528FURa_Jbu8qryKQeDCuxB846sN5WB0y1sdw6XxXEkWpjAuGhrpz4UrgI4cgl8bKO5HyEtA4AWBEhG0W13yodcbRGhPloKQDR9b61PeyWMee5wTaaMi3Ec3naI4oz711VhEnqTJ1jPD0wZHppwRdrnsGz43MqY45dJQR5OZg1zhFF0frhea21YaeeSZoSl46Pq1n1Js6ura6EVvnq9RKkQH0t_HGtEFwNnKpRTAqbsB9-dfpB50dvO_VYA0bUh4HQpvdOufz-2Hfoqa7PtOm-ehHxh1aEDSQg4RQMvkN2ZMl0doiY_h9zpByfN6_Lv92qZKfnCHUnWVT5JM93obtXyl1qrFnuF8oxO-ge2kicv3PyaEfBejUMqT1YirXj8Qi-Fd8abyjsVRTJJeGE55udETmJtFxh9S-bj1JREShgt3gXemylR8OTV3No9hRawAi7SxvJdTIZt9CZC2JGS4BWkSaagell4wmUkAEKjjaagwsn6A2thLDq4OPke3jBZAGAnB68Ctu5RQWtUFbo6VIcXy958lKZqIv9T0tJzAXsW0rGgxjnD4bXXZq0CcR-E8smMf8xbJ9sozvTSw-E5MwuTeSP_BOHYWlD972QmWgnHUNg20ONGrPeReua9d-wREQjoc4f83u1q2AUefN_WYd-BjugA9a9ydwr28aDGefPaznMzDtSwzNnxsUay0PBadDshLHadJAYWejK4_0yuJy_gqbgVJEKpLez17aFuXrK206_TkwDj28w9aiSQuCYMWiakC6BdYSMAAlR6iPl6l2uSn641WCqMo4iqvbOwz_J-X66YFgo0RkDBUFZh4TqZFO01tQfoKCUL0KW3tG1Fqp4PLKsgBs

Requested by

Host: f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com
URL: https://f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:31:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK request_content.php Show response
hal90007.redintelligence.net/ Frame D695 4 KB
2 KB 109ms
37ms Document
text/html 138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90007.redintelligence.net/request_content.php?s=39084700154555401084702011640007&a=e7acdc2e
Requested by: Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request.php?zone=j7guwu45m6py&nw=20&renderingType=javascript&namespace=f5cb3a4c36&subid=&uid=33d9e64c136214e2&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC1DGT7TzbYMKSCY6_gQeazoiwB7XN-YNXzM-5q-UM8C4QASC52_MmYJUCyAEJqQKL6noP4vqzPqgDAaoE2gFP0N84TlfGO_yicYWXrXQ3twnsisdfiwnM-1QQR1Pzyl9F5kLORES0KtXWrQGF_y3_WMXXnCcqp_hZAlB7J-doE5WE2lBsvhK21eveojpkrl6tpFtn_tyDNVthpUvB0WCR_g6JP1sugCfhSeMDTCwhgui_V-xMp8Ybed4sKRoCwl9xHWKkP_hkjLX704r0LEXpMWCa5VhoVzvFEXveOVU46TU5mRPCnCrh0u4rPQZnjSQ1udPuTXbVz7TC5Je_FeGOdkd9SJp3HHU0q1JIpUpuURRE9C-N5UECTsAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi00ODkzODY3ODc4MTg4NzgzgAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASFeRoiX6WcaI9vsyZ6Jg7W8jKuiuoow%26sig%3DAOD64_3Jt9-QdKXdJn-ufytLE4TrXY184g%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-CXR3FjQ-JA8-5VFPq5OE9BEDa-Mxm79GvSwySRgP-dkXYkCTdRy4251n3dBBoPCNec_6jPkAbiKCbt0IDKZDwf8aGzv-UeuL_QQteDR1PYeoWHMHDQiJyAI0CL7vbB3T_94gQDcWk4Dkx7c8FKyRgR34wuag%26cry%3D1%26dbm_d%3DAKAmf-B_QiC972_fostoXj6IYmJtIOEQztHGB8nis8MM6o-1s0wMLeSgqAfsX6K99CFZMWYGqWBI2Mr8AdzehN6Vk_lEe71WL8d2_I-Q0TyX7iS8RmaM2ZUpYYtevwGPaDfhXbNya7hfzdY8qPo3lmeXNZdiHaETB8Wcnm2WVpoyzPpAkzRtq4zKomq_sIM6MVTbW2a2iXphC1QAiZfELIhpK-51qZ-1Ne0fjAHbJV5dsRH-2GB-FouakG5xgzfvCwruWXj2YdtIimKbw4TrIHHyJR11SWD5qupWy-_NT3-ZoF7kkDdlcHbWI8U7H3T6uJhOl4lfS9N2zt3030o7iaNGU8aYHTS2U4v7iLDLoDQ0HdZ1Dyppdq6cWgsRZ_oUp4C79AHheARzrPYZoXOJp1HPReo0fo-Ez5BIK-50AzJ2yK0tMtNpm0eInJTNyc5GimEMXLC15XkBB9aoKEmAmL7JdwjLIEMltQ%26adurl%3D&documentReferer=https%3A%2F%2Fas-goal.site%2F&ancestorOrigins=https%3A%2F%2Fas-goal.site&random=8496224999187&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.157 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: fc109af3d0774408f44bf7e59a3918d95a936a2bb42cec082268d2cb71832389

