www2.kusports.com Open in urlscan Pro
208.91.60.6 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www2.kusports.com/users/josephinecsanford/
Submission: On August 21 via manual (August 21st 2021, 7:10:30 am UTC) from US

Summary HTTP 399 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 59 IPs in 11 countries across 62 domains to perform 399 HTTP transactions. The main IP is 208.91.60.6, located in United States and belongs to NSIHOSTING-EQX-VA, US. The main domain is www2.kusports.com.

This is the only time www2.kusports.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	208.91.60.6 208.91.60.6	14244 (NSIHOSTIN...) (NSIHOSTING-EQX-VA)
95	208.91.60.7 208.91.60.7	14244 (NSIHOSTIN...) (NSIHOSTING-EQX-VA)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1	151.101.194.133 151.101.194.133	54113 (FASTLY) (FASTLY)
1	178.79.227.76 178.79.227.76	22822 (LLNW) (LLNW)
1 2	34.254.108.170 34.254.108.170	16509 (AMAZON-02) (AMAZON-02)
1	35.190.90.202 35.190.90.202	15169 (GOOGLE) (GOOGLE)
27	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	151.101.13.44 151.101.13.44	54113 (FASTLY) (FASTLY)
2	2600:9000:219... 2600:9000:2190:5000:d:77c3:2dc0:21	16509 (AMAZON-02) (AMAZON-02)
1 4	66.155.71.149 66.155.71.149	13768 (COGECO-PEER1) (COGECO-PEER1)
46	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9a	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 3	13.224.96.7 13.224.96.7	16509 (AMAZON-02) (AMAZON-02)
1	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
1	52.209.141.213 52.209.141.213	16509 (AMAZON-02) (AMAZON-02)
1 2	2600:9000:215... 2600:9000:2156:a800:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2 3	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
6	151.101.13.194 151.101.13.194	54113 (FASTLY) (FASTLY)
27	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
6	3.20.200.22 3.20.200.22	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
2 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
5 24	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
33	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
16 40	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
4 5	185.33.221.53 185.33.221.53	29990 (ASN-APPNEX) (ASN-APPNEX)
2	116.202.46.88 116.202.46.88	24940 (HETZNER-AS) (HETZNER-AS)
3	94.130.102.164 94.130.102.164	24940 (HETZNER-AS) (HETZNER-AS)
2	104.90.104.248 104.90.104.248	16625 (AKAMAI-AS) (AKAMAI-AS)
3 4	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
1	2a00:1288:80:... 2a00:1288:80:800::7001	203220 (YAHOO-DEB) (YAHOO-DEB)
1 6	176.9.26.250 176.9.26.250	24940 (HETZNER-AS) (HETZNER-AS)
1 4	46.4.10.47 46.4.10.47	24940 (HETZNER-AS) (HETZNER-AS)
4 4	18.194.125.59 18.194.125.59	16509 (AMAZON-02) (AMAZON-02)
3 3	35.157.53.20 35.157.53.20	16509 (AMAZON-02) (AMAZON-02)
1 1	146.0.227.110 146.0.227.110	29066 (VELIANET-...) (VELIANET-AS velia.net Internetdienste GmbH)
2 3	52.215.67.80 52.215.67.80	16509 (AMAZON-02) (AMAZON-02)
1 1	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	37.157.4.39 37.157.4.39	198622 (ADFORM) (ADFORM)
1	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
1 1	159.253.128.188 159.253.128.188	36351 (SOFTLAYER) (SOFTLAYER)
1	52.43.92.3 52.43.92.3	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:20::2010	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	3.67.233.59 3.67.233.59	16509 (AMAZON-02) (AMAZON-02)
3 3	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
2 2	87.98.242.60 87.98.242.60	16276 (OVH) (OVH)
2 2	51.79.83.225 51.79.83.225	16276 (OVH) (OVH)
2 2	34.254.143.3 34.254.143.3	16509 (AMAZON-02) (AMAZON-02)
2 3	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (TURN) (TURN)
1 2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
3	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	2a02:fa8:8806... 2a02:fa8:8806:12::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	51.178.20.140 51.178.20.140	16276 (OVH) (OVH)
2 2	81.222.128.213 81.222.128.213	20597 (ELTEL-AS) (ELTEL-AS)
1 1	34.204.22.100 34.204.22.100	14618 (AMAZON-AES) (AMAZON-AES)
1 1	13.225.87.64 13.225.87.64	16509 (AMAZON-02) (AMAZON-02)
1 1	18.184.122.71 18.184.122.71	16509 (AMAZON-02) (AMAZON-02)
3 3	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
3	88.99.70.21 88.99.70.21	24940 (HETZNER-AS) (HETZNER-AS)
5	138.201.63.164 138.201.63.164	24940 (HETZNER-AS) (HETZNER-AS)
2	35.201.98.64 35.201.98.64	15169 (GOOGLE) (GOOGLE)
1	34.96.105.8 34.96.105.8	15169 (GOOGLE) (GOOGLE)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	18.156.133.101 18.156.133.101	16509 (AMAZON-02) (AMAZON-02)
2 2	70.42.32.159 70.42.32.159	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
2 2	213.19.147.44 213.19.147.44	3356 (LEVEL3) (LEVEL3)
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
399	59

1 208.91.60.6 (United States)

ASN14244 (NSIHOSTING-EQX-VA, US)
PTR: ellingtoncms.com

www2.kusports.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

95 208.91.60.7 (United States)

ASN14244 (NSIHOSTING-EQX-VA, US)
PTR: *.media.clients.ellingtoncms.com

worldonline.media.clients.ellingtoncms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.133 (United States)

ASN54113 (FASTLY, US)

cdn.includemodal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.79.227.76 (United States)

ASN22822 (LLNW, US)
PTR: https-178-79-227-76.vie.llnw.net

cdn01.basis.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.254.108.170 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-108-170.eu-west-1.compute.amazonaws.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.90.202 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 202.90.190.35.bc.googleusercontent.com

quizzicalzephyr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2190:5000:d:77c3:2dc0:21 (United States)

ASN16509 (AMAZON-02, US)

d2s8wlbatk24s7.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 66.155.71.149 (Portsmouth, United Kingdom) 1 redirects

ASN13768 (COGECO-PEER1, CA)

pixel.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

46 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.96.7 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-7.zrh50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)

edge.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.209.141.213 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-141-213.eu-west-1.compute.amazonaws.com

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:a800:6:44e3:f8c0:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

4b06f1ec4271cca4fc333408d857ee6a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cd91c949272e9512194b1eb023734aa5.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
51a6ece29b16f420bcfac8ec06484ba5.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.13.194 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

includemodal.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.20.200.22 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-20-200-22.us-east-2.compute.amazonaws.com

includemodal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

eed9815900d665eda5c086a66887158a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
24bac2d42da8d01b8705ae2442e3d932.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-ads.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 34.98.64.218 (Kansas City, United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-ads.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 142.250.186.130 (United States) 16 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.33.221.53 (Amsterdam, Netherlands) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 116.202.46.88 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88.46.202.116.clients.your-server.de

servedbyadbutler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 94.130.102.164 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.164.102.130.94.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.90.104.248 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-104-248.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.94.180.125 (Amsterdam, Netherlands) 3 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7001 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 176.9.26.250 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.250.26.9.176.clients.your-server.de

hal900014.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.4.10.47 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.47.10.4.46.clients.your-server.de

hal90002.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.194.125.59 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-125-59.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.157.53.20 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-53-20.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.0.227.110 (Ascension Island) 1 redirects

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.215.67.80 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-67-80.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.241 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.39 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.242.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.253.128.188 (Amsterdam, Netherlands) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.43.92.3 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-43-92-3.us-west-2.compute.amazonaws.com

j.mrpdata.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2010 (United States)

ASN41041 (VCLK-EU-SE, US)

openx2-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.67.233.59 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-233-59.eu-central-1.compute.amazonaws.com

match.justpremium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.14.49 (Frankfurt am Main, Germany) 3 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 87.98.242.60 (Saarbrücken, Germany) 2 redirects

ASN16276 (OVH, FR)
PTR: ip60.ip-87-98-242.eu

green.erne.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.79.83.225 (Beauharnois, Canada) 2 redirects

ASN16276 (OVH, FR)
PTR: pikafka-5.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.254.143.3 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com

loada.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:678:cb4:bbbb::11 (United Kingdom) 2 redirects

ASN56396 (TURN, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:110:c305::8000 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1370 (United States)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.178.20.140 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ns31193670.ip-51-178-20.eu

c.eu1.dyntrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.222.128.213 (Russian Federation) 2 redirects

ASN20597 (ELTEL-AS, RU)
PTR: ad13.adriver.ru

ssp.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.204.22.100 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-204-22-100.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.87.64 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-64.fra2.r.cloudfront.net

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.184.122.71 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-122-71.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 193.0.160.129 (United States) 3 redirects

ASN54312 (ROCKETFUEL, US)

a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 88.99.70.21 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.21.70.99.88.clients.your-server.de

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 138.201.63.164 (Lingenfeld, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.164.63.201.138.clients.your-server.de

hal90006.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.98.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.98.201.35.bc.googleusercontent.com

butterbulb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.133.101 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-133-101.eu-central-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.159 (United States) 2 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.147.44 (United Kingdom) 2 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
95	ellingtoncms.com worldonline.media.clients.ellingtoncms.com	1 MB
89	doubleclick.net 16 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	956 KB
71	googlesyndication.com 4b06f1ec4271cca4fc333408d857ee6a.safeframe.googlesyndication.com 466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com eed9815900d665eda5c086a66887158a.safeframe.googlesyndication.com 24bac2d42da8d01b8705ae2442e3d932.safeframe.googlesyndication.com 370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com cd91c949272e9512194b1eb023734aa5.safeframe.googlesyndication.com 51a6ece29b16f420bcfac8ec06484ba5.safeframe.googlesyndication.com	366 KB
28	openx.net 8 redirects us-ads.openx.net us-u.openx.net eu-u.openx.net rtb.openx.net	41 KB
27	googletagservices.com www.googletagservices.com	852 KB
19	google.com maps.google.com www.google.com adservice.google.com	169 KB
18	redintelligence.net 2 redirects hal9000.redintelligence.net hal900014.redintelligence.net hal90002.redintelligence.net hal90006.redintelligence.net	28 KB
8	google.de www.google.de adservice.google.de	1 KB
7	includemodal.com cdn.includemodal.com includemodal.com	16 KB
6	fastly.net includemodal.global.ssl.fastly.net	77 KB
5	yahoo.com 3 redirects ads.yahoo.com pr-bh.ybp.yahoo.com ups.analytics.yahoo.com	4 KB
5	adnxs.com 4 redirects ib.adnxs.com	5 KB
4	w55c.net 4 redirects pm.w55c.net	3 KB
4	spotxchange.com 3 redirects sync.search.spotxchange.com	2 KB
4	quantserve.com 2 redirects edge.quantserve.com pixel.quantserve.com	11 KB
4	sitescout.com 1 redirects pixel.sitescout.com pixel-sync.sitescout.com	738 B
3	contentspread.net cdn.contentspread.net	153 KB
3	rfihub.com 3 redirects a.rfihub.com	3 KB
3	googleapis.com maps.googleapis.com ajax.googleapis.com	64 KB
3	turn.com 2 redirects ad.turn.com r.turn.com	1 KB
3	everesttech.net 3 redirects sync-tm.everesttech.net	1014 B
3	bidr.io 2 redirects match.prod.bidr.io	2 KB
3	bidswitch.net 3 redirects x.bidswitch.net	1 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	adsrvr.org 1 redirects insight.adsrvr.org match.adsrvr.org	774 B
2	zemanta.com 2 redirects b1sync.zemanta.com	1 KB
2	360yield.com 2 redirects match.360yield.com	787 B
2	pubmatic.com 2 redirects image6.pubmatic.com	1 KB
2	butterbulb.com butterbulb.com	650 B
2	adriver.ru 2 redirects ssp.adriver.ru	677 B
2	dyntrk.com 2 redirects c.eu1.dyntrk.com	1 KB
2	exelator.com 2 redirects loada.exelator.com	4 KB
2	onaudience.com 2 redirects pixel.onaudience.com	1022 B
2	erne.co 2 redirects green.erne.co	569 B
2	dotomi.com openx2-match.dotomi.com dclk-match.dotomi.com	208 B
2	adform.net 2 redirects c1.adform.net	924 B
2	teads.tv sync.teads.tv	344 B
2	servedbyadbutler.com servedbyadbutler.com	11 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com	2 KB
2	quantcount.com 1 redirects rules.quantcount.com	865 B
2	facebook.com www.facebook.com	388 B
2	google-analytics.com www.google-analytics.com	19 KB
2	cloudfront.net d2s8wlbatk24s7.cloudfront.net	35 KB
2	taboola.com cdn.taboola.com	147 KB
2	facebook.net connect.facebook.net	97 KB
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	580 B
1	1rx.io 1 redirects sync.1rx.io	695 B
1	blismedia.com tr.blismedia.com	136 B
1	sharethrough.com 1 redirects match.sharethrough.com	355 B
1	smaato.net 1 redirects s.ad.smaato.net	426 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com	730 B
1	justpremium.com match.justpremium.com	323 B
1	mrpdata.net j.mrpdata.net	75 B
1	simpli.fi 1 redirects um.simpli.fi	607 B
1	mathtag.com 1 redirects sync.mathtag.com	599 B
1	admixer.net 1 redirects inv-nets.admixer.net	565 B
1	adsafeprotected.com static.adsafeprotected.com	259 B
1	quizzicalzephyr.com quizzicalzephyr.com	30 KB
1	basis.net cdn01.basis.net	1 KB
1	googletagmanager.com www.googletagmanager.com	36 KB
1	kusports.com www2.kusports.com	12 KB
0	adfrontiers.com Failed media.adfrontiers.com Failed
399	62

	Domain	Requested by
95	worldonline.media.clients.ellingtoncms.com	www2.kusports.com worldonline.media.clients.ellingtoncms.com
42	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www2.kusports.com 4b06f1ec4271cca4fc333408d857ee6a.safeframe.googlesyndication.com
40	cm.g.doubleclick.net	16 redirects googleads.g.doubleclick.net eu-u.openx.net 466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com 370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com www2.kusports.com 24bac2d42da8d01b8705ae2442e3d932.safeframe.googlesyndication.com
37	pagead2.googlesyndication.com	466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com googleads.g.doubleclick.net 370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com securepubads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com 24bac2d42da8d01b8705ae2442e3d932.safeframe.googlesyndication.com www2.kusports.com
27	www.googletagservices.com	www2.kusports.com securepubads.g.doubleclick.net 466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com 4b06f1ec4271cca4fc333408d857ee6a.safeframe.googlesyndication.com 370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com 24bac2d42da8d01b8705ae2442e3d932.safeframe.googlesyndication.com
23	tpc.googlesyndication.com	466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com 4b06f1ec4271cca4fc333408d857ee6a.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com 370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com securepubads.g.doubleclick.net 24bac2d42da8d01b8705ae2442e3d932.safeframe.googlesyndication.com
13	us-u.openx.net	4 redirects googleads.g.doubleclick.net eu-u.openx.net
9	www.google.com	www2.kusports.com 466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com 370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com 24bac2d42da8d01b8705ae2442e3d932.safeframe.googlesyndication.com tpc.googlesyndication.com
7	eu-u.openx.net	1 redirects us-ads.openx.net eu-u.openx.net
7	adservice.google.com	securepubads.g.doubleclick.net
7	adservice.google.de	securepubads.g.doubleclick.net
6	hal900014.redintelligence.net	1 redirects 466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com hal900014.redintelligence.net
6	googleads.g.doubleclick.net	466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com www2.kusports.com 370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com 24bac2d42da8d01b8705ae2442e3d932.safeframe.googlesyndication.com
6	us-ads.openx.net	2 redirects www2.kusports.com us-ads.openx.net
6	includemodal.com	www2.kusports.com 4b06f1ec4271cca4fc333408d857ee6a.safeframe.googlesyndication.com
6	includemodal.global.ssl.fastly.net	securepubads.g.doubleclick.net 4b06f1ec4271cca4fc333408d857ee6a.safeframe.googlesyndication.com
5	hal90006.redintelligence.net	hal9000.redintelligence.net hal90006.redintelligence.net
5	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
4	pm.w55c.net	4 redirects
4	hal90002.redintelligence.net	1 redirects 370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com hal90002.redintelligence.net
4	sync.search.spotxchange.com	3 redirects googleads.g.doubleclick.net
3	cdn.contentspread.net	hal900014.redintelligence.net hal90002.redintelligence.net hal90006.redintelligence.net
3	a.rfihub.com	3 redirects
3	sync-tm.everesttech.net	3 redirects
3	match.prod.bidr.io	2 redirects eu-u.openx.net
3	x.bidswitch.net	3 redirects
3	hal9000.redintelligence.net	466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com 370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com 24bac2d42da8d01b8705ae2442e3d932.safeframe.googlesyndication.com
3	pixel.quantserve.com	2 redirects www2.kusports.com
3	sb.scorecardresearch.com	1 redirects cdn.taboola.com www2.kusports.com
3	maps.google.com	www2.kusports.com maps.google.com
2	ups.analytics.yahoo.com	2 redirects
2	b1sync.zemanta.com	2 redirects
2	ajax.googleapis.com	hal90002.redintelligence.net hal90006.redintelligence.net
2	match.360yield.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	butterbulb.com	quizzicalzephyr.com
2	ssp.adriver.ru	2 redirects
2	c.eu1.dyntrk.com	2 redirects
2	pr-bh.ybp.yahoo.com	1 redirects eu-u.openx.net
2	rtb.openx.net	1 redirects eu-u.openx.net
2	ad.turn.com	2 redirects
2	loada.exelator.com	2 redirects
2	pixel.onaudience.com	2 redirects
2	green.erne.co	2 redirects
2	pixel-sync.sitescout.com	1 redirects 370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com
2	c1.adform.net	2 redirects
2	sync.teads.tv	googleads.g.doubleclick.net
2	servedbyadbutler.com	4b06f1ec4271cca4fc333408d857ee6a.safeframe.googlesyndication.com servedbyadbutler.com
2	dsum-sec.casalemedia.com	1 redirects googleads.g.doubleclick.net
2	370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	24bac2d42da8d01b8705ae2442e3d932.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	4b06f1ec4271cca4fc333408d857ee6a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	rules.quantcount.com	1 redirects www2.kusports.com
2	www.facebook.com	www2.kusports.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	pixel.sitescout.com	www2.kusports.com
2	d2s8wlbatk24s7.cloudfront.net	cdn.includemodal.com includemodal.global.ssl.fastly.net
2	cdn.taboola.com	www2.kusports.com cdn.taboola.com
2	connect.facebook.net	www2.kusports.com connect.facebook.net
2	insight.adsrvr.org	1 redirects www2.kusports.com
1	sync.targeting.unrulymedia.com	1 redirects
1	sync.1rx.io	1 redirects
1	tr.blismedia.com	370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com
1	r.turn.com	370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com
1	match.sharethrough.com	1 redirects
1	s.ad.smaato.net	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	dclk-match.dotomi.com	466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com
1	maps.googleapis.com	maps.google.com
1	match.justpremium.com	eu-u.openx.net
1	openx2-match.dotomi.com	eu-u.openx.net
1	j.mrpdata.net	eu-u.openx.net
1	um.simpli.fi	1 redirects
1	match.adsrvr.org	eu-u.openx.net
1	sync.mathtag.com	1 redirects
1	inv-nets.admixer.net	1 redirects
1	ads.yahoo.com	googleads.g.doubleclick.net
1	51a6ece29b16f420bcfac8ec06484ba5.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	cd91c949272e9512194b1eb023734aa5.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	eed9815900d665eda5c086a66887158a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	static.adsafeprotected.com	www2.kusports.com
1	edge.quantserve.com	www2.kusports.com
1	www.google.de	www2.kusports.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	quizzicalzephyr.com	www2.kusports.com
1	cdn01.basis.net	www2.kusports.com
1	cdn.includemodal.com	www2.kusports.com
1	www.googletagmanager.com	www2.kusports.com
1	www2.kusports.com
0	media.adfrontiers.com Failed	www2.kusports.com
399	91

This site contains links to these domains. Also see Links.

Domain
www.lawrencephotostore.com
seatgeek.com
shop.ljworld.com
ljworld.com
ischiasheilen.tumblr.com
boards.kusports.com
www.facebook.com
twitter.com
www2.ljworld.com
geo.itunes.apple.com
play.google.com
www.kuathletics.com
www.kualumni.org
rn12.ultipro.com

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
cdn01.basis.net GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-06-14` - `2022-06-14`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
quizzicalzephyr.com R3	`2021-06-23` - `2021-09-21`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-20` - `2021-10-18`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.sitescout.com RapidSSL RSA CA 2018	`2020-01-15` - `2022-02-02`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
static.adsafeprotected.com Amazon	`2021-01-06` - `2022-02-04`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-08-18` - `2021-10-07`	2 months	crt.sh
*.google.de GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
includemodal.com Amazon	`2020-11-15` - `2021-12-14`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.freetls.fastly.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-27` - `2022-05-29`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
servedbyadbutler.com Sectigo RSA Domain Validation Secure Server CA	`2021-08-18` - `2022-08-01`	a year	crt.sh
redintelligence.net R3	`2021-08-20` - `2021-11-18`	3 months	crt.sh
teads.tv R3	`2021-06-14` - `2021-09-12`	3 months	crt.sh
*.search.spotxchange.com GeoTrust RSA CA 2018	`2021-04-08` - `2022-05-09`	a year	crt.sh
*.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-08-16` - `2021-10-06`	2 months	crt.sh
*.match.prod.bidr.io Amazon	`2021-02-26` - `2022-03-27`	a year	crt.sh
*.mrpdata.net Amazon	`2020-09-25` - `2021-10-25`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-08-10` - `2022-09-11`	a year	crt.sh
tracking.justpremium.com Amazon	`2021-03-01` - `2022-03-30`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-29` - `2021-09-22`	6 months	crt.sh
contentspread.net R3	`2021-08-03` - `2021-11-01`	3 months	crt.sh
butterbulb.com R3	`2021-06-27` - `2021-09-25`	3 months	crt.sh
*.turn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-31` - `2022-03-31`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2021-06-29` - `2021-09-27`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-07-26` - `2021-10-18`	3 months	crt.sh

This page contains 46 frames:

Primary Page: http://www2.kusports.com/users/josephinecsanford/
Frame ID: 2C1289C836BA4EC825535730F63D5D7C
Requests: 142 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: B1C1B7F920816E3590604F23CF97C716
Requests: 1 HTTP requests in this frame

Frame: https://4b06f1ec4271cca4fc333408d857ee6a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CA7A506622D53789F33863EED433BD89
Requests: 1 HTTP requests in this frame

Frame: http://includemodal.global.ssl.fastly.net/pw.js
Frame ID: 88D13E806BB715C0A0B1E18C7FA068E6
Requests: 14 HTTP requests in this frame

Frame: http://includemodal.global.ssl.fastly.net/pw.js
Frame ID: C6856ECCF3543F91378DDF6D58707488
Requests: 17 HTTP requests in this frame

Frame: https://466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: FF3EE206F89AE6F2E42966533A1999C3
Requests: 1 HTTP requests in this frame

Frame: http://includemodal.global.ssl.fastly.net/pw.js
Frame ID: 23FACF863761D06DFD6CA876961E8315
Requests: 16 HTTP requests in this frame

Frame: http://includemodal.global.ssl.fastly.net/pw.js
Frame ID: B41B554759F5039B88C929589A6744B0
Requests: 16 HTTP requests in this frame

Frame: https://eed9815900d665eda5c086a66887158a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: AE6AB00B5604BD4424314C50BF1F61CF
Requests: 1 HTTP requests in this frame

Frame: https://466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: B5D6D8E688CE59B923127A340CB1B258
Requests: 13 HTTP requests in this frame

Frame: https://24bac2d42da8d01b8705ae2442e3d932.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: E797BE23D1EF030D7C52B1B0E2F41515
Requests: 1 HTTP requests in this frame

Frame: https://370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 9641FA39B81617FD6F76FD1FD40F5DB4
Requests: 1 HTTP requests in this frame

Frame: https://4b06f1ec4271cca4fc333408d857ee6a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 709AB7DA475E92A9532271D986E0A244
Requests: 12 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssckKm76yR5ltkP_i-v9rpi3avCzdo9WmEFvz1XQcN6td4yQTyQ8StAGUTFUvD4BKMd7oGRK_tV5gb9H9mbmy15-ZjvpyS6Hg6wQvMMgGLBsvbAsREhyWBYY4IyfP6pT6zL_7rsFuk6G7-zycFanfhd29lF--BoYuY9qQXND3W5VZTqavW4WjtUZQ5ZsTw4csWo_Ie7XUAuBJLwWaDTem5ts5ncMqPEyrW3HZhn11c_oQNpbnZi52xo-RWVH89xhjO6_QC1iqMLcaRs1J72G-D2K6pMYkv0Is-XFEujKUXCSntWVSlrasz-4YFKQ_jhq3TQcK2TBRexEQYxP8e_&sig=Cg0ArKJSzKzbWFSi87usEAE&urlfix=1&adurl=
Frame ID: 58F734533E8849E31648A58985C35AA5
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY2smRLzAB&v=APEucNWqV72EwfnJSxjel6bjjqqQpnFHLAYr7J06SlBqLQfWFIpLbEbqkpEg8LPNFAHCn7G3u4hA8Hv3JMi75LpdnA9zho-EInltZIDe1db7In9o_KKhApyTUC2WcQ7iMsXKP6klD45aXVNd1P1Coi15OgFgS5VBEx397h8n8lMz-ZwAGmX-X2pRttUD92Re9an-y7BHPoswWHaEbfvBe8r3dgfLXB_dmg
Frame ID: BAF171F0D33D776A66E90AF264D61836
Requests: 5 HTTP requests in this frame

Frame: http://includemodal.global.ssl.fastly.net/pw.js
Frame ID: 36C9411B435F6245716E45199D855BC4
Requests: 16 HTTP requests in this frame

Frame: https://370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 4FBA9FA07903D1D3E656974422EE928D
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E22C621CB27BF5934C82E4A6CFBB6000
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYw6SRLzAB&v=APEucNVIZea9JWm2L2eCu8DdrIqeVGdn0_XfSu6gWI2v2r4Sr5mmVifau9NLJfwFLRKovlAsuUwq9y-6K4bL61-d3HeFUVn62JYy2ISPieiwIV-BPkNFqUyNWSmZ_BrfsLYOIXLg33bvx_jS4jhPGYkDdU69ui9CBCxCPgI1B__lH63ncA4mP7nURJs3SsiHONojnLKy-BfCm1R3_jBVniEMbmrXoylPqQ
Frame ID: 7AEB586B742A414A3C8B82C9E5F566E0
Requests: 5 HTTP requests in this frame

Frame: http://www.googletagservices.com/tag/js/gpt.js
Frame ID: F36ACA91A1B02D1BB1C7F7C5DD6173D3
Requests: 13 HTTP requests in this frame

Frame: https://24bac2d42da8d01b8705ae2442e3d932.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 7D13AE9D77AC084255FD9A335427BE2A
Requests: 13 HTTP requests in this frame

Frame: https://cd91c949272e9512194b1eb023734aa5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 9DE0D753994FFA1CA52E46C739A9DF70
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYw6SRLzAB&v=APEucNULrgx9SXX3BQs-tKADfzMl7eGsB-O25sgchjr3qeX1IGDfcZ-CrRkeZHYRzGWvxaOymtNG0CDkES99i6XtsAeQj1X9PV9htDEfAhEaeReCZZMeqxZvDX4u4gQY7AGlSKjilEX29Dk6YvBHiofeW5HGIY9fAsvY7lnm28UaUw4U94QVsVd-Fjuc4nFKzNfaPunqjjU3f-tyKrvjyfyjCd0t5MJGRg
Frame ID: 9E2DFCE9D2EB12C47A5B40B26266E29B
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 6AF62D19EAAFBCAB214615FE5FDB372B
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8B5FC8EB334BA23E0CA0B69014B4FAC5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8481FEFA26A1A58116F93AD2C18AD8CC
Requests: 3 HTTP requests in this frame

Frame: https://51a6ece29b16f420bcfac8ec06484ba5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 3C491422A56CE4B4FE03B693CE6DFEEF
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst75abrMWfuJCc40T8Sx3wLZlEpfjMgu3aTUMzdJSDJHPCOQ-7IagHyrp6bn2UOtbFHOLs9yuxvQcv-1TdYQM_coAQFhWP1SVD1ng0hkGY50FWLZO2yBnbMrz2R6a8nFa-MiVa-EXNwiYRDgzdQW_Gnk78yDnS-qMy3ItCi5gNou4GxbR5G87CqmpZ6WDlYy2hGWXzZx1qkjQ1VqJcVV_ADEBp_hFuGe3_TcTT8bLp8X4c4esoDwsgmpgLSaTpxY1_mnjPTtKf5uMElmRPgAlwkjslYt5XF2zltAibJpA91KMLWKj5cmbBCYEa5DXBw5juXwY1FD6J56pSOVQx3&sig=Cg0ArKJSzL1k8k6B307AEAE&urlfix=1&adurl=
Frame ID: 181A2EE96351322780BDC71095002EBD
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 85AC455FBEF8D126F41C86F6B9234389
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1273B5F474D74BB50456B30A16B218C5
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvDGU7qlaXWILMEoCC2SznRHZYkdJfQlP9iCdz6tDhCnGL55QdSLOSDxyYzBHfRb4YhqUFeUYxWqHT5p4QHpxRF4jLru01JAxh09u1h_Ui-bJns7rJ4Dn-HDeBQoYq2PGO0xUYS-BAPasVxTzbFnxAE0PqmB22r9LoFuCIE6sI8-f1EyC7SHGM-TILtDEZwne1L-02ZDgmL1-YwJEKK5PMraS9WXbmCb9LbM_zAS2LFb00gmjUJOVHb9goMdmeA1TOdPmlY51-jZ6ytAgSv7AYfmi_tRn4h4IGAukdP688KcKzmUiE87QhRDreSvHWWVwzaOXESbEwCtTLwGv5t&sig=Cg0ArKJSzD6kVZkDGF9ZEAE&urlfix=1&adurl=
Frame ID: DCE1393E64C400534FB06FC19C7B09FA
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3EBB6F2824C6DA952CF3EC9151DDCA17
Requests: 3 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=94ef58655625200a8cfc5b15afcd0b94ad52d590
Frame ID: 494FEDD67E6B1ABD013EB9C937545E00
Requests: 11 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=94ef58655625200a8cfc5b15afcd0b94ad52d590
Frame ID: 0CE49EF9F50352BC18E60644CF65FAE0
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 4DAFD75ED3F94B1B0517A49518F85AF6
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 32B6A56DAEA9A2E31BB9D40462A592EE
Requests: 1 HTTP requests in this frame

Frame: https://hal900014.redintelligence.net/request_content.php?s=29579600032670500628846011693014&a=02f85d2d
Frame ID: FF4627E0CD6FB070D61B3EC46E48DD99
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C7D7DD416A3258315E870861ED157BAD
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: DE31CE3F3969DFEEE76974C2169B417F
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 96DE6F91A36A611B6723EA7BD88BE32C
Requests: 1 HTTP requests in this frame

Frame: https://hal90002.redintelligence.net/request_content.php?s=46191500029690300628834011693002&a=c650bb98
Frame ID: 65E596DF5DC30CAE02E686FEE64F8AC3
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0B04BCC2616BC5DDFC218C8A2658DFF2
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 779EC8C2FDC4109A4E6FAC0B7A5813D9
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FAA7A0C42AD0A4762F83C56D7E18B77B
Requests: 1 HTTP requests in this frame

Frame: https://hal90006.redintelligence.net/request_content.php?s=91809500032691000628834011693006&a=4810d49f
Frame ID: 6D369B608C5BCB76E139D15496F0641A
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FAD42864634C556D9D6FE8E0800151B6
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

User profile for josephinecsanford | KUsports.com

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /varnish(?: $Varnish\/([\d.]+)$)?/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

SWFObject (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

script /swfobject.*\.js/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

399
Requests

69 %
HTTPS

33 %
IPv6

62
Domains

91
Subdomains

59
IPs

11
Countries

4637 kB
Transfer

10543 kB
Size

0
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://www.lawrencephotostore.com//
Title: Sponsored by:

Search URL Search Domain Scan URL

URL: https://www.lawrencephotostore.com/

Search URL Search Domain Scan URL

URL: https://seatgeek.com/kansas-jayhawks-basketball-tickets?aid=12341
Title: Tickets

Search URL Search Domain Scan URL

URL: https://shop.ljworld.com/
Title: Shop

Search URL Search Domain Scan URL

URL: http://ljworld.com/
Title: LJWorld

Search URL Search Domain Scan URL

URL: https://ischiasheilen.tumblr.com/
Title: https://ischiasheilen.tumblr.com/

Search URL Search Domain Scan URL

URL: http://boards.kusports.com/
Title: Message boards

Search URL Search Domain Scan URL

URL: https://www.facebook.com/KUsportsdotcom/
Title: Facebook

Search URL Search Domain Scan URL

URL: http://twitter.com/kusports/
Title: Twitter

Search URL Search Domain Scan URL

URL: http://www2.ljworld.com/news/champions2008/
Title: Self-made Champions

Search URL Search Domain Scan URL

URL: https://geo.itunes.apple.com/us/app/kusports.com/id389444893?mt=8
Title: iPhone App

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.whiz.kusports
Title: Android App

Search URL Search Domain Scan URL

URL: http://www.kuathletics.com/staff.aspx
Title: KAI directory

Search URL Search Domain Scan URL

URL: http://www.kualumni.org/chapters/watchsites/
Title: KU Alumni Assoc. Watch Party Sites

Search URL Search Domain Scan URL

URL: http://boards.kusports.com/ubb/postlist.php?Cat=&Board=football
Title: Message Boards

Search URL Search Domain Scan URL

URL: http://boards.kusports.com/ubb/postlist.php?Cat=&Board=basketball
Title: Message Boards

Search URL Search Domain Scan URL

URL: https://rn12.ultipro.com/WOR1007/JobBoard/ListJobs.aspx?__vt=ExtCan
Title: Jobs

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

http://insight.adsrvr.org/track/evnt/?adv=71kqd28j&ct=0:1yygqtov&fmt=3 HTTP 301
https://insight.adsrvr.org/track/evnt/?adv=71kqd28j&ct=0:1yygqtov&fmt=3

Request Chain 92

http://connect.facebook.net/en_US/fbevents.js HTTP 307
https://connect.facebook.net/en_US/fbevents.js

Request Chain 121

http://rules.quantcount.com/rules-p-b9OfuctfLWqtE.js HTTP 301
https://rules.quantcount.com/rules-p-b9OfuctfLWqtE.js

Request Chain 122

http://pixel.quantserve.com/pixel;r=1583474926;rf=0;a=p-b9OfuctfLWqtE;url=http%3A%2F%2Fwww2.kusports.com%2Fusers%2Fjosephinecsanford%2F;uht=2;fpan=1;fpa=P0-2113616319-1629529796597;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=eccc2c00-20210811224039;cm=;gdpr=0;ref=;d=kusports.com;je=0;sr=1600x1200x24;dst=1;et=1629529796597;tzo=-120;ogl=image.http%3A%2F%2Fworldonline%252Emedia%252Eclients%252Eellingtoncms%252Ecom%2Fstatic%2Fkusports%252Ecom%2Fimages%2Fkus HTTP 301
https://pixel.quantserve.com/pixel;r=1583474926;rf=0;a=p-b9OfuctfLWqtE;url=http%3A%2F%2Fwww2.kusports.com%2Fusers%2Fjosephinecsanford%2F;uht=2;fpan=1;fpa=P0-2113616319-1629529796597;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=eccc2c00-20210811224039;cm=;gdpr=0;ref=;d=kusports.com;je=0;sr=1600x1200x24;dst=1;et=1629529796597;tzo=-120;ogl=image.http%3A%2F%2Fworldonline%252Emedia%252Eclients%252Eellingtoncms%252Ecom%2Fstatic%2Fkusports%252Ecom%2Fimages%2Fkus

Request Chain 123

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1629529796606&ns_c=UTF-8&cv=3.5&c8=User%20profile%20for%20josephinecsanford%20%7C%20KUsports.com&c7=http%3A%2F%2Fwww2.kusports.com%2Fusers%2Fjosephinecsanford%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1629529796606&ns_c=UTF-8&cv=3.5&c8=User%20profile%20for%20josephinecsanford%20%7C%20KUsports.com&c7=http%3A%2F%2Fwww2.kusports.com%2Fusers%2Fjosephinecsanford%2F&c9=

Request Chain 191

http://us-ads.openx.net/w/1.0/jstag HTTP 301
https://us-ads.openx.net/w/1.0/jstag

Request Chain 213

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG7u7RL53caYgoX3tzxmoXc&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG7u7RL53caYgoX3tzxmoXc&google_cver=1&C=1

Request Chain 214

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1

Request Chain 215

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEOYd1zn19OTyGHStJNrppuc&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOYd1zn19OTyGHStJNrppuc%26google_cver%3D1

Request Chain 216

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM5MjE5OTU1OTUwNjIzNDc1Mw%3D%3D

Request Chain 259

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKrBlk0ICs92BUtwyeeTuE8&google_cver=1

Request Chain 260

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODRkNGJiMDMtYWY4ZS0yYjIxLWU4MGEtMjQzMjQ2MTc2NjUz

Request Chain 261

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEOeXn2rKyZsVAkFWUDS5qQ8&google_cver=1

Request Chain 274

http://us-ads.openx.net/w/1.0/jstag HTTP 301
https://us-ads.openx.net/w/1.0/jstag

Request Chain 278

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEErQqKPSpOOT6u7_k4DzRUA&google_cver=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEErQqKPSpOOT6u7_k4DzRUA&google_cver=1&__user_check__=1&sync_id=cbe58746-024e-11ec-ae0e-124172220206

Request Chain 279

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=cbe3611e-024e-11ec-a480-13ae17dc0406 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=Y2JlMzYwYjUtMDI0ZS0xMWVjLWE0ODAtMTNhZTE3ZGMwNDA2

Request Chain 303

https://hal900014.redintelligence.net/request.php?zone=ihaaer67pw2u&nw=20&renderingType=javascript&namespace=bd37d85a6c&subid=&uid=bc9d46d4c5d77ee7&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCuTfyxaYgYeuoIo-PrATPp57wC7v6hIpXn6bi9bcH8C4QASCIgL8UYLn4x4DcAcgBCakCMNUT5B2hsz6oAwGqBMABT9Djwx1yX2CoNwpE8vdArKMEifrKQFpLLXx0g5v6Gts4HxgLcCZY3MqQ8Nyyu1sZffQbf2tJCq0aUHk-wd5OvegmrWWZ65iTdsRqg-lDnZBuIQpM1HFCm9FgdGR17PhmN0ttGDZHTF3FUzyKnxiEKVSiR7i6hnwniri5hYzRk4Y_X9hzTEpsAu0DHyJ_3vgJ25qiHPMVJwR65dSl_ezeSd2EqDdgCe9Sc8slBHRW4JRxzbwbjcEpd3W9lXSoG2kJwASYsqCBxgHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BuoB6qbsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTYwODIxNTkxMjI0MDUwOTeACgOYCwHICwGADAGwE9rQtQrQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoA0-pKwQxVfOBmO4ShPPxiA%26sig%3DAOD64_3TOadfaYu2SdpILcXo5typ6U556g%26client%3Dca-pub-6163857992956964%26dbm_c%3DAKAmf-DDaZQl2eqoD_coQtDkF6qj9nc_9zcL53kxf8BLN9VRm5rQShilZ-gXGSSy-bVUco59N9asUyPckIJDpmDqjSyhvSgkcMfAVpEZCY2X8vnAOKahLfPUECq5HNqMcP9Mm1W8RIkDzqF_CZ9xAXoFIOABmUIJyA%26cry%3D1%26dbm_d%3DAKAmf-BqU8UHEX-c7edzjKYckcKSHK0-bQd30cnzauuDO6BPE0OfJfkgOdlMEF2_n8OlCQe8UHdcBDWJ-Y8pZMkmGl9tMT8x9HwTALn_jLuNuAII-LTY12Af2kHM0LYrIc7nwT0_MRTdHprEwMGZmPAb_OTtdm6lQNkDMJR8l5AsM6aHQnaCo6c6j2QB7DB8nL1UEMffMDYAKERQlyQHbBS_nknFPpg-DgTHWyPvoSBIWvjNY_LlE_s5GQfjn5BTPY0uXyPN_MzMFueLgsLK2pWEZgcINBC0oAb9wiKHOJxpOuhMfoKrvXm1U09lk0GqYWU-WfXwGsUlYX395ufbn-nsh3HlUGh2H93eg81320NelERoJYARzA7nHLwzlentebFhxGoLSMdpQzepLEwW5ZrAt2AQc9Zq3-_qYGbo8G8ZS_MyrUhIvGkx6yTPBRl1IV451fUnFwlh-2EcseFiOQbop52Efp6L2wuH_8TTbMog5z8l25mbKxE%26adurl%3D&documentReferer=http%3A%2F%2Fwww2.kusports.com%2F&ancestorOrigins=http%3A%2F%2Fwww2.kusports.com%2Chttp%3A%2F%2Fwww2.kusports.com&random=6275588517658&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900014.redintelligence.net/request.php?zone=ihaaer67pw2u&nw=20&renderingType=javascript&namespace=bd37d85a6c&subid=&uid=bc9d46d4c5d77ee7&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCuTfyxaYgYeuoIo-PrATPp57wC7v6hIpXn6bi9bcH8C4QASCIgL8UYLn4x4DcAcgBCakCMNUT5B2hsz6oAwGqBMABT9Djwx1yX2CoNwpE8vdArKMEifrKQFpLLXx0g5v6Gts4HxgLcCZY3MqQ8Nyyu1sZffQbf2tJCq0aUHk-wd5OvegmrWWZ65iTdsRqg-lDnZBuIQpM1HFCm9FgdGR17PhmN0ttGDZHTF3FUzyKnxiEKVSiR7i6hnwniri5hYzRk4Y_X9hzTEpsAu0DHyJ_3vgJ25qiHPMVJwR65dSl_ezeSd2EqDdgCe9Sc8slBHRW4JRxzbwbjcEpd3W9lXSoG2kJwASYsqCBxgHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BuoB6qbsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTYwODIxNTkxMjI0MDUwOTeACgOYCwHICwGADAGwE9rQtQrQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoA0-pKwQxVfOBmO4ShPPxiA%26sig%3DAOD64_3TOadfaYu2SdpILcXo5typ6U556g%26client%3Dca-pub-6163857992956964%26dbm_c%3DAKAmf-DDaZQl2eqoD_coQtDkF6qj9nc_9zcL53kxf8BLN9VRm5rQShilZ-gXGSSy-bVUco59N9asUyPckIJDpmDqjSyhvSgkcMfAVpEZCY2X8vnAOKahLfPUECq5HNqMcP9Mm1W8RIkDzqF_CZ9xAXoFIOABmUIJyA%26cry%3D1%26dbm_d%3DAKAmf-BqU8UHEX-c7edzjKYckcKSHK0-bQd30cnzauuDO6BPE0OfJfkgOdlMEF2_n8OlCQe8UHdcBDWJ-Y8pZMkmGl9tMT8x9HwTALn_jLuNuAII-LTY12Af2kHM0LYrIc7nwT0_MRTdHprEwMGZmPAb_OTtdm6lQNkDMJR8l5AsM6aHQnaCo6c6j2QB7DB8nL1UEMffMDYAKERQlyQHbBS_nknFPpg-DgTHWyPvoSBIWvjNY_LlE_s5GQfjn5BTPY0uXyPN_MzMFueLgsLK2pWEZgcINBC0oAb9wiKHOJxpOuhMfoKrvXm1U09lk0GqYWU-WfXwGsUlYX395ufbn-nsh3HlUGh2H93eg81320NelERoJYARzA7nHLwzlentebFhxGoLSMdpQzepLEwW5ZrAt2AQc9Zq3-_qYGbo8G8ZS_MyrUhIvGkx6yTPBRl1IV451fUnFwlh-2EcseFiOQbop52Efp6L2wuH_8TTbMog5z8l25mbKxE%26adurl%3D&documentReferer=http%3A%2F%2Fwww2.kusports.com%2F&ancestorOrigins=http%3A%2F%2Fwww2.kusports.com%2Chttp%3A%2F%2Fwww2.kusports.com&random=6275588517658&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 311

https://hal90002.redintelligence.net/request.php?zone=dfkx1snbhmf9&nw=20&renderingType=javascript&namespace=6e06e48382&subid=&uid=fb409a6483662485&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCM7MzxqYgYbyZCJzD7_UPweyjmAu7-oSKV5_DqObRCvAuEAEgiIC_FGC5-MeA3AHIAQmpAjDVE-QdobM-qAMBqgS_AU_QYAPQJhkC-9iPkfpO0NCtpaeho88dvIGzzg5vE2fCjcAk1dn8FwFj8rv22si8R1Cf1Gje1P-Xwh2oiq68iqkg3uZ1BEOD5PuH7uDE2UYDdyDsu2Eof-9NBmRZVMkGiAQQz60SCEykLVakqnrQZ6ckGRMyFHTRu2z0jDTIuz4dad5oGnr1rFcOpkClWQqTfJR-InMe0vZQvIIDrvqtTTIPru2TK02vvHQn_5Z7hIY24tC-HYWmzOB5g0jF2S8jwASYsqCBxgHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BuoB6qbsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTYwODIxNTkxMjI0MDUwOTeACgOYCwHICwGADAGwE9rQtQrQEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRohWf2q64xqbLQpwnCo92Uaw%26sig%3DAOD64_3skvvU0FV1nQkILwVMRdQmx_vSgQ%26client%3Dca-pub-6163857992956964%26dbm_c%3DAKAmf-Duq9Ff2_qClMOSEtOF8ighv6maVSig6o3QkjVMeKHX6UI30AGdEraNKva3Pzsqab49phmo9ARDOgi4URUIDyLvEc7ARrxqE8ZysenqcWDKIabF2RbjCTsriOqGjaNa-8fKnc2QIswhvekHJhhLF8jzaPV9nw%26cry%3D1%26dbm_d%3DAKAmf-D2fmDFn7eCHsYsJfjlUTtiX_4kGt7hd-XG16z2JbrpY0rsiKNIchBsD43aDY_2tP0KAaVaix5QDn8t6QcR7SHLLzXKePaZ6-qHp1YZ8EuKjL8YaVwUX4dBeiVQHf1TcxvfYid312PFQHf4pM5bTeieQvQFIBqG86HI6QX4WUUfNojQ9zEB7HctwOQdRzOQgJNwufImG0HFahVpHKkD2DXgz0r8P_HJPIlPG5j3Yy5RfWc53NQty7V9VH-QneILygarCYmDBmbPxO_5C0dDdSp_r_XO7zbs58Gn6oZFPeFiqN84GfNKfCG8izxiX1F4k5snlxfSGpO4R1Cx9UcGnb6AwnUDn5RPa7EBMHfx9m9HtMH-8ff89Fp9-hdEzM4AxfHjB4v0YHbUVh3r7QEI__Fe2a6DI6QQ4NaOjQSaQKvtsPxFSOBIZKtIQFZngpogqBKR_9XAKyIXUuN8NTlD-EXCkrH3Ge6Mab8vTopuPUCcNpsOALA%26adurl%3D&documentReferer=http%3A%2F%2Fwww2.kusports.com%2F&ancestorOrigins=http%3A%2F%2Fwww2.kusports.com%2Chttp%3A%2F%2Fwww2.kusports.com&random=9286033183112&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal90002.redintelligence.net/request.php?zone=dfkx1snbhmf9&nw=20&renderingType=javascript&namespace=6e06e48382&subid=&uid=fb409a6483662485&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCM7MzxqYgYbyZCJzD7_UPweyjmAu7-oSKV5_DqObRCvAuEAEgiIC_FGC5-MeA3AHIAQmpAjDVE-QdobM-qAMBqgS_AU_QYAPQJhkC-9iPkfpO0NCtpaeho88dvIGzzg5vE2fCjcAk1dn8FwFj8rv22si8R1Cf1Gje1P-Xwh2oiq68iqkg3uZ1BEOD5PuH7uDE2UYDdyDsu2Eof-9NBmRZVMkGiAQQz60SCEykLVakqnrQZ6ckGRMyFHTRu2z0jDTIuz4dad5oGnr1rFcOpkClWQqTfJR-InMe0vZQvIIDrvqtTTIPru2TK02vvHQn_5Z7hIY24tC-HYWmzOB5g0jF2S8jwASYsqCBxgHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BuoB6qbsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTYwODIxNTkxMjI0MDUwOTeACgOYCwHICwGADAGwE9rQtQrQEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRohWf2q64xqbLQpwnCo92Uaw%26sig%3DAOD64_3skvvU0FV1nQkILwVMRdQmx_vSgQ%26client%3Dca-pub-6163857992956964%26dbm_c%3DAKAmf-Duq9Ff2_qClMOSEtOF8ighv6maVSig6o3QkjVMeKHX6UI30AGdEraNKva3Pzsqab49phmo9ARDOgi4URUIDyLvEc7ARrxqE8ZysenqcWDKIabF2RbjCTsriOqGjaNa-8fKnc2QIswhvekHJhhLF8jzaPV9nw%26cry%3D1%26dbm_d%3DAKAmf-D2fmDFn7eCHsYsJfjlUTtiX_4kGt7hd-XG16z2JbrpY0rsiKNIchBsD43aDY_2tP0KAaVaix5QDn8t6QcR7SHLLzXKePaZ6-qHp1YZ8EuKjL8YaVwUX4dBeiVQHf1TcxvfYid312PFQHf4pM5bTeieQvQFIBqG86HI6QX4WUUfNojQ9zEB7HctwOQdRzOQgJNwufImG0HFahVpHKkD2DXgz0r8P_HJPIlPG5j3Yy5RfWc53NQty7V9VH-QneILygarCYmDBmbPxO_5C0dDdSp_r_XO7zbs58Gn6oZFPeFiqN84GfNKfCG8izxiX1F4k5snlxfSGpO4R1Cx9UcGnb6AwnUDn5RPa7EBMHfx9m9HtMH-8ff89Fp9-hdEzM4AxfHjB4v0YHbUVh3r7QEI__Fe2a6DI6QQ4NaOjQSaQKvtsPxFSOBIZKtIQFZngpogqBKR_9XAKyIXUuN8NTlD-EXCkrH3Ge6Mab8vTopuPUCcNpsOALA%26adurl%3D&documentReferer=http%3A%2F%2Fwww2.kusports.com%2F&ancestorOrigins=http%3A%2F%2Fwww2.kusports.com%2Chttp%3A%2F%2Fwww2.kusports.com&random=9286033183112&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 318

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=mURpoACe1Mhl8H5

Request Chain 319

https://x.bidswitch.net/sync?ssp=openx HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dopenx%26bsw_param%3De73cc95f-1c4d-417a-9ac9-09c17c284d28%26gdpr%3D%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
https://x.bidswitch.net/sync?dsp_id=354&user_id=aed855e295a24345b58b609974d61e91&ssp=openx&bsw_param=e73cc95f-1c4d-417a-9ac9-09c17c284d28&gdpr=&consent=&gdpr_pd=&expires=7 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072968&val=e73cc95f-1c4d-417a-9ac9-09c17c284d28

Request Chain 320

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=430756923113943313

Request Chain 321

https://match.prod.bidr.io/cookie-sync/ox HTTP 303
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDSERrN0NRVTRBQUJ0Umd0aUV3UQ&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1

Request Chain 322

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=54ae6120-a6c7-4900-8042-deee980c98bd

Request Chain 323

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=wvB8GpX3LR3Z934SlqdjS830eRzZ9CtPkaPPyG2d

Request Chain 324

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5741604668726927189 HTTP 302
https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=5741604668726927189

Request Chain 327

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKrBlk0ICs92BUtwyeeTuE8&google_cver=1

Request Chain 328

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=018A0C2FFC804A8CA33ED2C9E972E375

Request Chain 331

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072977&val=no-consent&gdpr=1&gdpr_consent=

Request Chain 333

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=YSCmxwADwgOS9gAC HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YSCmxwADwgOS9gAC&_test=YSCmxwADwgOS9gAC HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YSCmxwADwgOS9gAC&_test=YSCmxwADwgOS9gAC

Request Chain 334

https://green.erne.co/openx/cm HTTP 302
https://pixel.onaudience.com/?mapped=VjHM87CS5t4SgGfQ2e0TXWPt&partner=2&redirect=green.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072998%2526rtb%253DVjHM87CS5t4SgGfQ2e0TXWPt HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26redirect%3Dhttps%253A%252F%252Fgreen.erne.co%252Fct%252Fcm%253Fred%253Dhttps%25253A%25252F%25252Fus-u.openx.net%25252Fw%25252F1.0%25252Fsd%25253Fid%25253D537072998%252526rtb%25253DVjHM87CS5t4SgGfQ2e0TXWPt HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26redirect%3Dhttps%253A%252F%252Fgreen.erne.co%252Fct%252Fcm%253Fred%253Dhttps%25253A%25252F%25252Fus-u.openx.net%25252Fw%25252F1.0%25252Fsd%25253Fid%25253D537072998%252526rtb%25253DVjHM87CS5t4SgGfQ2e0TXWPt&xl8blockcheck=1 HTTP 302
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=48188fea718063be8cb88a5fd79c256e&redirect=https%3A%2F%2Fgreen.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072998%2526rtb%253DVjHM87CS5t4SgGfQ2e0TXWPt HTTP 302
https://green.erne.co/ct/cm?red=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072998%26rtb%3DVjHM87CS5t4SgGfQ2e0TXWPt HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072998&rtb=VjHM87CS5t4SgGfQ2e0TXWPt HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072998&rtb=VjHM87CS5t4SgGfQ2e0TXWPt

Request Chain 335

https://ad.turn.com/r/cs?pid=9&gdpr=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537073061&val=8497420421200697376&gdpr=1&gdpr_consent=&us_privacy=

Request Chain 336

https://rtb.openx.net/sync/dds HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=d-3i9c9_zKsbnjI8X-ySiQ==&ox_sc=1&ox_init=1 HTTP 302
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1

Request Chain 352

https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEMwsElIgBXTVJTDO_6AwA7g&google_cver=1&google_push=AYg5qPLAD4De024htRtJbkY_mZxw7M6ohc_a82T164yumstIn8rBZ1sLCt2xwf2Gwy69rYZr5Uxq42dHrKnLFPXT__mks-7LQHs HTTP 302
https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEMwsElIgBXTVJTDO_6AwA7g&google_cver=1&google_push=AYg5qPLAD4De024htRtJbkY_mZxw7M6ohc_a82T164yumstIn8rBZ1sLCt2xwf2Gwy69rYZr5Uxq42dHrKnLFPXT__mks-7LQHs&prevuid=03030003_6120a6c8863a9&knw=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AYg5qPLAD4De024htRtJbkY_mZxw7M6ohc_a82T164yumstIn8rBZ1sLCt2xwf2Gwy69rYZr5Uxq42dHrKnLFPXT__mks-7LQHs&google_hm=MDMwMzAwMDNfNjEyMGE2Yzg4NjNhOQ%3D%3D

Request Chain 353

https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=10&external_id=&google_gid=CAESELfbXD5esXMjz25O9mqCev4&google_cver=1&google_push=AYg5qPJIYF-fMHYuNE0JasGFveM8dqptGsXdtFYTUsilGG3IOqtvCEi5T0Y8EU0WpImG0-bX7WbKsRLbDed1eNnnu995T2TE2Fw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPJIYF-fMHYuNE0JasGFveM8dqptGsXdtFYTUsilGG3IOqtvCEi5T0Y8EU0WpImG0-bX7WbKsRLbDed1eNnnu995T2TE2Fw&google_hm=QXdZVy1KZVcyUkRpbkFjU3k2NkQtWlE=

Request Chain 354

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESENiBkoILR88hDN58OLZSrlE&google_cver=1&google_push=AYg5qPKx4YST_KZamAp46GN9VAZLwytVAX4IV9WJt42ngeY8tBhGWw4HAy_mcmUQCkbngxW_mog4qVb-LaiD1NDPVfhu2ic1qQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=6VTdBnGmR3Zr4Rcni9wYdVJmE4g&google_push=AYg5qPKx4YST_KZamAp46GN9VAZLwytVAX4IV9WJt42ngeY8tBhGWw4HAy_mcmUQCkbngxW_mog4qVb-LaiD1NDPVfhu2ic1qQ

Request Chain 355

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEHdivVpIS0Sesvo_knr_TBs&google_cver=1&google_push=AYg5qPKq0WczRafXNFpboCwAJ1Z62x-o169r0pnlWEZJnfpGJQJVO7R2WTss5b9Yf84oacXFnMo2YzByZ18VgiCTkx7jMgHmyA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPKq0WczRafXNFpboCwAJ1Z62x-o169r0pnlWEZJnfpGJQJVO7R2WTss5b9Yf84oacXFnMo2YzByZ18VgiCTkx7jMgHmyA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPKq0WczRafXNFpboCwAJ1Z62x-o169r0pnlWEZJnfpGJQJVO7R2WTss5b9Yf84oacXFnMo2YzByZ18VgiCTkx7jMgHmyA&google_tc=

Request Chain 356

https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEM8DF5vi6bN_TO0KlowYuek&google_cver=1&google_push=AYg5qPLU-WupJEQVQR54SY1diVPBHpt_ZN2YucvJIlAVaz3lRpk9lPSbwyR8tX6hASGj7L1F8KWvRxEaZ3w2WY1WlW-_5gjG4ww HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=YmIzYzJjYTctNTI4Zi00ZDBjLWIxMDEtYWFiODM3NzhhM2Yz&google_push=AYg5qPLU-WupJEQVQR54SY1diVPBHpt_ZN2YucvJIlAVaz3lRpk9lPSbwyR8tX6hASGj7L1F8KWvRxEaZ3w2WY1WlW-_5gjG4ww

Request Chain 357

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEPCio4oo4B-FZEDIGZbAxbM&google_cver=1&google_push=AYg5qPKFHPZ13iPhCZ1Z_FyjSliuL5wmkBHi2ChREHQod6xo9fnC3XrHaf-VaQxljotQN3YteEZUR3ZLU83RwE9AIp4aPZdUObmL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPKFHPZ13iPhCZ1Z_FyjSliuL5wmkBHi2ChREHQod6xo9fnC3XrHaf-VaQxljotQN3YteEZUR3ZLU83RwE9AIp4aPZdUObmL&google_hm=NzY4MzYyODQzNTU1NzAwNDk4Ng== HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPKFHPZ13iPhCZ1Z_FyjSliuL5wmkBHi2ChREHQod6xo9fnC3XrHaf-VaQxljotQN3YteEZUR3ZLU83RwE9AIp4aPZdUObmL&google_hm=NzY4MzYyODQzNTU1NzAwNDk4Ng==&google_tc=

Request Chain 376

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAeF1MZgNFd1BO718kq3Hik&google_cver=1&google_push=AYg5qPKfbjF3vBK1PHuyCvw-AhYsWRlpcgu_vAj1hg_FWvsswKwMJB5bJ1QQg6Xs96tWoQQ0T088GPd03Nl3WWsZViJOGu5HU-6i HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODYzODcyMTk1OTAyMTA3NDQ2NA== HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm=&google_sc=&google_hm=ODYzODcyMTk1OTAyMTA3NDQ2NA==&google_tc= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEIfavHZ7arJblrWM-YWPBIM&google_cver=1

Request Chain 379

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIjJLpSMx_Ul3cG69OD22AU&google_cver=1&google_push=AYg5qPIYtB7tkqUdLtUg_wZ851QJ3GWo72laMGAFyUh5VeftgpD_IERhoZfTGv6OkcDb4vcnPMUsZSGICeNQG5krjRtjF-xvJ8U HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPIYtB7tkqUdLtUg_wZ851QJ3GWo72laMGAFyUh5VeftgpD_IERhoZfTGv6OkcDb4vcnPMUsZSGICeNQG5krjRtjF-xvJ8U&google_hm=NzIyOTU0NjAxNTI0Mzc1NzkzMw%3D%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPIYtB7tkqUdLtUg_wZ851QJ3GWo72laMGAFyUh5VeftgpD_IERhoZfTGv6OkcDb4vcnPMUsZSGICeNQG5krjRtjF-xvJ8U&google_hm=NzIyOTU0NjAxNTI0Mzc1NzkzMw%3D%3D&google_tc=

Request Chain 380

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEU1v4_F99RwQVIcnDaqNr0&google_cver=1&google_push=AYg5qPJXwyd6x7GZ1P_RHUquvO1htF4hGV552_CueAM9Ai_ZDjKod3G6o4zXaGI46ozNSo0uO4b1umgUGo35aXYcJycK1rR1qS2X HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEU1v4_F99RwQVIcnDaqNr0&google_cver=1&google_push=AYg5qPJXwyd6x7GZ1P_RHUquvO1htF4hGV552_CueAM9Ai_ZDjKod3G6o4zXaGI46ozNSo0uO4b1umgUGo35aXYcJycK1rR1qS2X&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RRWS0OcnTzqNqTC4AU3QXw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJXwyd6x7GZ1P_RHUquvO1htF4hGV552_CueAM9Ai_ZDjKod3G6o4zXaGI46ozNSo0uO4b1umgUGo35aXYcJycK1rR1qS2X

Request Chain 381

https://match.360yield.com/match/ebda?google_gid=CAESEK4C2DQG-AThdx43ROQImIc&google_cver=1&google_push=AYg5qPLbqOC-HlaZN2k1GPck6I2FfCWSEXrLssKrCxdEGJ58eoxOyMWW7nUPsnRdh7TgcRYJR0g0q7OL1KAaU42iahJKpQKN4zdw HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEK4C2DQG-AThdx43ROQImIc&google_cver=1&google_push=AYg5qPLbqOC-HlaZN2k1GPck6I2FfCWSEXrLssKrCxdEGJ58eoxOyMWW7nUPsnRdh7TgcRYJR0g0q7OL1KAaU42iahJKpQKN4zdw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=c2nG1QrHTqaDe_OlCc-1HQ&google_push=AYg5qPLbqOC-HlaZN2k1GPck6I2FfCWSEXrLssKrCxdEGJ58eoxOyMWW7nUPsnRdh7TgcRYJR0g0q7OL1KAaU42iahJKpQKN4zdw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=c2nG1QrHTqaDe_OlCc-1HQ&google_push=AYg5qPLbqOC-HlaZN2k1GPck6I2FfCWSEXrLssKrCxdEGJ58eoxOyMWW7nUPsnRdh7TgcRYJR0g0q7OL1KAaU42iahJKpQKN4zdw&google_tc=

Request Chain 382

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEPCio4oo4B-FZEDIGZbAxbM&google_cver=1&google_push=AYg5qPL43AXpIdmg3JHCSOHhrXsmtYET5PhvNHvcSKoXir46IY08XBW3OwPIOmbBTsRIJ6ap-5c4Zv9Gvp1XnzN-2SZAVeXkXNpY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPL43AXpIdmg3JHCSOHhrXsmtYET5PhvNHvcSKoXir46IY08XBW3OwPIOmbBTsRIJ6ap-5c4Zv9Gvp1XnzN-2SZAVeXkXNpY&google_hm=NzY4MzYyODQzNTU1NzAwNDk4Ng== HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPL43AXpIdmg3JHCSOHhrXsmtYET5PhvNHvcSKoXir46IY08XBW3OwPIOmbBTsRIJ6ap-5c4Zv9Gvp1XnzN-2SZAVeXkXNpY&google_hm=NzY4MzYyODQzNTU1NzAwNDk4Ng==&google_tc=

Request Chain 398

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAFglsFCB5RfZVEfv7SbdRc&google_cver=1&google_push=AYg5qPJBoVRkKShipX8t7aHjLotLfSyFm2UxYAa7Ssh6RhjPCcHJGYrRsRGkL4von6pKEz5nCXL3oFWzDl3h0Lf-CB-QI48kEMU HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAFglsFCB5RfZVEfv7SbdRc&google_cver=1&google_push=AYg5qPJBoVRkKShipX8t7aHjLotLfSyFm2UxYAa7Ssh6RhjPCcHJGYrRsRGkL4von6pKEz5nCXL3oFWzDl3h0Lf-CB-QI48kEMU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dWs2NlV3UlkxTWhsOE01&google_gid=CAESEAFglsFCB5RfZVEfv7SbdRc&google_cver=1&google_push=AYg5qPJBoVRkKShipX8t7aHjLotLfSyFm2UxYAa7Ssh6RhjPCcHJGYrRsRGkL4von6pKEz5nCXL3oFWzDl3h0Lf-CB-QI48kEMU

Request Chain 399

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEJnVF2Z_rP2l5zQXmwawky8&google_cver=1&google_push=AYg5qPKihcSsC3jZKIf0IWDv1494Hrzb6-LwXd7uPnzwlmZ6ThWn1daf4MvlV_GrGajLbrZMHA_0ZZoyxG3UjC96UWVlVv3HDwI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJnVF2Z_rP2l5zQXmwawky8&google_push=AYg5qPKihcSsC3jZKIf0IWDv1494Hrzb6-LwXd7uPnzwlmZ6ThWn1daf4MvlV_GrGajLbrZMHA_0ZZoyxG3UjC96UWVlVv3HDwI

Request Chain 400

https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=10&external_id=&google_gid=CAESELfbXD5esXMjz25O9mqCev4&google_cver=1&google_push=AYg5qPLNkyi-Vuq9CLPN-8Iyk9G_HEMYKQQqE6VC4-BXyJGGsNdUhQRA1W7fzPZyF2gKK5XIG593yYPsN_jO9U3myh5mgnId7A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPLNkyi-Vuq9CLPN-8Iyk9G_HEMYKQQqE6VC4-BXyJGGsNdUhQRA1W7fzPZyF2gKK5XIG593yYPsN_jO9U3myh5mgnId7A&google_hm=QU5uUUVKYTlvbFZ3OVZhYUM3V2J6anc=

Request Chain 401

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEFOSTvY5HDwbQ9I6NXQQRlY&google_cver=1&google_push=AYg5qPJYUAGTai7lMBxD_o9NAbDIS9h9DLV0Gv-WGfLDd5P-wCoz3D7A0tGDy9L62AKi-c1OLMC2aagRHJpGnnB_5H8JpLbOmw HTTP 302
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEFOSTvY5HDwbQ9I6NXQQRlY&google_push=AYg5qPJYUAGTai7lMBxD_o9NAbDIS9h9DLV0Gv-WGfLDd5P-wCoz3D7A0tGDy9L62AKi-c1OLMC2aagRHJpGnnB_5H8JpLbOmw&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPJYUAGTai7lMBxD_o9NAbDIS9h9DLV0Gv-WGfLDd5P-wCoz3D7A0tGDy9L62AKi-c1OLMC2aagRHJpGnnB_5H8JpLbOmw&google_hm=YkVVU1ZzelJ1aVNPem1Cc0tpVW4=

Request Chain 402

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEF14ieaJxE9_A6DecCJoTaQ&google_cver=1&google_push=AYg5qPIFXFGtNq-QfD88EMbQx15WWOc-TS8JB-yF76TwLeHEZqs9d0KMKNPNXv9Sq3OlYcHqEFrTm1KCehPNevlfehfTBTnz4w HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-e887bdba-2eb9-4635-bb24-038934586fe8-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPIFXFGtNq-QfD88EMbQx15WWOc-TS8JB-yF76TwLeHEZqs9d0KMKNPNXv9Sq3OlYcHqEFrTm1KCehPNevlfehfTBTnz4w%26google_hm%3DA-iHvbouuUY1uyQDiTRYb-g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPIFXFGtNq-QfD88EMbQx15WWOc-TS8JB-yF76TwLeHEZqs9d0KMKNPNXv9Sq3OlYcHqEFrTm1KCehPNevlfehfTBTnz4w&google_hm=A-iHvbouuUY1uyQDiTRYb-g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPIFXFGtNq-QfD88EMbQx15WWOc-TS8JB-yF76TwLeHEZqs9d0KMKNPNXv9Sq3OlYcHqEFrTm1KCehPNevlfehfTBTnz4w&google_hm=A-iHvbouuUY1uyQDiTRYb-g&google_tc=

Request Chain 403

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEPfT_KCp9HgsDE81oRw94BM&google_cver=1&google_push=AYg5qPKkcYdZd6A4UOhgnlBfhwXRXkY6G-94ldXQsnp9ZWxWqJ_wjSfQheoSuZLWa7-a0jlXWe9oF8oSoI6qZs9iuR4fDbjAuo8 HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEPfT_KCp9HgsDE81oRw94BM&google_cver=1&google_push=AYg5qPKkcYdZd6A4UOhgnlBfhwXRXkY6G-94ldXQsnp9ZWxWqJ_wjSfQheoSuZLWa7-a0jlXWe9oF8oSoI6qZs9iuR4fDbjAuo8&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS00QW9qSnBaRTJ1RWlWSzJ2am9VN2RRNGNhcnhGWUpoMn5B&google_push=AYg5qPKkcYdZd6A4UOhgnlBfhwXRXkY6G-94ldXQsnp9ZWxWqJ_wjSfQheoSuZLWa7-a0jlXWe9oF8oSoI6qZs9iuR4fDbjAuo8

Request Chain 404

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEPCio4oo4B-FZEDIGZbAxbM&google_cver=1&google_push=AYg5qPJEywKJyCDXRZk_Ts9E_CAljlpm08N8qI_CA_scTn4qvWLvOGxLpUNiyf0oguhBvuosBecqvShJT_z15dQ8Y8-ZIpaUO-in HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPJEywKJyCDXRZk_Ts9E_CAljlpm08N8qI_CA_scTn4qvWLvOGxLpUNiyf0oguhBvuosBecqvShJT_z15dQ8Y8-ZIpaUO-in&google_hm=NzY4MzYyODQzNTU1NzAwNDk4Ng==

399 HTTP transactions
16 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www2.kusports.com/users/josephinecsanford/ 51 KB
12 KB 467ms
203ms Document
text/html 208.91.60.6
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL

http://www2.kusports.com/users/josephinecsanford/

Protocol

HTTP/1.1

Server

208.91.60.6 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),

Reverse DNS

ellingtoncms.com

Software

nginx /

Resource Hash

42148095370337e7a3fc885f0a3e4520322e0e21bff085456fcedb10373603aa

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Host: www2.kusports.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding, Cookie
Last-Modified: Sat, 21 Aug 2021 07:09:14 GMT
Expires: Sat, 21 Aug 2021 07:10:14 GMT
Cache-Control: max-age=60
X-Beatles: ellington-app-16
Content-Encoding: gzip
Content-Length: 11835
Accept-Ranges: bytes
Date: Sat, 21 Aug 2021 07:09:53 GMT
X-Varnish: 3382633312
Age: 0
Via: 1.1 varnish
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
X-Cache: MISS

GET
H/1.1 200
OK min.css
worldonline.media.clients.ellingtoncms.com/static/ellington_defaults/2.3.0/ 183 KB
183 KB 210ms
195ms Stylesheet
text/css 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL: http://worldonline.media.clients.ellingtoncms.com/static/ellington_defaults/2.3.0/min.css
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: 3d313e573148b8aa541b772ed63b36b5b05520fd0ca9e20dce848bb65916c1ce

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:09:36 GMT
Last-Modified: Mon, 16 May 2016 19:57:42 GMT
Age: 17
ETag: "1042492297"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 187511
X-Cache-Hits: 2

GET
H/1.1 200
OK apps.css
worldonline.media.clients.ellingtoncms.com/static/worldonline_defaults/stylesheets/ 2 KB
2 KB 241ms
227ms Stylesheet
text/css 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL: http://worldonline.media.clients.ellingtoncms.com/static/worldonline_defaults/stylesheets/apps.css
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: e678f057332a81514ac9719a101737d107488a36cdfa6b612799283695492545

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:09:36 GMT
Last-Modified: Tue, 14 Jun 2016 16:15:26 GMT
Age: 17
ETag: "1793899651"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1921
X-Cache-Hits: 2

GET
H/1.1 200
OK core.css
worldonline.media.clients.ellingtoncms.com/static/worldonline_defaults/stylesheets/ 19 KB
19 KB 207ms
193ms Stylesheet
text/css 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL: http://worldonline.media.clients.ellingtoncms.com/static/worldonline_defaults/stylesheets/core.css
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: d80e5177d7cc173424caf8c3a5a3d5f260123d61ae92678b1a3e9a6bbf99ada5

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:09:36 GMT
Last-Modified: Thu, 18 Feb 2016 18:23:54 GMT
Age: 17
ETag: "1706498810"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19234
X-Cache-Hits: 2

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 90 KB
36 KB 24ms
21ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NQ7KXJ6

Requested by

Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5a2eb5d311d6bb2660277bee125d79e12e0eb9d6e5b8bbd162cd885234b8e949

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:09:55 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36404
x-xss-protection: 0
last-modified: Sat, 21 Aug 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 21 Aug 2021 07:09:55 GMT

GET
H/1.1 200
OK print.css
worldonline.media.clients.ellingtoncms.com/static/ellington_defaults/2.3.0/stylesheets/ 481 B
788 B 546ms
545ms Stylesheet
text/css 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL: http://worldonline.media.clients.ellingtoncms.com/static/ellington_defaults/2.3.0/stylesheets/print.css
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: 1b67d92a3588252269bc6cdeca8fbfccb5446d70e0cfcdcdaf78898d815d9c62

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:09:50 GMT
Last-Modified: Tue, 28 Oct 2014 21:34:32 GMT
Age: 7
ETag: "2537664774"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 481
X-Cache-Hits: 2

GET
H/1.1 200
OK forms.css
worldonline.media.clients.ellingtoncms.com/static/worldonline_defaults/stylesheets/ 5 KB
5 KB 237ms
223ms Stylesheet
text/css 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL: http://worldonline.media.clients.ellingtoncms.com/static/worldonline_defaults/stylesheets/forms.css
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: 8fda2396e315276e1fc4e8fe3a0a265fdfbfdb0e45f8005d142b78015a76503c

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:09:36 GMT
Last-Modified: Wed, 30 Jan 2013 22:35:07 GMT
Age: 17
ETag: "1187713669"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4718
X-Cache-Hits: 2

GET
H/1.1 200
OK containers.css
worldonline.media.clients.ellingtoncms.com/static/worldonline_defaults/stylesheets/apps/ 9 KB
9 KB 208ms
194ms Stylesheet
text/css 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL: http://worldonline.media.clients.ellingtoncms.com/static/worldonline_defaults/stylesheets/apps/containers.css
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: 3752258f545f1cd6c4be6593f9f64ec4eb2d377b8d7e5ce52a1b908d9dcf1875

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:09:36 GMT
Last-Modified: Fri, 28 Aug 2015 19:45:38 GMT
Age: 17
ETag: "2520653564"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8980
X-Cache-Hits: 2

GET
H/1.1 200
OK comments.css
worldonline.media.clients.ellingtoncms.com/static/worldonline_defaults/stylesheets/ 1 KB
2 KB 207ms
193ms Stylesheet
text/css 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL: http://worldonline.media.clients.ellingtoncms.com/static/worldonline_defaults/stylesheets/comments.css
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: 9f0e38142f0b67f679d1eaff046562070e44443234a81c1f313f6d0ff41e6f86

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:09:36 GMT
Last-Modified: Wed, 30 Jan 2013 22:35:07 GMT
Age: 17
ETag: "1665733583"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1233
X-Cache-Hits: 2

GET
H/1.1 200
OK news.css
worldonline.media.clients.ellingtoncms.com/static/worldonline_defaults/stylesheets/apps/ 5 KB
5 KB 324ms
118ms Stylesheet
text/css 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL: http://worldonline.media.clients.ellingtoncms.com/static/worldonline_defaults/stylesheets/apps/news.css
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: 34983bb02be1afc41c4bd28a7bf5f89d84138fc3d37b09ad61d3fbe680fc466e

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:09:36 GMT
Last-Modified: Wed, 30 Jan 2013 22:35:07 GMT
Age: 17
ETag: "1135088283"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4813
X-Cache-Hits: 2

GET
H/1.1 200
OK destinations.css
worldonline.media.clients.ellingtoncms.com/static/worldonline_defaults/stylesheets/apps/ 4 KB
4 KB 362ms
155ms Stylesheet
text/css 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL: http://worldonline.media.clients.ellingtoncms.com/static/worldonline_defaults/stylesheets/apps/destinations.css
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: feeab718072b4a4d047a582abb7dede4ee9f8ee0b3ba36cfd6828a5afa78c572

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:09:36 GMT
Last-Modified: Wed, 30 Jan 2013 22:35:07 GMT
Age: 17
ETag: "3601797957"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3789
X-Cache-Hits: 2

GET
H/1.1 200
OK twitter.css
worldonline.media.clients.ellingtoncms.com/static/worldonline_defaults/stylesheets/apps/ 3 KB
3 KB 311ms
103ms Stylesheet
text/css 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL: http://worldonline.media.clients.ellingtoncms.com/static/worldonline_defaults/stylesheets/apps/twitter.css
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: 06ea3f6c711322097aef91b87415a2b67cdacce2b8a08baf5129935fed10591e

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:09:36 GMT
Last-Modified: Wed, 30 Jan 2013 22:35:07 GMT
Age: 17
ETag: "304747337"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3140
X-Cache-Hits: 2

GET
H/1.1 200
OK videos.css
worldonline.media.clients.ellingtoncms.com/static/worldonline_defaults/stylesheets/apps/ 2 KB
2 KB 393ms
157ms Stylesheet
text/css 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL: http://worldonline.media.clients.ellingtoncms.com/static/worldonline_defaults/stylesheets/apps/videos.css
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: fcf8a02102c695c381e74234f4a4bdf158f63d9c405697970f46816e572550bd

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:09:36 GMT
Last-Modified: Fri, 07 Nov 2014 03:45:54 GMT
Age: 17
ETag: "748043333"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1774
X-Cache-Hits: 2

GET
H/1.1 200
OK weblogs.css
worldonline.media.clients.ellingtoncms.com/static/worldonline_defaults/stylesheets/apps/ 3 KB
3 KB 432ms
130ms Stylesheet
text/css 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL: http://worldonline.media.clients.ellingtoncms.com/static/worldonline_defaults/stylesheets/apps/weblogs.css
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: deea56467e818b9345873eec410a3e53c1be3a1ea2f4f3486a42e8ff64534e6a

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:09:36 GMT
Last-Modified: Fri, 28 Aug 2015 21:34:33 GMT
Age: 17
ETag: "584843429"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3039
X-Cache-Hits: 2

GET
H/1.1 200
OK activity.css
worldonline.media.clients.ellingtoncms.com/static/worldonline_defaults/stylesheets/apps/ 2 KB
2 KB 414ms
103ms Stylesheet
text/css 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL: http://worldonline.media.clients.ellingtoncms.com/static/worldonline_defaults/stylesheets/apps/activity.css
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: 6ff6c41c1b3e156f7f83074f774356106087b7149eb7fa198673d2c50eaa9490

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:09:36 GMT
Last-Modified: Wed, 30 Jan 2013 22:35:07 GMT
Age: 17
ETag: "3324842763"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2098
X-Cache-Hits: 2

GET
H/1.1 200
OK tagging.css
worldonline.media.clients.ellingtoncms.com/static/worldonline_defaults/stylesheets/apps/ 492 B
800 B 427ms
104ms Stylesheet
text/css 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL: http://worldonline.media.clients.ellingtoncms.com/static/worldonline_defaults/stylesheets/apps/tagging.css
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: 4af952994baa0cdd0cee4927dbb7f207a7a28f34bd4b748f4cf5ef30c9a6cde4

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:09:36 GMT
Last-Modified: Wed, 30 Jan 2013 22:35:07 GMT
Age: 17
ETag: "1798324929"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 492
X-Cache-Hits: 2

GET
H/1.1 200
OK comments.css
worldonline.media.clients.ellingtoncms.com/static/ellington_defaults/2.3.0/stylesheets/apps/ 7 KB
7 KB 497ms
104ms Stylesheet
text/css 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL: http://worldonline.media.clients.ellingtoncms.com/static/ellington_defaults/2.3.0/stylesheets/apps/comments.css
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: 8eb0885d968635a6e7a706c190c00a8a6f1d88f0b528201eec558e441395d7f8

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:09:36 GMT
Last-Modified: Tue, 28 Oct 2014 21:34:32 GMT
Age: 17
ETag: "3476462056"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6878
X-Cache-Hits: 2

GET
H/1.1 200
OK ugc-photos.css
worldonline.media.clients.ellingtoncms.com/static/ellington_defaults/2.3.0/stylesheets/apps/ 1 KB
2 KB 520ms
106ms Stylesheet
text/css 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL: http://worldonline.media.clients.ellingtoncms.com/static/ellington_defaults/2.3.0/stylesheets/apps/ugc-photos.css
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: 3023b8c8a44629993a179f9b49e46244f8d9ec755e3068d1532bb48c0235ecd6

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:09:36 GMT
Last-Modified: Tue, 28 Oct 2014 21:34:32 GMT
Age: 17
ETag: "2256181310"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1320
X-Cache-Hits: 2

GET
H/1.1 200
OK menus.css
worldonline.media.clients.ellingtoncms.com/static/ellington_defaults/2.3.0/stylesheets/lib/ 917 B
1 KB 532ms
105ms Stylesheet
text/css 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL: http://worldonline.media.clients.ellingtoncms.com/static/ellington_defaults/2.3.0/stylesheets/lib/menus.css
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: edce0f5742c946e7271ad95325d3ab2c2ad012adc0a790e52b69c04a37a6a9f7

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:09:36 GMT
Last-Modified: Tue, 28 Oct 2014 21:34:32 GMT
Age: 17
ETag: "77644060"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 917
X-Cache-Hits: 2

GET
H/1.1 200
OK core.css
worldonline.media.clients.ellingtoncms.com/static/kusports.com/stylesheets/ 79 KB
80 KB 535ms
104ms Stylesheet
text/css 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL: http://worldonline.media.clients.ellingtoncms.com/static/kusports.com/stylesheets/core.css?123
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: 8a215ebe4733750286ea1780bcb0c9500c96aa14ebf1abe588193e76b7763f1e

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:08:11 GMT
Last-Modified: Wed, 09 Dec 2020 18:24:09 GMT
Age: 102
ETag: "1844968605"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 81138
X-Cache-Hits: 3

GET
H/1.1 200
OK apps.css
worldonline.media.clients.ellingtoncms.com/static/kusports.com/stylesheets/ 31 KB
31 KB 600ms
104ms Stylesheet
text/css 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL: http://worldonline.media.clients.ellingtoncms.com/static/kusports.com/stylesheets/apps.css
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: 8e3c124520f136bd31f51db7504c41590e86a39c13e8ea479547e2c2cdfeb0db

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:08:12 GMT
Last-Modified: Wed, 30 Jan 2013 22:35:36 GMT
Age: 102
ETag: "1520510295"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 31687
X-Cache-Hits: 3

GET
H/1.1 200
OK activity.css
worldonline.media.clients.ellingtoncms.com/static/kusports.com/stylesheets/ 3 KB
4 KB 631ms
133ms Stylesheet
text/css 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL: http://worldonline.media.clients.ellingtoncms.com/static/kusports.com/stylesheets/activity.css
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: 1e6d070b6dfc55e901e9280547ca443bf3089030043408df167cf7ae5b1025c7

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:09:37 GMT
Last-Modified: Wed, 30 Jan 2013 22:35:36 GMT
Age: 16
ETag: "3857257241"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3397
X-Cache-Hits: 2

GET
H/1.1 200
OK inlines.css
worldonline.media.clients.ellingtoncms.com/static/kusports.com/stylesheets/ 4 KB
4 KB 623ms
104ms Stylesheet
text/css 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL: http://worldonline.media.clients.ellingtoncms.com/static/kusports.com/stylesheets/inlines.css
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: 71f59d13d69d502b117d87f28fa286757c478447b06f87d4b02c44361c4a4855

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:09:37 GMT
Last-Modified: Wed, 30 Jan 2013 22:35:36 GMT
Age: 16
ETag: "4142142171"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4281
X-Cache-Hits: 2

GET
H/1.1 200
OK js Show response
maps.google.com/maps/api/ 135 KB
44 KB 44ms
36ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://maps.google.com/maps/api/js?sensor=true

Requested by

Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/

Protocol

HTTP/1.1

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

8b1534cfd26c623f8770751704410b0aec0bf66123bdaa9154feba3802c01865

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:09:54 GMT
Content-Encoding: gzip
Vary: Accept-Language
Server: mafe
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=UTF-8
Cache-Control: public, max-age=1800
Cross-Origin-Resource-Policy: cross-origin
Server-Timing: gfet4t7; dur=22
Content-Length: 44916
X-XSS-Protection: 0
Expires: Sat, 21 Aug 2021 07:39:54 GMT

GET
H/1.1 200
OK min.js Show response
worldonline.media.clients.ellingtoncms.com/static/ellington_defaults/2.3.0/ 455 KB
455 KB 725ms
134ms Script
text/javascript 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL: http://worldonline.media.clients.ellingtoncms.com/static/ellington_defaults/2.3.0/min.js
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: 3fde16febe487398469364de1dad7fa7640a9fb9dfe2c109c616d6df38d91ba6

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:09:37 GMT
Last-Modified: Wed, 03 Jul 2019 17:07:33 GMT
Age: 16
ETag: "116644464"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 465974
X-Cache-Hits: 2

GET
H/1.1 200
OK prerolls.js Show response
worldonline.media.clients.ellingtoncms.com/static/worldonline_defaults/javascript/ 8 KB
8 KB 728ms
104ms Script
text/javascript 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL: http://worldonline.media.clients.ellingtoncms.com/static/worldonline_defaults/javascript/prerolls.js
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: 6dd9c52de77964061f706c1650a89766e99348f63be12b7b6467970bb34ccfbe

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:09:37 GMT
Last-Modified: Wed, 30 Jan 2013 22:35:06 GMT
Age: 16
ETag: "653136474"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7870
X-Cache-Hits: 2

GET
H/1.1 200
OK swfobject2.js Show response
worldonline.media.clients.ellingtoncms.com/static/worldonline_defaults/javascript/ 9 KB
9 KB 747ms
104ms Script
text/javascript 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL: http://worldonline.media.clients.ellingtoncms.com/static/worldonline_defaults/javascript/swfobject2.js
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: aad4f11790ae41d11a7c7bb613b9f82206f37eb4894966fe15e5f880c5d9b72a

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:09:38 GMT
Last-Modified: Wed, 30 Jan 2013 22:35:06 GMT
Age: 16
ETag: "853807514"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8868
X-Cache-Hits: 2

GET
H/1.1 200
OK jquery.template.js Show response
worldonline.media.clients.ellingtoncms.com/static/worldonline_defaults/javascript/ 6 KB
6 KB 794ms
104ms Script
text/javascript 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL: http://worldonline.media.clients.ellingtoncms.com/static/worldonline_defaults/javascript/jquery.template.js
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: 4d64cca2d081e3574a789840fb2d888796a38e8a6cb8c09df541c03a7c2fe627

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:09:38 GMT
Last-Modified: Wed, 30 Jan 2013 22:35:06 GMT
Age: 16
ETag: "1164776152"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5917
X-Cache-Hits: 2

GET
H/1.1 200
OK quicksilver.score.js Show response
worldonline.media.clients.ellingtoncms.com/static/worldonline_defaults/javascript/ 3 KB
4 KB 1102ms
353ms Script
text/javascript 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL: http://worldonline.media.clients.ellingtoncms.com/static/worldonline_defaults/javascript/quicksilver.score.js
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: b2c4af40afb1e40563e65b50bf08c21a4b1543fab3050440be96974445edf7dc

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:09:38 GMT
Last-Modified: Wed, 30 Jan 2013 22:35:06 GMT
Age: 16
ETag: "90706754"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3457
X-Cache-Hits: 2

GET
H/1.1 200
OK jquery.livefilter.js Show response
worldonline.media.clients.ellingtoncms.com/static/worldonline_defaults/javascript/ 963 B
1 KB 1117ms
327ms Script
text/javascript 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL: http://worldonline.media.clients.ellingtoncms.com/static/worldonline_defaults/javascript/jquery.livefilter.js
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: 0bb5eb51c0ee0972c3b2b6ebf6bcb3b0c1cbb7c4c93b0acd442110005c1c3289

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:09:38 GMT
Last-Modified: Wed, 30 Jan 2013 22:35:06 GMT
Age: 16
ETag: "2610385626"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 963
X-Cache-Hits: 2

GET
H/1.1 200
OK jquery.carousel.js Show response
worldonline.media.clients.ellingtoncms.com/static/ellington_default_old/javascript/ 5 KB
5 KB 961ms
103ms Script
text/javascript 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL: http://worldonline.media.clients.ellingtoncms.com/static/ellington_default_old/javascript/jquery.carousel.js
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: 0d35142f32786296129b89d4acaee1ff5201114af38d139b384412fa38777d7a

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:09:38 GMT
Last-Modified: Wed, 30 Jan 2013 22:35:38 GMT
Age: 16
ETag: "3492287122"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5224
X-Cache-Hits: 2

GET
H/1.1 200
OK map_maker.js Show response
worldonline.media.clients.ellingtoncms.com/static/ellington_default_old/javascript/maps/ 5 KB
5 KB 1341ms
380ms Script
text/javascript 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL: http://worldonline.media.clients.ellingtoncms.com/static/ellington_default_old/javascript/maps/map_maker.js
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: 7ac61bbd491ea91981ae5f8c99a162d2cf7f6836e80e2283448ae4c29fdf2420

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:09:38 GMT
Last-Modified: Wed, 30 Jan 2013 22:35:38 GMT
Age: 16
ETag: "3242463942"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4836
X-Cache-Hits: 2

GET
H/1.1 200
OK onload.js Show response
worldonline.media.clients.ellingtoncms.com/static/ellington_defaults/2.3.0/javascript/ 2 KB
2 KB 1133ms
104ms Script
text/javascript 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL: http://worldonline.media.clients.ellingtoncms.com/static/ellington_defaults/2.3.0/javascript/onload.js
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: ca29fa98b9edf564b5abb0a0f06c7fc1658a5db5ac05759183e34f44a58db9eb

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:09:38 GMT
Last-Modified: Tue, 28 Oct 2014 21:34:31 GMT
Age: 16
ETag: "3799685163"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1858
X-Cache-Hits: 2