Request headers

Host: hal90007.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: 8lcfmzhxc8d6_uid=1e646d945ad17c58
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com/

Response headers

Date: Tue, 29 Jun 2021 15:31:58 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 29 Jun 2021 16:31:58 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1412
Connection: close
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK S-336x280.gif
cdn.contentspread.net/24i/content/soberfb/DE/ Frame D695 77 KB
77 KB 140ms
43ms Image
image/gif 51.75.147.170
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/content/soberfb/DE/S-336x280.gif
Requested by: Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=39084700154555401084702011640007&a=e7acdc2e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 51.75.147.170 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 389fea323237b8da675f0c2ab8b701a9a0637ec1e4bb3d4b6cc9ce5440abc1a5

Request headers

Referer: https://hal90007.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 29 Jun 2021 15:31:58 GMT
Last-Modified: Mon, 23 Jul 2018 15:19:51 GMT
Server: nginx
ETag: "5b55f217-1348d"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 78989

GET
H/1.1 200
OK viewability Show response
hal90007.redintelligence.net/ Frame D695 0
150 B 118ms
39ms Script
text/html 138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90007.redintelligence.net/viewability?s=39084700154555401084702011640007&a=f0d83c5f&vb=m
Requested by: Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=39084700154555401084702011640007&a=e7acdc2e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.157 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hal90007.redintelligence.net/request_content.php?s=39084700154555401084702011640007&a=e7acdc2e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 29 Jun 2021 15:31:58 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame D695 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B610 42 B
64 B 33ms
17ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvGxs20FRZMMxUT3aK8IW5Vccr2VBZj8hMBdwTnK6cTZ0XX8833PKkN8LyUfQ3SsUoyzSQJQ1GE9V_Xq4-5U-9XmDKfZra2RMOXCHH--sL8-H4ytELEgd8GAvcokw&sai=AMfl-YQdJGP6TI-FFlARUpyu9STubOA58Y7KfRIWdh9mBgpMCkjHg6SJK1DJI2WiUOPApQf7JdkNO3oSOZzBkx4tfP2YvftAAuslMydn4g8CqKdYBcaw6tkWYqIZK_rXRyEB&sig=Cg0ArKJSzEu7nAivsT3EEAE&cid=CAASFeRoiAz6JH1WLBO9tE5PzXV6570P8Q&id=lidar2&mcvt=1000&p=115,436,205,1164&asp=115,436,205,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210628&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2295158952&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1624980717190&dlt=23&rpt=168&isd=0&lsd=0&msd=0&r=v&speed=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:31:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 b73db3884cabb8e89c3a7b05d585f3bf.svg
s0.2mdn.net/9342312/1619625529694/media/ Frame 612C 3 KB
1 KB 25ms
6ms Image
image/svg+xml 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9342312/1619625529694/media/b73db3884cabb8e89c3a7b05d585f3bf.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9342312/1619625529694/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ac20d5066298115f37da2bec1b3df1cd13a7204ff6f0d21202d982022db845b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9342312/1619625529694/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:00:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55875
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 863
x-xss-protection: 0
last-modified: Wed, 28 Apr 2021 15:58:50 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 30 Jun 2021 00:00:47 GMT

GET
H2 200 d06417b172417aef6815e6c350139607.jpg
s0.2mdn.net/9342312/1619625529694/media/ Frame 612C 3 KB
3 KB 26ms
6ms Image
image/jpeg 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9342312/1619625529694/media/d06417b172417aef6815e6c350139607.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9342312/1619625529694/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9aec6ab050597b79eb2a99674bd2dabab7aa591a39a11611fedac3e68a2cb87a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9342312/1619625529694/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 01:59:30 GMT
x-content-type-options: nosniff
last-modified: Wed, 28 Apr 2021 15:58:49 GMT
server: sffe
age: 48752
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2607
x-xss-protection: 0
expires: Wed, 30 Jun 2021 01:59:30 GMT