GET
H/1.1 200
OK yahoo-dom-event.js Show response
worldonline.media.clients.ellingtoncms.com/static/ellington_default_old/javascript/ 31 KB
31 KB 1157ms
104ms Script
text/javascript 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL: http://worldonline.media.clients.ellingtoncms.com/static/ellington_default_old/javascript/yahoo-dom-event.js
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: 7e2ed03bbc185372cb541663170321544300747ae296389772dc8f722551eb3c

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:09:38 GMT
Last-Modified: Wed, 30 Jan 2013 22:35:38 GMT
Age: 16
ETag: "1851860393"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 31636
X-Cache-Hits: 2

GET
H/1.1 200
OK flash.js Show response
worldonline.media.clients.ellingtoncms.com/static/ellington_default_old/javascript/ 3 KB
4 KB 1218ms
103ms Script
text/javascript 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL: http://worldonline.media.clients.ellingtoncms.com/static/ellington_default_old/javascript/flash.js
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: 25049c305b208bde887cde10dc3fe87d0e39d98d7f126acaa42338f2fb51cb6a

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:09:38 GMT
Last-Modified: Wed, 30 Jan 2013 22:35:37 GMT
Age: 16
ETag: "2687046417"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3454
X-Cache-Hits: 2

GET
H/1.1 200
OK audioplayer.js Show response
worldonline.media.clients.ellingtoncms.com/static/ellington_default_old/javascript/ 2 KB
2 KB 1222ms
105ms Script
text/javascript 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL: http://worldonline.media.clients.ellingtoncms.com/static/ellington_default_old/javascript/audioplayer.js
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: 482c5ca644f49f87f08ea6ad0e046a21d98ca5009192127e25c3c7342bd81ba1

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:08:47 GMT
Last-Modified: Wed, 30 Jan 2013 22:35:38 GMT
Age: 67
ETag: "3509523352"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1726
X-Cache-Hits: 3

GET
H/1.1 200
OK video-js.css
worldonline.media.clients.ellingtoncms.com/static/worldonline_defaults/javascript/video-js/ 21 KB
22 KB 648ms
119ms Stylesheet
text/css 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL: http://worldonline.media.clients.ellingtoncms.com/static/worldonline_defaults/javascript/video-js/video-js.css
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: 0fc0fbb7321bca17d95d35cbb2bcbc81ac7e78c61a50b2af2ed130a1fe6f1691

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:09:37 GMT
Last-Modified: Mon, 25 Nov 2013 04:26:10 GMT
Age: 16
ETag: "418525954"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21853
X-Cache-Hits: 2

GET
H/1.1 200
OK video.js Show response
worldonline.media.clients.ellingtoncms.com/static/worldonline_defaults/javascript/video-js/ 51 KB
51 KB 1237ms
105ms Script
text/javascript 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL: http://worldonline.media.clients.ellingtoncms.com/static/worldonline_defaults/javascript/video-js/video.js
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: e0c5c27ad304e1d5b111c4c67d9c3aa45d64b35e6d322c2bc4c7462813b1d204

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:08:12 GMT
Last-Modified: Mon, 25 Nov 2013 04:26:26 GMT
Age: 102
ETag: "223480570"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 51740
X-Cache-Hits: 4

GET
H/1.1 200
OK video_player_v2.js Show response
worldonline.media.clients.ellingtoncms.com/static/worldonline_defaults/javascript/ 4 KB
5 KB 1269ms
103ms Script
text/javascript 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL: http://worldonline.media.clients.ellingtoncms.com/static/worldonline_defaults/javascript/video_player_v2.js
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: fb9234052ac419d5c2aab3ec5f16365d70ff41096426b821c2b693593a1a559a

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:08:47 GMT
Last-Modified: Mon, 25 Nov 2013 17:38:35 GMT
Age: 67
ETag: "68033224"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4551
X-Cache-Hits: 3

GET
H/1.1 200
OK cookies.js Show response
worldonline.media.clients.ellingtoncms.com/static/ellington_defaults/2.3.0/javascript/lib/ 1 KB
1 KB 1320ms
103ms Script
text/javascript 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL: http://worldonline.media.clients.ellingtoncms.com/static/ellington_defaults/2.3.0/javascript/lib/cookies.js
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: 17b91841811d67da94317ebd549a5a35e66e380be5a2ca51a34a8139f9a1415a

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:08:47 GMT
Last-Modified: Tue, 28 Oct 2014 21:34:30 GMT
Age: 67
ETag: "853252152"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1188
X-Cache-Hits: 3

GET
H/1.1 200
OK mobile_detect.js Show response
worldonline.media.clients.ellingtoncms.com/static/ellington_defaults/2.3.0/javascript/lib/ 2 KB
3 KB 1352ms
130ms Script
text/javascript 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL: http://worldonline.media.clients.ellingtoncms.com/static/ellington_defaults/2.3.0/javascript/lib/mobile_detect.js
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: 8ca119bc1f1fc4736ccedf20d3aafcc50aead2109a92e32c89bf74af72a1e057

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:08:47 GMT
Last-Modified: Tue, 28 Oct 2014 21:34:30 GMT
Age: 67
ETag: "3082590460"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2301
X-Cache-Hits: 3

GET
H/1.1 200
OK print.css
worldonline.media.clients.ellingtoncms.com/static/kusports.com/stylesheets/ 1 KB
1 KB 382ms
382ms Stylesheet
text/css 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL: http://worldonline.media.clients.ellingtoncms.com/static/kusports.com/stylesheets/print.css
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: 2f9c35e984c1b63a7e6b13f07d6afb5d8335a1aba0e382d7e0c66e23b049de68

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:09:50 GMT
Last-Modified: Wed, 30 Jan 2013 22:35:36 GMT
Age: 7
ETag: "3868070813"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1192
X-Cache-Hits: 2

GET
H/1.1 200
OK sp.js Show response
cdn.includemodal.com/ 53 KB
15 KB 83ms
39ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.includemodal.com/sp.js
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 198709e2be17bab491d8096135ba1b75ba635aa519c9c69f0272ba98626766eb

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: y5L.oFMvn_FwbUdHZmB1TDzl6fQaZvy3
Content-Encoding: gzip
ETag: "93a440b98858f4ae8a7dd90d0a1eee80"
Age: 2900
X-Cache: HIT
Connection: keep-alive
Content-Length: 14804
x-amz-id-2: Ng/KVPi80rdG2fK6adBLgcQ5A919mQ7rpOPBjO2GTYG8tCkkWMSLElFmcvO6j5c77YKG9AxO/no=
X-Served-By: cache-ams21029-AMS
Last-Modified: Fri, 20 Aug 2021 17:20:31 GMT
Server: AmazonS3
X-Timer: S1629529794.078217,VS0,VE0
Date: Sat, 21 Aug 2021 07:09:54 GMT
Vary: Accept-Encoding
x-amz-request-id: RAAYQJETK4FTG4AE
Via: 1.1 varnish
Accept-Ranges: bytes
Content-Type: application/javascript
X-Cache-Hits: 34

GET
H2 200 up.js Show response
cdn01.basis.net/assets/ 2 KB
1 KB 170ms
100ms Script
application/javascript 178.79.227.76
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn01.basis.net/assets/up.js?um=1
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.227.76 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-227-76.vie.llnw.net
Software: AC1.1 /
Resource Hash: 5bdf1120c4df8c868092d0bcb7f2540a85456fd94cd1e1a5570c9b63906b1a5b

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:09:54 GMT
content-encoding: gzip
last-modified: Mon, 24 Aug 2020 15:06:26 GMT
server: AC1.1
age: 44033
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1044
x-llid: 04954bf7a1236e93cbc39c97866ad628

GET
H/1.1 200
OK ellington-ga.js Show response
worldonline.media.clients.ellingtoncms.com/static/ 3 KB
4 KB 1371ms
103ms Script
text/javascript 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL: http://worldonline.media.clients.ellingtoncms.com/static/ellington-ga.js?v=11
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: 95af646b01ee702570f9abad3701e98b1713487822310baba992363f92513e26

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:08:47 GMT
Last-Modified: Fri, 28 Jul 2017 15:48:34 GMT
Age: 67
ETag: "2862375767"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3355
X-Cache-Hits: 3

GET
H2

200

/
insight.adsrvr.org/track/evnt/
Redirect Chain

http://insight.adsrvr.org/track/evnt/?adv=71kqd28j&ct=0:1yygqtov&fmt=3
https://insight.adsrvr.org/track/evnt/?adv=71kqd28j&ct=0:1yygqtov&fmt=3

70 B
261 B

1093ms
63ms

Image
image/gif

34.254.108.170
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/evnt/?adv=71kqd28j&ct=0:1yygqtov&fmt=3
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.108.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-108-170.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:09:56 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Location: https://insight.adsrvr.org:443/track/evnt/?adv=71kqd28j&ct=0:1yygqtov&fmt=3
Date: Sat, 21 Aug 2021 07:09:55 GMT
Server: awselb/2.0
Connection: keep-alive
Content-Length: 134
Content-Type: text/html

GET
H/1.1 200
OK logotab.png
worldonline.media.clients.ellingtoncms.com/static/kusports.com/images/light/ 2 KB
2 KB 103ms
103ms Image
image/png 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://worldonline.media.clients.ellingtoncms.com/static/kusports.com/images/light/logotab.png
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: fa1bbe501b149144f7d0195697ed240c0bbfab218313922bd1733fa02d4f3bcd

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:09:41 GMT
Last-Modified: Wed, 30 Jan 2013 22:35:35 GMT
Age: 13
ETag: "4146598750"
X-Cache: HIT
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2122
X-Cache-Hits: 2

GET
H/1.1 200
OK sponsor-lawrencephotostore-horizontal_iCV16x2.png
worldonline.media.clients.ellingtoncms.com/img/photos/2021/06/01/ 83 KB
83 KB 104ms
104ms Image
image/png 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://worldonline.media.clients.ellingtoncms.com/img/photos/2021/06/01/sponsor-lawrencephotostore-horizontal_iCV16x2.png
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: 38e1a9e4658d70d798d6be91e5271bc0a0eb761608b24b556e11ce18531e1bbc

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 31 Jul 2021 15:51:43 GMT
Last-Modified: Tue, 01 Jun 2021 15:44:42 GMT
Age: 1783092
ETag: "2676211394"
X-Cache: HIT
Content-Type: image/png
Access-Control-Allow-Origin: *
Expires: Mon, 30 Aug 2021 15:51:43 GMT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 85035
X-Cache-Hits: 21812

GET
H/1.1 200
OK sponsor-lawrencephotostore-horizontal-dark_Lf5oxk2_t640.png
worldonline.media.clients.ellingtoncms.com/img/photos/2021/06/01/ 47 KB
48 KB 283ms
104ms Image
image/png 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://worldonline.media.clients.ellingtoncms.com/img/photos/2021/06/01/sponsor-lawrencephotostore-horizontal-dark_Lf5oxk2_t640.png
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: 2de1199c3f4b43870dd853793aa6ebd07891d22cff529f70af2536686c28e2cd

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 31 Jul 2021 15:58:18 GMT
Last-Modified: Tue, 01 Jun 2021 15:55:22 GMT
Age: 1782697
ETag: "1206120647"
X-Cache: HIT
Content-Type: image/png
Access-Control-Allow-Origin: *
Expires: Mon, 30 Aug 2021 15:58:18 GMT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 48364
X-Cache-Hits: 21247

GET
H/1.1 200
OK 1062391065_r150x150.jpg
worldonline.media.clients.ellingtoncms.com/img/profiles/2021/Aug/18/ 4 KB
5 KB 425ms
107ms Image
image/jpeg 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://worldonline.media.clients.ellingtoncms.com/img/profiles/2021/Aug/18/1062391065_r150x150.jpg?c6a068e2ace9de86a387cdeff02180a84c08774c
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: 5eb36e706198384d1cba1c3920e5e0fcf3b76e9a84d5bd270bd1139f5bf608d7

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:09:55 GMT
Last-Modified: Wed, 18 Aug 2021 10:48:55 GMT
Age: 0
ETag: "3455338373"
X-Cache: MISS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Expires: Mon, 20 Sep 2021 07:09:55 GMT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4318
X-Cache-Hits: 0

GET
H/1.1 200
OK ku_fbc_practice-9_r50x40.jpg
worldonline.media.clients.ellingtoncms.com/img/photos/2021/08/14/ 2 KB
3 KB 104ms
103ms Image
image/jpeg 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://worldonline.media.clients.ellingtoncms.com/img/photos/2021/08/14/ku_fbc_practice-9_r50x40.jpg?ad8d1b116c121fbc85d2e92ba6430d59959ea093
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: 1df7bd13d940b25dbbab25924a720382e3d792128d3cc98218aa15a9d0611a4c

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 14 Aug 2021 19:15:04 GMT
Last-Modified: Sat, 14 Aug 2021 19:14:38 GMT
Age: 561291
ETag: "3132214473"
X-Cache: HIT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Expires: Mon, 13 Sep 2021 19:15:04 GMT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2333
X-Cache-Hits: 7285

GET
H/1.1 200
OK ku_fbc_practice-16_r50x40.jpg
worldonline.media.clients.ellingtoncms.com/img/photos/2021/08/14/ 2 KB
2 KB 356ms
355ms Image
image/jpeg 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://worldonline.media.clients.ellingtoncms.com/img/photos/2021/08/14/ku_fbc_practice-16_r50x40.jpg?ad8d1b116c121fbc85d2e92ba6430d59959ea093
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: ed487d3653a97a046f43fd2607e986c6aabf8ff0863ef5d6ac5415e300909bc7

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 14 Aug 2021 19:15:04 GMT
Last-Modified: Sat, 14 Aug 2021 19:14:38 GMT
Age: 561291
ETag: "162712781"
X-Cache: HIT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Expires: Mon, 13 Sep 2021 19:15:04 GMT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2185
X-Cache-Hits: 7327

GET
H/1.1 200
OK ku_fbc_practice-18_r50x40.jpg
worldonline.media.clients.ellingtoncms.com/img/photos/2021/08/14/ 2 KB
3 KB 165ms
164ms Image
image/jpeg 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://worldonline.media.clients.ellingtoncms.com/img/photos/2021/08/14/ku_fbc_practice-18_r50x40.jpg?ad8d1b116c121fbc85d2e92ba6430d59959ea093
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: c6cfa708f15c96fd953d28663e8554a043b45480ae650188705a70862d858b7f

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 14 Aug 2021 19:15:04 GMT
Last-Modified: Sat, 14 Aug 2021 19:14:38 GMT
Age: 561291
ETag: "2586889417"
X-Cache: HIT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Expires: Mon, 13 Sep 2021 19:15:04 GMT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2312
X-Cache-Hits: 7285

GET
H/1.1 200
OK ku_fbc_practice-15_r50x40.jpg
worldonline.media.clients.ellingtoncms.com/img/photos/2021/08/14/ 2 KB
3 KB 104ms
104ms Image
image/jpeg 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://worldonline.media.clients.ellingtoncms.com/img/photos/2021/08/14/ku_fbc_practice-15_r50x40.jpg?ad8d1b116c121fbc85d2e92ba6430d59959ea093
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: b376a0b726739e6332f8211451df9174ece5b98d3b56ee3454a0ced5598d1dd7

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 14 Aug 2021 19:15:04 GMT
Last-Modified: Sat, 14 Aug 2021 19:14:38 GMT
Age: 561291
ETag: "3207843019"
X-Cache: HIT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Expires: Mon, 13 Sep 2021 19:15:04 GMT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2238
X-Cache-Hits: 7306

GET
H/1.1 200
OK ku_fbc_practice-14_r50x40.jpg
worldonline.media.clients.ellingtoncms.com/img/photos/2021/08/14/ 2 KB
3 KB 105ms
105ms Image
image/jpeg 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://worldonline.media.clients.ellingtoncms.com/img/photos/2021/08/14/ku_fbc_practice-14_r50x40.jpg?ad8d1b116c121fbc85d2e92ba6430d59959ea093
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: 95198d15e9143f236b500154fb73d618f3aaebcc1a11667c2789a88da0a4f41d

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 14 Aug 2021 19:15:04 GMT
Last-Modified: Sat, 14 Aug 2021 19:14:39 GMT
Age: 561291
ETag: "2402798788"
X-Cache: HIT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Expires: Mon, 13 Sep 2021 19:15:04 GMT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2508
X-Cache-Hits: 2126

GET
H/1.1 200
OK Rock_Chalk_Roundball-2_r50x40.JPG
worldonline.media.clients.ellingtoncms.com/img/photos/2021/08/05/ 2 KB
3 KB 103ms
103ms Image
image/jpeg 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://worldonline.media.clients.ellingtoncms.com/img/photos/2021/08/05/Rock_Chalk_Roundball-2_r50x40.JPG?ad8d1b116c121fbc85d2e92ba6430d59959ea093
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: 7cf1f4c7ce75e8f14dbfff2966ebbcb4368370aa1bdb047b9ac23640db3a16b4

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 06 Aug 2021 04:05:53 GMT
Last-Modified: Fri, 06 Aug 2021 04:05:08 GMT
Age: 1307043
ETag: "3180839451"
X-Cache: HIT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Expires: Sun, 05 Sep 2021 04:05:53 GMT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2298
X-Cache-Hits: 14685

GET
H/1.1 200
OK Rock_Chalk_Roundball-8_r50x40.JPG
worldonline.media.clients.ellingtoncms.com/img/photos/2021/08/05/ 2 KB
2 KB 105ms
105ms Image
image/jpeg 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://worldonline.media.clients.ellingtoncms.com/img/photos/2021/08/05/Rock_Chalk_Roundball-8_r50x40.JPG?ad8d1b116c121fbc85d2e92ba6430d59959ea093
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: b39943b1dfc6d84728212c71ad8d8955c6734037c09660963d23a0ddf2cbd083

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 06 Aug 2021 04:05:53 GMT
Last-Modified: Fri, 06 Aug 2021 04:05:08 GMT
Age: 1307043
ETag: "949338653"
X-Cache: HIT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Expires: Sun, 05 Sep 2021 04:05:53 GMT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2112
X-Cache-Hits: 14606

GET
H/1.1 200
OK Rock_Chalk_Roundball-7_r50x40.JPG
worldonline.media.clients.ellingtoncms.com/img/photos/2021/08/05/ 2 KB
3 KB 104ms
103ms Image
image/jpeg 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://worldonline.media.clients.ellingtoncms.com/img/photos/2021/08/05/Rock_Chalk_Roundball-7_r50x40.JPG?ad8d1b116c121fbc85d2e92ba6430d59959ea093
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: 7c6681b3b487f6567969153a0573c07fd0ac75c30e638d9c413b39469045d582

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 06 Aug 2021 04:05:53 GMT
Last-Modified: Fri, 06 Aug 2021 04:05:07 GMT
Age: 1307043
ETag: "3096887828"
X-Cache: HIT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Expires: Sun, 05 Sep 2021 04:05:53 GMT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2292
X-Cache-Hits: 14677

GET
H/1.1 200
OK Rock_Chalk_Roundball-11_r50x40.JPG
worldonline.media.clients.ellingtoncms.com/img/photos/2021/08/05/ 2 KB
2 KB 103ms
103ms Image
image/jpeg 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://worldonline.media.clients.ellingtoncms.com/img/photos/2021/08/05/Rock_Chalk_Roundball-11_r50x40.JPG?ad8d1b116c121fbc85d2e92ba6430d59959ea093
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: 515afb6755769c7e4508252432a3a20b98320cf03bc511bf059103d06d7ea1d0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 06 Aug 2021 04:05:53 GMT
Last-Modified: Fri, 06 Aug 2021 04:05:08 GMT
Age: 1307042
ETag: "496288285"
X-Cache: HIT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Expires: Sun, 05 Sep 2021 04:05:53 GMT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2138
X-Cache-Hits: 14615

GET
H/1.1 200
OK Rock_Chalk_Roundball_r50x40.JPG
worldonline.media.clients.ellingtoncms.com/img/photos/2021/08/05/ 2 KB
3 KB 104ms
104ms Image
image/jpeg 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://worldonline.media.clients.ellingtoncms.com/img/photos/2021/08/05/Rock_Chalk_Roundball_r50x40.JPG?ad8d1b116c121fbc85d2e92ba6430d59959ea093
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: efb9cf046162368a8deaa49ecad329158eccb03d6f4caefaecb7e83dac394fda

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 06 Aug 2021 04:07:13 GMT
Last-Modified: Fri, 06 Aug 2021 04:05:08 GMT
Age: 1306963
ETag: "974307865"
X-Cache: HIT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Expires: Sun, 05 Sep 2021 04:07:13 GMT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2317
X-Cache-Hits: 8855

GET
H/1.1 200
OK KU_bkc_washburn_camp-3_r50x40.jpg
worldonline.media.clients.ellingtoncms.com/img/photos/2021/06/15/ 2 KB
2 KB 103ms
103ms Image
image/jpeg 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://worldonline.media.clients.ellingtoncms.com/img/photos/2021/06/15/KU_bkc_washburn_camp-3_r50x40.jpg?ad8d1b116c121fbc85d2e92ba6430d59959ea093
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: c58c505aca5b0e7adb2a8c9af7acc3468a2180163443a84ed34f76696d082253

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 17 Aug 2021 15:48:14 GMT
Last-Modified: Fri, 18 Jun 2021 15:42:55 GMT
Age: 314502
ETag: "2341846595"
X-Cache: HIT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Expires: Thu, 16 Sep 2021 15:48:14 GMT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1915
X-Cache-Hits: 2769

GET
H/1.1 200
OK KU_bkc_washburn_camp-2_r50x40.jpg
worldonline.media.clients.ellingtoncms.com/img/photos/2021/06/15/ 2 KB
3 KB 104ms
103ms Image
image/jpeg 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://worldonline.media.clients.ellingtoncms.com/img/photos/2021/06/15/KU_bkc_washburn_camp-2_r50x40.jpg?ad8d1b116c121fbc85d2e92ba6430d59959ea093
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: adc019b1e318271934b5121cd64b271a3414d1d228fc37903345ee3140c0edc9

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 17 Aug 2021 15:48:14 GMT
Last-Modified: Fri, 18 Jun 2021 15:42:55 GMT
Age: 314502
ETag: "437567125"
X-Cache: HIT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Expires: Thu, 16 Sep 2021 15:48:14 GMT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2286
X-Cache-Hits: 2758

GET
H/1.1 200
OK KU_bkc_washburn_camp-5_r50x40.jpg
worldonline.media.clients.ellingtoncms.com/img/photos/2021/06/15/ 2 KB
2 KB 105ms
105ms Image
image/jpeg 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://worldonline.media.clients.ellingtoncms.com/img/photos/2021/06/15/KU_bkc_washburn_camp-5_r50x40.jpg?ad8d1b116c121fbc85d2e92ba6430d59959ea093
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: 1ec1b64569213e566a1f2e7f414d74ce31fa934122c5d9e027edb3c0e5dc0ce6

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 17 Aug 2021 15:48:14 GMT
Last-Modified: Fri, 18 Jun 2021 15:42:55 GMT
Age: 314502
ETag: "494780051"
X-Cache: HIT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Expires: Thu, 16 Sep 2021 15:48:14 GMT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2188
X-Cache-Hits: 2756

GET
H/1.1 200
OK KU_bkc_washburn_camp-6_r50x40.jpg
worldonline.media.clients.ellingtoncms.com/img/photos/2021/06/15/ 2 KB
3 KB 104ms
103ms Image
image/jpeg 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://worldonline.media.clients.ellingtoncms.com/img/photos/2021/06/15/KU_bkc_washburn_camp-6_r50x40.jpg?ad8d1b116c121fbc85d2e92ba6430d59959ea093
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: a2d074f404db6be35db76b540d112b50368171d1732902a10aada039c9ee6123

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 17 Aug 2021 15:46:06 GMT
Last-Modified: Fri, 18 Jun 2021 15:42:56 GMT
Age: 314630
ETag: "2877079194"
X-Cache: HIT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Expires: Thu, 16 Sep 2021 15:46:06 GMT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2434
X-Cache-Hits: 2774

GET
H/1.1 200
OK KU_bkc_washburn_camp-1_r50x40.jpg
worldonline.media.clients.ellingtoncms.com/img/photos/2021/06/15/ 2 KB
3 KB 132ms
132ms Image
image/jpeg 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://worldonline.media.clients.ellingtoncms.com/img/photos/2021/06/15/KU_bkc_washburn_camp-1_r50x40.jpg?ad8d1b116c121fbc85d2e92ba6430d59959ea093
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: 7bed20d98b7e5a7f90dd7a52439a559903fcaae26215767eb9cfd86fa6de9368

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 17 Aug 2021 15:48:45 GMT
Last-Modified: Fri, 18 Jun 2021 15:42:56 GMT
Age: 314470
ETag: "2575285908"
X-Cache: HIT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Expires: Thu, 16 Sep 2021 15:48:45 GMT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2300
X-Cache-Hits: 2380

GET
H/1.1 200
OK ku_fbc_leipold_presser-9_r50x40.jpg
worldonline.media.clients.ellingtoncms.com/img/photos/2021/05/03/ 2 KB
3 KB 104ms
103ms Image
image/jpeg 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://worldonline.media.clients.ellingtoncms.com/img/photos/2021/05/03/ku_fbc_leipold_presser-9_r50x40.jpg?ad8d1b116c121fbc85d2e92ba6430d59959ea093
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: 0f8255be3850044a56c22e52aa672b62f08ee46a5b58bdffe989a32f53a507a4

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 01 Aug 2021 17:50:03 GMT
Last-Modified: Mon, 03 May 2021 17:48:19 GMT
Age: 1689593
ETag: "3712605452"
X-Cache: HIT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Expires: Tue, 31 Aug 2021 17:50:03 GMT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2349
X-Cache-Hits: 7004

GET
H/1.1 200
OK ku_fbc_leipold_presser-11_r50x40.jpg
worldonline.media.clients.ellingtoncms.com/img/photos/2021/05/03/ 2 KB
2 KB 374ms
373ms Image
image/jpeg 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://worldonline.media.clients.ellingtoncms.com/img/photos/2021/05/03/ku_fbc_leipold_presser-11_r50x40.jpg?ad8d1b116c121fbc85d2e92ba6430d59959ea093
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: 7a392aff832fda02ab5453f9fe8f6a0d243dcfcdd2ab6416271e2c69e1e1f49c

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 01 Aug 2021 17:50:03 GMT
Last-Modified: Mon, 03 May 2021 17:48:19 GMT
Age: 1689593
ETag: "3410877704"
X-Cache: HIT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Expires: Tue, 31 Aug 2021 17:50:03 GMT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2155
X-Cache-Hits: 7009

GET
H/1.1 200
OK ku_fbc_leipold_presser-17_r50x40.jpg
worldonline.media.clients.ellingtoncms.com/img/photos/2021/05/03/ 2 KB
2 KB 105ms
105ms Image
image/jpeg 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://worldonline.media.clients.ellingtoncms.com/img/photos/2021/05/03/ku_fbc_leipold_presser-17_r50x40.jpg?ad8d1b116c121fbc85d2e92ba6430d59959ea093
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: 66e7511656064992603c104af628bbc2dde9b48e02acc219e75cd38a1e4269c5

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 01 Aug 2021 17:50:03 GMT
Last-Modified: Mon, 03 May 2021 17:48:19 GMT
Age: 1689593
ETag: "3937328392"
X-Cache: HIT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Expires: Tue, 31 Aug 2021 17:50:03 GMT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2176
X-Cache-Hits: 7017

GET
H/1.1 200
OK ku_fbc_leipold_presser-16_r50x40.jpg
worldonline.media.clients.ellingtoncms.com/img/photos/2021/05/03/ 2 KB
2 KB 131ms
131ms Image
image/jpeg 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://worldonline.media.clients.ellingtoncms.com/img/photos/2021/05/03/ku_fbc_leipold_presser-16_r50x40.jpg?ad8d1b116c121fbc85d2e92ba6430d59959ea093
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: d19014113c6e3bc66cce58926e871c6dededdc36814e53e452c2e4105794deeb

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 01 Aug 2021 17:50:03 GMT
Last-Modified: Mon, 03 May 2021 17:48:19 GMT
Age: 1689593
ETag: "179100938"
X-Cache: HIT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Expires: Tue, 31 Aug 2021 17:50:03 GMT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2096
X-Cache-Hits: 7019

GET
H/1.1 200
OK ku_fbc_leipold_presser-14_r50x40.jpg
worldonline.media.clients.ellingtoncms.com/img/photos/2021/05/03/ 2 KB
2 KB 103ms
103ms Image
image/jpeg 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://worldonline.media.clients.ellingtoncms.com/img/photos/2021/05/03/ku_fbc_leipold_presser-14_r50x40.jpg?ad8d1b116c121fbc85d2e92ba6430d59959ea093
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: cfe02651cc3b330b3f3f3753625c6a041d93fd68843c59a635002c1f04a27bda

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 01 Aug 2021 17:50:03 GMT
Last-Modified: Mon, 03 May 2021 17:48:20 GMT
Age: 1689593
ETag: "2309675041"
X-Cache: HIT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Expires: Tue, 31 Aug 2021 17:50:03 GMT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2110
X-Cache-Hits: 6534

GET
H/1.1 200
OK AP21208561360574_r90x60.jpg
worldonline.media.clients.ellingtoncms.com/img/photos/2021/08/20/ 4 KB
4 KB 104ms
104ms Image
image/jpeg 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://worldonline.media.clients.ellingtoncms.com/img/photos/2021/08/20/AP21208561360574_r90x60.jpg?781011941c6c07bdfc65b7b14fce7e91909b1ea6
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: abbd59f9adfee346bc15ba4bf83884ddd51a2faaca24f5b10a27da977c113dc1

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 21:05:11 GMT
Last-Modified: Fri, 20 Aug 2021 21:04:25 GMT
Age: 36284
ETag: "1524779873"
X-Cache: HIT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Expires: Sun, 19 Sep 2021 21:05:11 GMT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4007
X-Cache-Hits: 254

GET
H/1.1 200
OK unnamed_r90x60.jpg
worldonline.media.clients.ellingtoncms.com/img/photos/2021/08/19/ 2 KB
3 KB 104ms
103ms Image
image/jpeg 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://worldonline.media.clients.ellingtoncms.com/img/photos/2021/08/19/unnamed_r90x60.jpg?781011941c6c07bdfc65b7b14fce7e91909b1ea6
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: 86bf95b1170e8103cd8524d40829bdca306fdaa62b8a33b6d156fb80fd251abf

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 23:48:59 GMT
Last-Modified: Thu, 19 Aug 2021 23:48:07 GMT
Age: 112856
ETag: "3714251574"
X-Cache: HIT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Expires: Sat, 18 Sep 2021 23:48:59 GMT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2209
X-Cache-Hits: 1059

GET
H/1.1 200
OK 8_19_ku_fbc_wilson_r90x60.jpg
worldonline.media.clients.ellingtoncms.com/img/photos/2021/08/19/ 5 KB
5 KB 104ms
104ms Image
image/jpeg 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://worldonline.media.clients.ellingtoncms.com/img/photos/2021/08/19/8_19_ku_fbc_wilson_r90x60.jpg?781011941c6c07bdfc65b7b14fce7e91909b1ea6
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: 7b44242b62ec6d2fd82a18e158c43f007596cc54a3b5af6e2f60882f2f423c3d

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 17:25:35 GMT
Last-Modified: Thu, 19 Aug 2021 17:21:29 GMT
Age: 135861
ETag: "3070313089"
X-Cache: HIT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Expires: Sat, 18 Sep 2021 17:25:35 GMT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4770
X-Cache-Hits: 631

GET
H/1.1 200
OK 8_19_RMcG_IMG_6465_r90x60.jpg
worldonline.media.clients.ellingtoncms.com/img/photos/2021/08/19/ 4 KB
4 KB 104ms
104ms Image
image/jpeg 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://worldonline.media.clients.ellingtoncms.com/img/photos/2021/08/19/8_19_RMcG_IMG_6465_r90x60.jpg?781011941c6c07bdfc65b7b14fce7e91909b1ea6
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: 39457b13b9249a12ddc4a950786592c50037a04f39fe53286437d34c8b59caba

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 17:04:59 GMT
Last-Modified: Thu, 19 Aug 2021 17:03:37 GMT
Age: 137097
ETag: "3257320355"
X-Cache: HIT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Expires: Sat, 18 Sep 2021 17:04:59 GMT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4102
X-Cache-Hits: 641

GET
H/1.1 200
OK 8_18_Trevor_Wilson_r90x60.jpg
worldonline.media.clients.ellingtoncms.com/img/photos/2021/08/18/ 4 KB
4 KB 104ms
103ms Image
image/jpeg 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://worldonline.media.clients.ellingtoncms.com/img/photos/2021/08/18/8_18_Trevor_Wilson_r90x60.jpg?781011941c6c07bdfc65b7b14fce7e91909b1ea6
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: 9012780938c6b68f83f65ac3fdf82858d88944d65dded8fb9b3391acbb476d14

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 18 Aug 2021 17:31:07 GMT
Last-Modified: Wed, 18 Aug 2021 17:29:58 GMT
Age: 221929
ETag: "3338487555"
X-Cache: HIT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Expires: Fri, 17 Sep 2021 17:31:07 GMT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3592
X-Cache-Hits: 959

GET
H/1.1 200
OK ku_fbc_presser-10_r90x60.jpg
worldonline.media.clients.ellingtoncms.com/img/photos/2021/08/17/ 4 KB
4 KB 104ms
104ms Image
image/jpeg 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://worldonline.media.clients.ellingtoncms.com/img/photos/2021/08/17/ku_fbc_presser-10_r90x60.jpg?781011941c6c07bdfc65b7b14fce7e91909b1ea6
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: a28911c4d1772a78d6695cedbc8ee91270f45522cf68d01747d771401647b6ee

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 18 Aug 2021 14:51:53 GMT
Last-Modified: Wed, 18 Aug 2021 14:47:23 GMT
Age: 231483
ETag: "3397507936"
X-Cache: HIT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Expires: Fri, 17 Sep 2021 14:51:53 GMT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4107
X-Cache-Hits: 925

GET
H/1.1 200
OK ku_fbc_presser-5_r90x60.jpg
worldonline.media.clients.ellingtoncms.com/img/photos/2021/08/17/ 3 KB
4 KB 104ms
104ms Image
image/jpeg 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://worldonline.media.clients.ellingtoncms.com/img/photos/2021/08/17/ku_fbc_presser-5_r90x60.jpg?781011941c6c07bdfc65b7b14fce7e91909b1ea6
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: f941d2795ca2cb77b8c28fbfdb69b10bdac6f1cc4fb8bea5352e5c11ca87f4b6

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 18 Aug 2021 02:40:43 GMT
Last-Modified: Wed, 18 Aug 2021 02:39:14 GMT
Age: 275353
ETag: "2563102345"
X-Cache: HIT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Expires: Fri, 17 Sep 2021 02:40:43 GMT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3471
X-Cache-Hits: 1199

GET
H/1.1 200
OK ku_fbc_presser-1_r90x60.jpg
worldonline.media.clients.ellingtoncms.com/img/photos/2021/08/17/ 4 KB
4 KB 104ms
103ms Image
image/jpeg 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://worldonline.media.clients.ellingtoncms.com/img/photos/2021/08/17/ku_fbc_presser-1_r90x60.jpg?781011941c6c07bdfc65b7b14fce7e91909b1ea6
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: 7570438a0529b26bd6717920c1bb18389b0b0daa24f5e58a6f86585cce3eb198

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 18 Aug 2021 02:42:25 GMT
Last-Modified: Wed, 18 Aug 2021 02:41:39 GMT
Age: 275251
ETag: "4234464002"
X-Cache: HIT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Expires: Fri, 17 Sep 2021 02:42:25 GMT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3712
X-Cache-Hits: 1188

GET
H/1.1 200
OK 3C6EA2EA-8A00-4D2B-9729-0D992C0E1A4B_1C91zaW_r90x60.jpeg
worldonline.media.clients.ellingtoncms.com/img/photos/2021/08/14/ 4 KB
4 KB 104ms
103ms Image
image/jpeg 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://worldonline.media.clients.ellingtoncms.com/img/photos/2021/08/14/3C6EA2EA-8A00-4D2B-9729-0D992C0E1A4B_1C91zaW_r90x60.jpeg?781011941c6c07bdfc65b7b14fce7e91909b1ea6
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: 083b830df1f0be4914c02cc6d70b7b8c90b64cdc392146adeede388503b30e0a

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 14 Aug 2021 17:00:16 GMT
Last-Modified: Sat, 14 Aug 2021 17:00:04 GMT
Age: 569381
ETag: "744410224"
X-Cache: HIT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Expires: Mon, 13 Sep 2021 17:00:16 GMT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3897
X-Cache-Hits: 2121

GET
H/1.1 200
OK 3C6EA2EA-8A00-4D2B-9729-0D992C0E1A4B_r90x60.jpeg
worldonline.media.clients.ellingtoncms.com/img/photos/2021/08/14/ 4 KB
4 KB 349ms
348ms Image
image/jpeg 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://worldonline.media.clients.ellingtoncms.com/img/photos/2021/08/14/3C6EA2EA-8A00-4D2B-9729-0D992C0E1A4B_r90x60.jpeg?781011941c6c07bdfc65b7b14fce7e91909b1ea6
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: 083b830df1f0be4914c02cc6d70b7b8c90b64cdc392146adeede388503b30e0a

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 14 Aug 2021 17:00:16 GMT
Last-Modified: Sat, 14 Aug 2021 17:00:04 GMT
Age: 569381
ETag: "744475760"
X-Cache: HIT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Expires: Mon, 13 Sep 2021 17:00:16 GMT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3897
X-Cache-Hits: 2117

GET
H/1.1 200
OK ku_fbc_practice-18_r90x60.jpg
worldonline.media.clients.ellingtoncms.com/img/photos/2021/08/14/ 4 KB
4 KB 144ms
144ms Image
image/jpeg 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://worldonline.media.clients.ellingtoncms.com/img/photos/2021/08/14/ku_fbc_practice-18_r90x60.jpg?781011941c6c07bdfc65b7b14fce7e91909b1ea6
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: bee87022a9100fad82223a830c766f130393205ab22823c26abf16c8a1023df2

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 14 Aug 2021 19:15:05 GMT
Last-Modified: Sat, 14 Aug 2021 19:11:50 GMT
Age: 561291
ETag: "3161837955"
X-Cache: HIT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Expires: Mon, 13 Sep 2021 19:15:05 GMT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4234
X-Cache-Hits: 2202

GET
H/1.1 200
OK ku_fbc_practice-16_r90x60.jpg
worldonline.media.clients.ellingtoncms.com/img/photos/2021/08/14/ 4 KB
5 KB 104ms
103ms Image
image/jpeg 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://worldonline.media.clients.ellingtoncms.com/img/photos/2021/08/14/ku_fbc_practice-16_r90x60.jpg?781011941c6c07bdfc65b7b14fce7e91909b1ea6
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: 015090622f85a98899567e1af638e780559ecee6ac757e2b7fec302ee941b199

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 14 Aug 2021 19:11:49 GMT
Last-Modified: Sat, 14 Aug 2021 19:10:57 GMT
Age: 561487
ETag: "483775754"
X-Cache: HIT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Expires: Mon, 13 Sep 2021 19:11:49 GMT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4595
X-Cache-Hits: 2228

GET
H/1.1 200
OK site.js Show response
worldonline.media.clients.ellingtoncms.com/static/kusports.com/javascript/ 8 KB
9 KB 104ms
103ms Script
text/javascript 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL: http://worldonline.media.clients.ellingtoncms.com/static/kusports.com/javascript/site.js
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: 762f2135d7f709ed01ed2a4829ac28b051d6df007aec607df238d60950b03453

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:09:39 GMT
Last-Modified: Tue, 24 Feb 2015 21:33:28 GMT
Age: 15
ETag: "475726466"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8431
X-Cache-Hits: 2

GET
H/1.1 200
OK jquery.ui.js Show response
worldonline.media.clients.ellingtoncms.com/static/ellington_defaults/2.2.0/javascript/thirdparty/ 188 KB
188 KB 118ms
117ms Script
text/javascript 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL: http://worldonline.media.clients.ellingtoncms.com/static/ellington_defaults/2.2.0/javascript/thirdparty/jquery.ui.js
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: f515ed490405435b0c8a7ede74fd2c8e7834ee45c81aa76db3736fe50dc1da87

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:08:47 GMT
Last-Modified: Thu, 13 Mar 2014 08:57:18 GMT
Age: 67
ETag: "3699883348"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 192328
X-Cache-Hits: 3

GET
H/1.1 200
OK jquery.lightbox_me.js Show response
worldonline.media.clients.ellingtoncms.com/static/worldonline_defaults/javascript/3p/lightbox_me/ 9 KB
10 KB 355ms
351ms Script
text/javascript 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL: http://worldonline.media.clients.ellingtoncms.com/static/worldonline_defaults/javascript/3p/lightbox_me/jquery.lightbox_me.js
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: be18e4f5d4b03d521cd77cab0bd078809764b28e93abd36def170df9b9a93411

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:08:48 GMT
Last-Modified: Wed, 30 Jan 2013 22:35:06 GMT
Age: 67
ETag: "1718161862"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9630
X-Cache-Hits: 3

GET
H/1.1 200
OK jquery.autofocus-min.js Show response
worldonline.media.clients.ellingtoncms.com/static/worldonline_defaults/javascript/3p/ 205 B
520 B 108ms
103ms Script
text/javascript 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL: http://worldonline.media.clients.ellingtoncms.com/static/worldonline_defaults/javascript/3p/jquery.autofocus-min.js
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: 51d53492d7322fd92bdeb78693bda92a5810de0906203c9d800f36f3650e7c58

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:08:48 GMT
Last-Modified: Wed, 30 Jan 2013 22:35:06 GMT
Age: 67
ETag: "4170269388"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 205
X-Cache-Hits: 3

GET
H/1.1 200
OK wol.defaults.js Show response
worldonline.media.clients.ellingtoncms.com/static/worldonline_defaults/javascript/ 8 KB
9 KB 109ms
105ms Script
text/javascript 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL: http://worldonline.media.clients.ellingtoncms.com/static/worldonline_defaults/javascript/wol.defaults.js?v=2
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: 26e2c6e5dcba43026ac44b78c9c73bb51d099a786ca808c9a2061c3ed81625e2

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:08:48 GMT
Last-Modified: Tue, 21 Feb 2017 23:03:07 GMT
Age: 67
ETag: "4156348889"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8519
X-Cache-Hits: 3

GET
H/1.1 200
OK jquery.media.js Show response
worldonline.media.clients.ellingtoncms.com/static/ellington_default_old/javascript/ 15 KB
15 KB 124ms
120ms Script
text/javascript 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL: http://worldonline.media.clients.ellingtoncms.com/static/ellington_default_old/javascript/jquery.media.js
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: 1979e136df73c0182593b957b1ccb3c6b659c018e3ae61b13f9db6ca3377acbd

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:08:12 GMT
Last-Modified: Wed, 30 Jan 2013 22:35:38 GMT
Age: 102
ETag: "555824375"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14973
X-Cache-Hits: 4

GET
H/1.1 200
OK jquery.defaults.js Show response
worldonline.media.clients.ellingtoncms.com/static/ellington_default_old/javascript/ 9 KB
10 KB 106ms
105ms Script
text/javascript 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL: http://worldonline.media.clients.ellingtoncms.com/static/ellington_default_old/javascript/jquery.defaults.js
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: 904341d95fce95e7520a3a6ecb4d0b337038c2f5d277874a563e0e24fd90e709

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:08:12 GMT
Last-Modified: Wed, 30 Jan 2013 22:35:37 GMT
Age: 103
ETag: "2997555603"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9541
X-Cache-Hits: 4

GET
H/1.1 200
OK extended_sharingtools.js Show response
worldonline.media.clients.ellingtoncms.com/static/worldonline_defaults/javascript/ 672 B
988 B 320ms
320ms Script
text/javascript 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL: http://worldonline.media.clients.ellingtoncms.com/static/worldonline_defaults/javascript/extended_sharingtools.js
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: a821eac48e731c18eb2ed4bce2c2804add93870078ce7a75b643357e6a98a9fe

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:08:12 GMT
Last-Modified: Wed, 30 Jan 2013 22:35:06 GMT
Age: 103
ETag: "2333373124"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 672
X-Cache-Hits: 4

GET
H/1.1 200
OK repost.js Show response
worldonline.media.clients.ellingtoncms.com/static/worldonline_defaults/javascript/ 2 KB
2 KB 104ms
104ms Script
text/javascript 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL: http://worldonline.media.clients.ellingtoncms.com/static/worldonline_defaults/javascript/repost.js
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: 9e25ba946939ee4a3d6b5acc652b3a3d3c87f0b982d9a35b9fd19f37b3bee4ab

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:08:12 GMT
Last-Modified: Wed, 30 Jan 2013 22:35:06 GMT
Age: 103
ETag: "3270185738"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2098
X-Cache-Hits: 4

GET
H2 200 toeMSvHmP_4fPO2bOZYY87iEN82c5Cz4OimLjg_YbLj670aB-v2iE843QETaIw-2wkW6Lth0vCX Show response
quizzicalzephyr.com/v2/0/ 103 KB
30 KB 315ms
218ms Script
text/javascript 35.190.90.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://quizzicalzephyr.com/v2/0/toeMSvHmP_4fPO2bOZYY87iEN82c5Cz4OimLjg_YbLj670aB-v2iE843QETaIw-2wkW6Lth0vCX

Requested by

Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.90.202 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

202.90.190.35.bc.googleusercontent.com

Software

Resource Hash

b52b462981cc78e389d0dbc4ab48681864af602bf8521a7734a7f05283d26e6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
x-datacenter: gce-europe-west1
etag: "c2a37fbae21dfa75bb7d7c2be5d1908219507383e14253fc44df5dfdfd1918ec"
vary: Accept-Encoding, Accept-Language
x-hostname: 0586a9fb
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
date: Sat, 21 Aug 2021 07:09:55 GMT
timing-allow-origin: *

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ 72 KB
25 KB 21ms
14ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/

Protocol

HTTP/1.1

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

940d55f419c328ba45d8a3a4a669eddf2cf116e87c712e3d06d5fd467304dc0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:09:55 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "965 / 380 of 1000 / last-modified: 1629497315"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin: *
Content-Length: 25320
X-XSS-Protection: 0
Expires: Sat, 21 Aug 2021 07:09:55 GMT

GET
H2

200

fbevents.js Show response
connect.facebook.net/en_US/
Redirect Chain

http://connect.facebook.net/en_US/fbevents.js
https://connect.facebook.net/en_US/fbevents.js

98 KB
25 KB

6ms
6ms

Script
application/x-javascript

2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

525f091870c1282bb4823f9e64192983f1652a3bbc84c97ca5e6c4f063ca6e82

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25940
x-xss-protection: 0
pragma: public
x-fb-debug: 7jtXVt80P3iWqGm8QhH1uYVrEpkDomthFHOOixQaywtS1tXY2u82ivKmt2z770bjePhLFUhpyxZEbeRNnA3AjA==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Sat, 21 Aug 2021 07:09:55 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

Redirect headers

Location: https://connect.facebook.net/en_US/fbevents.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK loader.js Show response
cdn.taboola.com/libtrc/theworldcompany-network/ 273 KB
30 KB 47ms
32ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.taboola.com/libtrc/theworldcompany-network/loader.js
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12799f0e028306ffe86cee47fffbfcb2d8c7bab99ab331348d6accb79b3ce11b

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 4aMJ6rFIvGHRoRjycb6iwuZ3kI9zGD0n
Content-Encoding: gzip
ETag: "b1ed34ecb06d2e6dea296eb40704f999"
Age: 67
X-Cache: HIT
Connection: keep-alive
Content-Length: 30416
x-amz-id-2: K6ykKQPmGhUVEqiUm0BKxYXc3hXVLsVnTReOcEodTrXW191N4eGiIS+1SJn7FzXwAWb6VaCONEc=
X-Served-By: cache-fra19130-FRA
Last-Modified: Thu, 19 Aug 2021 11:32:01 GMT
Server: AmazonS3
X-Timer: S1629529796.655928,VS0,VE1
Date: Sat, 21 Aug 2021 07:09:55 GMT
Vary: Accept-Encoding
x-amz-request-id: J2TKQ31537WBPYH1
Via: 1.1 varnish
Cache-Control: private,max-age=14401
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
abp: 89
X-Cache-Hits: 1

GET
H2 200 88b48cd9-e40a-4c18-8297-ecf618708ada.js Show response
d2s8wlbatk24s7.cloudfront.net/service/js/ 51 KB
17 KB 59ms
15ms XHR
application/javascript 2600:9000:2190:5000:d:77c3:2dc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2s8wlbatk24s7.cloudfront.net/service/js/88b48cd9-e40a-4c18-8297-ecf618708ada.js
Requested by: Host: cdn.includemodal.com
URL: http://cdn.includemodal.com/sp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:5000:d:77c3:2dc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 1a2dbac6703072221e5f364d332a9c6fae19f29effdf189d2d43362f5a75a650

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 04:26:47 GMT
content-encoding: gzip
server: nginx/1.10.3 (Ubuntu)
age: 9788
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 14400
cache-control: public, max-age=14400
x-cache: Hit from cloudfront
x-amz-cf-pop: ZRH50-C1
access-control-allow-headers: *
x-amz-cf-id: 0y5J-KtCNSHMqEmlDVyJf__6fcsAzCV0Al_akFuR6b4Vr7Zi6t8WHw==
via: 1.1 3a17ea4b3f6bdbc694c3ec0645d21b5e.cloudfront.net (CloudFront)

GET
H2 200 6fae6b69d349c48f
pixel.sitescout.com/up/ 43 B
267 B 702ms
413ms Image
image/gif 66.155.71.149
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/up/6fae6b69d349c48f?cntr_url=http%3A%2F%2Fwww2.kusports.com%2Fusers%2Fjosephinecsanford%2F
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:09:55 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
cache-control: max-age=0,no-cache,no-store
content-type: image/gif
content-length: 43
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1 200
OK bg.png
worldonline.media.clients.ellingtoncms.com/static/kusports.com/images/dark-red/ 3 KB
3 KB 231ms
151ms Image
image/png 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://worldonline.media.clients.ellingtoncms.com/static/kusports.com/images/dark-red/bg.png
Requested by: Host: worldonline.media.clients.ellingtoncms.com
URL: http://worldonline.media.clients.ellingtoncms.com/static/kusports.com/stylesheets/core.css?123
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: e08ca95e336aa2064ca626b92a88312bc0085957dc3c51667973c5bba0dde4ef

Request headers

Referer: http://worldonline.media.clients.ellingtoncms.com/static/kusports.com/stylesheets/core.css?123
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:09:55 GMT
Last-Modified: Wed, 30 Jan 2013 22:35:35 GMT
Age: 0
ETag: "3868070738"
X-Cache: MISS
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2731
X-Cache-Hits: 0

GET
H/1.1 200
OK gradient_bg.png
worldonline.media.clients.ellingtoncms.com/static/kusports.com/images/dark-red/ 36 KB
37 KB 233ms
130ms Image
image/png 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://worldonline.media.clients.ellingtoncms.com/static/kusports.com/images/dark-red/gradient_bg.png
Requested by: Host: worldonline.media.clients.ellingtoncms.com
URL: http://worldonline.media.clients.ellingtoncms.com/static/kusports.com/stylesheets/core.css?123
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: c28e3960e5eb7dc2d9f678c56b2f5506bc09695a823f858c0075a4a50ed323a6

Request headers

Referer: http://worldonline.media.clients.ellingtoncms.com/static/kusports.com/stylesheets/core.css?123
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:09:55 GMT
Last-Modified: Wed, 30 Jan 2013 22:35:35 GMT
Age: 0
ETag: "3514901706"
X-Cache: MISS
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 37309
X-Cache-Hits: 0

GET
H/1.1 200
OK logotab.png
worldonline.media.clients.ellingtoncms.com/static/kusports.com/images/dark-red/ 2 KB
2 KB 338ms
107ms Image
image/png 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://worldonline.media.clients.ellingtoncms.com/static/kusports.com/images/dark-red/logotab.png
Requested by: Host: worldonline.media.clients.ellingtoncms.com
URL: http://worldonline.media.clients.ellingtoncms.com/static/kusports.com/stylesheets/core.css?123
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: 47c5e249b77f4d899201515137948aa576e757aface0c78258050ba529136518

Request headers

Referer: http://worldonline.media.clients.ellingtoncms.com/static/kusports.com/stylesheets/core.css?123
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:09:55 GMT
Last-Modified: Wed, 30 Jan 2013 22:35:35 GMT
Age: 0
ETag: "1384649564"
X-Cache: MISS
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2089
X-Cache-Hits: 0

GET
H/1.1 200
OK white_30.png
worldonline.media.clients.ellingtoncms.com/static/kusports.com/images/transparent/ 118 B
404 B 411ms
105ms Image
image/png 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://worldonline.media.clients.ellingtoncms.com/static/kusports.com/images/transparent/white_30.png
Requested by: Host: worldonline.media.clients.ellingtoncms.com
URL: http://worldonline.media.clients.ellingtoncms.com/static/kusports.com/stylesheets/core.css?123
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: 4289c6d28867186710bae0634f34ae387a75c785504a7011092e04ba518f31a5

Request headers

Referer: http://worldonline.media.clients.ellingtoncms.com/static/kusports.com/stylesheets/core.css?123
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:09:55 GMT
Last-Modified: Wed, 30 Jan 2013 22:35:35 GMT
Age: 0
ETag: "1192710824"
X-Cache: MISS
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 118
X-Cache-Hits: 0

GET
H/1.1 200
OK button_bg.gif
worldonline.media.clients.ellingtoncms.com/static/ellington_default_old/images/ 274 B
559 B 696ms
340ms Image
image/gif 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://worldonline.media.clients.ellingtoncms.com/static/ellington_default_old/images/button_bg.gif
Requested by: Host: worldonline.media.clients.ellingtoncms.com
URL: http://worldonline.media.clients.ellingtoncms.com/static/kusports.com/stylesheets/core.css?123
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: e2d3f8696617c48a1f82529015ed2050d19c0a961a7249466dbb16456fe733bc

Request headers

Referer: http://worldonline.media.clients.ellingtoncms.com/static/kusports.com/stylesheets/core.css?123
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:09:56 GMT
Last-Modified: Wed, 30 Jan 2013 22:35:39 GMT
Age: 0
ETag: "271665826"
X-Cache: MISS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 274
X-Cache-Hits: 0

GET
H/1.1 200
OK white_20.png
worldonline.media.clients.ellingtoncms.com/static/kusports.com/images/transparent/ 118 B
404 B 426ms
106ms Image
image/png 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://worldonline.media.clients.ellingtoncms.com/static/kusports.com/images/transparent/white_20.png
Requested by: Host: worldonline.media.clients.ellingtoncms.com
URL: http://worldonline.media.clients.ellingtoncms.com/static/kusports.com/stylesheets/core.css?123
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: c811c1d4d37f09db4679371b49b0c876fa0f66aa47963274b176c824a64ae3ea

Request headers

Referer: http://worldonline.media.clients.ellingtoncms.com/static/kusports.com/stylesheets/core.css?123
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:09:55 GMT
Last-Modified: Wed, 30 Jan 2013 22:35:35 GMT
Age: 0
ETag: "1192716968"
X-Cache: MISS
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 118
X-Cache-Hits: 0

GET
H/1.1 200
OK black_20.png
worldonline.media.clients.ellingtoncms.com/static/kusports.com/images/transparent/ 118 B
403 B 517ms
103ms Image
image/png 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://worldonline.media.clients.ellingtoncms.com/static/kusports.com/images/transparent/black_20.png
Requested by: Host: worldonline.media.clients.ellingtoncms.com
URL: http://worldonline.media.clients.ellingtoncms.com/static/kusports.com/stylesheets/core.css?123
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: 15cd950fdf0a22946139981c83584014730ea322856de684bbb7b9a638e99330

Request headers

Referer: http://worldonline.media.clients.ellingtoncms.com/static/kusports.com/stylesheets/core.css?123
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:09:55 GMT
Last-Modified: Wed, 30 Jan 2013 22:35:35 GMT
Age: 0
ETag: "1192579752"
X-Cache: HIT
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 118
X-Cache-Hits: 1

GET
H/1.1 200
OK sidebar_grey_bg.png
worldonline.media.clients.ellingtoncms.com/static/kusports.com/images/misc/ 146 B
430 B 460ms
103ms Image
image/png 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://worldonline.media.clients.ellingtoncms.com/static/kusports.com/images/misc/sidebar_grey_bg.png
Requested by: Host: worldonline.media.clients.ellingtoncms.com
URL: http://worldonline.media.clients.ellingtoncms.com/static/kusports.com/stylesheets/core.css?123
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: b98008ad770fed8298d565a3ee5da7d233895b23d0a9e13cae7f92c5ac15d7e9

Request headers

Referer: http://worldonline.media.clients.ellingtoncms.com/static/kusports.com/stylesheets/core.css?123
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:09:50 GMT
Last-Modified: Wed, 30 Jan 2013 22:35:35 GMT
Age: 5
ETag: "353532584"
X-Cache: HIT
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 146
X-Cache-Hits: 1

GET
H/1.1 200
OK sidebar_header_grey_bg.png
worldonline.media.clients.ellingtoncms.com/static/kusports.com/images/misc/ 170 B
454 B 503ms
103ms Image
image/png 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://worldonline.media.clients.ellingtoncms.com/static/kusports.com/images/misc/sidebar_header_grey_bg.png
Requested by: Host: worldonline.media.clients.ellingtoncms.com
URL: http://worldonline.media.clients.ellingtoncms.com/static/kusports.com/stylesheets/core.css?123
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: aa5f185e7c327bc34525d29785309cdb9ecb8a470be2af0bfbef85d6317feb61

Request headers

Referer: http://worldonline.media.clients.ellingtoncms.com/static/kusports.com/stylesheets/core.css?123
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:09:50 GMT
Last-Modified: Wed, 30 Jan 2013 22:35:35 GMT
Age: 5
ETag: "638739112"
X-Cache: HIT
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 170
X-Cache-Hits: 1

GET
H2 200 pubads_impl_2021081701.js Show response
securepubads.g.doubleclick.net/gpt/ 328 KB
115 KB 597ms
49ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

416c66b64adf83bfdfcdd37b98c3d88ae15cc77370bd0f7b5edcc3e5b480e641

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:09:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 17 Aug 2021 08:38:29 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117161
x-xss-protection: 0
expires: Sat, 21 Aug 2021 07:09:56 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 90 B
744 B 330ms
32ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www2.kusports.com

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

c62a47cec69600ead1bf26de0cb7de0c64486dd08172d2b17135c4af30bacd89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 21 Aug 2021 07:09:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87
x-xss-protection: 0
expires: Sat, 21 Aug 2021 07:09:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQ7KXJ6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 6974
date: Sat, 21 Aug 2021 05:13:41 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Sat, 21 Aug 2021 07:13:41 GMT

GET
H3-29 200 226738544330346 Show response
connect.facebook.net/signals/config/ 253 KB
72 KB 131ms
130ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/226738544330346?v=2.9.44&r=stable

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b66082b1f2d1671e280bd82da4bdd27a857cc0774015d781f1e29ef093ac94f4

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: PpMosUcF5KJnCZPK/yjxANF3U7F/PmmxYn6XNf8QlSewXDFDV47wuQOU6VdWt7voNzTWSF1xx6Uak1fGqJW2Yw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 21 Aug 2021 07:09:55 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 27ms
13ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=885956563&t=pageview&_s=1&dl=http%3A%2F%2Fwww2.kusports.com%2Fusers%2Fjosephinecsanford%2F&ul=en-us&de=UTF-8&dt=User%20profile%20for%20josephinecsanford%20%7C%20KUsports.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=645370063&gjid=1974177741&cid=615099382.1629529796&tid=UA-381152-3&_gid=2045047944.1629529796&_r=1&gtm=2wg8i0NQ7KXJ6&cd2=&cd3=&z=1348616487

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:09:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www2.kusports.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
91 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-381152-3&cid=615099382.1629529796&jid=645370063&gjid=1974177741&_gid=2045047944.1629529796&_u=YEBAAEAAAAAAAC~&z=953595350

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 21 Aug 2021 07:09:55 GMT
content-type: text/plain
access-control-allow-origin: http://www2.kusports.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
180 B 17ms
16ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-381152-3&cid=615099382.1629529796&jid=645370063&_u=YEBAAEAAAAAAAC~&z=77261460

Requested by

Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:09:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 17ms
17ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-381152-3&cid=615099382.1629529796&jid=645370063&_u=YEBAAEAAAAAAAC~&z=77261460

Requested by

Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:09:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 18ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=226738544330346&ev=PageView&dl=http%3A%2F%2Fwww2.kusports.com%2Fusers%2Fjosephinecsanford%2F&rl=&if=false&ts=1629529795855&sw=1600&sh=1200&v=2.9.44&r=stable&ec=0&o=30&fbp=fb.1.1629529795853.1967162369&it=1629529795696&coo=false&rqm=GET

Requested by

Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:09:55 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sat, 21 Aug 2021 07:09:55 GMT

GET
H2 200 impl.20210819-5-RELEASE.js Show response
cdn.taboola.com/libtrc/ 526 KB
117 KB 344ms
23ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20210819-5-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/theworldcompany-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 06192831a43dac617bb42d64a4e83c98ceb7c25203f434f2aaddc8c036f7d239

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 9_9AcX.0YMPQHudc_PUTOI.07wiltrq7
content-encoding: br
etag: "20f63cfc409cb73baf22283412c5f792"
age: 15083
x-cache: HIT
content-length: 118993
x-amz-id-2: ej9DvoDGlvbXHdAf7RnML/lc6m9lgoQadx1UfpfcxbQCfjA5hVTzYz4grCdNl1laoMaGG1JIbro=
x-served-by: cache-fra19130-FRA
last-modified: Thu, 19 Aug 2021 10:58:27 GMT
server: AmazonS3-br
x-timer: S1629529797.513437,VS0,VE0
date: Sat, 21 Aug 2021 07:09:56 GMT
vary: Accept-Encoding
x-amz-request-id: FD1XNSDMTMS2W27D
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 15
x-cache-hits: 22418

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 418ms
264ms Script
application/javascript 13.224.96.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/theworldcompany-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-7.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 21 Aug 2021 07:03:09 GMT
content-encoding: gzip
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 408
etag: W/"1827f116c73f319409b97f10b8a58ade"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 110750d14d1d900cd5c76d0ac872f5dd.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: EAQDjUOXOo5bUszT-ec20Wn-VtKWN1RmeTKwFP7_bcAB-uRVii4bIA==

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
91 B 8ms
7ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=226738544330346&ev=Microdata&dl=http%3A%2F%2Fwww2.kusports.com%2Fusers%2Fjosephinecsanford%2F&rl=&if=false&ts=1629529796357&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22User%20profile%20for%20josephinecsanford%20%7C%20KUsports.com%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22http%3A%2F%2Fworldonline.media.clients.ellingtoncms.com%2Fstatic%2Fkusports.com%2Fimages%2Fkusports-1200.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.44&r=stable&ec=1&o=30&fbp=fb.1.1629529795853.1967162369&it=1629529795696&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:09:56 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Sat, 21 Aug 2021 07:09:56 GMT

GET
H/1.1 200
OK quant.js Show response
edge.quantserve.com/ 24 KB
9 KB 15ms
7ms Script
application/javascript 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://edge.quantserve.com/quant.js
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: HTTP/1.1
Server: 2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 95b17ad661699c049d42195b8ccd1d855045a1fcfbd20d8609a6d87fa5703810

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:09:56 GMT
Content-Encoding: gzip
Etag: "lp772EpWKwf8Kq7YKMhbuw=="
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: private, max-age=604800
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Accept-Ranges: bytes
Expires: Sat, 28 Aug 2021 07:09:56 GMT

GET
H2 200 skeleton.gif
static.adsafeprotected.com/ 43 B
259 B 107ms
33ms Image
image/gif 52.209.141.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.141.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-141-213.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:09:56 GMT
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: nginx/1.16.1
age: 14086906
etag: "45cf913e5d9d3c9b2058033056d3dd23"
x-cache-status: HIT
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 43

GET
H/1.1 200
OK tab_bg_onwhite.png
worldonline.media.clients.ellingtoncms.com/static/kusports.com/images/misc/ 141 B
425 B 121ms
103ms Image
image/png 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://worldonline.media.clients.ellingtoncms.com/static/kusports.com/images/misc/tab_bg_onwhite.png
Requested by: Host: worldonline.media.clients.ellingtoncms.com
URL: http://worldonline.media.clients.ellingtoncms.com/static/kusports.com/stylesheets/core.css?123
Protocol: HTTP/1.1
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS: *.media.clients.ellingtoncms.com
Software: /
Resource Hash: 0cdfd1d55abcd8bc48f8b30dd402e795d4c9038ea92c3072902f4bf152b2b715

Request headers

Referer: http://worldonline.media.clients.ellingtoncms.com/static/kusports.com/stylesheets/core.css?123
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:09:55 GMT
Last-Modified: Wed, 30 Jan 2013 22:35:35 GMT
Age: 1
ETag: "378688168"
X-Cache: HIT
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 141
X-Cache-Hits: 1

GET
H2 204 asyncPixelSync
pixel.sitescout.com/dmp/ Frame B1C1 0
0 250ms
250ms Document
text/plain 66.155.71.149
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash

Request headers

:method: GET
:authority: pixel.sitescout.com
:scheme: https
:path: /dmp/asyncPixelSync
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www2.kusports.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www2.kusports.com/

Response headers

cache-control: max-age=0,no-cache,no-store
pragma: no-cache
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
date: Sat, 21 Aug 2021 07:09:55 GMT
server: AC1.1

GET
H2

200

rules-p-b9OfuctfLWqtE.js Show response
rules.quantcount.com/
Redirect Chain

http://rules.quantcount.com/rules-p-b9OfuctfLWqtE.js
https://rules.quantcount.com/rules-p-b9OfuctfLWqtE.js

3 B
438 B

40ms
13ms

Script
application/javascript

2600:9000:2156:a800:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-b9OfuctfLWqtE.js
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:a800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 20:44:25 GMT
via: 1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
age: 37532
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 20:50:23 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: dEqepbzS3Y3bep4xohvTV-qmqnmmvRPUxBFRX0dM1AL3AuQVTgod4w==

Redirect headers

Date: Sat, 21 Aug 2021 07:09:56 GMT
Via: 1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: FRA50-C1
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://rules.quantcount.com/rules-p-b9OfuctfLWqtE.js
Connection: keep-alive
Content-Length: 183
X-Amz-Cf-Id: 4DSwIoubzsLRLsguH8qfPJGSWgRiHaUTcM94YCTZj5g5Pn8nkTC8fw==

GET
H2

200

pixel;r=1583474926;rf=0;a=p-b9OfuctfLWqtE;url=http%3A%2F%2Fwww2.kusports.com%2Fusers%2Fjosephinecsanford%2F;uht=2;fpan=1;fpa=P0-2113616319-1629529796597;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=eccc2c00-2021...
pixel.quantserve.com/
Redirect Chain

http://pixel.quantserve.com/pixel;r=1583474926;rf=0;a=p-b9OfuctfLWqtE;url=http%3A%2F%2Fwww2.kusports.com%2Fusers%2Fjosephinecsanford%2F;uht=2;fpan=1;fpa=P0-2113616319-1629529796597;pbcn=u;pbc=;ns=0...
https://pixel.quantserve.com/pixel;r=1583474926;rf=0;a=p-b9OfuctfLWqtE;url=http%3A%2F%2Fwww2.kusports.com%2Fusers%2Fjosephinecsanford%2F;uht=2;fpan=1;fpa=P0-2113616319-1629529796597;pbcn=u;pbc=;ns=...

35 B
372 B

25ms
9ms

Image
image/gif

2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1583474926;rf=0;a=p-b9OfuctfLWqtE;url=http%3A%2F%2Fwww2.kusports.com%2Fusers%2Fjosephinecsanford%2F;uht=2;fpan=1;fpa=P0-2113616319-1629529796597;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=eccc2c00-20210811224039;cm=;gdpr=0;ref=;d=kusports.com;je=0;sr=1600x1200x24;dst=1;et=1629529796597;tzo=-120;ogl=image.http%3A%2F%2Fworldonline%252Emedia%252Eclients%252Eellingtoncms%252Ecom%2Fstatic%2Fkusports%252Ecom%2Fimages%2Fkus

Requested by

Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:09:56 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

Redirect headers

Location: https://pixel.quantserve.com/pixel;r=1583474926;rf=0;a=p-b9OfuctfLWqtE;url=http%3A%2F%2Fwww2.kusports.com%2Fusers%2Fjosephinecsanford%2F;uht=2;fpan=1;fpa=P0-2113616319-1629529796597;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=eccc2c00-20210811224039;cm=;gdpr=0;ref=;d=kusports.com;je=0;sr=1600x1200x24;dst=1;et=1629529796597;tzo=-120;ogl=image.http%3A%2F%2Fworldonline%252Emedia%252Eclients%252Eellingtoncms%252Ecom%2Fstatic%2Fkusports%252Ecom%2Fimages%2Fkus
Date: Sat, 21 Aug 2021 07:09:56 GMT
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 0
Expires: Sun, 22 Aug 2021 07:09:56 GMT

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1629529796606&ns_c=UTF-8&cv=3.5&c8=User%20profile%20for%20josephinecsanford%20%7C%20KUsports.com&c7=http%3A%2F%2Fwww2.kusports.com%2Fu...
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1629529796606&ns_c=UTF-8&cv=3.5&c8=User%20profile%20for%20josephinecsanford%20%7C%20KUsports.com&c7=http%3A%2F%2Fwww2.kusports.com%2F...

64 B
330 B

43ms
43ms

Image
image/gif

13.224.96.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1629529796606&ns_c=UTF-8&cv=3.5&c8=User%20profile%20for%20josephinecsanford%20%7C%20KUsports.com&c7=http%3A%2F%2Fwww2.kusports.com%2Fusers%2Fjosephinecsanford%2F&c9=
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-7.zrh50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:09:56 GMT
via: 1.1 110750d14d1d900cd5c76d0ac872f5dd.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: DqPoztd5jOSLlP_VgceFgPMmnUK1-rzpn6ApoELv0fOrOCLzDBG5zA==

Redirect headers

date: Sat, 21 Aug 2021 07:09:56 GMT
via: 1.1 110750d14d1d900cd5c76d0ac872f5dd.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1629529796606&ns_c=UTF-8&cv=3.5&c8=User%20profile%20for%20josephinecsanford%20%7C%20KUsports.com&c7=http%3A%2F%2Fwww2.kusports.com%2Fusers%2Fjosephinecsanford%2F&c9=
content-length: 251
x-amz-cf-id: zsjast7sLCD3nvGVZG0QfPA_jCcu8kOXBZbBLb-gbutBlZCHrt_XvA==

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www2.kusports.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 21 Aug 2021 07:09:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www2.kusports.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 21 Aug 2021 07:09:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 16 KB
8 KB 585ms
515ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=278827156630595&correlator=1082697137052304&output=ldjh&impl=fif&eid=31062031%2C31062340%2C31062153%2C20211866%2C31062297&vrg=2021081701&ptt=17&sc=0&sfv=1-0-38&ecs=20210821&iu_parts=1024221%2CKU_lb&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=Pos%3D1&cust_params=url%3D%252Fusers%252Fjosephinecsanford%252F&cookie_enabled=1&bc=23&abxe=1&lmt=1629529754&dt=1629529796726&dlt=1629529793978&idt=2682&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=90&adks=1542960327&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=http%3A%2F%2Fwww2.kusports.com%2Fusers%2Fjosephinecsanford%2F&vis=1&scr_x=0&scr_y=0&psz=728x0&msz=728x0&ga_vid=615099382.1629529796&ga_sid=1629529797&ga_hid=885956563&ga_fc=false&fws=0&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

11881936e5ca1aefbc53a62c35677bb5126d10ed69b15ec00f0904aa05e49e45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:09:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7778
x-xss-protection: 0
google-lineitem-id: 811848131
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 126893572571
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www2.kusports.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
4b06f1ec4271cca4fc333408d857ee6a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CA7A 6 KB
3 KB 58ms
14ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4b06f1ec4271cca4fc333408d857ee6a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 4b06f1ec4271cca4fc333408d857ee6a.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www2.kusports.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www2.kusports.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sat, 21 Aug 2021 07:09:56 GMT
expires: Sun, 21 Aug 2022 07:09:56 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 16 KB
8 KB 412ms
345ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=278827156630595&correlator=1082697137052304&output=ldjh&impl=fif&eid=31062031%2C31062340%2C31062153%2C20211866%2C31062297&vrg=2021081701&ptt=17&sc=0&sfv=1-0-38&ecs=20210821&iu_parts=1024221%2CKUS_halfPage&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&cust_params=url%3D%252Fusers%252Fjosephinecsanford%252F&cookie_enabled=1&bc=23&abxe=1&lmt=1629529754&dt=1629529796732&dlt=1629529793978&idt=2682&frm=20&biw=1600&bih=1200&oid=3&adxs=310&adys=421&adks=1013277315&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=http%3A%2F%2Fwww2.kusports.com%2Fusers%2Fjosephinecsanford%2F&vis=1&scr_x=0&scr_y=0&psz=310x25&msz=300x0&ga_vid=615099382.1629529796&ga_sid=1629529797&ga_hid=885956563&ga_fc=false&fws=0&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

f6ad42df1345f0e703f461d349913a3cef7e7cbfc51b463224265c09f25b129e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:09:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7839
x-xss-protection: 0
google-lineitem-id: 811848011
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 126877122251
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www2.kusports.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 16 KB
8 KB 1678ms
1612ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=278827156630595&correlator=1082697137052304&output=ldjh&impl=fif&eid=31062031%2C31062340%2C31062153%2C20211866%2C31062297&vrg=2021081701&ptt=17&sc=0&sfv=1-0-38&ecs=20210821&iu_parts=1024221%2CKU_mr&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=Pos%3D1&cust_params=url%3D%252Fusers%252Fjosephinecsanford%252F&cookie_enabled=1&bc=23&abxe=1&lmt=1629529754&dt=1629529796736&dlt=1629529793978&idt=2682&frm=20&biw=1600&bih=1200&oid=3&adxs=310&adys=461&adks=1786472045&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=http%3A%2F%2Fwww2.kusports.com%2Fusers%2Fjosephinecsanford%2F&vis=1&scr_x=0&scr_y=0&psz=310x260&msz=300x-1&ga_vid=615099382.1629529796&ga_sid=1629529797&ga_hid=885956563&ga_fc=false&fws=0&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

f5e803421e3dba7fbd3768d344caefd4cdcdb08e1d2e3ef3830d7ef879345e79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:09:58 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7843
x-xss-protection: 0
google-lineitem-id: 811847531
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 126877120571
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www2.kusports.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 16 KB
8 KB 913ms
847ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=278827156630595&correlator=1082697137052304&output=ldjh&impl=fif&eid=31062031%2C31062340%2C31062153%2C20211866%2C31062297&vrg=2021081701&ptt=17&sc=0&sfv=1-0-38&ecs=20210821&iu_parts=1024221%2CKU_mr&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=Pos%3D2&cust_params=url%3D%252Fusers%252Fjosephinecsanford%252F&cookie_enabled=1&bc=23&abxe=1&lmt=1629529754&dt=1629529796739&dlt=1629529793978&idt=2682&frm=20&biw=1600&bih=1200&oid=3&adxs=310&adys=736&adks=746829023&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=http%3A%2F%2Fwww2.kusports.com%2Fusers%2Fjosephinecsanford%2F&vis=1&scr_x=0&scr_y=0&psz=310x260&msz=300x-1&ga_vid=615099382.1629529796&ga_sid=1629529797&ga_hid=885956563&ga_fc=false&fws=0&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

d304d3893c1e5d376a2fea38d0e86d5c7edac3ef85135d3f1e699c474a910b0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:09:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7809
x-xss-protection: 0
google-lineitem-id: 811847651
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 126893572811
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www2.kusports.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
8 KB 1276ms
1211ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=278827156630595&correlator=1082697137052304&output=ldjh&impl=fif&eid=31062031%2C31062340%2C31062153%2C20211866%2C31062297&vrg=2021081701&ptt=17&sc=0&sfv=1-0-38&ecs=20210821&iu_parts=1024221%2CKU_mr&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=Pos%3D4&cust_params=url%3D%252Fusers%252Fjosephinecsanford%252F&cookie_enabled=1&bc=23&abxe=1&lmt=1629529754&dt=1629529796742&dlt=1629529793978&idt=2682&frm=20&biw=1600&bih=1200&oid=3&adxs=310&adys=1011&adks=3491072089&ucis=5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=http%3A%2F%2Fwww2.kusports.com%2Fusers%2Fjosephinecsanford%2F&vis=1&scr_x=0&scr_y=0&psz=310x10&msz=300x0&ga_vid=615099382.1629529796&ga_sid=1629529797&ga_hid=885956563&ga_fc=false&fws=0&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

088af930b2f10323f6fd31263e5977e50e82c36e704e1138ad26966e14ab2416

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:09:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8078
x-xss-protection: 0
google-lineitem-id: 800070611
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138242546191
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www2.kusports.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 16 KB
8 KB 1496ms
1431ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=278827156630595&correlator=1082697137052304&output=ldjh&impl=fif&eid=31062031%2C31062340%2C31062153%2C20211866%2C31062297&vrg=2021081701&ptt=17&sc=0&sfv=1-0-38&ecs=20210821&iu_parts=1024221%2CKU_mr&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=Pos%3D3&cust_params=url%3D%252Fusers%252Fjosephinecsanford%252F&cookie_enabled=1&bc=23&abxe=1&lmt=1629529754&dt=1629529796745&dlt=1629529793978&idt=2682&frm=20&biw=1600&bih=1200&oid=3&adxs=310&adys=1639&adks=312619285&ucis=6&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=http%3A%2F%2Fwww2.kusports.com%2Fusers%2Fjosephinecsanford%2F&vis=1&scr_x=0&scr_y=0&psz=310x260&msz=300x-1&ga_vid=615099382.1629529796&ga_sid=1629529797&ga_hid=885956563&ga_fc=false&fws=0&ohw=0&btvi=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

6e9edb0ccb86b24c0915460e40c5c45c651139cc323cf68b60b5ae3227e4baf0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:09:58 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7803
x-xss-protection: 0
google-lineitem-id: 811847771
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 126877121771
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www2.kusports.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 443 B
258 B 910ms
844ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=278827156630595&correlator=1082697137052304&output=ldjh&impl=fif&eid=31062031%2C31062340%2C31062153%2C20211866%2C31062297&vrg=2021081701&ptt=17&sc=0&sfv=1-0-38&ecs=20210821&iu_parts=1024221%2CKUS_richmedia&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&cust_params=url%3D%252Fusers%252Fjosephinecsanford%252F&cookie_enabled=1&bc=23&abxe=1&lmt=1629529754&dt=1629529796748&dlt=1629529793978&idt=2682&frm=20&biw=1600&bih=1200&oid=3&adxs=305&adys=1909&adks=836851435&ucis=7&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=http%3A%2F%2Fwww2.kusports.com%2Fusers%2Fjosephinecsanford%2F&vis=1&scr_x=0&scr_y=0&psz=310x1493&msz=310x0&ga_vid=615099382.1629529796&ga_sid=1629529797&ga_hid=885956563&ga_fc=false&fws=0&ohw=0&btvi=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

1e4fc0e49ca2874111d918ccc54573eccd37e2e64ef60f2eed8b5ed71746590e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:09:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 228
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www2.kusports.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 437 B
258 B 1252ms
1187ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=278827156630595&correlator=1082697137052304&output=ldjh&impl=fif&eid=31062031%2C31062340%2C31062153%2C20211866%2C31062297&vrg=2021081701&ptt=17&sc=0&sfv=1-0-38&ecs=20210821&iu_parts=1024221%2CKUS_OOP&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ists=1&cust_params=url%3D%252Fusers%252Fjosephinecsanford%252F&cookie_enabled=1&bc=23&abxe=1&lmt=1629529754&dt=1629529796751&dlt=1629529793978&idt=2682&frm=20&biw=1600&bih=1200&oid=3&adxs=305&adys=1909&adks=3995700363&ucis=8&ifi=8&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=http%3A%2F%2Fwww2.kusports.com%2Fusers%2Fjosephinecsanford%2F&vis=1&scr_x=0&scr_y=0&psz=310x1493&msz=310x0&ga_vid=615099382.1629529796&ga_sid=1629529797&ga_hid=885956563&ga_fc=false&fws=0&ohw=0&btvi=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

99abd515a086017d67c94e254d41bf752ec718d90c4dad424cdf6db19aadfac4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:09:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 228
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www2.kusports.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 16 KB
8 KB 730ms
666ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=278827156630595&correlator=1082697137052304&output=ldjh&impl=fif&eid=31062031%2C31062340%2C31062153%2C20211866%2C31062297&vrg=2021081701&ptt=17&sc=0&sfv=1-0-38&ecs=20210821&iu_parts=1024221%2CKU_lb&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=Pos%3D2&cust_params=url%3D%252Fusers%252Fjosephinecsanford%252F&cookie_enabled=1&bc=23&abxe=1&lmt=1629529754&dt=1629529796755&dlt=1629529793978&idt=2682&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=2279&adks=2346170318&ucis=9&ifi=9&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=http%3A%2F%2Fwww2.kusports.com%2Fusers%2Fjosephinecsanford%2F&vis=1&scr_x=0&scr_y=0&psz=990x520&msz=728x-1&ga_vid=615099382.1629529796&ga_sid=1629529797&ga_hid=885956563&ga_fc=false&fws=0&ohw=0&btvi=4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

0fb1fbfbe9d4bc18c5d70a4118433d8c9eb035d292c21b4237d605e12a6216e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:09:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7801
x-xss-protection: 0
google-lineitem-id: 811848251
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 126877122731
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www2.kusports.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pw.js Show response
includemodal.global.ssl.fastly.net/ Frame 88D1 43 KB
13 KB 53ms
31ms Script
application/javascript 151.101.13.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://includemodal.global.ssl.fastly.net/pw.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js
Protocol: HTTP/1.1
Server: 151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 012f33ee906d36ea8570c8116543eacf5392819bbb5ef4eb881cff6283636307

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: cUsGPtve91o3mzOra3qLNSe5z6A8rBsV
Content-Encoding: gzip
ETag: "29bc47cfe8d018de54f7905ca1f4c91a"
Age: 2775
X-Cache: HIT
Connection: keep-alive
Content-Length: 12462
x-amz-id-2: B67G39YgFKpvrC645pihVBl1AX1vlPVja2qFeeZXt48vLCujgmSdkCASnIvaosuuxwBOy2HTI2k=
X-Served-By: cache-fra19127-FRA
Last-Modified: Tue, 17 Aug 2021 22:48:38 GMT
Server: AmazonS3
X-Timer: S1629529797.272204,VS0,VE0
Date: Sat, 21 Aug 2021 07:09:57 GMT
Vary: Accept-Encoding
x-amz-request-id: RAATTQM46D98JATP
Via: 1.1 varnish
Accept-Ranges: bytes
Content-Type: application/javascript
X-Cache-Hits: 4

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 88D1 0
0 155ms
154ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvKsiUQhfDP5jhHzm-jNxRrTSxt8PK9myYszaNGCVhga24YWzQR1ImUVrqbsQ1PwVjOJjl3hQue1SDlAb1r4MOFX3cSc2WYEkffQXLo08qB22lbSQtd_WVerKnHp8bn-y8ZS6X559m_c70Iwl-E7Ort4rZdbF3K4J4UY5FUDetXlGOICf0GKeBo7AKmgUkXRHJgluR4lpuosDvRjjwis2iq3JpbYpn7-FuUehF7CRxiweQcsAiCxXIOjBd7fz9q7XsnAGo85g-KEnyNLyq-ZEdQaaLr-3_NUSdzhcMryIRL4lERAu1CAEIVcreGJbE8&sai=AMfl-YTKT2daRQbFdMLxtIp1r2p1xZYIl7y7AxJk04RlOBnSnpVGkKWkhtGdnIXah-lYohJ7WX1sPhpmW2g8iOTKw6wytMZn4skWEgx0ZBNxY9U8hBDUuc7nXP6Ur0AmzEc&sig=Cg0ArKJSzCpoRHGaafd5EAE&urlfix=1&adurl=

Requested by

Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 21 Aug 2021 07:09:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 21 Aug 2021 07:09:57 GMT

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ Frame 88D1 72 KB
25 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

940d55f419c328ba45d8a3a4a669eddf2cf116e87c712e3d06d5fd467304dc0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:09:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "965 / 991 of 1000 / last-modified: 1629497315"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin: *
Content-Length: 25320
X-XSS-Protection: 0
Expires: Sat, 21 Aug 2021 07:09:57 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 88D1 124 KB
37 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be8e3fb00d98e93afe954eb362d24a5d80537eb55c896bba9734e5771b6b34b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:09:57 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629458990649126"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38246
x-xss-protection: 0
expires: Sat, 21 Aug 2021 07:09:57 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a2478978968eefdc87127bfe6619a9de514b2ccb89b2a95824a53e6bea1f9cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:09:57 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629458978809797"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27677
x-xss-protection: 0
expires: Sat, 21 Aug 2021 07:09:57 GMT

GET
H3-29 200 pubads_impl_2021081701.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 88D1 328 KB
114 KB 74ms
73ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

416c66b64adf83bfdfcdd37b98c3d88ae15cc77370bd0f7b5edcc3e5b480e641

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:09:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 17 Aug 2021 08:38:29 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117161
x-xss-protection: 0
expires: Sat, 21 Aug 2021 07:09:57 GMT

GET
H/1.1 200
OK pw.js Show response
includemodal.global.ssl.fastly.net/ Frame C685 43 KB
13 KB 23ms
22ms Script
application/javascript 151.101.13.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://includemodal.global.ssl.fastly.net/pw.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js
Protocol: HTTP/1.1
Server: 151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 012f33ee906d36ea8570c8116543eacf5392819bbb5ef4eb881cff6283636307

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: cUsGPtve91o3mzOra3qLNSe5z6A8rBsV
Content-Encoding: gzip
ETag: "29bc47cfe8d018de54f7905ca1f4c91a"
Age: 2775
X-Cache: HIT
Connection: keep-alive
Content-Length: 12462
x-amz-id-2: B67G39YgFKpvrC645pihVBl1AX1vlPVja2qFeeZXt48vLCujgmSdkCASnIvaosuuxwBOy2HTI2k=
X-Served-By: cache-fra19127-FRA
Last-Modified: Tue, 17 Aug 2021 22:48:38 GMT
Server: AmazonS3
X-Timer: S1629529797.372235,VS0,VE0
Date: Sat, 21 Aug 2021 07:09:57 GMT
Vary: Accept-Encoding
x-amz-request-id: RAATTQM46D98JATP
Via: 1.1 varnish
Accept-Ranges: bytes
Content-Type: application/javascript
X-Cache-Hits: 5

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame C685 0
0 123ms
122ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu7g72tOiuns1lrTw0Y2FBHk276y-C4wyN3-lnFbLNqT27eJoa8dkzLybNArMmM5DlB9zWdUNQnmgiFGnFw_egV5BKCB4vBBGc582Mxu_eJDmWMMFdReAhMcWwVOTfDUlyrIL_vTGAngiVgkL7jr1JMvRHVxfrCMGer9ivfg34kRKs3XqvqJwHDedH0RnjkYQt4SnU3tW0KeZzaAjIcrKSbQhq_aMKlOq57C2wm73OU05Dwzt4m0LOOy2zJ4Jp6qIJgJHlTK0hNFRZubIssEHnu7lOfcNrJWqYHYzCX-pPKkCfWjKq8_A&sai=AMfl-YSNYVm4dY23_PLT5LQMMq6S4m3wwq0A7V25bUwtAHu6UUwoX2kzHRpbcwZjbhi8rXZp3iw-P8YmK67jZlTr8yaD_1BRnntD9ORaPvnotcvN-p8YKC326IqfLGe_EpY&sig=Cg0ArKJSzOg1h2Hv0cLQEAE&urlfix=1&adurl=

Requested by

Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 21 Aug 2021 07:09:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 21 Aug 2021 07:09:57 GMT

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ Frame C685 72 KB
25 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e443204f38067f93ad9709e6b1296e339de8f5af752ea34a839fadf93791cce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:09:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "965 / 626 of 1000 / last-modified: 1629497398"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin: *
Content-Length: 25321
X-XSS-Protection: 0
Expires: Sat, 21 Aug 2021 07:09:57 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C685 124 KB
37 KB 31ms
17ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be8e3fb00d98e93afe954eb362d24a5d80537eb55c896bba9734e5771b6b34b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:09:57 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629458990649126"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38246
x-xss-protection: 0
expires: Sat, 21 Aug 2021 07:09:57 GMT

GET
H3-29 200 pubads_impl_2021081701.js Show response
securepubads.g.doubleclick.net/gpt/ Frame C685 328 KB
114 KB 409ms
408ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js?31062328

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

416c66b64adf83bfdfcdd37b98c3d88ae15cc77370bd0f7b5edcc3e5b480e641

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:09:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 17 Aug 2021 08:38:29 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117161
x-xss-protection: 0
expires: Sat, 21 Aug 2021 07:09:57 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 88D1 107 B
165 B 16ms
16ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www2.kusports.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 21 Aug 2021 07:09:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 88D1 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www2.kusports.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 21 Aug 2021 07:09:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 88D1 17 KB
10 KB 366ms
365ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2468963693209794&correlator=2417207538355038&output=ldjh&impl=fif&eid=31062338%2C20211866%2C31062297%2C31062093&vrg=2021081701&ptt=17&sc=0&sfv=1-0-38&ecs=20210821&iu_parts=8095840%2C.2_7334.7_kusports.com_tier1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&eri=2&cookie=ID%3D62fc6bf2aed71e10-2253b1f9abc80046%3AT%3D1629529796%3AS%3DALNI_MZkPsAWufICH85oAHd7U03ffTTuaA&cdm=www2.kusports.com&bc=23&abxe=1&lmt=1629529797&dt=1629529797514&dlt=1629529797234&idt=264&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=600&oid=3&adxs=310&adys=421&adks=371969004&ucis=7tmgraai39ka&ifi=1&ifk=3289885284&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&nhd=1&url=http%3A%2F%2Fwww2.kusports.com%2Fusers%2Fjosephinecsanford%2F&top=http%3A%2F%2Fwww2.kusports.com%2Fusers%2Fjosephinecsanford%2F&vis=1&scr_x=0&scr_y=0&psz=300x0&msz=300x0&ga_vid=274658464.1629529798&ga_sid=1629529798&ga_hid=1723602290&ga_fc=false&fws=256&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