GET
H2 200 dc_oe=ChMI3vmr85S98QIVIoODBx0rvgUTEAAYACDjvctHQhMI7sWQ85S98QIVFF7gCh1ezg4c;met=1;&timestamp=1624980727668;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame B610 42 B
515 B 150ms
72ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI3vmr85S98QIVIoODBx0rvgUTEAAYACDjvctHQhMI7sWQ85S98QIVFF7gCh1ezg4c;met=1;&timestamp=1624980727668;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 15:32:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.as-goal.site/	1970-01-20 04:44:36	Name: __gads Value: ID=b39e82c7e2d1f4a8-2204d07c6fc80022:T=1624980716:S=ALNI_Ma_ti_sRLKPGQ6gkhySWv8zDNvzOA
.as-goal.site/	1970-01-19 19:23:00	Name: _gat_gtag_UA_60503330_36 Value: 1
.as-goal.site/	1970-01-19 19:24:27	Name: _gid Value: GA1.2.295412618.1624980717
.as-goal.site/	1970-01-20 12:54:12	Name: _ga Value: GA1.2.713928059.1624980717

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors https://as-goal.site
X-Frame-Options	ALLOW-FROM https://as-goal.site

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
ade.googlesyndication.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
as-goal.site
cdn.contentspread.net
cdn.jsdelivr.net
cdn.staticaly.com
cm.g.doubleclick.net
d.adtriba.com
dsum-sec.casalemedia.com
f300344d70856a5c60d03886539dafa0.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hal9000.redintelligence.net
hal90007.redintelligence.net
ib.adnxs.com
memotec.xyz
pagead2.googlesyndication.com
s0.2mdn.net
securepubads.g.doubleclick.net
tpc.googlesyndication.com
tv.as-goal.site
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
138.201.63.157
138.201.84.245
142.250.185.162
142.250.185.226
142.250.186.162
142.250.186.66
2.18.234.21
2606:4700:3034::6815:22b
2606:4700:3036::6815:1b69
2a00:1450:4001:800::2002
2a00:1450:4001:801::2003
2a00:1450:4001:802::200a
2a00:1450:4001:803::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:811::2004
2a00:1450:4001:811::2006
2a00:1450:4001:812::2008
2a00:1450:4001:813::2001
2a00:1450:4001:827::2001
2a00:1450:4001:828::200a
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2001
2a00:1450:4001:830::200e
2a04:4e42:1b::485
2a04:4e42::649
35.158.186.240
37.252.172.250
51.75.147.170
094180f68277755a3a74776e416dc0a5bde0c7c498bbd9eeda3028f63685ff0a
0a6b3b2583f0b9ea7da829409bcde3dc1641adb9092100bf2e1415d61cde46d6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0dbca08e779a3b80d5c9a6951b077e4e814348c16426875ab71032a9286120ac
0f171e8575efc0a46ffeb141491010c10df898d4a817aa67be0e5427af89e932
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
16dde9a1942cbd39c1f882ebd1e6f3768b933c64051c589feb1243c4fcd050ba
1ed5bd7f793417742f3fc498fd91160f8f536435fdfef7340d7af1d9ea0216ac
29d592e34e3d2c8ca0c55ceafd75940de79cdb6381d8ceb372d226e7820e7220
2e04c6f562dc4acf59b855f53f65f0359a49b7ab899c21a522a6bd7f50f1d86b
34b0d0396320f78f4a0371e6d58014dda2c73a95bd5683450465e6030e564539
389fea323237b8da675f0c2ab8b701a9a0637ec1e4bb3d4b6cc9ce5440abc1a5
396ba6baecc7e52df5599ffdc5f55c87c8969d7b4cde477f6ca9bda366e183ab
3a3e9c51bc7e499210595a21a2fb91c21c17b8f57655d3577e2e1edd2f78cdcc
453a980367e2c76aacb9c48ddab4f0732175bd0f2aefc257cfaa75dfb4dc2ae2
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c18d25db06a7184e5a89272ae51b7e55367916839109d2bc25415a0ebbe0f86
4c300b3c2b03066424f6ca0b34b91ee8e372d67d0e9a376cbf14be081bf48653
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
4fe40a0fd2a9b337440874c1aad58bff0f153d952da7f83dfacb9303b6771350
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
525664abdd2aff523cfb5e9c7a2bc242e482815f73acba82b46ee450ead3a4ca
526d8ec20ac4a7f4f45eeb52af8327bff355f3fe8659301791d9070826e88bef
5515223ac2cb272d4dcf91a4aefced55a3d51bb3207cee2f11fae692b8dbabc4
598a6c545ec2b27cf7388041cb424a0f4ecc1884dc06e37781b927fbd3cd58fd
633ff8da1bc38b48c5c96bf180889d32dc151df8ddc1e6b848c80762ef1e3250