7e520ff58e2e4280a1adac4f10358f2a28803df7fb7714df1ae1396dd9253048

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:09:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9758
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www2.kusports.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FF3E 6 KB
3 KB 46ms
13ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www2.kusports.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www2.kusports.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sat, 21 Aug 2021 07:09:57 GMT
expires: Sun, 21 Aug 2022 07:09:57 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 88D1 0
0 105ms
74ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsstFITO8J3UUd6XlL2gKIU9KyID8whXmhsmG0ZtTp8bikUD0NU62sWtk9KFPu1MDB87agjUtx-1f9rHrqdK0QWYxBF4T509JcQrKfCDyewyRtf_hbScuhfPEnC8hL4MfCDCO7fH7B_kioSKz0IO_BLSlfXEMOAVL6K-kPvOdq8-H6wJo0z9j_t1LCxjwbVq_XlpiKatLJbTKSMwqIT2PYHegsjn12ohKhyj6PzI-BNsaiednqcmVvF_3GZt1nTMFUgMJ8Fn4F_FiSD0k_tJ4MyB_ApygAFUxFdzxaTgHc7N_oizeUr43rQTw67hGymzBjE&sai=AMfl-YTuL7YvU22lU4LyOpNgLJzZiIRkdAgLvfG-M-iIUI8pMFWqbI8tew-YVe_Kw8ERpXlzECsaZ_QxzkPzjhNSkpBE8fa4RuMKU2n3vR7LbcS0Lav5UvoHm-XUOyye-TI&sig=Cg0ArKJSzBMnWkZ1f8zXEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 21 Aug 2021 07:09:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 21 Aug 2021 07:09:57 GMT

GET
H2 200 /
includemodal.com/service/imp/88b48cd9-e40a-4c18-8297-ecf618708ada/ Frame 88D1 42 B
133 B 429ms
175ms Image
image/gif 3.20.200.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://includemodal.com/service/imp/88b48cd9-e40a-4c18-8297-ecf618708ada/?rand=412385&referer=http://www2.kusports.com/users/josephinecsanford/
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.20.200.22 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-20-200-22.us-east-2.compute.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:09:57 GMT
server: nginx/1.10.3 (Ubuntu)
content-length: 42
content-type: image/gif

GET
DATA 200
OK truncated
/ Frame 88D1 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dca7bbc648cf414d7f0c1df977fe368d55dbd83c904cf665d03014a131b2b7e8

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK pw.js Show response
includemodal.global.ssl.fastly.net/ Frame 23FA 43 KB
13 KB 38ms
37ms Script
application/javascript 151.101.13.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://includemodal.global.ssl.fastly.net/pw.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js
Protocol: HTTP/1.1
Server: 151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 012f33ee906d36ea8570c8116543eacf5392819bbb5ef4eb881cff6283636307

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: cUsGPtve91o3mzOra3qLNSe5z6A8rBsV
Content-Encoding: gzip
ETag: "29bc47cfe8d018de54f7905ca1f4c91a"
Age: 2775
X-Cache: HIT
Connection: keep-alive
Content-Length: 12462
x-amz-id-2: B67G39YgFKpvrC645pihVBl1AX1vlPVja2qFeeZXt48vLCujgmSdkCASnIvaosuuxwBOy2HTI2k=
X-Served-By: cache-fra19127-FRA
Last-Modified: Tue, 17 Aug 2021 22:48:38 GMT
Server: AmazonS3
X-Timer: S1629529798.628247,VS0,VE0
Date: Sat, 21 Aug 2021 07:09:57 GMT
Vary: Accept-Encoding
x-amz-request-id: RAATTQM46D98JATP
Via: 1.1 varnish
Accept-Ranges: bytes
Content-Type: application/javascript
X-Cache-Hits: 6

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 23FA 0
0 129ms
129ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss-GvDRnIwa-aanvQlMhyNGJwhWk0SYbJX616xKB5R6R59oVOpSKfwEL2kuwrbSrTPPUD6Y1ASXo58591gLq8kjpAc9TJvqFZhIK5NjaQxnW5P_0Xj2TZ-ucMWCXWoMnftZriKSlrw8pkBvM6Bgt-O7C-elJVdr3LM_LphtVKWFcKzu60WvK_2IlutDKHV6wIJLMlWXadLc9_UbmABLXloSusEDEt0r3pRP71Al8WOOxDQs04B21qoZj0vUz8GMz0RZDSE-TNA0hC6niO_a7dY-ao_P4hBZxdVibMgEIZh-SJTlOjY1HQ&sai=AMfl-YT0MDLjau3lx3jZtdUXQu_gvLbJxzT9K7VSUon5wuGstCBPhRaTatVOaMgBfyU3Vk0jxGlmVJkls-kZFSzy9Yqd50GQ6Wpmxsgb8dzODcDz2WpEMZJh49iyHF6xxHY&sig=Cg0ArKJSzCiXmKCfb3uoEAE&urlfix=1&adurl=

Requested by

Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 21 Aug 2021 07:09:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ Frame 23FA 72 KB
25 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e443204f38067f93ad9709e6b1296e339de8f5af752ea34a839fadf93791cce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:09:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "965 / 564 of 1000 / last-modified: 1629497398"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin: *
Content-Length: 25321
X-XSS-Protection: 0
Expires: Sat, 21 Aug 2021 07:09:57 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 23FA 124 KB
37 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be8e3fb00d98e93afe954eb362d24a5d80537eb55c896bba9734e5771b6b34b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:09:57 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629458990649126"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38246
x-xss-protection: 0
expires: Sat, 21 Aug 2021 07:09:57 GMT

GET
BLOB 200
OK 8fbdc36f-f024-476c-8e9d-717d58dd1da9
http://www2.kusports.com/ Frame 88D1 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://www2.kusports.com/8fbdc36f-f024-476c-8e9d-717d58dd1da9
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b985b833fe5443b89d4f969d7c3ce1111521d270a4776019c4098b9a3b6d516

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 1576
Content-Type: application/javascript

GET
H3-29 200 pubads_impl_2021081701.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 23FA 328 KB
114 KB 153ms
153ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js?31062328

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

416c66b64adf83bfdfcdd37b98c3d88ae15cc77370bd0f7b5edcc3e5b480e641

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:09:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 17 Aug 2021 08:38:29 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117161
x-xss-protection: 0
expires: Sat, 21 Aug 2021 07:09:57 GMT

GET
H/1.1 200
OK pw.js Show response
includemodal.global.ssl.fastly.net/ Frame B41B 43 KB
13 KB 59ms
45ms Script
application/javascript 151.101.13.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://includemodal.global.ssl.fastly.net/pw.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js
Protocol: HTTP/1.1
Server: 151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 012f33ee906d36ea8570c8116543eacf5392819bbb5ef4eb881cff6283636307

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: cUsGPtve91o3mzOra3qLNSe5z6A8rBsV
Content-Encoding: gzip
ETag: "29bc47cfe8d018de54f7905ca1f4c91a"
Age: 2776
X-Cache: HIT
Connection: keep-alive
Content-Length: 12462
x-amz-id-2: B67G39YgFKpvrC645pihVBl1AX1vlPVja2qFeeZXt48vLCujgmSdkCASnIvaosuuxwBOy2HTI2k=
X-Served-By: cache-fra19145-FRA
Last-Modified: Tue, 17 Aug 2021 22:48:38 GMT
Server: AmazonS3
X-Timer: S1629529798.734154,VS0,VE0
Date: Sat, 21 Aug 2021 07:09:57 GMT
Vary: Accept-Encoding
x-amz-request-id: RAATTQM46D98JATP
Via: 1.1 varnish
Accept-Ranges: bytes
Content-Type: application/javascript
X-Cache-Hits: 4

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame B41B 0
0 59ms
58ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsut4rKR4lqc1JVjbCx6hIyLDilMlLrGuvkmk8qXGtP1HyY4hwzIL88LV2bUgkvsc0Ecxkhs1_1Qy4W3KWACugQdQaH-71jf4FgqrhkOFZ_JRVT-1dpaiCxETCxYkNNRdgx1_d8QKk3eJPw1qwVnU6DnK8waFkSDjFCSkuCmzHwkituiORuX_5s4x99-L_iHelXg4nGOjHhtQAjarAwPOrXpiOa0mXYCwXj9OVrtorUKXwCaHmMVZV-iW0CqgI33d-Q16-EeRV9lo0tQU4PutBT89XKUkBRkKnRIlSZM-25-V__31yxr9sdWFRk&sai=AMfl-YRrdTse1eA8oisyQLxEXgJrrw4dhjPT5bH3I2GrOc45u6QheKJKnpyVi8vG2MiEfGG3C-TZqSKwW5Uw9fVkxSv3FnXjR3TzhYtOcX3sHPJS9CVhsetjdGSYZlnEuNfo&sig=Cg0ArKJSzDpZU4pKzMlrEAE&urlfix=1&adurl=

Requested by

Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 21 Aug 2021 07:09:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ Frame B41B 72 KB
25 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6cebb9926e8b8717f5439f886d97b0a330be21fc19efc63c4858146d6bacabc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:09:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "965 / 799 of 1000 / last-modified: 1629497398"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin: *
Content-Length: 25469
X-XSS-Protection: 0
Expires: Sat, 21 Aug 2021 07:09:57 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B41B 124 KB
37 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be8e3fb00d98e93afe954eb362d24a5d80537eb55c896bba9734e5771b6b34b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:09:57 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629458990649126"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38246
x-xss-protection: 0
expires: Sat, 21 Aug 2021 07:09:57 GMT

GET
H3-29 200 pubads_impl_2021081901.js Show response
securepubads.g.doubleclick.net/gpt/ Frame B41B 331 KB
116 KB 32ms
31ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js?31062334

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

50235ec9793a0ef9fa1e16fc5d47fdfd56f199b343586308c7cbec1e9937435a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:09:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 19 Aug 2021 08:39:07 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118670
x-xss-protection: 0
expires: Sat, 21 Aug 2021 07:09:57 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame B41B 107 B
122 B 30ms
16ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www2.kusports.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js?31062334

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 21 Aug 2021 07:09:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame B41B 107 B
122 B 29ms
15ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www2.kusports.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js?31062334

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 21 Aug 2021 07:09:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame B41B 16 KB
8 KB 225ms
225ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3759722845301095&correlator=2272666624177581&output=ldjh&impl=fif&eid=31062334%2C31062154%2C20211866%2C31062297&vrg=2021081901&ptt=17&sc=0&sfv=1-0-38&ecs=20210821&iu_parts=8095840%2C.2_7336.4_kusports.com_tier1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&eri=2&cookie=ID%3Dd1ed9347dcc0a3b2-2285cdeaabc800f1%3AT%3D1629529796%3AS%3DALNI_MboXtTPnsJnIoUfGHn4eSb9Yq4leQ&cdm=www2.kusports.com&bc=23&abxe=1&lmt=1629529797&dt=1629529797932&dlt=1629529797703&idt=208&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=3&adxs=310&adys=1336&adks=2891215044&ucis=r3kpzl86uzxo&ifi=1&ifk=2044691106&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&nhd=1&url=http%3A%2F%2Fwww2.kusports.com%2Fusers%2Fjosephinecsanford%2F&top=http%3A%2F%2Fwww2.kusports.com%2Fusers%2Fjosephinecsanford%2F&vis=1&scr_x=0&scr_y=0&psz=300x0&msz=300x0&ga_vid=670192870.1629529798&ga_sid=1629529798&ga_hid=1616711037&ga_fc=false&fws=256&ohw=0&btvi=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js?31062334

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

1dc57ccb0185b12c29636693a4f836ef153ce4091e9940f405f12d2f5dfdfb8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:09:58 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7804
x-xss-protection: 0
google-lineitem-id: 4481581642
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138216220617
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www2.kusports.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
eed9815900d665eda5c086a66887158a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame AE6A 6 KB
3 KB 59ms
14ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://eed9815900d665eda5c086a66887158a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js?31062334

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: eed9815900d665eda5c086a66887158a.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www2.kusports.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www2.kusports.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sat, 21 Aug 2021 07:09:57 GMT
expires: Sun, 21 Aug 2022 07:09:57 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame B41B 0
0 58ms
58ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvLdG_7ClRMVwcxCHVoTPuBoDzExHkHcpBT5-DqEAS89mrBfzr9cTj0WbMb-dUYR_OYXcDU038MPg7_yN-a9d4gCQa-41E-mQJswkEdpt4BxN6fE3sQpKo5vSMyLvYDv9l6t4vcIDCNG1A59DakO-888whGTAySJukLMC8ONDwCLL3bexH93lrcPtQhIRVkbPPvU_vo2VUMai1vxDhDRZ43Oo5xM6y3JhY5D3JnIlG7C7Zy55wICtW2DsoQ66VwUzOg-2kki07LlPRo-CSaf4ALrY_94oWHcdyN0KRM5UH8JOXa_Zgu9loWiCNXzQ&sai=AMfl-YRHDshZIp5f4RiV_oP0Gtq7JJJwuKcudcztYCPsPdAKvuYINBWz-GjMUo9sfWZZwxvQUKo8L0YE0G_eA1mYPoACoUfzOplSo2z5KSbtrv2svY0Zoxep27Znj0R6oOyJ&sig=Cg0ArKJSzPtkXxxENXtWEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 21 Aug 2021 07:09:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 21 Aug 2021 07:09:57 GMT

GET
DATA 200
OK truncated
/ Frame B41B 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4d78cb3179e31e023c31a61852067f835d4572a361d942db93cc44e9f77d8fe

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 container.html Show response
466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B5D6 6 KB
3 KB 20ms
7ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www2.kusports.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www2.kusports.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sat, 21 Aug 2021 07:09:57 GMT
expires: Sun, 21 Aug 2022 07:09:57 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 88D1 72 KB
27 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a2478978968eefdc87127bfe6619a9de514b2ccb89b2a95824a53e6bea1f9cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:09:57 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629458978809797"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27677
x-xss-protection: 0
expires: Sat, 21 Aug 2021 07:09:57 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame C685 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www2.kusports.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js?31062328

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 21 Aug 2021 07:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame C685 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www2.kusports.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js?31062328

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 21 Aug 2021 07:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame C685 17 KB
10 KB 427ms
426ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3672889341428330&correlator=1431254120479090&output=ldjh&impl=fif&eid=31061422%2C31062328%2C31062336%2C20211866%2C31062297&vrg=2021081701&ptt=17&sc=0&sfv=1-0-38&ecs=20210821&iu_parts=8095840%2C.2_7332.3_kusports.com_tier1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&eri=2&cookie=ID%3D62fc6bf2aed71e10%3AT%3D1629529796%3AS%3DALNI_MaUmXJHEBij1s95DI5llJnA4UJYKQ&cdm=www2.kusports.com&bc=23&abxe=1&lmt=1629529798&dt=1629529798019&dlt=1629529797364&idt=622&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=90&oid=3&adxs=436&adys=90&adks=933181869&ucis=t5vrutrg3m6t&ifi=1&ifk=40207593&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&nhd=1&url=http%3A%2F%2Fwww2.kusports.com%2Fusers%2Fjosephinecsanford%2F&top=http%3A%2F%2Fwww2.kusports.com%2Fusers%2Fjosephinecsanford%2F&vis=1&scr_x=0&scr_y=0&psz=728x0&msz=728x0&ga_vid=1307187650.1629529798&ga_sid=1629529798&ga_hid=947817719&ga_fc=false&fws=256&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js?31062328

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e2620ec1450df117f489787115b7bb59f776aef606e7c745b463f2cfa457d278

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:09:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9941
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www2.kusports.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
24bac2d42da8d01b8705ae2442e3d932.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E797 6 KB
3 KB 28ms
14ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://24bac2d42da8d01b8705ae2442e3d932.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js?31062328

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 24bac2d42da8d01b8705ae2442e3d932.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www2.kusports.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www2.kusports.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sat, 21 Aug 2021 07:09:58 GMT
expires: Sun, 21 Aug 2022 07:09:58 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame C685 0
0 111ms
111ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstBRxbVXRn1T2_m76uhTU1_KvEZ9M9xo2H4ZcTa00m5CKBPMCaBka2Js72VdBxPUdF4ydUuLQs1yNLjDwsILPSM1n0OUh63d0JjI0r7Zr_RULpK6WaAYPOI9Au3chsELIbS3sYBfVRFoUSLLBEHr_kWhYd34MCw2J8upL47pzZD0lpa3kvjU2TU1Ke18fYke2Qck2FMc8sp5MKh9we_KSmxDh6cUcRh9mM1shIb7kOpS53TbxYR-lkjcDIEBFatkWjQzbT36DIKGRUk6YImEH0XKNtm3lj40yPifybQWESAhC4EaLSG_z4d&sai=AMfl-YRHwmO6UIFkKAxL0hi5ycUSIWpR3_Igp-wFEoW0AY4L9jpMKI5a9licNp7mjmpwygS98H_vlg338UkRNLnNwoMGuvG9UDheGkZ_-ROMNiHvcWch6fdRdJIi3w2-Iq4&sig=Cg0ArKJSzHyNRox5lFjiEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 21 Aug 2021 07:09:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 21 Aug 2021 07:09:58 GMT

GET
H2 200 /
includemodal.com/service/imp/88b48cd9-e40a-4c18-8297-ecf618708ada/ Frame C685 42 B
132 B 116ms
115ms Image
image/gif 3.20.200.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://includemodal.com/service/imp/88b48cd9-e40a-4c18-8297-ecf618708ada/?rand=821471&referer=http://www2.kusports.com/users/josephinecsanford/
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.20.200.22 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-20-200-22.us-east-2.compute.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:09:58 GMT
server: nginx/1.10.3 (Ubuntu)
content-length: 42
content-type: image/gif

GET
DATA 200
OK truncated
/ Frame C685 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25448d726b855b27800bb52df8df45a1683ca45cee9b667379dbc08270bc9846

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame 23FA 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www2.kusports.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js?31062328

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 21 Aug 2021 07:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 23FA 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www2.kusports.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js?31062328

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 21 Aug 2021 07:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 23FA 17 KB
10 KB 211ms
211ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4163108954001560&correlator=959911998102922&output=ldjh&impl=fif&eid=31062142%2C31062328%2C31062336%2C21068030%2C20211866%2C21065724%2C31062297&vrg=2021081701&ptt=17&sc=0&sfv=1-0-38&ecs=20210821&iu_parts=8095840%2C.2_7333.3_kusports.com_tier1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&eri=2&cookie=ID%3D62fc6bf2aed71e10%3AT%3D1629529796%3AS%3DALNI_MaUmXJHEBij1s95DI5llJnA4UJYKQ&cdm=www2.kusports.com&bc=23&abxe=1&lmt=1629529798&dt=1629529798086&dlt=1629529797620&idt=446&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=90&oid=3&adxs=436&adys=2879&adks=2646578440&ucis=civooal0bwv&ifi=1&ifk=334647636&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&nhd=1&url=http%3A%2F%2Fwww2.kusports.com%2Fusers%2Fjosephinecsanford%2F&top=http%3A%2F%2Fwww2.kusports.com%2Fusers%2Fjosephinecsanford%2F&vis=1&scr_x=0&scr_y=0&psz=728x0&msz=728x0&ga_vid=1533093542.1629529798&ga_sid=1629529798&ga_hid=551814442&ga_fc=false&fws=256&ohw=0&btvi=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js?31062328

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

5d8fd3f14efb8161ba371fca5e1c668a2f73a94fa589a775568a5c7f373411d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:09:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9865
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www2.kusports.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9641 6 KB
3 KB 40ms
14ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js?31062328

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www2.kusports.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www2.kusports.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sat, 21 Aug 2021 07:09:58 GMT
expires: Sun, 21 Aug 2022 07:09:58 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 23FA 0
0 59ms
59ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstZWmPrXgvLAPpYmQJzoWIm8OHFUykkjGF_xn7CHePBh03ppjjx3z_4gdEF6cDwkIyN7AjZEp8LQvF40evRo8OK1r7YGs2BeLNgtMdV8NTLrvmNwOOgTDv6Ol7gx_FPhk-_Kg7uNwFAR4xAvXuMW3Zf4IskUz8y6aeJBd7PreN1psEHnzJQNJhqidnGycXMX9tYWyuG11Ip9lwYT--VFiGOCSytMbhJTUV49ZmITqm7tN01761VRZQxcmMWaDORC7EeyiB4d-hRA8uXC3gD3XW4MSPqatEfTYy8VuvqGNGjS21oqnq_ayo_&sai=AMfl-YQKUJ5fCEfkCATL-v6kQs4wh-LS6QhC43s4KrNHKCtvgns8iQPN-l_VBwgu-vfS4pcvwMSzSsqHg-FdAqCjOxL03aXRFhrFo7z0Lf-GFapeAnd0RLoJ8AUdXsaTVqs&sig=Cg0ArKJSzF-73xs1bmxEEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 21 Aug 2021 07:09:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 21 Aug 2021 07:09:58 GMT

GET
DATA 200
OK truncated
/ Frame 23FA 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 94d904ccdca1d9dacf1a3ca056e17113252f6d1a341e26b115397669dfb77fa6

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 /
includemodal.com/service/imp/88b48cd9-e40a-4c18-8297-ecf618708ada/ Frame B41B 42 B
132 B 337ms
337ms Image
image/gif 3.20.200.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://includemodal.com/service/imp/88b48cd9-e40a-4c18-8297-ecf618708ada/?rand=1082663&referer=http://www2.kusports.com/users/josephinecsanford/
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.20.200.22 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-20-200-22.us-east-2.compute.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:09:58 GMT
server: nginx/1.10.3 (Ubuntu)
content-length: 42
content-type: image/gif

GET
H2 200 container.html Show response
4b06f1ec4271cca4fc333408d857ee6a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 709A 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4b06f1ec4271cca4fc333408d857ee6a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 4b06f1ec4271cca4fc333408d857ee6a.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www2.kusports.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www2.kusports.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sat, 21 Aug 2021 07:09:56 GMT
expires: Sun, 21 Aug 2022 07:09:56 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
BLOB 200
OK 769683e9-939e-4540-b7df-701ae5e72324
http://www2.kusports.com/ Frame C685 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://www2.kusports.com/769683e9-939e-4540-b7df-701ae5e72324
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b985b833fe5443b89d4f969d7c3ce1111521d270a4776019c4098b9a3b6d516

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 1576
Content-Type: application/javascript

GET
BLOB 200
OK 69cc1359-ee46-43f1-930d-84c65adad2be
http://www2.kusports.com/ Frame B41B 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://www2.kusports.com/69cc1359-ee46-43f1-930d-84c65adad2be
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b985b833fe5443b89d4f969d7c3ce1111521d270a4776019c4098b9a3b6d516

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 1576
Content-Type: application/javascript

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 58F7 0
0 58ms
57ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssckKm76yR5ltkP_i-v9rpi3avCzdo9WmEFvz1XQcN6td4yQTyQ8StAGUTFUvD4BKMd7oGRK_tV5gb9H9mbmy15-ZjvpyS6Hg6wQvMMgGLBsvbAsREhyWBYY4IyfP6pT6zL_7rsFuk6G7-zycFanfhd29lF--BoYuY9qQXND3W5VZTqavW4WjtUZQ5ZsTw4csWo_Ie7XUAuBJLwWaDTem5ts5ncMqPEyrW3HZhn11c_oQNpbnZi52xo-RWVH89xhjO6_QC1iqMLcaRs1J72G-D2K6pMYkv0Is-XFEujKUXCSntWVSlrasz-4YFKQ_jhq3TQcK2TBRexEQYxP8e_&sig=Cg0ArKJSzKzbWFSi87usEAE&urlfix=1&adurl=

Requested by

Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 21 Aug 2021 07:09:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2

200

jstag Show response
us-ads.openx.net/w/1.0/ Frame 58F7
Redirect Chain

http://us-ads.openx.net/w/1.0/jstag
https://us-ads.openx.net/w/1.0/jstag

49 KB
18 KB

33ms
33ms

Script
text/javascript

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-ads.openx.net/w/1.0/jstag
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: 5764d6c4c286ff7fe2021eeee223d22d6d681e62d07d3edf8c6a446c5f04e322

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:09:58 GMT
content-encoding: gzip
server: OXGW/16.214.0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: max-age=3600
content-type: text/javascript
alt-svc: clear
content-length: 17995
expires: Sat, 21 Aug 2021 08:09:58 GMT

Redirect headers

Location: https://us-ads.openx.net/w/1.0/jstag
Date: Sat, 21 Aug 2021 07:09:58 GMT
Via: 1.1 google
Server: OXGW/16.214.0
Content-Length: 0

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 58F7 124 KB
37 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js?31062334

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be8e3fb00d98e93afe954eb362d24a5d80537eb55c896bba9734e5771b6b34b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:09:58 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629458990649126"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38246
x-xss-protection: 0
expires: Sat, 21 Aug 2021 07:09:58 GMT

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame B41B 72 KB
27 KB 73ms
72ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js?31062334

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a2478978968eefdc87127bfe6619a9de514b2ccb89b2a95824a53e6bea1f9cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:09:58 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629458978809797"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27677
x-xss-protection: 0
expires: Sat, 21 Aug 2021 07:09:58 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame BAF1 624 B
455 B 17ms
16ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY2smRLzAB&v=APEucNWqV72EwfnJSxjel6bjjqqQpnFHLAYr7J06SlBqLQfWFIpLbEbqkpEg8LPNFAHCn7G3u4hA8Hv3JMi75LpdnA9zho-EInltZIDe1db7In9o_KKhApyTUC2WcQ7iMsXKP6klD45aXVNd1P1Coi15OgFgS5VBEx397h8n8lMz-ZwAGmX-X2pRttUD92Re9an-y7BHPoswWHaEbfvBe8r3dgfLXB_dmg

Requested by

Host: 466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com
URL: https://466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CN-KGhCn9EsY2smRLzAB&v=APEucNWqV72EwfnJSxjel6bjjqqQpnFHLAYr7J06SlBqLQfWFIpLbEbqkpEg8LPNFAHCn7G3u4hA8Hv3JMi75LpdnA9zho-EInltZIDe1db7In9o_KKhApyTUC2WcQ7iMsXKP6klD45aXVNd1P1Coi15OgFgS5VBEx397h8n8lMz-ZwAGmX-X2pRttUD92Re9an-y7BHPoswWHaEbfvBe8r3dgfLXB_dmg
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUm0wbTDlOjF9uTtl347cAfXANLUgQ2GRHa5I0YzPqO0gfAK2BQL1GYg93b9RL4; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 21 Aug 2021 07:09:58 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 21 Aug 2021 07:09:58 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame B5D6 24 KB
13 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DCXkz3RNAE9bbtBiVAyN7abcnSJ5VDafgPWeNxj_grDPZwMF5nHssw3aLGsnKX3P-hyKo6G24ZPX4iNlMUb2zkfya_GAU9w-hZQLKDnNme80fvuHaN2-3eaPAXQtsFxEg4zII-V58Vxs8eKA_7Lgb8oPTNaw&cry=1&dbm_d=AKAmf-ByPWCbneVL_cMn-FMT9-yRzNVwNuGtw0Dx9HpMOxREttgxDsm_Q2g6cR4o7b3aTU4BjFGPVjS7UPzbcZgxP6uxekL18MA51uQX19OntB96qzvJ36ja_qNRZiCduKQZWg_xGr5aU_waEwR8Js0jO6buRKeJWVleiEzU-ZJEaUC0_orOqLiXlYFMzuS62jAWZFDxt6-qjOYzxXTalPF-Pf8jcEanv9_sWWxb4HBlgGpbL190ij_gb_A12JLcdPJFKsVlxxhOVNsJ9GhuIB7ZyCALGZeco2Xo2ixgDPb5xugoHW5HSmPp770w3kkrCIXkWgL-zL1m-CLaUdDBuAFSQ8-82kr9FFHlv0q-ZNjNTU5dR1KfQjuTbs8RKf1XAkRgboQQp92uyG152tYYg6erbEpnI8o2MOA4r4kBGvb6-HCxMRklhPucNI1Y7UAfcCg8UVw1hVdEUE_FVG5GJGwshPNgMDta7S1oysm2CoLfqN9dPQZIF-vFNsQuzfS2TV-oXa94qQStRv9zv-Gn8mGuHgk5qRJInttbJQVMPbhDWI6zjQlnyyRUlktogoTuJ3hh44k4ORM1XtDQt0bAM1iaHZSTCGq2v0gNRMhTj75HjAV84pKfGzD1m1owtUJZg6Amfl3gwpP0YTlp7vSAdslxeYbStqml7VTt2X8n5VmtDpaZwGtHnMJvRK2_BfTAG4eIvg1a301a2mRfZ1yKQnlu-KZPaIDgy_weFxrMt9JHYHqTzEUnz8lbXoBpPMCjV6lkViBICFSVtgSAd3D3SqyGWfDDIjndK9fuUjofYayny1_Vp5wR-RELgeHMmZ2brQnDK93ySM-7atZVwXWOoWnjr5jvJFmccfSXqwlwaqh-1Sd58YHZgIbtT8uPmh2vYY-PjH-Bj0wQup6ffAV1Yr4wckxxb2Dk7PqykBnKSRfbqnrGj5W9fF8ckkLX9v2lO8guArUmJtz1ihgZFCiOW0FzimgzW4Vzb-X0hLzzxvOJvb-BxEt_7yZpbSgCyE8qw1umCJmt2z8xlHE1-1d7WB2qExrQyO7SIYK295RxhIHXDxNKPiWQHlG39lfeElMNpmTVTMGFIzuoFPn8N8QD_z1tRo-x1hGjk4uor7rM8o_X3GEwTl4LhJuUBDBE--VSIsgo0LXnLkButjfzKEsp2x_zqdSQnDmOXiKE1EjeCRCV-OikmGCXfwnVL8osBjyCKXcnUrBJwZn9Q9J9VaSj6C_Hidcnf_UUgQLKloED1QHvgDzNczqvPQsM4ohpmgIlKuFEL8nZnmItc5VRv7EjPmlMR_BW6z6su7Djcdl7e0yQFDuoPgMsV1c86_hhL4CvElJHLZ-lt3LTUKR4ylGSS7CeHRtZrM5Za0KBQbbQWbE5G2ORfXyjJkmNKRCERb7Y1WinYQeq00R4zhnFVfaigYLYwEvK5z1d-ipxc_xZ3j5y0QsBZCAHqpNgzAhaz4hSdgwBJLWeiDlPGBV4IV06nroM_Y9SEmJOuhcjVEklNrqCe-5cOSlpbZKn_H0gsB3RTznLMutEYJ7mhQN2Uv0OVevBOJLTzkKNh-ZGMdMmWSaIvqg59xDiEcNxzkYLziKoffssatl77OdBPFoQHfzqkkWrGwm5ilYStG86GpfbIWf4Aw2xzAFW-8sKpACVUZJzvEugVVEDRu4HtkwM4vjUL6htoxg0atHsOFk69tXPiJNUt4_C3l1mre4C0KcSyAYb5oGJT0gc8iRo340hgiWKMOd1gOLOVy9SI4ivZ1TDmGLODXbew8FTU0It7u-DHO_ARe6PQQ8Lh3x9c-A2cE7V5WIPhu4i8hhfqsHK0I_kpCsIDQSlkdKuThw2026or0SEHQK9wIQSWnI7JGl3BX6cXxHpWqzwoSwJ4tv4Pk-Lm2cgtwHEwX_xcfcoTmDq4lnjL_DzvVyozP7lI-5PF_-hEwE4l9VFk0MshOxQmR5dl3zddvly6y8mX6MVjwwzjGZytVpAY9AM61xLZ8qHxiMcSQFvViz5jHNOCe-n6aBthZuT7ymThpzHjK2FCw5JrtEUR3d-nYnTzOHM00s7LzXSBRNIyi6KHKao-r1r9xBtg41AeSw0rxamyLoEbvvU2pJPDEXnGdEzq6w4soKfwzxYEaiWcUlJi1EDmQf7iyt76Nzm5AI9toGelx_juEtthHYeu8zaKyD6fU6vGree-KK4imoD3Wvg9MYG0a6TZHvt0ZO1xsBwhAv1dfpdvQZzxLf8peNhfCxeVj3AdxuyTlWAxIXEg9ucXCWkEczd8bKokQvY-EOIW_lgSGE5JTWDdgdIKqP7lYeY2TujZxfr_937gbq8xrZcA-q0eP7D-nR9kWl6U4JDPcm239ZccQfHXmbIFuGdv_dTLfsXeseM3evFOA4jzHbp28YZ1u_sdU-f9ZBIO-lkZ0B2hvCREEMj_sjr2zN0iQJQTMLuLPXnFvOgcCbin4radgQ8XO4Z24Ei246ys2vNmWzn-g33XPU0e3H-5tFXc2Hx6ePs6u-D7tC404TlPE5y8-E5PH4o7d9sl3nBxMbIVN_-QFpMSTYVc8Tv2kjvDkEjq7f-cKqWuWSv5AoSM-OZ5WmIH4NRU-wJfyZLamKTzcphYDutrWKKy_o8DfAreeLBaapaCw5YrXxMaU-3RQp6bom8PqkKLnNGSfAAxh6o41SsBBCq9cQKqSBvJa2lClEUEHAPjTIluWoVk2KuU9pTRDNqLfxmQ033OLbfJfuI4g7H6uw0Ah4oYEcXI4lqf7934Nmg_sVrr_KhR9-BSzLTglSMSLD9hKhTli3S7gNyUdxaLzjU_5RlxER_rZ9c_2rAlQcTIOKsJx8O94v3l1JW4ZWNPMkA5zCRL6XMtKzGICaZ5hoRuAdFjRnxVXvwoxSEBTyOp1NxXLXnlB--CfKcy_adxmLNTRugY52YR-9T3xw1mG8ewlTi_JD0uKVs6euZxEOcFfJDvVVY945mdjlqnUkmCQL0GWBrenY7N1bEeCKV7gOR6F0sTCBetitKURH0YC-7FgdjH47nvFodOcEFkpsWYpXu6ScM2FN0c0X0Jm0gIB7iOW4gFNkQ2AXav8KBzsA5cBQx3sUO5oE0T0h73ZO0UCfpFMWQZ9rp_3ys1mOqqQ6sqOFiPwoxOJKU9bep1gPyjKISRMwm2lcbj0dWNG5-GOOndYU_1bL0aO6Q_dtcsuI&cid=CAASEuRoA0-pKwQxVfOBmO4ShPPxiA&rfl=2%2Chttp%253A%252F%252Fwww2.kusports.com%242%2Chttp%253A%252F%252Fwww2.kusports.com%252F%240

Requested by

Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2b4bc917d959cf17a7189de367cee58c78178c62401ca3ca95f2db05e51dfb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:09:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12792
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame B5D6 42 B
173 B 27ms
26ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bcl3qegBjzCdE7kVXQqDNtcHKIs3RoisUmmdfMgkCfHeQ4dMv_JqOVZeiTvTPjx6oxQMTx7-ZUyhbkgVkQxMAM0Q9YyG3kcnIHWPY_LU93rd-S4o8

Requested by

Host: 466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com
URL: https://466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:09:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame B5D6 2 KB
2 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/window_focus_fy2019.js

Requested by

Host: 466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com
URL: https://466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:08:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 115
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Sep 2021 07:08:03 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B5D6 124 KB
37 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com
URL: https://466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be8e3fb00d98e93afe954eb362d24a5d80537eb55c896bba9734e5771b6b34b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:09:58 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629458990649126"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38246
x-xss-protection: 0
expires: Sat, 21 Aug 2021 07:09:58 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame B5D6 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com
URL: https://466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 165
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6205
x-xss-protection: 0
server: cafe
etag: 3431872159862141604
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Sep 2021 07:07:13 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame B5D6 0
0 13ms
13ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR18ktfGQSSDGTGljc22UXxmjzdFGCCCIapEjdVmHWyGZmunPzdORrzwuJVhHVYSl3aQPCUJ7yLMHaPZnJM7b5bpbWzoA
Requested by: Host: 466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com
URL: https://466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK pw.js Show response
includemodal.global.ssl.fastly.net/ Frame 36C9 43 KB
13 KB 23ms
23ms Script
application/javascript 151.101.13.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://includemodal.global.ssl.fastly.net/pw.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js
Protocol: HTTP/1.1
Server: 151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 012f33ee906d36ea8570c8116543eacf5392819bbb5ef4eb881cff6283636307

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: cUsGPtve91o3mzOra3qLNSe5z6A8rBsV
Content-Encoding: gzip
ETag: "29bc47cfe8d018de54f7905ca1f4c91a"
Age: 2776
X-Cache: HIT
Connection: keep-alive
Content-Length: 12462
x-amz-id-2: B67G39YgFKpvrC645pihVBl1AX1vlPVja2qFeeZXt48vLCujgmSdkCASnIvaosuuxwBOy2HTI2k=
X-Served-By: cache-fra19145-FRA
Last-Modified: Tue, 17 Aug 2021 22:48:38 GMT
Server: AmazonS3
X-Timer: S1629529798.297497,VS0,VE0
Date: Sat, 21 Aug 2021 07:09:58 GMT
Vary: Accept-Encoding
x-amz-request-id: RAATTQM46D98JATP
Via: 1.1 varnish
Accept-Ranges: bytes
Content-Type: application/javascript
X-Cache-Hits: 5

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 36C9 0
0 61ms
60ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssGYX5WxDvHW1Tl7liuKvdBD0LPIXLIzOSDHBf6gQvqH0WoPkK0voNrx3rFlG7sz_RIihhmY24O7jeNmrMtVeAwqnb5JKVvSAB8vPdOs2QDZSaZFazkJk2_XHzJjiG2BLW8ShRO21Zr-hydTzCjQLynz52PZsW2GrRVkUaNvvN9Jj9JMwKoTb25QhPwg1sSqd2wTSj2wSFfvmceDzaTjua0_hG5ePqQcoBhYnit7ch4ugcfxbGHX27I9VrqrjS9MG2nWAn4AY40JpeMCY2ERvlUO6vea_aKoETjKmtH3eO-hN-V2w8vyfOjKao&sai=AMfl-YTJtgsVvC1QFTK5NZTtVH2i7sW687wzTMw450DVi7WvixRKox-n3Lebt412LneuZtRMh4kbRd2sN5mVyHnNbY4etlUbcgCset8DIYIZZcfiii5PJ4gdn99Aq2Q7rmVR&sig=Cg0ArKJSzOvcWZqEkNPJEAE&urlfix=1&adurl=

Requested by

Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 21 Aug 2021 07:09:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ Frame 36C9 72 KB
25 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

940d55f419c328ba45d8a3a4a669eddf2cf116e87c712e3d06d5fd467304dc0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:09:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "965 / 322 of 1000 / last-modified: 1629497315"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin: *
Content-Length: 25320
X-XSS-Protection: 0
Expires: Sat, 21 Aug 2021 07:09:58 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 36C9 124 KB
37 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be8e3fb00d98e93afe954eb362d24a5d80537eb55c896bba9734e5771b6b34b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:09:58 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629458990649126"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38246
x-xss-protection: 0
expires: Sat, 21 Aug 2021 07:09:58 GMT

GET
H/1.1 200
OK pw.js Show response
includemodal.global.ssl.fastly.net/ Frame 709A 43 KB
13 KB 89ms
37ms Script
application/javascript 151.101.13.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://includemodal.global.ssl.fastly.net/pw.js
Requested by: Host: 4b06f1ec4271cca4fc333408d857ee6a.safeframe.googlesyndication.com
URL: https://4b06f1ec4271cca4fc333408d857ee6a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 012f33ee906d36ea8570c8116543eacf5392819bbb5ef4eb881cff6283636307

Request headers

Referer: https://4b06f1ec4271cca4fc333408d857ee6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: cUsGPtve91o3mzOra3qLNSe5z6A8rBsV
Content-Encoding: gzip
ETag: "29bc47cfe8d018de54f7905ca1f4c91a"
Age: 2776
X-Cache: HIT
Connection: keep-alive
Content-Length: 12462
x-amz-id-2: B67G39YgFKpvrC645pihVBl1AX1vlPVja2qFeeZXt48vLCujgmSdkCASnIvaosuuxwBOy2HTI2k=
X-Served-By: cache-fra19153-FRA
Last-Modified: Tue, 17 Aug 2021 22:48:38 GMT
Server: AmazonS3
X-Timer: S1629529798.384043,VS0,VE0
Date: Sat, 21 Aug 2021 07:09:58 GMT
Vary: Accept-Encoding
x-amz-request-id: RAATTQM46D98JATP
Via: 1.1 varnish
Accept-Ranges: bytes
Content-Type: application/javascript
X-Cache-Hits: 10

GET
H3-29 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 709A 22 KB
7 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 4b06f1ec4271cca4fc333408d857ee6a.safeframe.googlesyndication.com
URL: https://4b06f1ec4271cca4fc333408d857ee6a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4b06f1ec4271cca4fc333408d857ee6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 07:27:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85332
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Aug 2022 07:27:46 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 709A 124 KB
37 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 4b06f1ec4271cca4fc333408d857ee6a.safeframe.googlesyndication.com
URL: https://4b06f1ec4271cca4fc333408d857ee6a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be8e3fb00d98e93afe954eb362d24a5d80537eb55c896bba9734e5771b6b34b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4b06f1ec4271cca4fc333408d857ee6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:09:58 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629458990649126"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38246
x-xss-protection: 0
expires: Sat, 21 Aug 2021 07:09:58 GMT

GET
H3-29 200 container.html Show response
370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4FBA 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js?31062328

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www2.kusports.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www2.kusports.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sat, 21 Aug 2021 07:09:58 GMT
expires: Sun, 21 Aug 2022 07:09:58 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 23FA 72 KB
27 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js?31062328

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a2478978968eefdc87127bfe6619a9de514b2ccb89b2a95824a53e6bea1f9cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:09:58 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629458978809797"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27677
x-xss-protection: 0
expires: Sat, 21 Aug 2021 07:09:58 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210816/r20110914/ Frame B5D6 24 KB
9 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210816/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DCXkz3RNAE9bbtBiVAyN7abcnSJ5VDafgPWeNxj_grDPZwMF5nHssw3aLGsnKX3P-hyKo6G24ZPX4iNlMUb2zkfya_GAU9w-hZQLKDnNme80fvuHaN2-3eaPAXQtsFxEg4zII-V58Vxs8eKA_7Lgb8oPTNaw&cry=1&dbm_d=AKAmf-ByPWCbneVL_cMn-FMT9-yRzNVwNuGtw0Dx9HpMOxREttgxDsm_Q2g6cR4o7b3aTU4BjFGPVjS7UPzbcZgxP6uxekL18MA51uQX19OntB96qzvJ36ja_qNRZiCduKQZWg_xGr5aU_waEwR8Js0jO6buRKeJWVleiEzU-ZJEaUC0_orOqLiXlYFMzuS62jAWZFDxt6-qjOYzxXTalPF-Pf8jcEanv9_sWWxb4HBlgGpbL190ij_gb_A12JLcdPJFKsVlxxhOVNsJ9GhuIB7ZyCALGZeco2Xo2ixgDPb5xugoHW5HSmPp770w3kkrCIXkWgL-zL1m-CLaUdDBuAFSQ8-82kr9FFHlv0q-ZNjNTU5dR1KfQjuTbs8RKf1XAkRgboQQp92uyG152tYYg6erbEpnI8o2MOA4r4kBGvb6-HCxMRklhPucNI1Y7UAfcCg8UVw1hVdEUE_FVG5GJGwshPNgMDta7S1oysm2CoLfqN9dPQZIF-vFNsQuzfS2TV-oXa94qQStRv9zv-Gn8mGuHgk5qRJInttbJQVMPbhDWI6zjQlnyyRUlktogoTuJ3hh44k4ORM1XtDQt0bAM1iaHZSTCGq2v0gNRMhTj75HjAV84pKfGzD1m1owtUJZg6Amfl3gwpP0YTlp7vSAdslxeYbStqml7VTt2X8n5VmtDpaZwGtHnMJvRK2_BfTAG4eIvg1a301a2mRfZ1yKQnlu-KZPaIDgy_weFxrMt9JHYHqTzEUnz8lbXoBpPMCjV6lkViBICFSVtgSAd3D3SqyGWfDDIjndK9fuUjofYayny1_Vp5wR-RELgeHMmZ2brQnDK93ySM-7atZVwXWOoWnjr5jvJFmccfSXqwlwaqh-1Sd58YHZgIbtT8uPmh2vYY-PjH-Bj0wQup6ffAV1Yr4wckxxb2Dk7PqykBnKSRfbqnrGj5W9fF8ckkLX9v2lO8guArUmJtz1ihgZFCiOW0FzimgzW4Vzb-X0hLzzxvOJvb-BxEt_7yZpbSgCyE8qw1umCJmt2z8xlHE1-1d7WB2qExrQyO7SIYK295RxhIHXDxNKPiWQHlG39lfeElMNpmTVTMGFIzuoFPn8N8QD_z1tRo-x1hGjk4uor7rM8o_X3GEwTl4LhJuUBDBE--VSIsgo0LXnLkButjfzKEsp2x_zqdSQnDmOXiKE1EjeCRCV-OikmGCXfwnVL8osBjyCKXcnUrBJwZn9Q9J9VaSj6C_Hidcnf_UUgQLKloED1QHvgDzNczqvPQsM4ohpmgIlKuFEL8nZnmItc5VRv7EjPmlMR_BW6z6su7Djcdl7e0yQFDuoPgMsV1c86_hhL4CvElJHLZ-lt3LTUKR4ylGSS7CeHRtZrM5Za0KBQbbQWbE5G2ORfXyjJkmNKRCERb7Y1WinYQeq00R4zhnFVfaigYLYwEvK5z1d-ipxc_xZ3j5y0QsBZCAHqpNgzAhaz4hSdgwBJLWeiDlPGBV4IV06nroM_Y9SEmJOuhcjVEklNrqCe-5cOSlpbZKn_H0gsB3RTznLMutEYJ7mhQN2Uv0OVevBOJLTzkKNh-ZGMdMmWSaIvqg59xDiEcNxzkYLziKoffssatl77OdBPFoQHfzqkkWrGwm5ilYStG86GpfbIWf4Aw2xzAFW-8sKpACVUZJzvEugVVEDRu4HtkwM4vjUL6htoxg0atHsOFk69tXPiJNUt4_C3l1mre4C0KcSyAYb5oGJT0gc8iRo340hgiWKMOd1gOLOVy9SI4ivZ1TDmGLODXbew8FTU0It7u-DHO_ARe6PQQ8Lh3x9c-A2cE7V5WIPhu4i8hhfqsHK0I_kpCsIDQSlkdKuThw2026or0SEHQK9wIQSWnI7JGl3BX6cXxHpWqzwoSwJ4tv4Pk-Lm2cgtwHEwX_xcfcoTmDq4lnjL_DzvVyozP7lI-5PF_-hEwE4l9VFk0MshOxQmR5dl3zddvly6y8mX6MVjwwzjGZytVpAY9AM61xLZ8qHxiMcSQFvViz5jHNOCe-n6aBthZuT7ymThpzHjK2FCw5JrtEUR3d-nYnTzOHM00s7LzXSBRNIyi6KHKao-r1r9xBtg41AeSw0rxamyLoEbvvU2pJPDEXnGdEzq6w4soKfwzxYEaiWcUlJi1EDmQf7iyt76Nzm5AI9toGelx_juEtthHYeu8zaKyD6fU6vGree-KK4imoD3Wvg9MYG0a6TZHvt0ZO1xsBwhAv1dfpdvQZzxLf8peNhfCxeVj3AdxuyTlWAxIXEg9ucXCWkEczd8bKokQvY-EOIW_lgSGE5JTWDdgdIKqP7lYeY2TujZxfr_937gbq8xrZcA-q0eP7D-nR9kWl6U4JDPcm239ZccQfHXmbIFuGdv_dTLfsXeseM3evFOA4jzHbp28YZ1u_sdU-f9ZBIO-lkZ0B2hvCREEMj_sjr2zN0iQJQTMLuLPXnFvOgcCbin4radgQ8XO4Z24Ei246ys2vNmWzn-g33XPU0e3H-5tFXc2Hx6ePs6u-D7tC404TlPE5y8-E5PH4o7d9sl3nBxMbIVN_-QFpMSTYVc8Tv2kjvDkEjq7f-cKqWuWSv5AoSM-OZ5WmIH4NRU-wJfyZLamKTzcphYDutrWKKy_o8DfAreeLBaapaCw5YrXxMaU-3RQp6bom8PqkKLnNGSfAAxh6o41SsBBCq9cQKqSBvJa2lClEUEHAPjTIluWoVk2KuU9pTRDNqLfxmQ033OLbfJfuI4g7H6uw0Ah4oYEcXI4lqf7934Nmg_sVrr_KhR9-BSzLTglSMSLD9hKhTli3S7gNyUdxaLzjU_5RlxER_rZ9c_2rAlQcTIOKsJx8O94v3l1JW4ZWNPMkA5zCRL6XMtKzGICaZ5hoRuAdFjRnxVXvwoxSEBTyOp1NxXLXnlB--CfKcy_adxmLNTRugY52YR-9T3xw1mG8ewlTi_JD0uKVs6euZxEOcFfJDvVVY945mdjlqnUkmCQL0GWBrenY7N1bEeCKV7gOR6F0sTCBetitKURH0YC-7FgdjH47nvFodOcEFkpsWYpXu6ScM2FN0c0X0Jm0gIB7iOW4gFNkQ2AXav8KBzsA5cBQx3sUO5oE0T0h73ZO0UCfpFMWQZ9rp_3ys1mOqqQ6sqOFiPwoxOJKU9bep1gPyjKISRMwm2lcbj0dWNG5-GOOndYU_1bL0aO6Q_dtcsuI&cid=CAASEuRoA0-pKwQxVfOBmO4ShPPxiA&rfl=2%2Chttp%253A%252F%252Fwww2.kusports.com%242%2Chttp%253A%252F%252Fwww2.kusports.com%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

63ed4c66bf3ba06512f7028be62a4bd53295e1ba68a919a7591f5fd392e72b90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:07:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9341
x-xss-protection: 0
server: cafe
etag: 177112232901409761
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Sep 2021 07:07:09 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame B5D6 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 11:09:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72024
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Aug 2022 11:09:34 GMT

GET
H3-29 200 pubads_impl_2021081701.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 36C9 328 KB
114 KB 143ms
142ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

416c66b64adf83bfdfcdd37b98c3d88ae15cc77370bd0f7b5edcc3e5b480e641

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 17 Aug 2021 08:38:29 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117161
x-xss-protection: 0
expires: Sat, 21 Aug 2021 07:09:58 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame BAF1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG7u7RL53caYgoX3tzxmoXc&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG7u7RL53caYgoX3tzxmoXc&google_cver=1&C=1

43 B
1014 B

35ms
35ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG7u7RL53caYgoX3tzxmoXc&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY2smRLzAB&v=APEucNWqV72EwfnJSxjel6bjjqqQpnFHLAYr7J06SlBqLQfWFIpLbEbqkpEg8LPNFAHCn7G3u4hA8Hv3JMi75LpdnA9zho-EInltZIDe1db7In9o_KKhApyTUC2WcQ7iMsXKP6klD45aXVNd1P1Coi15OgFgS5VBEx397h8n8lMz-ZwAGmX-X2pRttUD92Re9an-y7BHPoswWHaEbfvBe8r3dgfLXB_dmg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 21 Aug 2021 07:09:59 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 21 Aug 2021 07:09:59 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 21 Aug 2021 07:09:58 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG7u7RL53caYgoX3tzxmoXc&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Sat, 21 Aug 2021 07:09:58 GMT

GET

rrum
dsum-sec.casalemedia.com/ Frame BAF1
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1

0
0

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame BAF1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEOYd1zn19OTyGHStJNrppuc&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOYd1zn19OTyGHStJNrppuc%26google_cver%3D1

43 B
1 KB

19ms
18ms

Image
image/gif

185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOYd1zn19OTyGHStJNrppuc%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY2smRLzAB&v=APEucNWqV72EwfnJSxjel6bjjqqQpnFHLAYr7J06SlBqLQfWFIpLbEbqkpEg8LPNFAHCn7G3u4hA8Hv3JMi75LpdnA9zho-EInltZIDe1db7In9o_KKhApyTUC2WcQ7iMsXKP6klD45aXVNd1P1Coi15OgFgS5VBEx397h8n8lMz-ZwAGmX-X2pRttUD92Re9an-y7BHPoswWHaEbfvBe8r3dgfLXB_dmg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 21 Aug 2021 07:09:58 GMT
X-Proxy-Origin: 82.102.19.136; 82.102.19.136; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: ebd5ac38-3ff7-44df-9651-8c035e383cfb
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 21 Aug 2021 07:09:58 GMT
X-Proxy-Origin: 82.102.19.136; 82.102.19.136; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: f8b2422f-be0b-44e4-bdc3-664b65874808
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOYd1zn19OTyGHStJNrppuc%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame BAF1
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM5MjE5OTU1OTUwNjIzNDc1Mw%3D%3D

170 B
188 B

34ms
33ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM5MjE5OTU1OTUwNjIzNDc1Mw%3D%3D

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:09:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 21 Aug 2021 07:09:58 GMT
X-Proxy-Origin: 82.102.19.136; 82.102.19.136; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 86b32952-415b-42fb-a2ac-aaeddb4cdf4f
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM5MjE5OTU1OTUwNjIzNDc1Mw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 709A 0
0 133ms
133ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu-gz6o11wMfgZpTcAraN7J-WyJrXBZawxtNsGGaidBKNA17_2bQtv9RqG7dqT9hR5lPssv_6xtcCiDoAJKzmO89MtwKNvN22veGiK-lWlgi3weR8RL0ru-5ee_ehssE5MCkOwbRs2Av7CQadAVJxX2pTX2z9CzndPHY0B7-bWcVqFzc70EqWdWskZ9KwXXgVenixmwq29q2k2WDkQLuONhdx564tl9Iwd5FLtV0wBMzfWP1_e4zcuK6GQfU4jK1c-zgQgIduCTmAvR3UzZq1lZzwiP9wryFSPxX3dJB5ue7arw_FH698sTcbE&sai=AMfl-YTcRuPrgc6OnSdQ_5NG5gGgN1hxcmMZ6SWIR6IDpiUNx4j_YIxNSm7UJkZdWl8FoxXfla6cATHZe22IhOawIRQcXoBULqLCB4-MGqdTBLe3RVzOYctmuwhpS6Uhadw&sig=Cg0ArKJSzFjzqaU6L1c_EAE&urlfix=1&adurl=

Requested by

Host: 4b06f1ec4271cca4fc333408d857ee6a.safeframe.googlesyndication.com
URL: https://4b06f1ec4271cca4fc333408d857ee6a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4b06f1ec4271cca4fc333408d857ee6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 21 Aug 2021 07:09:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 app.js Show response
servedbyadbutler.com/ Frame 709A 55 KB
11 KB 581ms
275ms Script
application/javascript 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://servedbyadbutler.com/app.js
Requested by: Host: 4b06f1ec4271cca4fc333408d857ee6a.safeframe.googlesyndication.com
URL: https://4b06f1ec4271cca4fc333408d857ee6a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: d667eb81ed1272cb8be644bb1277bd4a3b2a38adf5a134e68ada86c5414220f6

Request headers

Referer: https://4b06f1ec4271cca4fc333408d857ee6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:09:58 GMT
content-encoding: gzip
last-modified: Fri, 13 Aug 2021 18:07:41 GMT
server: nginx
etag: W/"6116b4ed-da29"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1800
expires: Sat, 21 Aug 2021 07:39:58 GMT

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame E22C 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Fri, 20 Aug 2021 11:09:34 GMT
expires: Sat, 20 Aug 2022 11:09:34 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 72024
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7AEB 640 B
320 B 129ms
129ms Document
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYw6SRLzAB&v=APEucNVIZea9JWm2L2eCu8DdrIqeVGdn0_XfSu6gWI2v2r4Sr5mmVifau9NLJfwFLRKovlAsuUwq9y-6K4bL61-d3HeFUVn62JYy2ISPieiwIV-BPkNFqUyNWSmZ_BrfsLYOIXLg33bvx_jS4jhPGYkDdU69ui9CBCxCPgI1B__lH63ncA4mP7nURJs3SsiHONojnLKy-BfCm1R3_jBVniEMbmrXoylPqQ

Requested by

Host: 370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com
URL: https://370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CN-KGhCn9EsYw6SRLzAB&v=APEucNVIZea9JWm2L2eCu8DdrIqeVGdn0_XfSu6gWI2v2r4Sr5mmVifau9NLJfwFLRKovlAsuUwq9y-6K4bL61-d3HeFUVn62JYy2ISPieiwIV-BPkNFqUyNWSmZ_BrfsLYOIXLg33bvx_jS4jhPGYkDdU69ui9CBCxCPgI1B__lH63ncA4mP7nURJs3SsiHONojnLKy-BfCm1R3_jBVniEMbmrXoylPqQ
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUm0wbTDlOjF9uTtl347cAfXANLUgQ2GRHa5I0YzPqO0gfAK2BQL1GYg93b9RL4; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 21 Aug 2021 07:09:58 GMT
server: cafe
cache-control: private
content-length: 295
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 21 Aug 2021 07:09:58 GMT

GET
H3-29 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 4FBA 24 KB
13 KB 129ms
128ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BFCGwmh7nbYWds0cjaL-WLpF2ACAZ7eBNebGzYFsUXYoP5f-KTheNSB4KhahZGDo2QR2QrchPjAEYWzhDHlsAqN8Ja4rNnl8j4HhuKBUtGBEDHbxHvSprxr28JfCSNf0V32mFHq-oan5V7OI0KjslJHtUzSw&cry=1&dbm_d=AKAmf-B_EkvW6YE06J_fL7bErDsKxNSFvsHfkFzXe6fFiVJnny8BTpzOelkPQln32lYwzeA_2H9Dc2YUbUiMv5MS2Qb0JOkW1Wk9Vip5nSQUVZ1cSDvy3blvW1vAaW-VkIG0sHmRKS6DE-b7kKsM7RZHbXFQ9iJCG_-N723SEin-g9SdJKzOCcaNMiSaP3U3dU9_KIRbzPzBQfkT3FY3JxcK0Bz09xi8n4ema3DZ4aroXAjyfcTaVht9oi2Bggm296YnGDQ41e5ewyXtEYqoJCdE8GGDJ_55Bh8nwbcuxaIPhx1Dr3JHsPs_zHdlvFZwMnzOIke0SauoJu_0yHYM-6hgCvsvY0RYBrLG2ZyizeyFL4bkEXT3Nu3J1P0REOYWmLV3iQc5BetIP_tpNh85f6DTo6AfXt-eyrXCi5alkd0rlTOo0Baue-rrrByGb6ctZ8-aaFaLhz2Vq-wI4rbaAm-3xWM7JsOmP65FnCeN9f9mZJy1ibiUXzwK4ZhhFuT9t3_QDk8ps0W4H22woS8oN-hVdyFhJpbmEk8PZEAGLs8zEpPJEx4RykkYKqat-UmW5d00VCthJtzZF3hlR0J5Xv5fNewJJZm4r_Cl5qphCR26KNscTN9V9GmhO_7Cn14KZ1CZGZoZenCs9bOrunRKjgxfITMw_WomIeogTiM6tmzWyaJt7zpWZbvLcTbo5LRd6MRPfE4yghqkBBmFK1p5dmnhRMDNR-vzvQL4olDMjJTnWoVxaNEEDO1RPWs7Ml-W16l_FZeR2pKi_jcOEiqr7vMz5oKSpP4Weiulhyk-iv3rEJYnVXv1B0SYTMd2yUzYsZKlQ0M2-RVB4EDnJUBtqlbvcZyvNZ5s9ykK1Ne461eCpd4GFIeprGdki0ZsMaHHdA-dOfTSU-Ph5EZzj-77BSiOHILHSF3ALoJdkNhP9mdeN8dJDvex5mtQOxLw5-xeKcuR22TgC6eSuxMEq0JqMWRa0__XwD7zOoGEk1mYcQwWiQXu-v0HNMVSZW0LLcUhDZKZngTExgw_uBoLwSPyZnkl3-vBIBHYU9q3M7frwOduXJiYpxdj2Q3awu8UAmtzJva0GOl_KMJKxo4jnDbkgVecTdsiL3n1aGLqcP4LLE9GPcEKTJhi-IdiKe2cJSwQwUfD30qaELnWeEmZ3D-jIsk20Q6o7cRbRtInf2mUB57ws6qvhAsuWyPBZ4M9ehnk77kYxdSQgRHzSuvuXZkRDDQw83bgI3EhzomsySBoHwYkoMHnDQO4F97gFIQqQnRNA1J38zSTV9p15fII_5PF35OsnwGuFXszrjgeImsziQXgDHKiwA82RoLsGSqXmiD7tT7aRSd6C905vnZveBUczm4uY8FGaLSdMCmeoBG9hgH5bYumMnYqmUoPv6BbLVgjlapOd_lzzTt_2okWH7Oy5GOdEANxTuKYy3iKKWVlm4XrsVsGc5ULm-bVW-fyKRZ679Ptpwfoyh1Rk4YiTRJh5q4yuh8w4GH_OIBh5QFCEtRZ6POk2HckN9pk7dfFQMsjRxml0LpUYGdefd-R-gEaQQWeRuVhhE4XdCxCDvFJq9bkDUjve1I9UGqKGQPbPSJXpz0kv1gBCs_ko50fitk4RECOgp_ahq3vB4nHRQuFM3RG910k4ZujJDDpJWMo7mqtLIVeqHzXi_ba8SJQ-1YJirBuSixLj3bFCns0WNRemhYPLezMVG1dIpE1lKg3uxlRZN6Di04LnQ9hShkjkpBF7sJSThM9gG7Btk87__vYoJNPfdAuuk4UBzRxGooqfL2fYg7bKnswAOPV8B34TAy1dao9fT5cRpT-iL-2le-8IC9qW8R5C-DtXI8b42Cs0E5XEJNIvM-7t72dyuDY7_Ord-mWkN0mEXOpiB8sPei47zdPV2TcgGa_hAjcemsfvz5qkli6jDCAzmGWNvpEor0-JMKAe8iZ-wFHxgNmUNVEptDcCTjsudTmwWI4NjZc5Mn8djwn3tLNTdEus2lE-emcxLwzDbzzLYCeLao7TRhY4Dt28oEXi2JIRf6UjMEJcWzFIRhfFW7MWChA_D8eeFTjr2qrmU3yPlcchslVMzJG14tuQxjLdkBLHuByvKrW8a5cRgvuhYtJCusm3NdQZpP4KkNyHn3XKltyYGU2DZi2k4kN_tS0LIyqkWz1eicnu-svXn4aVBcBdBi_uL0g7q-JPADFYy0ihV-wNa9HshSok1Sb4g_4kxGWU6bNt1u0D-GAZjwIVXqaJUOLZq5_qWP1OtitNHWl4rpl4gfMqfpIxG-ixV0maU2YhMBkUMc5c-8bYXGxeKeCNai46pt00AsVU6ouYFUkMAlfez_C2Vd5pdglx7aIsh5Fyfn5ZajLe-sDQKugbSsQ-YCbOSyIJQqU2c6Jt9FqwcFRStKlCKjk83wlEj1fQ8NpDlMh3pHE2aGrDJOpD-rTvEYV63Gc1VKCwEDpBv3Gd5cqeS8jOOzFDQ9MwZK8SFkXSDArJ5HfEGTWd7jK-NgnPNZlhMCt5LrTdzV3W96xHvZ_bXfRddyYAGYyyWBz0cvlxs9LCtVfMIy6Hn28raMW_w_mcWnA55ZXbi3jmu35F9BgU6jlYnyu1JJjvZXS4K0d6zw-7Tg-J4uF-k2vQ5T03_JYim-gk_447D8eVEWKCX3iajlikulaaCtdmXx9uBn_vt78UTQFp77Z21wK-RVJuFvEQZpaMhVDW0Vted3jkTQpPxOvn_WcllbJULMYG6LlG3zK4l-lrgY4KxNtblVlSjxDUQXXF9YL58RTqYgkd3o5OseOZOlE-wvJJzXJOTOEWLZl3HqRG9xBa7LwVpQqTsBpLoeURpsZJ5BM2HAqGk-wRu6EfXxE3RAAf3-XFqTGR1s3XiRyYJ8Z4H0LcrnqVCc_KHT49BsraFyHGOyJ3tvCvWMdT55dHpL6h0ywuOpcV_oeF63uvHVUOrTV-krovzAqkuXX3VUPxTL82yMz0HgLnKfzMwCFwuHyON67UjDeB0cSwpBDNlHt7qlpwDlpIOazOUnj3eeiKde81FUroZPRasgDMYdOP2gCOTFAXXNiH51cnxGPBzOQva7H-IUu12PS6-jDzAD2Ij34yLrBQ3AtdKGjClYZrpbfagfe3qeMOhQalpbIudGK-1kxQl_cEQzKAAYsrqIST34KuQTgWSAEC9BR0dVAOos9gKTUmvBgZdI&cid=CAASEuRohWf2q64xqbLQpwnCo92Uaw&rfl=2%2Chttp%253A%252F%252Fwww2.kusports.com%242%2Chttp%253A%252F%252Fwww2.kusports.com%252F%240

Requested by

Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ea9a79a34edcc8e07ef629cb2185cf0b242f4a33c75011b5a7c9d585dd09e3ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:09:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12881
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4FBA 42 B
63 B 40ms
39ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ACk8ZmFUDjfQevWNvxharvaqOEqwo2DbFLL1FrMWwSJpleTvqvMxtg6YhXSCJsUSIr4kg5wEJlETEF9RX6TB-NDLtg61cB8bEhlCv3aFYVK958Nhc

Requested by

Host: 370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com
URL: https://370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:09:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame 4FBA 2 KB
1 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/window_focus_fy2019.js

Requested by

Host: 370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com
URL: https://370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:08:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 115
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Sep 2021 07:08:03 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4FBA 124 KB
37 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com
URL: https://370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be8e3fb00d98e93afe954eb362d24a5d80537eb55c896bba9734e5771b6b34b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:09:58 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629458990649126"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38246
x-xss-protection: 0
expires: Sat, 21 Aug 2021 07:09:58 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame 4FBA 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com
URL: https://370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 165
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6205
x-xss-protection: 0
server: cafe
etag: 3431872159862141604
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Sep 2021 07:07:13 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 4FBA 0
0 25ms
22ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTgBpBmJNZA8oJL6EQ2h5Wp06vi2ch9pZT2jdG-4KlXVH1tBaH4F2po4Jd_hs3e1kooYPgYBIHwiC6Tu0SN_lGhnPruYw
Requested by: Host: 370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com
URL: https://370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK ihaaer67pw2u Show response
hal9000.redintelligence.net/zone/ Frame B5D6 11 KB
4 KB 726ms
40ms Script
text/html 94.130.102.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/ihaaer67pw2u?subid=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCuTfyxaYgYeuoIo-PrATPp57wC7v6hIpXn6bi9bcH8C4QASCIgL8UYLn4x4DcAcgBCakCMNUT5B2hsz6oAwGqBMABT9Djwx1yX2CoNwpE8vdArKMEifrKQFpLLXx0g5v6Gts4HxgLcCZY3MqQ8Nyyu1sZffQbf2tJCq0aUHk-wd5OvegmrWWZ65iTdsRqg-lDnZBuIQpM1HFCm9FgdGR17PhmN0ttGDZHTF3FUzyKnxiEKVSiR7i6hnwniri5hYzRk4Y_X9hzTEpsAu0DHyJ_3vgJ25qiHPMVJwR65dSl_ezeSd2EqDdgCe9Sc8slBHRW4JRxzbwbjcEpd3W9lXSoG2kJwASYsqCBxgHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BuoB6qbsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTYwODIxNTkxMjI0MDUwOTeACgOYCwHICwGADAGwE9rQtQrQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoA0-pKwQxVfOBmO4ShPPxiA%26sig%3DAOD64_3TOadfaYu2SdpILcXo5typ6U556g%26client%3Dca-pub-6163857992956964%26dbm_c%3DAKAmf-DDaZQl2eqoD_coQtDkF6qj9nc_9zcL53kxf8BLN9VRm5rQShilZ-gXGSSy-bVUco59N9asUyPckIJDpmDqjSyhvSgkcMfAVpEZCY2X8vnAOKahLfPUECq5HNqMcP9Mm1W8RIkDzqF_CZ9xAXoFIOABmUIJyA%26cry%3D1%26dbm_d%3DAKAmf-BqU8UHEX-c7edzjKYckcKSHK0-bQd30cnzauuDO6BPE0OfJfkgOdlMEF2_n8OlCQe8UHdcBDWJ-Y8pZMkmGl9tMT8x9HwTALn_jLuNuAII-LTY12Af2kHM0LYrIc7nwT0_MRTdHprEwMGZmPAb_OTtdm6lQNkDMJR8l5AsM6aHQnaCo6c6j2QB7DB8nL1UEMffMDYAKERQlyQHbBS_nknFPpg-DgTHWyPvoSBIWvjNY_LlE_s5GQfjn5BTPY0uXyPN_MzMFueLgsLK2pWEZgcINBC0oAb9wiKHOJxpOuhMfoKrvXm1U09lk0GqYWU-WfXwGsUlYX395ufbn-nsh3HlUGh2H93eg81320NelERoJYARzA7nHLwzlentebFhxGoLSMdpQzepLEwW5ZrAt2AQc9Zq3-_qYGbo8G8ZS_MyrUhIvGkx6yTPBRl1IV451fUnFwlh-2EcseFiOQbop52Efp6L2wuH_8TTbMog5z8l25mbKxE%26adurl%3D
Requested by: Host: 466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com
URL: https://466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.102.130.94.clients.your-server.de
Software: Apache /
Resource Hash: 2d91b96b2bb9a2a1ff7c0c3250cb5854a0d3ff1118ae2c68bb940538ca765e10

Request headers

Referer: https://466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:09:59 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3927
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H2 200 88b48cd9-e40a-4c18-8297-ecf618708ada.js Show response
d2s8wlbatk24s7.cloudfront.net/service/js/ Frame 709A 51 KB
17 KB 18ms
14ms XHR
application/javascript 2600:9000:2190:5000:d:77c3:2dc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2s8wlbatk24s7.cloudfront.net/service/js/88b48cd9-e40a-4c18-8297-ecf618708ada.js
Requested by: Host: includemodal.global.ssl.fastly.net
URL: https://includemodal.global.ssl.fastly.net/pw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:5000:d:77c3:2dc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 1a2dbac6703072221e5f364d332a9c6fae19f29effdf189d2d43362f5a75a650

Request headers

Referer: https://4b06f1ec4271cca4fc333408d857ee6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 04:26:47 GMT
content-encoding: gzip
server: nginx/1.10.3 (Ubuntu)
age: 9791
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 14400
cache-control: public, max-age=14400
x-cache: Hit from cloudfront
x-amz-cf-pop: ZRH50-C1
access-control-allow-headers: *
x-amz-cf-id: fQGpFDgzb3U2G0j5PXGM6m3YGk_sQAy-znEvg8S0jQ0gAPl-w4Iydw==
via: 1.1 3a17ea4b3f6bdbc694c3ec0645d21b5e.cloudfront.net (CloudFront)

GET
H2 200 /
includemodal.com/service/imp/88b48cd9-e40a-4c18-8297-ecf618708ada/ Frame 709A 42 B
132 B 119ms
115ms Image
image/gif 3.20.200.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://includemodal.com/service/imp/88b48cd9-e40a-4c18-8297-ecf618708ada/?rand=442049&referer=http://www2.kusports.com/
Requested by: Host: 4b06f1ec4271cca4fc333408d857ee6a.safeframe.googlesyndication.com
URL: https://4b06f1ec4271cca4fc333408d857ee6a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.20.200.22 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-20-200-22.us-east-2.compute.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://4b06f1ec4271cca4fc333408d857ee6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:09:58 GMT
server: nginx/1.10.3 (Ubuntu)
content-length: 42
content-type: image/gif

GET
DATA 200
OK truncated
/ Frame 709A 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4baea0ff7a6b0b8e98747039a503018a774be250e8dc96aa653da2d3b88df7e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
0 38ms
38ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gfp_cw_status&domain=kusports.com&host=www2.kusports.com&success=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:09:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ Frame F36A 72 KB
25 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2649fe7038373ff54dad37ec66375566c9c703a00fd790ae8a62a5d14a2c796

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:09:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "965 / 575 of 1000 / last-modified: 1629497398"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin: *
Content-Length: 25448
X-XSS-Protection: 0
Expires: Sat, 21 Aug 2021 07:09:58 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F36A 124 KB
37 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be8e3fb00d98e93afe954eb362d24a5d80537eb55c896bba9734e5771b6b34b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:09:58 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629458990649126"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38246
x-xss-protection: 0
expires: Sat, 21 Aug 2021 07:09:58 GMT

GET
BLOB 200
OK 0ea2623f-f58e-4e63-8bd3-1950f0259974
https://4b06f1ec4271cca4fc333408d857ee6a.safeframe.googlesyndication.com/ Frame 709A 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://4b06f1ec4271cca4fc333408d857ee6a.safeframe.googlesyndication.com/0ea2623f-f58e-4e63-8bd3-1950f0259974
Requested by: Host: 4b06f1ec4271cca4fc333408d857ee6a.safeframe.googlesyndication.com
URL: https://4b06f1ec4271cca4fc333408d857ee6a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b985b833fe5443b89d4f969d7c3ce1111521d270a4776019c4098b9a3b6d516

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 1576
Content-Type: application/javascript

GET
H3-29 200 container.html Show response
24bac2d42da8d01b8705ae2442e3d932.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7D13 6 KB
3 KB 22ms
7ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://24bac2d42da8d01b8705ae2442e3d932.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js?31062328

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 24bac2d42da8d01b8705ae2442e3d932.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www2.kusports.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www2.kusports.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sat, 21 Aug 2021 07:09:58 GMT
expires: Sun, 21 Aug 2022 07:09:58 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame C685 72 KB
27 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js?31062328

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a2478978968eefdc87127bfe6619a9de514b2ccb89b2a95824a53e6bea1f9cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:09:58 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629458978809797"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27677
x-xss-protection: 0
expires: Sat, 21 Aug 2021 07:09:58 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C685 11 KB
8 KB 34ms
20ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021081701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js?31062328

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cc2b3d3b7d318b13ef434f16ba8e3721ea7ffc5eaf062a2bb0ce57abd20a0cd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 21 Aug 2021 07:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8488
x-xss-protection: 0

GET
H3-29 200 pubads_impl_2021081801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame F36A 332 KB
115 KB 31ms
31ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081801.js?31062329

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

956130a5128980106fbf0a389ac67dc012d91840bbdd52383b953ade75d52c65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 18 Aug 2021 08:38:34 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118094
x-xss-protection: 0
expires: Sat, 21 Aug 2021 07:09:58 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame 36C9 107 B
122 B 18ms
16ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www2.kusports.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 21 Aug 2021 07:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 36C9 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www2.kusports.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 21 Aug 2021 07:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 36C9 16 KB
8 KB 244ms
244ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3419864441397135&correlator=1089840823192453&output=ldjh&impl=fif&eid=31062339%2C20211866%2C31062297&vrg=2021081701&ptt=17&sc=0&sfv=1-0-38&ecs=20210821&iu_parts=8095840%2C.2_7337.4_kusports.com_tier1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&eri=2&cookie=ID%3D44f40e1468d129c5-22737a86a8c800e5%3AT%3D1629529796%3AS%3DALNI_MabbzvID8vuJJOSr11bCiiC-eF3Xw&cdm=www2.kusports.com&bc=23&abxe=1&lmt=1629529798&dt=1629529798609&dlt=1629529798288&idt=308&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=3&adxs=310&adys=2489&adks=1662649468&ucis=ifpqmkdibv2x&ifi=1&ifk=3024563297&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&nhd=1&url=http%3A%2F%2Fwww2.kusports.com%2Fusers%2Fjosephinecsanford%2F&top=http%3A%2F%2Fwww2.kusports.com%2Fusers%2Fjosephinecsanford%2F&vis=1&scr_x=0&scr_y=0&psz=300x0&msz=300x0&ga_vid=1107175217.1629529799&ga_sid=1629529799&ga_hid=1452727441&ga_fc=false&fws=256&ohw=0&btvi=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

9385acd7cebb8c85b4def734c446db3d06c06da9ff0d09f1d46ae010ce2b7b29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:09:58 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7790
x-xss-protection: 0
google-lineitem-id: 4482205340
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138216220965
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www2.kusports.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
cd91c949272e9512194b1eb023734aa5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9DE0 6 KB
3 KB 40ms
13ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cd91c949272e9512194b1eb023734aa5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: cd91c949272e9512194b1eb023734aa5.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www2.kusports.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www2.kusports.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sat, 21 Aug 2021 07:09:58 GMT
expires: Sun, 21 Aug 2022 07:09:58 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 36C9 0
0 88ms
87ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv-XcVMPTYQL-yrPiC0e_UsXEDsedbVLqMupaoppJIQduT8zyoXogwuJAmuPmroft_oGxzm3amlf3v_aXvynBLnW2QF89gCh6Enm1upxVspTJNH-YBx40nmZYK_uSssNhNnTwgMUQWRhnbxUb4jKNw4yB4JKZ5UrUGXGw97bz9y4sq_KndlUf4MslwmFB_0oVQZ-2FPQ5n5PsCwIbiRvuJKiXdXGOTmTJTw1lKUNtrHvXINY4sHLyywa1F2T9CunbiWtPjthEOMSpXTi-LZtlTrzG0lTmzk0FO8VKAbpX1Jz5H7hhIYkTHAvx2raQ&sai=AMfl-YQjYF22d31nEu3M1pdNXUcrSyS1NLzMC0vczRKUQlGYPMTqLqM-E2d_lrMKm2zqewxzS9RvHMEfmrHgi64Dj-c29KMHEO1m69VJyyGygl6G6Dr1JRrsRcaKieExuVrx&sig=Cg0ArKJSzHdP8dAl8z4GEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 21 Aug 2021 07:09:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 21 Aug 2021 07:09:58 GMT

GET
H2 200 /
includemodal.com/service/imp/88b48cd9-e40a-4c18-8297-ecf618708ada/ Frame 36C9 42 B
132 B 114ms
114ms Image
image/gif 3.20.200.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://includemodal.com/service/imp/88b48cd9-e40a-4c18-8297-ecf618708ada/?rand=374864&referer=http://www2.kusports.com/users/josephinecsanford/
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.20.200.22 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-20-200-22.us-east-2.compute.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:09:58 GMT
server: nginx/1.10.3 (Ubuntu)
content-length: 42
content-type: image/gif

GET
DATA 200
OK truncated
/ Frame 36C9 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c04e60055a4ae24aeb5dc2bd0edb02f12f777fc9b745c73e7a33863f65390c9d

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C685 17 KB
6 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js?31062328

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Sat, 21 Aug 2021 07:09:58 GMT

GET
BLOB 200
OK 39b1e20c-673b-4a1b-8bed-60bceb664fca
http://www2.kusports.com/ Frame 36C9 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://www2.kusports.com/39b1e20c-673b-4a1b-8bed-60bceb664fca
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b985b833fe5443b89d4f969d7c3ce1111521d270a4776019c4098b9a3b6d516

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 1576
Content-Type: application/javascript

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 88D1 42 B
64 B 28ms
28ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvqQHAAPKS8igfD9M4QgRoFyswaS9WBMplkpJlKfi044QzHJkQ2RFqjcMwPJQ5xmkZ0CEJSA7MQ6PDPinb-SmUnPBdaa1EOT_M6XQ_8Drxr5QrUgXSm&sig=Cg0ArKJSzEB9gsBGgDBZEAE&id=lidar2&mcvt=1088&p=421,310,1021,610&mtos=1088,1088,1088,1088,1088&tos=1088,0,0,0,0&v=20210820&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=1013277315&rs=4&met=ce&la=0&cr=0&osd=1&vs=4&eosm=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:09:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210812/r20110914/ Frame 4FBA 24 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210812/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BFCGwmh7nbYWds0cjaL-WLpF2ACAZ7eBNebGzYFsUXYoP5f-KTheNSB4KhahZGDo2QR2QrchPjAEYWzhDHlsAqN8Ja4rNnl8j4HhuKBUtGBEDHbxHvSprxr28JfCSNf0V32mFHq-oan5V7OI0KjslJHtUzSw&cry=1&dbm_d=AKAmf-B_EkvW6YE06J_fL7bErDsKxNSFvsHfkFzXe6fFiVJnny8BTpzOelkPQln32lYwzeA_2H9Dc2YUbUiMv5MS2Qb0JOkW1Wk9Vip5nSQUVZ1cSDvy3blvW1vAaW-VkIG0sHmRKS6DE-b7kKsM7RZHbXFQ9iJCG_-N723SEin-g9SdJKzOCcaNMiSaP3U3dU9_KIRbzPzBQfkT3FY3JxcK0Bz09xi8n4ema3DZ4aroXAjyfcTaVht9oi2Bggm296YnGDQ41e5ewyXtEYqoJCdE8GGDJ_55Bh8nwbcuxaIPhx1Dr3JHsPs_zHdlvFZwMnzOIke0SauoJu_0yHYM-6hgCvsvY0RYBrLG2ZyizeyFL4bkEXT3Nu3J1P0REOYWmLV3iQc5BetIP_tpNh85f6DTo6AfXt-eyrXCi5alkd0rlTOo0Baue-rrrByGb6ctZ8-aaFaLhz2Vq-wI4rbaAm-3xWM7JsOmP65FnCeN9f9mZJy1ibiUXzwK4ZhhFuT9t3_QDk8ps0W4H22woS8oN-hVdyFhJpbmEk8PZEAGLs8zEpPJEx4RykkYKqat-UmW5d00VCthJtzZF3hlR0J5Xv5fNewJJZm4r_Cl5qphCR26KNscTN9V9GmhO_7Cn14KZ1CZGZoZenCs9bOrunRKjgxfITMw_WomIeogTiM6tmzWyaJt7zpWZbvLcTbo5LRd6MRPfE4yghqkBBmFK1p5dmnhRMDNR-vzvQL4olDMjJTnWoVxaNEEDO1RPWs7Ml-W16l_FZeR2pKi_jcOEiqr7vMz5oKSpP4Weiulhyk-iv3rEJYnVXv1B0SYTMd2yUzYsZKlQ0M2-RVB4EDnJUBtqlbvcZyvNZ5s9ykK1Ne461eCpd4GFIeprGdki0ZsMaHHdA-dOfTSU-Ph5EZzj-77BSiOHILHSF3ALoJdkNhP9mdeN8dJDvex5mtQOxLw5-xeKcuR22TgC6eSuxMEq0JqMWRa0__XwD7zOoGEk1mYcQwWiQXu-v0HNMVSZW0LLcUhDZKZngTExgw_uBoLwSPyZnkl3-vBIBHYU9q3M7frwOduXJiYpxdj2Q3awu8UAmtzJva0GOl_KMJKxo4jnDbkgVecTdsiL3n1aGLqcP4LLE9GPcEKTJhi-IdiKe2cJSwQwUfD30qaELnWeEmZ3D-jIsk20Q6o7cRbRtInf2mUB57ws6qvhAsuWyPBZ4M9ehnk77kYxdSQgRHzSuvuXZkRDDQw83bgI3EhzomsySBoHwYkoMHnDQO4F97gFIQqQnRNA1J38zSTV9p15fII_5PF35OsnwGuFXszrjgeImsziQXgDHKiwA82RoLsGSqXmiD7tT7aRSd6C905vnZveBUczm4uY8FGaLSdMCmeoBG9hgH5bYumMnYqmUoPv6BbLVgjlapOd_lzzTt_2okWH7Oy5GOdEANxTuKYy3iKKWVlm4XrsVsGc5ULm-bVW-fyKRZ679Ptpwfoyh1Rk4YiTRJh5q4yuh8w4GH_OIBh5QFCEtRZ6POk2HckN9pk7dfFQMsjRxml0LpUYGdefd-R-gEaQQWeRuVhhE4XdCxCDvFJq9bkDUjve1I9UGqKGQPbPSJXpz0kv1gBCs_ko50fitk4RECOgp_ahq3vB4nHRQuFM3RG910k4ZujJDDpJWMo7mqtLIVeqHzXi_ba8SJQ-1YJirBuSixLj3bFCns0WNRemhYPLezMVG1dIpE1lKg3uxlRZN6Di04LnQ9hShkjkpBF7sJSThM9gG7Btk87__vYoJNPfdAuuk4UBzRxGooqfL2fYg7bKnswAOPV8B34TAy1dao9fT5cRpT-iL-2le-8IC9qW8R5C-DtXI8b42Cs0E5XEJNIvM-7t72dyuDY7_Ord-mWkN0mEXOpiB8sPei47zdPV2TcgGa_hAjcemsfvz5qkli6jDCAzmGWNvpEor0-JMKAe8iZ-wFHxgNmUNVEptDcCTjsudTmwWI4NjZc5Mn8djwn3tLNTdEus2lE-emcxLwzDbzzLYCeLao7TRhY4Dt28oEXi2JIRf6UjMEJcWzFIRhfFW7MWChA_D8eeFTjr2qrmU3yPlcchslVMzJG14tuQxjLdkBLHuByvKrW8a5cRgvuhYtJCusm3NdQZpP4KkNyHn3XKltyYGU2DZi2k4kN_tS0LIyqkWz1eicnu-svXn4aVBcBdBi_uL0g7q-JPADFYy0ihV-wNa9HshSok1Sb4g_4kxGWU6bNt1u0D-GAZjwIVXqaJUOLZq5_qWP1OtitNHWl4rpl4gfMqfpIxG-ixV0maU2YhMBkUMc5c-8bYXGxeKeCNai46pt00AsVU6ouYFUkMAlfez_C2Vd5pdglx7aIsh5Fyfn5ZajLe-sDQKugbSsQ-YCbOSyIJQqU2c6Jt9FqwcFRStKlCKjk83wlEj1fQ8NpDlMh3pHE2aGrDJOpD-rTvEYV63Gc1VKCwEDpBv3Gd5cqeS8jOOzFDQ9MwZK8SFkXSDArJ5HfEGTWd7jK-NgnPNZlhMCt5LrTdzV3W96xHvZ_bXfRddyYAGYyyWBz0cvlxs9LCtVfMIy6Hn28raMW_w_mcWnA55ZXbi3jmu35F9BgU6jlYnyu1JJjvZXS4K0d6zw-7Tg-J4uF-k2vQ5T03_JYim-gk_447D8eVEWKCX3iajlikulaaCtdmXx9uBn_vt78UTQFp77Z21wK-RVJuFvEQZpaMhVDW0Vted3jkTQpPxOvn_WcllbJULMYG6LlG3zK4l-lrgY4KxNtblVlSjxDUQXXF9YL58RTqYgkd3o5OseOZOlE-wvJJzXJOTOEWLZl3HqRG9xBa7LwVpQqTsBpLoeURpsZJ5BM2HAqGk-wRu6EfXxE3RAAf3-XFqTGR1s3XiRyYJ8Z4H0LcrnqVCc_KHT49BsraFyHGOyJ3tvCvWMdT55dHpL6h0ywuOpcV_oeF63uvHVUOrTV-krovzAqkuXX3VUPxTL82yMz0HgLnKfzMwCFwuHyON67UjDeB0cSwpBDNlHt7qlpwDlpIOazOUnj3eeiKde81FUroZPRasgDMYdOP2gCOTFAXXNiH51cnxGPBzOQva7H-IUu12PS6-jDzAD2Ij34yLrBQ3AtdKGjClYZrpbfagfe3qeMOhQalpbIudGK-1kxQl_cEQzKAAYsrqIST34KuQTgWSAEC9BR0dVAOos9gKTUmvBgZdI&cid=CAASEuRohWf2q64xqbLQpwnCo92Uaw&rfl=2%2Chttp%253A%252F%252Fwww2.kusports.com%242%2Chttp%253A%252F%252Fwww2.kusports.com%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

63ed4c66bf3ba06512f7028be62a4bd53295e1ba68a919a7591f5fd392e72b90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:02:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 458
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9341
x-xss-protection: 0
server: cafe
etag: 177112232901409761
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Sep 2021 07:02:20 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 4FBA 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 11:09:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72024
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Aug 2022 11:09:34 GMT

GET
H3-29 200 LPVuzLK1TyzEP0FlVkI4C3aV71n8MLJs6dtRUJPDU8s.js Show response
pagead2.googlesyndication.com/bg/ Frame E22C 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/LPVuzLK1TyzEP0FlVkI4C3aV71n8MLJs6dtRUJPDU8s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2cf56eccb2b54f2cc43f41655642380b7695ef59fc30b26ce9db515093c353cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 18:34:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45339
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13273
x-xss-protection: 0
last-modified: Mon, 09 Aug 2021 14:48:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 Aug 2022 18:34:19 GMT

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 9E2D 499 B
336 B 62ms
62ms Document
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYw6SRLzAB&v=APEucNULrgx9SXX3BQs-tKADfzMl7eGsB-O25sgchjr3qeX1IGDfcZ-CrRkeZHYRzGWvxaOymtNG0CDkES99i6XtsAeQj1X9PV9htDEfAhEaeReCZZMeqxZvDX4u4gQY7AGlSKjilEX29Dk6YvBHiofeW5HGIY9fAsvY7lnm28UaUw4U94QVsVd-Fjuc4nFKzNfaPunqjjU3f-tyKrvjyfyjCd0t5MJGRg