66b9fca00e13d5641b8cc1eddd4c9888e93a26724f25683ac17450c836b05972
68b4ac5833d4474ef046db5c1495c5b70c16f6fe6f219656dbb7129b8faeed20
6ac20d5066298115f37da2bec1b3df1cd13a7204ff6f0d21202d982022db845b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
71912cd1e6b4c89e035935fac8be6c9b8e91ce8b5d80fbd8aca09238572f4e80
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
773d39d817342d38ff8203ede93c2280d9f4e6cbeac425fe09bdb7decddc65aa
7a5249886653b630dee050e6934a371610a6ab81243b36fadc37730c909eabc2
7bd866c02b8a60761c6d07dff1e1f96b109b43816eefa1b3558bc10b4bbafb19
84cfe81c7b675808917d7d014eef40275b0001364c5abadf15fc8cd27397bb5e
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
87a24719642024b46e06f46e98edb913b6eb6ca0f4a034330bee564cafaaf251
90a42e071f396104e5922c4367fbb48085bb1c12d76a63da8f81dddfd7f4d529
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
97687beb43215f6630ac8bcd2a547ba1965067d49a35adaca03674711129bd5e
9aec6ab050597b79eb2a99674bd2dabab7aa591a39a11611fedac3e68a2cb87a
9e21d1f14994a263cfda9018dd11f035d792111ef036d9887db102107eec02ec
9f4169e5cd2390babf73e19454bb55339366d3e2fd85b462b33f9ab96137556e
9fdc88ccc0e10bbc87372fd245028d17169e9b3576713c2f20ac7fc90c3fa299
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a029ad1de22249db15e4a05e5e168cf70b256ce05cdef7f7e7927c2df030f57b
a279d85cf5fa3ddaa85f2a50a79a738bfc711a65ffbdb1c1ad7d65cfc0f3ec0c
a49c18b08b36cf4c3a57f57f5d98024135b7ea6b3626d4067aef31ab1101d285
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ad149986f04994085f915c8e6b4691f968637dd0ceeb792972be7fa33dba4e34
af3c481e09d4439764d7152ccb1067cf21c0067b850e9e59f23f8b9f2777d922
b02c3188904d9a620795cdfb4f391bbed769407887e41f3bbbf52766bbc22da3
b04c7dea40d8f0e0ef9b5561940becdedf9c2252691a5453d25f906ed94864c5
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b8a2e83955a77d82c9fd99a3a9595609f8fc55b956262bb10102982ccdc02305
b906a0350b44cfd808dde5820202a7f08cfd61fc9cc72532f74fa4291cf065d9
bcc28cabdb870eb9d1397edfbedd60151959559bfe87be2cb75e09bff5ca41de
bd5d189901092f36d382a5cd39053f8c5aa2dbc40032dc3f539555ef6ce95280
c268fc5ce52b646b09f65d4f0f1b1749f9f94ca7854fd45072fa8cd2f45b0798
c93497db1a0254b42f77ba6b7017100959bbe48618e8afd79ce923b1cd7a1510
ccc089ceb987ba6eb5cc978bb1960592ecdcd1ee186b399ca99bfc73bae390d4
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
d432aad61128f2f38d033168c9efae0610fd108fdc311a9f70b8ecf73ce7c222
d59572b7482e805e1e1fa211d3194d35a961b1bc654bc2bf0199e65ac2f23e8e
db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c
e2f5a99d439c1d7bc8cd4e02f39d77d0dab1eba4e1fae40d3fc5d06ac3aaf1ea
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e500f39a8b6996962214b7bb2d37a9e52e3b36c3113279beeccba9168adffb3d
ebc367bcdd2873f80bae9d08b1d6316d0d158241e5f1a6ad843e094c8be6cb1a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f178b64f0e2e2adb2f74a5879c4b8e68d0aad8b809760acbe8a0594d2c4fdfdf
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
f852dfebba4af97add777a1d789b4739164d6cc93aa34db2c463141a5c3f4d09
fc109af3d0774408f44bf7e59a3918d95a936a2bb42cec082268d2cb71832389
fcde9d2b057fa20a1de9e117ff72b96dc112bf94956c0a3953e2ddffea4af595

as-goal.site Open in urlscan Pro 2606:4700:3034::6815:22b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

107 Requests

100 %HTTPS

68 %IPv6

20 Domains

30 Subdomains

32 IPs

3 Countries

1121 kBTransfer

2830 kBSize

4 Cookies

9 Outgoing links

Page URL History

Redirected requests

107 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

as-goal.site Open in urlscan Pro
2606:4700:3034::6815:22b Public Scan

Screenshot
Live screenshot

Full Image

107
Requests

100 %
HTTPS

68 %
IPv6

20
Domains

30
Subdomains

32
IPs

3
Countries

1121 kB
Transfer

2830 kB
Size

4
Cookies

107 HTTP transactions
3 data transactions