Requested by

Host: 24bac2d42da8d01b8705ae2442e3d932.safeframe.googlesyndication.com
URL: https://24bac2d42da8d01b8705ae2442e3d932.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CN-KGhCn9EsYw6SRLzAB&v=APEucNULrgx9SXX3BQs-tKADfzMl7eGsB-O25sgchjr3qeX1IGDfcZ-CrRkeZHYRzGWvxaOymtNG0CDkES99i6XtsAeQj1X9PV9htDEfAhEaeReCZZMeqxZvDX4u4gQY7AGlSKjilEX29Dk6YvBHiofeW5HGIY9fAsvY7lnm28UaUw4U94QVsVd-Fjuc4nFKzNfaPunqjjU3f-tyKrvjyfyjCd0t5MJGRg
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://24bac2d42da8d01b8705ae2442e3d932.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUm0wbTDlOjF9uTtl347cAfXANLUgQ2GRHa5I0YzPqO0gfAK2BQL1GYg93b9RL4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://24bac2d42da8d01b8705ae2442e3d932.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 21 Aug 2021 07:09:58 GMT
server: cafe
cache-control: private
content-length: 313
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 7D13 24 KB
13 KB 217ms
216ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C_T-JRYIy6be0ymHzahC3LSCa9G0ST_e-tWOMRz0ztlTkBWaUQ0OGnKNbi9vWFG9RCUg04MtynqgAsszDWiKbUPjIxQhu08zPNFUWIJ6iDdS4kMNeFEvOLmOBA77yax_oEDmto6qfB180RK-InlKTevbGamg&cry=1&dbm_d=AKAmf-BvvotvQFbdDkmrfYZ1hQw05kX2IzWyaHzIZqKGsK7HRf7wp9Ysg_fh0h-UmdfbJMQ6K5BuDphlnENcUWIVsGrFG6sFIs50zI1y9U7cFJIXmwGpLFxqizEs04NjZu6QH9ERKpVw3LETzRVMOXdAgGVZPu8x4aFXBOIN1ei1XLbXkys8qoKItdXoNDIZFOHFSqYMTeoCcYTknI5VsQ340rGtCFsbemVhogVbdngQXU9JMSqM28VoQIomlljpnqWfU_eY3kfkCGAnsZy7L3Nkatj_2JoerG6Vi6fIJxct9mw1-67TfqZKIBOxYL5TgE2mV2NaHczIlkubgisI7D0ITT8ahURkjLIspYrEEoTNd1fJJqX2SWHRej8BT9HYghvHotiuN6i92CFqFkygLTueACDovHwCrb8fNXHC0vVImR5Lp13rhhWFLUUcCXnvBtgH76LV4k84gygGuJsqddSv_0koEOR72IhhSiHHzDEgoD-kvuPrRSVyze2oeurOt5Yn2hu-2g-IajwFfnfyo4hAx6Ajy8wET6q6BCfEY9MFQyTTPQ6RBd-cVmypIeFLwl3xYW_mOP0zYP5pdlGcxl3VYuT6OCsYJeA0vSGsHTN64Ra1RXysvWYeUb24XkjSpihD85goUXNzhBhy0D9Kvttsk2WKByccmJVhRN1Vcr1lyjHA8-I5xmVRyrXQ0gPDbK_JCHBAAsFZmzdfLgrmaKLiqdLdT4jSLX1REy56Iw8KZC1pfEyF2FGU5Qe-nbBMU-9R4OHERvhK2YcbG6KaqeqguAVid430WOTsvzRRX3uZH9I2_PbumjXDgike3uqko79QeVaWH0pyA0FaldzMZHzIBSidFGEWBnmMOS0CU1kXIAHbnt3l9-ed45ngthfO3uRjbwCsSJ6WAIPQC8GcCcH_DA36sMKZpjffk7XPV93Seg6gWq0cyyYwNd4xSDaFEDCqrKMbfQlN5awBwaiJVFzk1d4BweCQlWvik7DcdfBI3YD5v8lXME6Wq8K2qRUyHx9ZS_aJ0uTba72YdrIcFENhkIG20d5e34efo06IGZNRZj_sNdmgjkfqmwBFv1ZlSAqfQbdtERQyQe9OBVxWjZQSIXNPUK9RgvsS-S_FCCqMPi6jyc7pgnFLPIBCJePG2-K-rnf2C25U6F1MzFwfI43SexqoWEQobRilaAxx-vAxPVk_xrqdkbWEIiu1DiAEPUEBGxW08UOnmyKUAQRf1FtALAApR5NKwlVk1tlundHMhlDm6hSkD6sqF4cFTL9nOT2YcRnd2tgHYtxBksMo8iOLObG-U41ayNpQXuFelZUZnpuROQ0v1muPkPOlhGiWMAiU_2oQicXHWCY8DEHXKc9KUDnGSyob3TQ39IdR_nGD4EdrXManfkCaRRfpCFUtQrZ_jMiGnmMnNYOc8vdSrHuELFSc0qS-IbjGOaa-o_K1r3psqQX_hb9LUkZFXtt2qaoP7j1Eh5-31YbY6sZ_3j1YpkcOwNOZfbTgK2ZaM7MNHftymmtKr8ydTmq7Ua2MUG_mCKSP502NC9JT5X_ZrGC_dNUd-JvRYsaj4UNZOzYD2SwL73vfKfewjbrIQjcdvUzl0FeQL1MhEKV9nsUAjI1lvLpQw_ly6d27s3XGoIG8BzAx_zRJkbik0SUIe_PmK7t4_6AMXxzJxtOhZk_x-KZ7KoWUYrfP36xQPZkfudYldKYFR8Rk-y7x0gWWlxOWE7OJjFdQL43vUapAucyvnju6cNpObEMV6Qw_OkuNYPMX7OYO8MqDL5O-X1rr4NozYPhr-4-YGwGxyfGos7XgLUl10mD5_A_9ApNlNKQTk_Q56lhTgyQxXVZe0DgTFn_wOxgar9krBoBhGWgPaHNmMWDpbdYW96zFdurEHYe-0gCgkpzNu_qSMPzXA0x2SsqysVwkBIkMW4bzt4uE2UBL2ADxuOefVmXnprrmAl8fPG12qH2yXk6kfE0H3CYmH_NVmPyisSLKK2cZh3iZ0URFuDtnhxHmeI3aGDTVSdXmAf7PIKRqa94-mM2YzNhHphatnuvFVqEg7-iznfGePeefh4RbfbSm_LvtCaYzPrw6HNQWM47icgzoVpJndnDuwpE589FCOvuXvlp371XT1a9rbjJj3t4bFC3QPZav3n3OlynbuNCuM2vbBzpZoFqwRC76rB84aXLVL92_Y7X4HIK1x9Ai_HMrQkszJ-pgFSzKiHPGXnO_JO8M_SDqNGegOW9kn1ageyY0s46yushqPksvPzP1i1f0ydT6nM-_dsmeE1qKuGiMkkq-OwDd1xjGhiwvi0OjzYpgKdKcVKczuqhu_Zw8ascKvv_QRNsI9bjUpVDUwJE-aSAE7cPRDjaVgDu22B2RGbSw3EX4D6Tjc-e7XFWg14MZqiyXucRho7G5_PgX7l0TSI8By0C6PnmMkRnBSQP2AOshcQMtC3DT38F1sG-brf0__Vv0iU7WfCk0_Amc6Mi1jD1jteC5NIW09F6o7BarYHUuXXqVtNEqUJL_rv3i4d8Z-ajnv2zD2x_JHlEQVjY2fB1-OIyC9EwXkXfF4_nRYNQTGVM5Vqtb9HlrOs5Ff8aLCnVvp864LneunpgjiHE4JYukXHQexTip11yuz_LMwpvesNik5Myvrph6RBBX1oFJ4f5zy1PqlW8hVKJJWGWqHSum5GuL3vMZPmaezqsgwtwX4dW-INqvxfAXq8_4MLw5CArrWUPyvF-6l-PdXj5LR6KstPfcWxBQGg2sGuLaqCDQil5g1axFO88BWqTBmvVgk_VcyTKch8H6yHV8ILaw8Nd1CRkgkES-6ZIZ6tMxTTpKqLvL77hw5-QKhYNtiLj8ogVWngjMOguFNzHtB5imRHEvjx5vRPgs5d5Q1uZrTvcDrFvynnFhPiSJj8GUUYhiLhPVvEkcc3VcTfQtGS029_wJNV8fcwPwt6GHgUdcIhClqeH6NPNoa3YR8Z2HkhzUxcOa1_qt6N-Y28L7scdSXxl3PHbj8jYnhtFlGV5eNuJSv5dbjh71-hyvhprv0Ms-ONFuEjF7XzKkO3zsZxye8FQSvTxtpnpv_Y54wLwEmLVtF1rBvCY2ZfMZftnpSU1Ix1CVz9L6ZED2fz7_Qw5jsv3Pml2PS5EeECRu-SIPV0kUPWKo09_iPEl6ilcnvvcxTYhPap2Er_GdccMwpM9wM5gUlZU&cid=CAASEuRoJuOkW2UzqJKJI1jE7bgppQ&rfl=2%2Chttp%253A%252F%252Fwww2.kusports.com%242%2Chttp%253A%252F%252Fwww2.kusports.com%252F%240

Requested by

Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

3db2e3e0ea440fdcfcf411886f7727edd7bad9fc08af01e17d1dd175120cf008

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://24bac2d42da8d01b8705ae2442e3d932.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:09:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12834
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7D13 42 B
63 B 40ms
39ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DWalzl23JRi2Fi5at3fXs8XIyO8kCZUDp47NYTozr1gcGGDEuJzQ4u7WhYz0GGzKOvtH-XMq8cRq7PGfX2GoXgazeGmXHuJQ0CrFoDPRx3CoZ54ms

Requested by

Host: 24bac2d42da8d01b8705ae2442e3d932.safeframe.googlesyndication.com
URL: https://24bac2d42da8d01b8705ae2442e3d932.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://24bac2d42da8d01b8705ae2442e3d932.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:09:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame 7D13 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/window_focus_fy2019.js

Requested by

Host: 24bac2d42da8d01b8705ae2442e3d932.safeframe.googlesyndication.com
URL: https://24bac2d42da8d01b8705ae2442e3d932.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://24bac2d42da8d01b8705ae2442e3d932.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:08:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 115
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Sep 2021 07:08:03 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7D13 124 KB
37 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 24bac2d42da8d01b8705ae2442e3d932.safeframe.googlesyndication.com
URL: https://24bac2d42da8d01b8705ae2442e3d932.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be8e3fb00d98e93afe954eb362d24a5d80537eb55c896bba9734e5771b6b34b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://24bac2d42da8d01b8705ae2442e3d932.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:09:58 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629458990649126"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38246
x-xss-protection: 0
expires: Sat, 21 Aug 2021 07:09:58 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame 7D13 14 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 24bac2d42da8d01b8705ae2442e3d932.safeframe.googlesyndication.com
URL: https://24bac2d42da8d01b8705ae2442e3d932.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://24bac2d42da8d01b8705ae2442e3d932.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 165
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6205
x-xss-protection: 0
server: cafe
etag: 3431872159862141604
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Sep 2021 07:07:13 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 7D13 0
0 14ms
13ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSTrHdhBvwYyoiGhN5qlROI1v1_-1n2AXKPbJESlbADi6Y5-J4GNQ2nTDavrwR-w862N81_a8-U3XyKHKX4dNCBP3R-nQ
Requested by: Host: 24bac2d42da8d01b8705ae2442e3d932.safeframe.googlesyndication.com
URL: https://24bac2d42da8d01b8705ae2442e3d932.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://24bac2d42da8d01b8705ae2442e3d932.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 7AEB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKrBlk0ICs92BUtwyeeTuE8&google_cver=1

43 B
180 B

27ms
26ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKrBlk0ICs92BUtwyeeTuE8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYw6SRLzAB&v=APEucNVIZea9JWm2L2eCu8DdrIqeVGdn0_XfSu6gWI2v2r4Sr5mmVifau9NLJfwFLRKovlAsuUwq9y-6K4bL61-d3HeFUVn62JYy2ISPieiwIV-BPkNFqUyNWSmZ_BrfsLYOIXLg33bvx_jS4jhPGYkDdU69ui9CBCxCPgI1B__lH63ncA4mP7nURJs3SsiHONojnLKy-BfCm1R3_jBVniEMbmrXoylPqQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:09:58 GMT
via: 1.1 google
server: OXGW/16.214.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:09:58 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKrBlk0ICs92BUtwyeeTuE8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 7AEB
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODRkNGJiMDMtYWY4ZS0yYjIxLWU4MGEtMjQzMjQ2MTc2NjUz

170 B
188 B

34ms
34ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODRkNGJiMDMtYWY4ZS0yYjIxLWU4MGEtMjQzMjQ2MTc2NjUz

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYw6SRLzAB&v=APEucNVIZea9JWm2L2eCu8DdrIqeVGdn0_XfSu6gWI2v2r4Sr5mmVifau9NLJfwFLRKovlAsuUwq9y-6K4bL61-d3HeFUVn62JYy2ISPieiwIV-BPkNFqUyNWSmZ_BrfsLYOIXLg33bvx_jS4jhPGYkDdU69ui9CBCxCPgI1B__lH63ncA4mP7nURJs3SsiHONojnLKy-BfCm1R3_jBVniEMbmrXoylPqQ

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:09:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 21 Aug 2021 07:09:58 GMT
content-encoding: gzip
server: OXGW/16.214.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODRkNGJiMDMtYWY4ZS0yYjIxLWU4MGEtMjQzMjQ2MTc2NjUz
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2

200

um
sync.teads.tv/ Frame 7AEB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEOeXn2rKyZsVAkFWUDS5qQ8&google_cver=1

23 B
172 B

57ms
57ms

Image
image/gif

104.90.104.248
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEOeXn2rKyZsVAkFWUDS5qQ8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYw6SRLzAB&v=APEucNVIZea9JWm2L2eCu8DdrIqeVGdn0_XfSu6gWI2v2r4Sr5mmVifau9NLJfwFLRKovlAsuUwq9y-6K4bL61-d3HeFUVn62JYy2ISPieiwIV-BPkNFqUyNWSmZ_BrfsLYOIXLg33bvx_jS4jhPGYkDdU69ui9CBCxCPgI1B__lH63ncA4mP7nURJs3SsiHONojnLKy-BfCm1R3_jBVniEMbmrXoylPqQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.104.248 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-104-248.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.3 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:09:58 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 21 Aug 2021 07:09:58 GMT
server: akka-http/10.2.3
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:09:58 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEOeXn2rKyZsVAkFWUDS5qQ8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 7AEB 23 B
172 B 142ms
59ms Image
image/gif 104.90.104.248
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYw6SRLzAB&v=APEucNVIZea9JWm2L2eCu8DdrIqeVGdn0_XfSu6gWI2v2r4Sr5mmVifau9NLJfwFLRKovlAsuUwq9y-6K4bL61-d3HeFUVn62JYy2ISPieiwIV-BPkNFqUyNWSmZ_BrfsLYOIXLg33bvx_jS4jhPGYkDdU69ui9CBCxCPgI1B__lH63ncA4mP7nURJs3SsiHONojnLKy-BfCm1R3_jBVniEMbmrXoylPqQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.104.248 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-104-248.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.3 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:09:58 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 21 Aug 2021 07:09:58 GMT
server: akka-http/10.2.3
content-length: 23
content-type: image/gif

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 6AF6 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www2.kusports.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www2.kusports.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Fri, 20 Aug 2021 18:33:19 GMT
expires: Sat, 20 Aug 2022 18:33:19 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 45399
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8B5F 783 B
537 B 16ms
16ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

10c7052706fee828ed043c3d3fe5747abeafb811f863227f5306afecf55b7e9f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-L/bAak/LCOw5QN6qVVG78Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www2.kusports.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www2.kusports.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 21 Aug 2021 07:09:58 GMT
date: Sat, 21 Aug 2021 07:09:58 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-L/bAak/LCOw5QN6qVVG78Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 515
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 8481 22 KB
8 KB 6ms
5ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Fri, 20 Aug 2021 11:09:34 GMT
expires: Sat, 20 Aug 2022 11:09:34 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 72024
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame F36A 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www2.kusports.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081801.js?31062329

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 21 Aug 2021 07:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame F36A 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www2.kusports.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081801.js?31062329

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 21 Aug 2021 07:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame F36A 16 KB
8 KB 265ms
265ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=141830360301717&correlator=3345863005015392&output=ldjh&impl=fif&eid=31062329%2C31062336%2C31062338%2C20211866%2C31062297&vrg=2021081801&ptt=17&sc=0&sfv=1-0-38&ecs=20210821&iu_parts=8095840%2C.2_7335.4_kusports.com_tier1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&eri=2&cookie=ID%3D44f40e1468d129c5-22737a86a8c800e5%3AT%3D1629529796%3AS%3DALNI_MabbzvID8vuJJOSr11bCiiC-eF3Xw&cdm=www2.kusports.com&bc=23&abxe=1&lmt=1629529798&dt=1629529798799&dlt=1629529798511&idt=265&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=3&adxs=310&adys=1061&adks=2741832870&ucis=1lyba4qk9tmp&ifi=1&ifk=2840976753&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&nhd=1&url=http%3A%2F%2Fwww2.kusports.com%2Fusers%2Fjosephinecsanford%2F&top=http%3A%2F%2Fwww2.kusports.com%2Fusers%2Fjosephinecsanford%2F&vis=1&scr_x=0&scr_y=0&psz=300x0&msz=300x0&ga_vid=913507215.1629529799&ga_sid=1629529799&ga_hid=211429652&ga_fc=false&fws=256&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081801.js?31062329

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

0a9fde07a5d576fc2edb2396849cd8f16d7d18cb5c7c7e432554bf4b5debb3e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:09:59 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7793
x-xss-protection: 0
google-lineitem-id: 4482203489
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138216200384
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www2.kusports.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
51a6ece29b16f420bcfac8ec06484ba5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3C49 6 KB
3 KB 40ms
13ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://51a6ece29b16f420bcfac8ec06484ba5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081801.js?31062329

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 51a6ece29b16f420bcfac8ec06484ba5.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www2.kusports.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www2.kusports.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sat, 21 Aug 2021 07:09:58 GMT
expires: Sun, 21 Aug 2022 07:09:58 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame F36A 0
0 58ms
57ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv5OJAUsy4DEu5-wCjcAUrA_eL9rTD4U4dTOHd8r7GCkCrWWdEPdp_W8YQ4qREhyi0AVuMtw-9F8aAF7ZmLk4dzgEJZ2-uaDihSdDDsHxFPwDg4LoZ6R0uda6XOmx2n84z3GetBnVMqqopfcfGmdl1Kg_NNxIhXmCAXlvWMH5tbcXUm9StYw4vjmSH7TxjFJzWbdLEqRg_cDGwN4MwPWREgCJX7137kDy3MEMKQZjWsVhZvTqj93D1oMtIQKeqMAL8h4f0qOEJSOlqrBbLU9Y_2ej7BUGsoIiKAorlSQ8hSpsWMjQ_TdYXD-WbeIQ&sai=AMfl-YQL6S6trSA5SEB0AJ0LqNa4_688f_YLUQAv7Bmg-2JfDTsA1Z_aNldLhX1CAOzzFGdBYIOTohIKvdOdenAXcNe7gUtoAGvEC9a4kYM6mVtvu9zUFUECI9IspHH8QeA&sig=Cg0ArKJSzNsK5BNQXXF5EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 21 Aug 2021 07:09:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 21 Aug 2021 07:09:58 GMT

GET
DATA 200
OK truncated
/ Frame F36A 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3e3a046ced82c535e241eabb055f167216023555f6e989d2d148f93fae41c585

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK dfkx1snbhmf9 Show response
hal9000.redintelligence.net/zone/ Frame 4FBA 11 KB
4 KB 456ms
41ms Script
text/html 94.130.102.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/dfkx1snbhmf9?subid=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCM7MzxqYgYbyZCJzD7_UPweyjmAu7-oSKV5_DqObRCvAuEAEgiIC_FGC5-MeA3AHIAQmpAjDVE-QdobM-qAMBqgS_AU_QYAPQJhkC-9iPkfpO0NCtpaeho88dvIGzzg5vE2fCjcAk1dn8FwFj8rv22si8R1Cf1Gje1P-Xwh2oiq68iqkg3uZ1BEOD5PuH7uDE2UYDdyDsu2Eof-9NBmRZVMkGiAQQz60SCEykLVakqnrQZ6ckGRMyFHTRu2z0jDTIuz4dad5oGnr1rFcOpkClWQqTfJR-InMe0vZQvIIDrvqtTTIPru2TK02vvHQn_5Z7hIY24tC-HYWmzOB5g0jF2S8jwASYsqCBxgHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BuoB6qbsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTYwODIxNTkxMjI0MDUwOTeACgOYCwHICwGADAGwE9rQtQrQEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRohWf2q64xqbLQpwnCo92Uaw%26sig%3DAOD64_3skvvU0FV1nQkILwVMRdQmx_vSgQ%26client%3Dca-pub-6163857992956964%26dbm_c%3DAKAmf-Duq9Ff2_qClMOSEtOF8ighv6maVSig6o3QkjVMeKHX6UI30AGdEraNKva3Pzsqab49phmo9ARDOgi4URUIDyLvEc7ARrxqE8ZysenqcWDKIabF2RbjCTsriOqGjaNa-8fKnc2QIswhvekHJhhLF8jzaPV9nw%26cry%3D1%26dbm_d%3DAKAmf-D2fmDFn7eCHsYsJfjlUTtiX_4kGt7hd-XG16z2JbrpY0rsiKNIchBsD43aDY_2tP0KAaVaix5QDn8t6QcR7SHLLzXKePaZ6-qHp1YZ8EuKjL8YaVwUX4dBeiVQHf1TcxvfYid312PFQHf4pM5bTeieQvQFIBqG86HI6QX4WUUfNojQ9zEB7HctwOQdRzOQgJNwufImG0HFahVpHKkD2DXgz0r8P_HJPIlPG5j3Yy5RfWc53NQty7V9VH-QneILygarCYmDBmbPxO_5C0dDdSp_r_XO7zbs58Gn6oZFPeFiqN84GfNKfCG8izxiX1F4k5snlxfSGpO4R1Cx9UcGnb6AwnUDn5RPa7EBMHfx9m9HtMH-8ff89Fp9-hdEzM4AxfHjB4v0YHbUVh3r7QEI__Fe2a6DI6QQ4NaOjQSaQKvtsPxFSOBIZKtIQFZngpogqBKR_9XAKyIXUuN8NTlD-EXCkrH3Ge6Mab8vTopuPUCcNpsOALA%26adurl%3D
Requested by: Host: 370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com
URL: https://370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.102.130.94.clients.your-server.de
Software: Apache /
Resource Hash: 1e891ad9fb190d8f493649b4467cced4b19b03cc9c81b67382011f7ab7122f5d

Request headers

Referer: https://370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:09:59 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3927
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 181A 0
0 60ms
60ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst75abrMWfuJCc40T8Sx3wLZlEpfjMgu3aTUMzdJSDJHPCOQ-7IagHyrp6bn2UOtbFHOLs9yuxvQcv-1TdYQM_coAQFhWP1SVD1ng0hkGY50FWLZO2yBnbMrz2R6a8nFa-MiVa-EXNwiYRDgzdQW_Gnk78yDnS-qMy3ItCi5gNou4GxbR5G87CqmpZ6WDlYy2hGWXzZx1qkjQ1VqJcVV_ADEBp_hFuGe3_TcTT8bLp8X4c4esoDwsgmpgLSaTpxY1_mnjPTtKf5uMElmRPgAlwkjslYt5XF2zltAibJpA91KMLWKj5cmbBCYEa5DXBw5juXwY1FD6J56pSOVQx3&sig=Cg0ArKJSzL1k8k6B307AEAE&urlfix=1&adurl=

Requested by

Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 21 Aug 2021 07:09:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2

200

jstag Show response
us-ads.openx.net/w/1.0/ Frame 181A
Redirect Chain

http://us-ads.openx.net/w/1.0/jstag
https://us-ads.openx.net/w/1.0/jstag

49 KB
18 KB

40ms
40ms

Script
text/javascript

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-ads.openx.net/w/1.0/jstag
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: 5764d6c4c286ff7fe2021eeee223d22d6d681e62d07d3edf8c6a446c5f04e322

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:09:58 GMT
content-encoding: gzip
server: OXGW/16.214.0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: max-age=3600
content-type: text/javascript
alt-svc: clear
content-length: 17995
expires: Sat, 21 Aug 2021 08:09:58 GMT

Redirect headers

Location: https://us-ads.openx.net/w/1.0/jstag
Date: Sat, 21 Aug 2021 07:09:58 GMT
Via: 1.1 google
Server: OXGW/16.214.0
Content-Length: 0

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 181A 124 KB
37 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be8e3fb00d98e93afe954eb362d24a5d80537eb55c896bba9734e5771b6b34b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:09:58 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629458990649126"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38246
x-xss-protection: 0
expires: Sat, 21 Aug 2021 07:09:58 GMT

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 36C9 72 KB
27 KB 98ms
98ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a2478978968eefdc87127bfe6619a9de514b2ccb89b2a95824a53e6bea1f9cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:09:58 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629458978809797"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27677
x-xss-protection: 0
expires: Sat, 21 Aug 2021 07:09:58 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 36C9 11 KB
8 KB 29ms
29ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021081701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3154e7201e9596f6ffa4eed85f6111037c7dc4b9b005a69d5a0da3fddd98b10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 21 Aug 2021 07:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8452
x-xss-protection: 0

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 9E2D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEErQqKPSpOOT6u7_k4DzRUA&google_cver=1
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEErQqKPSpOOT6u7_k4DzRUA&google_cver=1&__user_check__=1&sync_id=cbe58746-024e-11ec-ae0e-124172220206

43 B
548 B

37ms
36ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEErQqKPSpOOT6u7_k4DzRUA&google_cver=1&__user_check__=1&sync_id=cbe58746-024e-11ec-ae0e-124172220206
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYw6SRLzAB&v=APEucNULrgx9SXX3BQs-tKADfzMl7eGsB-O25sgchjr3qeX1IGDfcZ-CrRkeZHYRzGWvxaOymtNG0CDkES99i6XtsAeQj1X9PV9htDEfAhEaeReCZZMeqxZvDX4u4gQY7AGlSKjilEX29Dk6YvBHiofeW5HGIY9fAsvY7lnm28UaUw4U94QVsVd-Fjuc4nFKzNfaPunqjjU3f-tyKrvjyfyjCd0t5MJGRg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:10:00 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 33
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Sat, 21 Aug 2021 07:09:59 GMT
Server: nginx
Location: /partner?adv_id=7025&uid=CAESEErQqKPSpOOT6u7_k4DzRUA&google_cver=1&__user_check__=1&sync_id=cbe58746-024e-11ec-ae0e-124172220206
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 70
Connection: keep-alive
Content-Length: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 9E2D
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=Y2JlMzYwYjUtMDI0ZS0xMWVjLWE0ODAtMTNhZTE3ZGMwNDA2

170 B
188 B

55ms
55ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=Y2JlMzYwYjUtMDI0ZS0xMWVjLWE0ODAtMTNhZTE3ZGMwNDA2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYw6SRLzAB&v=APEucNULrgx9SXX3BQs-tKADfzMl7eGsB-O25sgchjr3qeX1IGDfcZ-CrRkeZHYRzGWvxaOymtNG0CDkES99i6XtsAeQj1X9PV9htDEfAhEaeReCZZMeqxZvDX4u4gQY7AGlSKjilEX29Dk6YvBHiofeW5HGIY9fAsvY7lnm28UaUw4U94QVsVd-Fjuc4nFKzNfaPunqjjU3f-tyKrvjyfyjCd0t5MJGRg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:09:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 21 Aug 2021 07:09:59 GMT
Server: nginx
Location: https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=Y2JlMzYwYjUtMDI0ZS0xMWVjLWE0ODAtMTNhZTE3ZGMwNDA2
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 7
Connection: keep-alive
Content-Length: 0

GET
H2 204 v1
ads.yahoo.com/cms/ Frame 9E2D 0
446 B 21ms
6ms Image
text/plain 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~b04e41039133c73fafd60e0ed8cb49a70ecfb061&nwid=10000483131&sigv=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:09:58 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

GET
H3-29 200 ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 8481 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1121d7f8fb131bce05cbaf9b75a1272f9fbed57a53cd239d2fe91ece63ed9424

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 14:47:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 231759
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13272
x-xss-protection: 0
last-modified: Mon, 09 Aug 2021 14:48:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Aug 2022 14:47:19 GMT

GET
H3-29 200 LPVuzLK1TyzEP0FlVkI4C3aV71n8MLJs6dtRUJPDU8s.js Show response
pagead2.googlesyndication.com/bg/ Frame 6AF6 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/LPVuzLK1TyzEP0FlVkI4C3aV71n8MLJs6dtRUJPDU8s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2cf56eccb2b54f2cc43f41655642380b7695ef59fc30b26ce9db515093c353cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 18:34:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45339
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13273
x-xss-protection: 0
last-modified: Mon, 09 Aug 2021 14:48:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 Aug 2022 18:34:19 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 36C9 17 KB
6 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Sat, 21 Aug 2021 07:09:58 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210812/r20110914/ Frame 7D13 24 KB
9 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210812/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C_T-JRYIy6be0ymHzahC3LSCa9G0ST_e-tWOMRz0ztlTkBWaUQ0OGnKNbi9vWFG9RCUg04MtynqgAsszDWiKbUPjIxQhu08zPNFUWIJ6iDdS4kMNeFEvOLmOBA77yax_oEDmto6qfB180RK-InlKTevbGamg&cry=1&dbm_d=AKAmf-BvvotvQFbdDkmrfYZ1hQw05kX2IzWyaHzIZqKGsK7HRf7wp9Ysg_fh0h-UmdfbJMQ6K5BuDphlnENcUWIVsGrFG6sFIs50zI1y9U7cFJIXmwGpLFxqizEs04NjZu6QH9ERKpVw3LETzRVMOXdAgGVZPu8x4aFXBOIN1ei1XLbXkys8qoKItdXoNDIZFOHFSqYMTeoCcYTknI5VsQ340rGtCFsbemVhogVbdngQXU9JMSqM28VoQIomlljpnqWfU_eY3kfkCGAnsZy7L3Nkatj_2JoerG6Vi6fIJxct9mw1-67TfqZKIBOxYL5TgE2mV2NaHczIlkubgisI7D0ITT8ahURkjLIspYrEEoTNd1fJJqX2SWHRej8BT9HYghvHotiuN6i92CFqFkygLTueACDovHwCrb8fNXHC0vVImR5Lp13rhhWFLUUcCXnvBtgH76LV4k84gygGuJsqddSv_0koEOR72IhhSiHHzDEgoD-kvuPrRSVyze2oeurOt5Yn2hu-2g-IajwFfnfyo4hAx6Ajy8wET6q6BCfEY9MFQyTTPQ6RBd-cVmypIeFLwl3xYW_mOP0zYP5pdlGcxl3VYuT6OCsYJeA0vSGsHTN64Ra1RXysvWYeUb24XkjSpihD85goUXNzhBhy0D9Kvttsk2WKByccmJVhRN1Vcr1lyjHA8-I5xmVRyrXQ0gPDbK_JCHBAAsFZmzdfLgrmaKLiqdLdT4jSLX1REy56Iw8KZC1pfEyF2FGU5Qe-nbBMU-9R4OHERvhK2YcbG6KaqeqguAVid430WOTsvzRRX3uZH9I2_PbumjXDgike3uqko79QeVaWH0pyA0FaldzMZHzIBSidFGEWBnmMOS0CU1kXIAHbnt3l9-ed45ngthfO3uRjbwCsSJ6WAIPQC8GcCcH_DA36sMKZpjffk7XPV93Seg6gWq0cyyYwNd4xSDaFEDCqrKMbfQlN5awBwaiJVFzk1d4BweCQlWvik7DcdfBI3YD5v8lXME6Wq8K2qRUyHx9ZS_aJ0uTba72YdrIcFENhkIG20d5e34efo06IGZNRZj_sNdmgjkfqmwBFv1ZlSAqfQbdtERQyQe9OBVxWjZQSIXNPUK9RgvsS-S_FCCqMPi6jyc7pgnFLPIBCJePG2-K-rnf2C25U6F1MzFwfI43SexqoWEQobRilaAxx-vAxPVk_xrqdkbWEIiu1DiAEPUEBGxW08UOnmyKUAQRf1FtALAApR5NKwlVk1tlundHMhlDm6hSkD6sqF4cFTL9nOT2YcRnd2tgHYtxBksMo8iOLObG-U41ayNpQXuFelZUZnpuROQ0v1muPkPOlhGiWMAiU_2oQicXHWCY8DEHXKc9KUDnGSyob3TQ39IdR_nGD4EdrXManfkCaRRfpCFUtQrZ_jMiGnmMnNYOc8vdSrHuELFSc0qS-IbjGOaa-o_K1r3psqQX_hb9LUkZFXtt2qaoP7j1Eh5-31YbY6sZ_3j1YpkcOwNOZfbTgK2ZaM7MNHftymmtKr8ydTmq7Ua2MUG_mCKSP502NC9JT5X_ZrGC_dNUd-JvRYsaj4UNZOzYD2SwL73vfKfewjbrIQjcdvUzl0FeQL1MhEKV9nsUAjI1lvLpQw_ly6d27s3XGoIG8BzAx_zRJkbik0SUIe_PmK7t4_6AMXxzJxtOhZk_x-KZ7KoWUYrfP36xQPZkfudYldKYFR8Rk-y7x0gWWlxOWE7OJjFdQL43vUapAucyvnju6cNpObEMV6Qw_OkuNYPMX7OYO8MqDL5O-X1rr4NozYPhr-4-YGwGxyfGos7XgLUl10mD5_A_9ApNlNKQTk_Q56lhTgyQxXVZe0DgTFn_wOxgar9krBoBhGWgPaHNmMWDpbdYW96zFdurEHYe-0gCgkpzNu_qSMPzXA0x2SsqysVwkBIkMW4bzt4uE2UBL2ADxuOefVmXnprrmAl8fPG12qH2yXk6kfE0H3CYmH_NVmPyisSLKK2cZh3iZ0URFuDtnhxHmeI3aGDTVSdXmAf7PIKRqa94-mM2YzNhHphatnuvFVqEg7-iznfGePeefh4RbfbSm_LvtCaYzPrw6HNQWM47icgzoVpJndnDuwpE589FCOvuXvlp371XT1a9rbjJj3t4bFC3QPZav3n3OlynbuNCuM2vbBzpZoFqwRC76rB84aXLVL92_Y7X4HIK1x9Ai_HMrQkszJ-pgFSzKiHPGXnO_JO8M_SDqNGegOW9kn1ageyY0s46yushqPksvPzP1i1f0ydT6nM-_dsmeE1qKuGiMkkq-OwDd1xjGhiwvi0OjzYpgKdKcVKczuqhu_Zw8ascKvv_QRNsI9bjUpVDUwJE-aSAE7cPRDjaVgDu22B2RGbSw3EX4D6Tjc-e7XFWg14MZqiyXucRho7G5_PgX7l0TSI8By0C6PnmMkRnBSQP2AOshcQMtC3DT38F1sG-brf0__Vv0iU7WfCk0_Amc6Mi1jD1jteC5NIW09F6o7BarYHUuXXqVtNEqUJL_rv3i4d8Z-ajnv2zD2x_JHlEQVjY2fB1-OIyC9EwXkXfF4_nRYNQTGVM5Vqtb9HlrOs5Ff8aLCnVvp864LneunpgjiHE4JYukXHQexTip11yuz_LMwpvesNik5Myvrph6RBBX1oFJ4f5zy1PqlW8hVKJJWGWqHSum5GuL3vMZPmaezqsgwtwX4dW-INqvxfAXq8_4MLw5CArrWUPyvF-6l-PdXj5LR6KstPfcWxBQGg2sGuLaqCDQil5g1axFO88BWqTBmvVgk_VcyTKch8H6yHV8ILaw8Nd1CRkgkES-6ZIZ6tMxTTpKqLvL77hw5-QKhYNtiLj8ogVWngjMOguFNzHtB5imRHEvjx5vRPgs5d5Q1uZrTvcDrFvynnFhPiSJj8GUUYhiLhPVvEkcc3VcTfQtGS029_wJNV8fcwPwt6GHgUdcIhClqeH6NPNoa3YR8Z2HkhzUxcOa1_qt6N-Y28L7scdSXxl3PHbj8jYnhtFlGV5eNuJSv5dbjh71-hyvhprv0Ms-ONFuEjF7XzKkO3zsZxye8FQSvTxtpnpv_Y54wLwEmLVtF1rBvCY2ZfMZftnpSU1Ix1CVz9L6ZED2fz7_Qw5jsv3Pml2PS5EeECRu-SIPV0kUPWKo09_iPEl6ilcnvvcxTYhPap2Er_GdccMwpM9wM5gUlZU&cid=CAASEuRoJuOkW2UzqJKJI1jE7bgppQ&rfl=2%2Chttp%253A%252F%252Fwww2.kusports.com%242%2Chttp%253A%252F%252Fwww2.kusports.com%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

63ed4c66bf3ba06512f7028be62a4bd53295e1ba68a919a7591f5fd392e72b90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://24bac2d42da8d01b8705ae2442e3d932.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:02:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 458
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9341
x-xss-protection: 0
server: cafe
etag: 177112232901409761
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Sep 2021 07:02:20 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 7D13 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://24bac2d42da8d01b8705ae2442e3d932.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 11:09:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72024
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Aug 2022 11:09:34 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 85AC 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www2.kusports.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www2.kusports.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Fri, 20 Aug 2021 18:33:19 GMT
expires: Sat, 20 Aug 2022 18:33:19 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 45400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1273 783 B
531 B 17ms
17ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

48cccb1cf28ff216e07c484533501c791e75d445a78c51765cab70a7d33b90a0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-oCDPdLR0zN+WqPdP/Oxu0w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www2.kusports.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www2.kusports.com/

Response headers

expires: Sat, 21 Aug 2021 07:09:59 GMT
date: Sat, 21 Aug 2021 07:09:59 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-oCDPdLR0zN+WqPdP/Oxu0w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 acj Show response
us-ads.openx.net/w/1.0/ Frame 58F7 349 B
453 B 56ms
55ms Script
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-ads.openx.net/w/1.0/acj?o=8429855430&callback=OX_8429855430&ju=http%3A//www2.kusports.com/users/josephinecsanford/&jr=&auid=537971110&dims=&adxy=&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-120&ws=300x250&ifr=1&tws=1600x1200&mt=1
Requested by: Host: us-ads.openx.net
URL: http://us-ads.openx.net/w/1.0/jstag
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: 6f0ef85989f0672278187889280276665f43bfb9bec28acfca3b329f1389720d

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:09:59 GMT
content-encoding: gzip
server: OXGW/16.214.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: application/json
alt-svc: clear
content-length: 247
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 58F7 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7d2ea8ff2fce035832a62aa177972c5476ea584bb5d862944466aabfc8f4a62

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ;ID=171437;size=300x250;setID=319770;type=async;domid=placement_319770_0;place=0;pid=5504539;sw=1600;sh=1200;spr=1;rnd=5504539;referrer=http%3A%2F%2Fwww2.kusports.com%2F;click=CLICK_MACRO_PLACEHOLDER Show response
servedbyadbutler.com/adserve/ Frame 709A 145 B
400 B 35ms
35ms Script
text/html 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://servedbyadbutler.com/adserve/;ID=171437;size=300x250;setID=319770;type=async;domid=placement_319770_0;place=0;pid=5504539;sw=1600;sh=1200;spr=1;rnd=5504539;referrer=http%3A%2F%2Fwww2.kusports.com%2F;click=CLICK_MACRO_PLACEHOLDER
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: d1aec0f91475a9d3eefd64516c068aff487a6790a76ff4b8ac14a52e7a367ceb

Request headers

Referer: https://4b06f1ec4271cca4fc333408d857ee6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:09:59 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
access-control-allow-origin: *
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
content-type: text/html;charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame DCE1 0
0 137ms
137ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvDGU7qlaXWILMEoCC2SznRHZYkdJfQlP9iCdz6tDhCnGL55QdSLOSDxyYzBHfRb4YhqUFeUYxWqHT5p4QHpxRF4jLru01JAxh09u1h_Ui-bJns7rJ4Dn-HDeBQoYq2PGO0xUYS-BAPasVxTzbFnxAE0PqmB22r9LoFuCIE6sI8-f1EyC7SHGM-TILtDEZwne1L-02ZDgmL1-YwJEKK5PMraS9WXbmCb9LbM_zAS2LFb00gmjUJOVHb9goMdmeA1TOdPmlY51-jZ6ytAgSv7AYfmi_tRn4h4IGAukdP688KcKzmUiE87QhRDreSvHWWVwzaOXESbEwCtTLwGv5t&sig=Cg0ArKJSzD6kVZkDGF9ZEAE&urlfix=1&adurl=

Requested by

Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 21 Aug 2021 07:09:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET pq
media.adfrontiers.com/ Frame DCE1 0
0

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DCE1 124 KB
37 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081801.js?31062329

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be8e3fb00d98e93afe954eb362d24a5d80537eb55c896bba9734e5771b6b34b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:09:59 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629458990649126"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38246
x-xss-protection: 0
expires: Sat, 21 Aug 2021 07:09:59 GMT

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame F36A 72 KB
27 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081801.js?31062329

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a2478978968eefdc87127bfe6619a9de514b2ccb89b2a95824a53e6bea1f9cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:09:59 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629458978809797"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27677
x-xss-protection: 0
expires: Sat, 21 Aug 2021 07:09:59 GMT

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 3EBB 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://24bac2d42da8d01b8705ae2442e3d932.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://24bac2d42da8d01b8705ae2442e3d932.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Fri, 20 Aug 2021 11:09:34 GMT
expires: Sat, 20 Aug 2022 11:09:34 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 72025
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK dfkx1snbhmf9 Show response
hal9000.redintelligence.net/zone/ Frame 7D13 11 KB
4 KB 1653ms
310ms Script
text/html 94.130.102.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/dfkx1snbhmf9?subid=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC2lMlxqYgYZGtBIHT3gPbiorYBrv6hIpXn8Oo5tEK8C4QASCIgL8UYLn4x4DcAcgBCakCMNUT5B2hsz6oAwGqBL8BT9B25rzIGjerHEbdFchU2nm-XyWpJByV5X8YYf_bHEWAaJMcLCkEs1oEzv6UB-wld1jGT_9en0p41h-4Drzhl2t7pd43qFW7U9fqF8995Wvh4mTxJbelKRa5p2jgBvRZ9xHt73RAwnnIb4nkqlnHjk5Z7vbe95EtSuZY0Hx6UYljFUuLLW0BltcTpHTIScz4G6H-orheGgAYkJy55q4dAZl53obZqMml12PbQSzlYywgTYjZS0LWGdq_ni7IMgfABJiyoIHGAeAEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG6gHqpuxAtgHANIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNjA4MjE1OTEyMjQwNTA5N4AKA5gLAcgLAYAMAbAT2tC1CtATANgTA4gUAdgUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoJuOkW2UzqJKJI1jE7bgppQ%26sig%3DAOD64_1Lr_QyCNRB8TjwloGQaHAy9-7klA%26client%3Dca-pub-6163857992956964%26dbm_c%3DAKAmf-DQ6D7I4SDwUYkrQPNpG7-04sse_yD6Ph-QguTR4Ne0HKgpn_vwRfDIdPkFVgVfXd11_UN1gghqUzp2eU-alVnqxHrp7Iujvqjm4A3TUlKFHAgDEkz-iXRe34_9Xa1w5qBkF00JZzF2y7_KX-dlEFaGrIbuBw%26cry%3D1%26dbm_d%3DAKAmf-CBwTkLNhwvohDC9AkXwyFcP4D0eKf1x5T09k7Ef5cUxrs2e1Mx0kX32xOzP-88eQeKfCtVxoYW1-aQboopWtAfGWBRt90FW3WSiN75wu4klQKp0BUEKbBcVja-DhWFMB7x5qsDWgOJsOvEvrFcKLsHw-ls2Aa4LDJpuxUVRvUjdUOzKQbXDN0Bivu20370v66dC_uiiZMt6JLvKySK1RSa6YFSgk-a34HlQHfE6K9EUm2ea8ZO9IA7i9VFGYbiprTW4-9M5x0r8BLbyPs0I3usHQzEe-hQiz50XgMzc-SuHOCTd3ARsSI138IWu2vXp1j3k3uJFTXdi8KZFDOgAI-B3wZikA4I6MpPUspsRM5u0QlC5spTRbmCD-WB9euhS5dKfKobzObCRCESkanI7r4I7Kp3aNezWw_t4NJ7jDWOIdNyPH8EjxZwiRm9ufi2x38ooL_lLmfZmhuHobSk8FTEN0cTTbWi2Iigo9j8jv0yii8HxmQ%26adurl%3D
Requested by: Host: 24bac2d42da8d01b8705ae2442e3d932.safeframe.googlesyndication.com
URL: https://24bac2d42da8d01b8705ae2442e3d932.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.102.130.94.clients.your-server.de
Software: Apache /
Resource Hash: df8ec000a7d7d3477574eae45ba67bccca2db06390ae5a5dabc026d43e891248

Request headers

Referer: https://24bac2d42da8d01b8705ae2442e3d932.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:10:00 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3921
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H2 200 acj Show response
us-ads.openx.net/w/1.0/ Frame 181A 349 B
437 B 46ms
46ms Script
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-ads.openx.net/w/1.0/acj?o=2105775945&callback=OX_2105775945&ju=http%3A//www2.kusports.com/users/josephinecsanford/&jr=&auid=537971111&dims=&adxy=&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-120&ws=300x250&ifr=1&tws=1600x1200&mt=1
Requested by: Host: us-ads.openx.net
URL: http://us-ads.openx.net/w/1.0/jstag
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: ecd32eb71a5485583bf1ae1486b871f48bcddbe47c7fd898681a71f215d766f3

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:09:59 GMT
content-encoding: gzip
server: OXGW/16.214.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: application/json
alt-svc: clear
content-length: 247
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 181A 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ccef46226379c740762a246657a0771b1899a5e970dba9c8846581c0ad531be

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C685 42 B
64 B 27ms
27ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsthopmISzL0XfZIn0cPnYLLIGC-3wBU7JrcM5rNr6B7mY3RQHw2dVhjCIjieTo3cxE4w769-f_HqKrsEjKt9pOccn3YJEv9c9MyyTXkdlxLfsQallab&sig=Cg0ArKJSzOPkDv5p8cphEAE&id=lidar2&mcvt=1084&p=90,436,180,1164&mtos=1084,1084,1084,1084,1084&tos=1084,0,0,0,0&v=20210820&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=1542960327&rs=4&met=ce&la=0&cr=0&osd=1&vs=4&eosm=0&rst=1629529797369&rpt=984&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:09:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame F36A 11 KB
8 KB 20ms
19ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021081801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081801.js?31062329

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f468984b790ea1d07e142f28767f58c6bad90ea469427dfa19bf0deeac8e50fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 21 Aug 2021 07:09:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8515
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame DCE1 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e091428a3e077a75d1682f66d7249ed7dfa85829b2c5b77b2c4153d9db2e8727

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame DCE1 0
0 57ms
57ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstEbKSxLEpjZhLCBhHnv567qYMqYQ343EkfZHlwYpReQv0mmGz-oxm0pPbI6m2cVJiAC5ltCOCFbpRCeVfft2U_xvadNZRzmxXF4OSsR2ovXt2ADTImHi-klUb0WbWnIqri69eMy8PLxonGcCAk3ImtLTcyfZNAv24FkADOAi27VQeOppCKm-fpEtaOBFaekqqrebn-EpaXcJfOc5Y9uYZYrZQP2JEGKEs1rafWWXdjaJD1pHQgEFYbOaVJSnao7-QmVcvDWkHrOp7xxuiexiU9pPAy5TVDAEEfc8IGPL_UPXAPaYmE7kAGVcmAdRNhtDSb5pEt45A3NEiMP5Nfhio&sig=Cg0ArKJSzJep6mfdpwaeEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 21 Aug 2021 07:09:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 21 Aug 2021 07:09:59 GMT

GET
H/1.1

200
OK

request.php Show response
hal900014.redintelligence.net/ Frame B5D6
Redirect Chain

https://hal900014.redintelligence.net/request.php?zone=ihaaer67pw2u&nw=20&renderingType=javascript&namespace=bd37d85a6c&subid=&uid=bc9d46d4c5d77ee7&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900014.redintelligence.net/request.php?zone=ihaaer67pw2u&nw=20&renderingType=javascript&namespace=bd37d85a6c&subid=&uid=bc9d46d4c5d77ee7&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

613 B
937 B

587ms
535ms

Script
application/x-javascript

176.9.26.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900014.redintelligence.net/request.php?zone=ihaaer67pw2u&nw=20&renderingType=javascript&namespace=bd37d85a6c&subid=&uid=bc9d46d4c5d77ee7&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCuTfyxaYgYeuoIo-PrATPp57wC7v6hIpXn6bi9bcH8C4QASCIgL8UYLn4x4DcAcgBCakCMNUT5B2hsz6oAwGqBMABT9Djwx1yX2CoNwpE8vdArKMEifrKQFpLLXx0g5v6Gts4HxgLcCZY3MqQ8Nyyu1sZffQbf2tJCq0aUHk-wd5OvegmrWWZ65iTdsRqg-lDnZBuIQpM1HFCm9FgdGR17PhmN0ttGDZHTF3FUzyKnxiEKVSiR7i6hnwniri5hYzRk4Y_X9hzTEpsAu0DHyJ_3vgJ25qiHPMVJwR65dSl_ezeSd2EqDdgCe9Sc8slBHRW4JRxzbwbjcEpd3W9lXSoG2kJwASYsqCBxgHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BuoB6qbsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTYwODIxNTkxMjI0MDUwOTeACgOYCwHICwGADAGwE9rQtQrQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoA0-pKwQxVfOBmO4ShPPxiA%26sig%3DAOD64_3TOadfaYu2SdpILcXo5typ6U556g%26client%3Dca-pub-6163857992956964%26dbm_c%3DAKAmf-DDaZQl2eqoD_coQtDkF6qj9nc_9zcL53kxf8BLN9VRm5rQShilZ-gXGSSy-bVUco59N9asUyPckIJDpmDqjSyhvSgkcMfAVpEZCY2X8vnAOKahLfPUECq5HNqMcP9Mm1W8RIkDzqF_CZ9xAXoFIOABmUIJyA%26cry%3D1%26dbm_d%3DAKAmf-BqU8UHEX-c7edzjKYckcKSHK0-bQd30cnzauuDO6BPE0OfJfkgOdlMEF2_n8OlCQe8UHdcBDWJ-Y8pZMkmGl9tMT8x9HwTALn_jLuNuAII-LTY12Af2kHM0LYrIc7nwT0_MRTdHprEwMGZmPAb_OTtdm6lQNkDMJR8l5AsM6aHQnaCo6c6j2QB7DB8nL1UEMffMDYAKERQlyQHbBS_nknFPpg-DgTHWyPvoSBIWvjNY_LlE_s5GQfjn5BTPY0uXyPN_MzMFueLgsLK2pWEZgcINBC0oAb9wiKHOJxpOuhMfoKrvXm1U09lk0GqYWU-WfXwGsUlYX395ufbn-nsh3HlUGh2H93eg81320NelERoJYARzA7nHLwzlentebFhxGoLSMdpQzepLEwW5ZrAt2AQc9Zq3-_qYGbo8G8ZS_MyrUhIvGkx6yTPBRl1IV451fUnFwlh-2EcseFiOQbop52Efp6L2wuH_8TTbMog5z8l25mbKxE%26adurl%3D&documentReferer=http%3A%2F%2Fwww2.kusports.com%2F&ancestorOrigins=http%3A%2F%2Fwww2.kusports.com%2Chttp%3A%2F%2Fwww2.kusports.com&random=6275588517658&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com
URL: https://466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.26.9.176.clients.your-server.de
Software: Apache /
Resource Hash: 22d21b322e3fe150a8db9e8caf72847304e8470712d37e4626f9df51c4db52d4

Request headers

Referer: https://466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 21 Aug 2021 07:09:59 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 29579600032670500628846011693014
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 331
Expires: Sat, 21 Aug 2021 08:09:59 +0200

Redirect headers

Pragma: no-cache
Date: Sat, 21 Aug 2021 07:09:59 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=ihaaer67pw2u&nw=20&renderingType=javascript&namespace=bd37d85a6c&subid=&uid=bc9d46d4c5d77ee7&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCuTfyxaYgYeuoIo-PrATPp57wC7v6hIpXn6bi9bcH8C4QASCIgL8UYLn4x4DcAcgBCakCMNUT5B2hsz6oAwGqBMABT9Djwx1yX2CoNwpE8vdArKMEifrKQFpLLXx0g5v6Gts4HxgLcCZY3MqQ8Nyyu1sZffQbf2tJCq0aUHk-wd5OvegmrWWZ65iTdsRqg-lDnZBuIQpM1HFCm9FgdGR17PhmN0ttGDZHTF3FUzyKnxiEKVSiR7i6hnwniri5hYzRk4Y_X9hzTEpsAu0DHyJ_3vgJ25qiHPMVJwR65dSl_ezeSd2EqDdgCe9Sc8slBHRW4JRxzbwbjcEpd3W9lXSoG2kJwASYsqCBxgHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BuoB6qbsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTYwODIxNTkxMjI0MDUwOTeACgOYCwHICwGADAGwE9rQtQrQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoA0-pKwQxVfOBmO4ShPPxiA%26sig%3DAOD64_3TOadfaYu2SdpILcXo5typ6U556g%26client%3Dca-pub-6163857992956964%26dbm_c%3DAKAmf-DDaZQl2eqoD_coQtDkF6qj9nc_9zcL53kxf8BLN9VRm5rQShilZ-gXGSSy-bVUco59N9asUyPckIJDpmDqjSyhvSgkcMfAVpEZCY2X8vnAOKahLfPUECq5HNqMcP9Mm1W8RIkDzqF_CZ9xAXoFIOABmUIJyA%26cry%3D1%26dbm_d%3DAKAmf-BqU8UHEX-c7edzjKYckcKSHK0-bQd30cnzauuDO6BPE0OfJfkgOdlMEF2_n8OlCQe8UHdcBDWJ-Y8pZMkmGl9tMT8x9HwTALn_jLuNuAII-LTY12Af2kHM0LYrIc7nwT0_MRTdHprEwMGZmPAb_OTtdm6lQNkDMJR8l5AsM6aHQnaCo6c6j2QB7DB8nL1UEMffMDYAKERQlyQHbBS_nknFPpg-DgTHWyPvoSBIWvjNY_LlE_s5GQfjn5BTPY0uXyPN_MzMFueLgsLK2pWEZgcINBC0oAb9wiKHOJxpOuhMfoKrvXm1U09lk0GqYWU-WfXwGsUlYX395ufbn-nsh3HlUGh2H93eg81320NelERoJYARzA7nHLwzlentebFhxGoLSMdpQzepLEwW5ZrAt2AQc9Zq3-_qYGbo8G8ZS_MyrUhIvGkx6yTPBRl1IV451fUnFwlh-2EcseFiOQbop52Efp6L2wuH_8TTbMog5z8l25mbKxE%26adurl%3D&documentReferer=http%3A%2F%2Fwww2.kusports.com%2F&ancestorOrigins=http%3A%2F%2Fwww2.kusports.com%2Chttp%3A%2F%2Fwww2.kusports.com&random=6275588517658&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Sat, 21 Aug 2021 08:09:59 +0200

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame F36A 17 KB
6 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081801.js?31062329

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:09:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Sat, 21 Aug 2021 07:09:59 GMT

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame 494F 1006 B
862 B 28ms
27ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=94ef58655625200a8cfc5b15afcd0b94ad52d590
Requested by: Host: us-ads.openx.net
URL: http://us-ads.openx.net/w/1.0/jstag
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: e8001091ddb9fd2dc2e2b0abdff2871a848067c4d573d98a9360ee30709004ac

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=10&ph=94ef58655625200a8cfc5b15afcd0b94ad52d590
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www2.kusports.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=7b175790-cf7e-4a72-a73c-b663e8d29bce|1629529798
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www2.kusports.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=7b175790-cf7e-4a72-a73c-b663e8d29bce|1629529798; Version=1; Expires=Sun, 21-Aug-2022 07:09:59 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1629529799|mOgeginskin0vNomiygu; Version=1; Expires=Sun, 05-Sep-2021 07:09:59 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.214.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Sat, 21 Aug 2021 07:09:59 GMT
content-type: text/html
content-length: 544
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 58F7 0
0 58ms
58ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQ8IJuynxONtUf4ZNUT927ad9gMzW9TRqVS8FPqrJ4kvx_U5DdkvZ6soHb8R5hLVd-fMHrQTIiFrbAp1Bfp3JqRx-QylfAockNktvtECom_Uc-phtVv1gwd6JUsIb4zLdxjJNqV0XI0npwBD3o1XcTb_522E87SEJqIgPDq0mRVUeRLKy68Cv3TWldQKPTgC0txLX3biSMrAHzek02m0d_cvISWjju9m697Rpj8-oorl23ishIsmdYFHOm2nIDgW4RiCJuEQ5l6-aDVPC4fF-NQQqjPUot8bM9Jx2fCB8zqeb1LGjbWTK1WCmC40WzEQs0BKynMb8qX_u6_-OyP-o&sig=Cg0ArKJSzHq3pPtdbatLEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 21 Aug 2021 07:09:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 21 Aug 2021 07:09:59 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 709A 0
0 58ms
58ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvgtWnH0SwEwMnw_yglR8xKgEcyGJQJ_QD_O9IN-hKXYB8tCac1OHRg_tJB2xUHC5t83sjobBLxWQpTj2IKSRXVM-N8Ffi5UdkeHT_bRtOMiZJGNGb36M9FsIE36f4Z49fo6vRB08RScG-ij0zBtx1_PGQv6SE1LtrEoc2Ro7vYJx_EhDTPwmqU1g1PZxk2DivbRWmC1kA4h586AbhrJUq3fCGGR_RmLHnDu3_MMsiP_ZFfrXnPFbNHigpr2oPxAWuNJJeIBmuSQddmhL2qTWxqhQtRVyW4kq9yrUkcC3tOGcwa1gDx40R4wX4xIg&sai=AMfl-YR73tK_1Lk2Jp4zymZ1GsKuQIoTIkGtUI38qhuXBDxGUZRr9YjRZx0lIfTF2Ls6rNli-LM2_yYw_2Wy6JVM7voKnBmyf3wAMtxn0xTK_GPeZ1kS19roJDK3GtS4DsM&sig=Cg0ArKJSzC7_ZYWK-TxjEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4b06f1ec4271cca4fc333408d857ee6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 21 Aug 2021 07:09:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 21 Aug 2021 07:09:59 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E22C 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Blb5WxqYgYanNEJq-3gPo97DgDwAAAAA4AeAEAg&bg=!trWltfHNAAZvV8FTb1c7ACkAdvg8WqdNtd9kQ-Y9wUTRIWiULZHyQmrDEJ6Jcb38zpHdvaboRn9A9gIAAAFTUgAAAFxoAQeZAtf4HTQ4X9qpDFpLXTKV2bpvJBXWUUmAEM7stFTYqmYh1Ij4z6AeZqyLNa-JbGhZ0ixeFbeiXdgzHAnbRselaAFyYsZof3eUDdzM-3Jlbhos7ak25YihufkKLOUaSMu7-oV4Jv7ZuT2_VOj9_6CsJb_oIfD1EekqcQ3fDAP6S6SAw53RMeY8OwJAfHalSA2k50xUGK21uplSG7i-y_ng2d4UgTq1kheJFjhtZQ0_0RG9OQwsY5NeWojZOE5cAN-5tCcIILHcJgPdJU9aJ7N21vWtgb4NcbWW14DO1nSy3EsVIBMx01j9w5KdD_37paYFhR7ghKwQz0J4hc9GL0l-vkahRtzRGlVcQ2EC3Z-A98wrkz-omDp9PFWyk76PpZo1VP0SL-mm-9Q8ncD2RpzrgxMZBbk0pwSraM8LuQMtiMH1IFBjkpUfQU64hRs9rKLkvwb3cJL4g1yPKpp1gOJ0GjG3VUA6fFGOsrfTL3ZjKz6RrJ-ljAFpds6OMxwM3q4epvUPLmMAYbRREgNPv5KJ282FaKxYWcYDkOT2y4y38jOsPCTMs14bGgVmjX7UJUzD-EfNbbiLz1Wx4CMmulcVMsVXA92mmSj9ioSY068XGWZ8BPAJSawmEjG7sz9CJCBYzhoqe7tshdt9gNPcI4uZaeS0TWM5V97CzXqLmkK7eF_zMsxV5syTpcovnk_bO6cYWJLn4q8oY8FsVNlZjaj8HkN1JNcP9fG5KzRi69xh11DpTer7q-oOrQSRUuBj7ylyf0ohGxEVLFr2kURJh_xkW5iZB9NLIB7KIuz0fuWg7KPx3hmTRacdfit52TGqJp5bE6anogdFplYfYYwXynYQ7-T2iGtkCNcHRQ7pZSahOGyrlNdyswoOUIQh245T9tpGWzHMXnzkL3MPc_E5A2mBTxm4SIYy7TW8kTRy_a1b8u2U2V4lHkP5yEhVSv8doDhNO1BQ2VfS4ix1

Requested by

Host: 466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com
URL: https://466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:09:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
includemodal.com/service/imp/88b48cd9-e40a-4c18-8297-ecf618708ada/ Frame 23FA 42 B
132 B 115ms
115ms Image
image/gif 3.20.200.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://includemodal.com/service/imp/88b48cd9-e40a-4c18-8297-ecf618708ada/?rand=798719&referer=http://www2.kusports.com/users/josephinecsanford/
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.20.200.22 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-20-200-22.us-east-2.compute.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:09:59 GMT
server: nginx/1.10.3 (Ubuntu)
content-length: 42
content-type: image/gif

GET
BLOB 200
OK 51132844-4a2d-4039-8172-16811fe9d269
http://www2.kusports.com/ Frame 23FA 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://www2.kusports.com/51132844-4a2d-4039-8172-16811fe9d269
Requested by: Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b985b833fe5443b89d4f969d7c3ce1111521d270a4776019c4098b9a3b6d516

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 1576
Content-Type: application/javascript

GET
H/1.1

200
OK

request.php Show response
hal90002.redintelligence.net/ Frame 4FBA
Redirect Chain

https://hal90002.redintelligence.net/request.php?zone=dfkx1snbhmf9&nw=20&renderingType=javascript&namespace=6e06e48382&subid=&uid=fb409a6483662485&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90002.redintelligence.net/request.php?zone=dfkx1snbhmf9&nw=20&renderingType=javascript&namespace=6e06e48382&subid=&uid=fb409a6483662485&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

610 B
935 B

2282ms
340ms

Script
application/x-javascript

46.4.10.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90002.redintelligence.net/request.php?zone=dfkx1snbhmf9&nw=20&renderingType=javascript&namespace=6e06e48382&subid=&uid=fb409a6483662485&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCM7MzxqYgYbyZCJzD7_UPweyjmAu7-oSKV5_DqObRCvAuEAEgiIC_FGC5-MeA3AHIAQmpAjDVE-QdobM-qAMBqgS_AU_QYAPQJhkC-9iPkfpO0NCtpaeho88dvIGzzg5vE2fCjcAk1dn8FwFj8rv22si8R1Cf1Gje1P-Xwh2oiq68iqkg3uZ1BEOD5PuH7uDE2UYDdyDsu2Eof-9NBmRZVMkGiAQQz60SCEykLVakqnrQZ6ckGRMyFHTRu2z0jDTIuz4dad5oGnr1rFcOpkClWQqTfJR-InMe0vZQvIIDrvqtTTIPru2TK02vvHQn_5Z7hIY24tC-HYWmzOB5g0jF2S8jwASYsqCBxgHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BuoB6qbsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTYwODIxNTkxMjI0MDUwOTeACgOYCwHICwGADAGwE9rQtQrQEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRohWf2q64xqbLQpwnCo92Uaw%26sig%3DAOD64_3skvvU0FV1nQkILwVMRdQmx_vSgQ%26client%3Dca-pub-6163857992956964%26dbm_c%3DAKAmf-Duq9Ff2_qClMOSEtOF8ighv6maVSig6o3QkjVMeKHX6UI30AGdEraNKva3Pzsqab49phmo9ARDOgi4URUIDyLvEc7ARrxqE8ZysenqcWDKIabF2RbjCTsriOqGjaNa-8fKnc2QIswhvekHJhhLF8jzaPV9nw%26cry%3D1%26dbm_d%3DAKAmf-D2fmDFn7eCHsYsJfjlUTtiX_4kGt7hd-XG16z2JbrpY0rsiKNIchBsD43aDY_2tP0KAaVaix5QDn8t6QcR7SHLLzXKePaZ6-qHp1YZ8EuKjL8YaVwUX4dBeiVQHf1TcxvfYid312PFQHf4pM5bTeieQvQFIBqG86HI6QX4WUUfNojQ9zEB7HctwOQdRzOQgJNwufImG0HFahVpHKkD2DXgz0r8P_HJPIlPG5j3Yy5RfWc53NQty7V9VH-QneILygarCYmDBmbPxO_5C0dDdSp_r_XO7zbs58Gn6oZFPeFiqN84GfNKfCG8izxiX1F4k5snlxfSGpO4R1Cx9UcGnb6AwnUDn5RPa7EBMHfx9m9HtMH-8ff89Fp9-hdEzM4AxfHjB4v0YHbUVh3r7QEI__Fe2a6DI6QQ4NaOjQSaQKvtsPxFSOBIZKtIQFZngpogqBKR_9XAKyIXUuN8NTlD-EXCkrH3Ge6Mab8vTopuPUCcNpsOALA%26adurl%3D&documentReferer=http%3A%2F%2Fwww2.kusports.com%2F&ancestorOrigins=http%3A%2F%2Fwww2.kusports.com%2Chttp%3A%2F%2Fwww2.kusports.com&random=9286033183112&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com
URL: https://370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.47.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: d25f51b5723e8fd55643810e21e8e797fdc1ac3279e6331fa9448b7602e41749

Request headers

Referer: https://370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 21 Aug 2021 07:10:01 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 46191500029690300628834011693002
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 329
Expires: Sat, 21 Aug 2021 08:10:01 +0200

Redirect headers

Pragma: no-cache
Date: Sat, 21 Aug 2021 07:09:59 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=dfkx1snbhmf9&nw=20&renderingType=javascript&namespace=6e06e48382&subid=&uid=fb409a6483662485&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCM7MzxqYgYbyZCJzD7_UPweyjmAu7-oSKV5_DqObRCvAuEAEgiIC_FGC5-MeA3AHIAQmpAjDVE-QdobM-qAMBqgS_AU_QYAPQJhkC-9iPkfpO0NCtpaeho88dvIGzzg5vE2fCjcAk1dn8FwFj8rv22si8R1Cf1Gje1P-Xwh2oiq68iqkg3uZ1BEOD5PuH7uDE2UYDdyDsu2Eof-9NBmRZVMkGiAQQz60SCEykLVakqnrQZ6ckGRMyFHTRu2z0jDTIuz4dad5oGnr1rFcOpkClWQqTfJR-InMe0vZQvIIDrvqtTTIPru2TK02vvHQn_5Z7hIY24tC-HYWmzOB5g0jF2S8jwASYsqCBxgHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BuoB6qbsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTYwODIxNTkxMjI0MDUwOTeACgOYCwHICwGADAGwE9rQtQrQEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRohWf2q64xqbLQpwnCo92Uaw%26sig%3DAOD64_3skvvU0FV1nQkILwVMRdQmx_vSgQ%26client%3Dca-pub-6163857992956964%26dbm_c%3DAKAmf-Duq9Ff2_qClMOSEtOF8ighv6maVSig6o3QkjVMeKHX6UI30AGdEraNKva3Pzsqab49phmo9ARDOgi4URUIDyLvEc7ARrxqE8ZysenqcWDKIabF2RbjCTsriOqGjaNa-8fKnc2QIswhvekHJhhLF8jzaPV9nw%26cry%3D1%26dbm_d%3DAKAmf-D2fmDFn7eCHsYsJfjlUTtiX_4kGt7hd-XG16z2JbrpY0rsiKNIchBsD43aDY_2tP0KAaVaix5QDn8t6QcR7SHLLzXKePaZ6-qHp1YZ8EuKjL8YaVwUX4dBeiVQHf1TcxvfYid312PFQHf4pM5bTeieQvQFIBqG86HI6QX4WUUfNojQ9zEB7HctwOQdRzOQgJNwufImG0HFahVpHKkD2DXgz0r8P_HJPIlPG5j3Yy5RfWc53NQty7V9VH-QneILygarCYmDBmbPxO_5C0dDdSp_r_XO7zbs58Gn6oZFPeFiqN84GfNKfCG8izxiX1F4k5snlxfSGpO4R1Cx9UcGnb6AwnUDn5RPa7EBMHfx9m9HtMH-8ff89Fp9-hdEzM4AxfHjB4v0YHbUVh3r7QEI__Fe2a6DI6QQ4NaOjQSaQKvtsPxFSOBIZKtIQFZngpogqBKR_9XAKyIXUuN8NTlD-EXCkrH3Ge6Mab8vTopuPUCcNpsOALA%26adurl%3D&documentReferer=http%3A%2F%2Fwww2.kusports.com%2F&ancestorOrigins=http%3A%2F%2Fwww2.kusports.com%2Chttp%3A%2F%2Fwww2.kusports.com&random=9286033183112&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Sat, 21 Aug 2021 08:09:59 +0200

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame 0CE4 815 B
806 B 27ms
27ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=94ef58655625200a8cfc5b15afcd0b94ad52d590
Requested by: Host: us-ads.openx.net
URL: http://us-ads.openx.net/w/1.0/jstag
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: caec87957c05cdbb8e00a40a049cbe56ea700cd6ef053120890cec1501b5ebad

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=10&ph=94ef58655625200a8cfc5b15afcd0b94ad52d590
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www2.kusports.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=7b175790-cf7e-4a72-a73c-b663e8d29bce|1629529798; pd=v2|1629529799|mOgeginskin0vNomiygu
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www2.kusports.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=7b175790-cf7e-4a72-a73c-b663e8d29bce|1629529798; Version=1; Expires=Sun, 21-Aug-2022 07:09:59 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1629529799|j8gmmWkijofcsHqGgqiysLiSmOgevNomgunsn0gi; Version=1; Expires=Sun, 05-Sep-2021 07:09:59 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.214.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Sat, 21 Aug 2021 07:09:59 GMT
content-type: text/html
content-length: 480
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 181A 0
0 57ms
57ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssc7FynPhTKKcH_l6j4usQnYPZk--x-JNXPNAplgkarL8TmnY7byjrgxYfIgStmOV5g931VzK0H4P7UVfuxpmvGko_FCD7i8_Q8aeOB5JR2zW1CKOROidO72KGR-EIFxj9KXtM3HPMSyOS1HW53KzPm0EQFuv_tmdyP6rzfXZmHoB3hGqd98mFi-MaVxDdklVqP_A6V51cLBn8lggHHPJfCWhVWnSdoiiG4N0IFf65MBqjETunot4AIG3NnUrx4TEI9MAw164IA28wOGnlVQ86GsfueeHMiASUbibaIGmwEpwbcU7mv_gs_OvDyvvWqKHkXtsM302P5zYOaUvK2UDg&sig=Cg0ArKJSzNOoxlfoI31DEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 21 Aug 2021 07:09:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 21 Aug 2021 07:09:59 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 4DAF 12 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www2.kusports.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www2.kusports.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Fri, 20 Aug 2021 18:33:19 GMT
expires: Sat, 20 Aug 2022 18:33:19 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 45400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 32B6 783 B
532 B 14ms
14ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8fb5d5bd19346c62e4ec0fa000dc5a67c81c6c0eddde7bc4dd7c6efb11e7cdcb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uDrBrCrWbCXImLlX4Fpk9A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www2.kusports.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www2.kusports.com/

Response headers

expires: Sat, 21 Aug 2021 07:09:59 GMT
date: Sat, 21 Aug 2021 07:09:59 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-uDrBrCrWbCXImLlX4Fpk9A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 3EBB 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1121d7f8fb131bce05cbaf9b75a1272f9fbed57a53cd239d2fe91ece63ed9424

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 14:47:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 231760
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13272
x-xss-protection: 0
last-modified: Mon, 09 Aug 2021 14:48:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Aug 2022 14:47:19 GMT

GET
H3-29 200 LPVuzLK1TyzEP0FlVkI4C3aV71n8MLJs6dtRUJPDU8s.js Show response
pagead2.googlesyndication.com/bg/ Frame 85AC 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/LPVuzLK1TyzEP0FlVkI4C3aV71n8MLJs6dtRUJPDU8s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2cf56eccb2b54f2cc43f41655642380b7695ef59fc30b26ce9db515093c353cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 18:34:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45340
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13273
x-xss-protection: 0
last-modified: Mon, 09 Aug 2021 14:48:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 Aug 2022 18:34:19 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 494F
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=mURpoACe1Mhl8H5

43 B
106 B

31ms
30ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=mURpoACe1Mhl8H5
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=94ef58655625200a8cfc5b15afcd0b94ad52d590
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:10:00 GMT
via: 1.1 google
server: OXGW/16.214.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 21 Aug 2021 07:09:59 GMT
Server: PingMatch/v2.0.30-661-ga8ef792#rel-ec2-master i-0e5ad42a7c615fafc@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=604800; includeSubDomains
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=mURpoACe1Mhl8H5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 494F
Redirect Chain

https://x.bidswitch.net/sync?ssp=openx
https://x.bidswitch.net/ul_cb/sync?ssp=openx
https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dopenx%26bsw_param%3D...
https://x.bidswitch.net/sync?dsp_id=354&user_id=aed855e295a24345b58b609974d61e91&ssp=openx&bsw_param=e73cc95f-1c4d-417a-9ac9-09c17c284d28&gdpr=&consent=&gdpr_pd=&expires=7
https://us-u.openx.net/w/1.0/sd?id=537072968&val=e73cc95f-1c4d-417a-9ac9-09c17c284d28

43 B
106 B

25ms
25ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072968&val=e73cc95f-1c4d-417a-9ac9-09c17c284d28
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=94ef58655625200a8cfc5b15afcd0b94ad52d590
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:10:00 GMT
via: 1.1 google
server: OXGW/16.214.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: //us-u.openx.net/w/1.0/sd?id=537072968&val=e73cc95f-1c4d-417a-9ac9-09c17c284d28
date: Sat, 21 Aug 2021 07:10:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 494F
Redirect Chain

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=430756923113943313

43 B
106 B

37ms
37ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072399&val=430756923113943313
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=94ef58655625200a8cfc5b15afcd0b94ad52d590
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:09:59 GMT
via: 1.1 google
server: OXGW/16.214.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 21 Aug 2021 07:09:59 GMT
X-Proxy-Origin: 82.102.19.136; 82.102.19.136; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: d14f3607-22d3-493b-8d05-46c1e0bdba68
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072399&val=430756923113943313
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

adx
match.prod.bidr.io/cookie-sync/ Frame 494F
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ox
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDSERrN0NRVTRBQUJ0Umd0aUV3UQ&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1

43 B
430 B

42ms
41ms

Image
image/gif

52.215.67.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=94ef58655625200a8cfc5b15afcd0b94ad52d590

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.215.67.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-215-67-80.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Sat, 21 Aug 2021 07:10:00 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:10:00 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 360
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 494F
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=54ae6120-a6c7-4900-8042-deee980c98bd

43 B
106 B

88ms
88ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=54ae6120-a6c7-4900-8042-deee980c98bd
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=94ef58655625200a8cfc5b15afcd0b94ad52d590
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:09:59 GMT
via: 1.1 google
server: OXGW/16.214.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Sat, 21 Aug 2021 07:09:58 GMT
Server: MT3 3853 9552a83 master zrh-pixel-x13
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=54ae6120-a6c7-4900-8042-deee980c98bd
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 21 Aug 2021 07:09:57 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 494F
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=wvB8GpX3LR3Z934SlqdjS830eRzZ9CtPkaPPyG2d

43 B
106 B

40ms
39ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=wvB8GpX3LR3Z934SlqdjS830eRzZ9CtPkaPPyG2d
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=94ef58655625200a8cfc5b15afcd0b94ad52d590
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:09:59 GMT
via: 1.1 google
server: OXGW/16.214.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:09:59 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=wvB8GpX3LR3Z934SlqdjS830eRzZ9CtPkaPPyG2d
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 494F
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5741604668726927189
https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=5741604668726927189

43 B
106 B

40ms
40ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=5741604668726927189
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=94ef58655625200a8cfc5b15afcd0b94ad52d590
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:10:00 GMT
via: 1.1 google
server: OXGW/16.214.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=5741604668726927189
date: Sat, 21 Aug 2021 07:10:00 GMT
via: 1.1 google
server: OXGW/16.214.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 494F 70 B
265 B 346ms
269ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=a8bb68c9-66f9-7585-fdea-7e8b8cf5a833&gdpr=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=94ef58655625200a8cfc5b15afcd0b94ad52d590
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:09:59 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-29 200 pixel
cm.g.doubleclick.net/ Frame 494F 170 B
188 B 33ms
32ms Image
image/png 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODRkNGJiMDMtYWY4ZS0yYjIxLWU4MGEtMjQzMjQ2MTc2NjUz

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=94ef58655625200a8cfc5b15afcd0b94ad52d590

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:09:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 494F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKrBlk0ICs92BUtwyeeTuE8&google_cver=1

43 B
106 B

29ms
29ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKrBlk0ICs92BUtwyeeTuE8&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=94ef58655625200a8cfc5b15afcd0b94ad52d590
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:09:59 GMT
via: 1.1 google
server: OXGW/16.214.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:09:59 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKrBlk0ICs92BUtwyeeTuE8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 0CE4
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=018A0C2FFC804A8CA33ED2C9E972E375

43 B
106 B

26ms
25ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072966&val=018A0C2FFC804A8CA33ED2C9E972E375
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=94ef58655625200a8cfc5b15afcd0b94ad52d590
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:09:59 GMT
via: 1.1 google
server: OXGW/16.214.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Sat, 21 Aug 2021 07:09:59 GMT
x-content-type-options: nosniff
server: nginx
location: https://us-u.openx.net/w/1.0/sd?id=537072966&val=018A0C2FFC804A8CA33ED2C9E972E375
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Fri, 20 Aug 2021 07:09:59 GMT

GET
H/1.1 504
GATEWAY_TIMEOUT c.html
j.mrpdata.net/ Frame 0CE4 0
75 B 1679ms
175ms Image
text/plain 52.43.92.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://j.mrpdata.net/c.html?ex=OpenX
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=94ef58655625200a8cfc5b15afcd0b94ad52d590
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.43.92.3 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-92-3.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0

GET
H2 204 current
openx2-match.dotomi.com/match/bounce/ Frame 0CE4 0
104 B 88ms
62ms Image
text/plain 2a02:fa8:8806:20::2010
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID}
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=94ef58655625200a8cfc5b15afcd0b94ad52d590
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2010 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:09:59 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 0CE4
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=1
https://us-u.openx.net/w/1.0/sd?id=537072977&val=no-consent&gdpr=1&gdpr_consent=

43 B
106 B

277ms
277ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072977&val=no-consent&gdpr=1&gdpr_consent=
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=94ef58655625200a8cfc5b15afcd0b94ad52d590
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:09:59 GMT
via: 1.1 google
server: OXGW/16.214.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:09:59 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://us-u.openx.net/w/1.0/sd?id=537072977&val=no-consent&gdpr=1&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 200 ox
match.justpremium.com/match/ Frame 0CE4 43 B
323 B 106ms
49ms Image
image/gif 3.67.233.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.justpremium.com/match/ox?ex_uid=e23aa639-3148-4fef-aff4-f8bd8d80eb09
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=94ef58655625200a8cfc5b15afcd0b94ad52d590
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.67.233.59 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-67-233-59.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:09:59 GMT
content-length: 43
content-type: image/gif

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 0CE4
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=YSCmxwADwgOS9gAC
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YSCmxwADwgOS9gAC&_test=YSCmxwADwgOS9gAC
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YSCmxwADwgOS9gAC&_test=YSCmxwADwgOS9gAC

43 B
106 B

40ms
40ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YSCmxwADwgOS9gAC&_test=YSCmxwADwgOS9gAC
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=94ef58655625200a8cfc5b15afcd0b94ad52d590
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:10:00 GMT
via: 1.1 google
server: OXGW/16.214.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YSCmxwADwgOS9gAC&_test=YSCmxwADwgOS9gAC
date: Sat, 21 Aug 2021 07:10:00 GMT
via: 1.1 google
server: OXGW/16.214.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 0CE4
Redirect Chain

https://green.erne.co/openx/cm
https://pixel.onaudience.com/?mapped=VjHM87CS5t4SgGfQ2e0TXWPt&partner=2&redirect=green.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072998%2526rtb...
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26redirect%3Dhttps%253A%252F%252Fgreen.erne.co%252Fc...
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26redirect%3Dhttps%253A%252F%252Fgreen.erne.co%252Fc...
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=48188fea718063be8cb88a5fd79c256e&redirect=https%3A%2F%2Fgreen.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%25...
https://green.erne.co/ct/cm?red=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072998%26rtb%3DVjHM87CS5t4SgGfQ2e0TXWPt
https://us-u.openx.net/w/1.0/sd?id=537072998&rtb=VjHM87CS5t4SgGfQ2e0TXWPt
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072998&rtb=VjHM87CS5t4SgGfQ2e0TXWPt

43 B
106 B

25ms
25ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072998&rtb=VjHM87CS5t4SgGfQ2e0TXWPt
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=94ef58655625200a8cfc5b15afcd0b94ad52d590
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:10:00 GMT
via: 1.1 google
server: OXGW/16.214.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072998&rtb=VjHM87CS5t4SgGfQ2e0TXWPt
date: Sat, 21 Aug 2021 07:10:00 GMT
via: 1.1 google
server: OXGW/16.214.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 0CE4
Redirect Chain

https://ad.turn.com/r/cs?pid=9&gdpr=1
https://us-u.openx.net/w/1.0/sd?id=537073061&val=8497420421200697376&gdpr=1&gdpr_consent=&us_privacy=

43 B
106 B

301ms
300ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537073061&val=8497420421200697376&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=94ef58655625200a8cfc5b15afcd0b94ad52d590
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:09:59 GMT
via: 1.1 google
server: OXGW/16.214.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537073061&val=8497420421200697376&gdpr=1&gdpr_consent=&us_privacy=
pragma: no-cache
date: Sat, 21 Aug 2021 07:09:59 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

dds
rtb.openx.net/sync/ Frame 0CE4
Redirect Chain

https://rtb.openx.net/sync/dds
https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=d-3i9c9_zKsbnjI8X-ySiQ==&ox_sc=1&ox_init=1
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1

43 B
146 B

735ms
735ms

Image
image/gif

35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=94ef58655625200a8cfc5b15afcd0b94ad52d590
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:09:58 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: clear
content-length: 43
x-request-id: a0ing45n859bt3ao3138fl7ugk8f4udo

Redirect headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:09:59 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 249
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3c7c0e8d-f655-e7cc-cc3d-687e73a2657a
pr-bh.ybp.yahoo.com/sync/openx/ Frame 0CE4 43 B
922 B 105ms
34ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/openx/3c7c0e8d-f655-e7cc-cc3d-687e73a2657a?gdpr=1

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=94ef58655625200a8cfc5b15afcd0b94ad52d590

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:09:59 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8481 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BRFQjxqYgYcOhIZjO7_UPvvK_wAQAAAAAOAHgBAI&bg=!GxilGFzNAAZvV8FTb1c7ACkAdvg8WueGWeEKbQhZXFQ_wPwWsZ7m-GhIcHLrAmGXYI4oCucT7zFgsAIAAAHdUgAAAEFoAQcKALNwLcxFsyz-51VJy2mmXXXVsJ5XMYFsq8K6EANg9SYPvRlVHim3OEH1ka7G5hSaVR47xamQWuhHo69URqqwfrqWU4aWRYRqTJQ8eK48M3RMJiuDaXgSRvprTdbJ95lDbywAH3wjo_V1PeOT4xzwSstqMQeim1j7H_s_229xcs5qmNm_OSl7WqUQ6hrfo37USUZanBAZYkpQvYvVicnenw_9xMCvtTbqApfpMKe7XyRWe-rubJkC4VzikJzK9x8fy2zu0Yz77fz1XEtCeivbRngYy7517afDH4usUnwYy3dQ4LLUFvtda1EkT2jG7G-7FemcADtGknddvTU9a3_A1IoIeqAZ6JGRDD1rKefMEiuuLigehEZBP4bNk8XqPzlBMWAKTr1yY8jo_gkl19dOHVOJ9bRjmfUgjx_Lewnygo67DMu7Sg7NbKDHWmbns3tWn2Qg549cbFcub0u70drPtkS4l0fDNlRHzykHkMsPgNy3imKgWZwOeDwfovJEDJqJkOYQQdGYdbuA5UxxlENIiYLN4_Zpt967Mh6ZgjMbWaL98d8NSHJOkhdsNU6A_XQs_7eYBlySCdpMOfAHziy_RmH8Gwh_bCoOeTGEKetDWaH9URF7H8dDUwYKfTQZ0aOOy1xnn4Pm0IB0GEFejawg0hot31sfzmOUrXDaVPqkhqN2thP2ysmZUz8n-mJC3ZjpM1PUoHILpRQcLZZDucUH114bv7mVeUZunP2NkLkLDS7vw_9TpPW_GyPYSKATYyp6O1NGpoIxYxrFd8k8cCL_7gIrsncnWcQbesTmX0VKPhWwbNiMFYr7-xIglsuE6ptkhz5PbE72XAs2m4P7bCgvZTdmdPZNE2ykGMLRp6Zx7F6yYwpSFBBdBpZ7nv9mfw0DCdAM9f1Aomy0JhW47MAXvRKFSoL48mnfk_EaIuuiLSTUhoWDXMcoBGqTMoGXmDFBZTYtZz0dpGfgiDDtj0JGdPJqAA2uZmua-LcZlXrq51bjk1VZkU5DA5sKaw0lOJqXRYmrn3YTx4oxbch4BfO9TcCqHaa-t2qLPCdLe37FJO-zwP8dSt_tdhP1nos3m32kajIh7tLds6fmSZB_suuX9xsqDyvHo-xebOvlqaJm-oLmt2EoQMW1heH6v1cin-CxUl5jKNAHHp8RFRdmIw1myKVxq_m9H20_wibkqQGiDxSi7HGMwHC0vkxvkHQo90JE7z8t6P8WtHlq

Requested by

Host: 370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com
URL: https://370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:09:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 LPVuzLK1TyzEP0FlVkI4C3aV71n8MLJs6dtRUJPDU8s.js Show response
pagead2.googlesyndication.com/bg/ Frame 4DAF 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/LPVuzLK1TyzEP0FlVkI4C3aV71n8MLJs6dtRUJPDU8s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2cf56eccb2b54f2cc43f41655642380b7695ef59fc30b26ce9db515093c353cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 18:34:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45340
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13273
x-xss-protection: 0
last-modified: Mon, 09 Aug 2021 14:48:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 Aug 2022 18:34:19 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C685 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021081701&jk=3672889341428330&bg=!ExClEFTNAAZvV8FTb1c7ACkAdvg8WqlTm69b_z7g_oKPJddSAj798r66Kmknqp1sHVMx4CEy27HT8QIAAAGyUgAAAD9oAQcKADRzgT06QTPTo4H57JveiMWtuRwphDI9SNf4AWMWt6BfLNldIVf8cZV3DG3d9aOG2fLMbFIymQKaBCZc2XaDHGsId4kcmsERMPKau5TgbKiG3eraZWKQ22LrZWUbxo9sBwaOgyV6JF_OWBMFFYBG80II6_NAey3kFNIicW3O2rECYeUmPMsIdY0KRnzWwZwNFcjF1wLLGTGXb21Lq-bPZ_Pp6kxsUda9iixICko5GgFZwkSf3Vm-Jtc23PCmAgggZIL3N03czHmVuj_Y2OQXtQj0AwHomf4kfXwoc9TD6mel1h1LG3z-mDF4doSchPK52oI8eoXxZ0g_u3QJjH2nr7ZNpPioAR4X47HQX6Ad7HSY6mWd4A_hj8iJ_QylwpWmSObtec89UTz7iELGQN_wkGOqGqpX_-VBuGFHDJ3otpaRKINZj1N3O88xqKzbhHlTEEJrGUkCIJ23fpniGSEgj7cNU351QkrsiUg9EufnMc-80PaErvlQIvQwVLIFIldc1s4zEbhVBAMDrpS1OQt2N8yDLjm359eW-C3fte8Nn9dscxfCWlzBKlK0Norpm21I_KqP86FB23Tj_J4u-sbB62FbCtWFhEzQIOBn0GQwSXi4ni3RrhzoCRZINVKWDiwoKQbV_ivjpKmIJeQgE8xKnGJCHdYg70QXWyTfVdGzZ6t7_migEy7RyuHxiiFl9HT7kXjQMJpaRmfQL1EctFFlbgWb2gxGJU_0zkNn7OgePQqSo2C1bY1Ray7dvbaujkttzqWVk16oHl-2gnU2xWDMjXpXghgi_049LX_lW5k-O1y8wQ0z_69PZ5dqj9Yns6IKS0xBx2dSuekVY_3rfa2XJX6CovhZLJBuaY1OW-fdQO9qRTZcJ9Yg4kMBlCiXfvbEi36v-LQR_Ehpg-WoyobIn9ak1QfJ2Wsqbr0DhirmuxZ7QlzJ7W-XIr-T-ypZ3Qtv_I_R

Requested by

Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:09:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3EBB 0
20 B 78ms
77ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BB_6rxqYgYefLMoeix_APmb-42AgAAAAAOAHgBAI&bg=!urmluf3NAAZvV8FTb1c7ACkAdvg8Wom3aO_B9jaxFNapVHeBGdqZjhdCkScNSIp92DUCrA9-0dFKGAIAAAEgUgAAACdoAQcKAE_fT6cQmlmQhlbC8O7b-dfsC9ApA6LTdi-AIxgdqaaL_C41Nuevx_N_80wrMcycWBMl5G3FuVUU-Fr-fSZQ66BT_VY47SIhY2wgVB4VdkXhmQLo4V6ZL7ONE7UrXOvnL-7PuzYe2pfaw4m-G-fmDBOM7KC5w-YGAVmWdltpKyPX65mLIhcLEUOAGm-vn6sC2tgShovSy4QECvlaM7ARU6rbr6if5biyEZye1a5ihaLIGn4QYG1uJW9VYA7mI0flttNjZbaYjxO4F8J0pyX7I1EIbMODbSEid5Zd8u9Az85kRqRPppZz5Z-YFHjioKK2rWREChB-g8HyGU4RqcDAZere7luubofkwspF5m2rY_w5xJQUomzuWcc29B-9I3-TTmSD808AeY209zlZg0XzH69pfKirUtM-jXwGYejvNLgGWtxuVerDoPTgYdLju-nPA_-mNMAH1elIUklYOoa9uHMf7eOvaSlAjnabdQPQ6oPw7iEhptEAWYJMmYfr5Kgjn10lav9Q4iodOOeKw4wIrscP-LKg58_T65tnzzdAu303S-vfNs8vTiIHpAWntic32tenKr7fFJG4FNJBb8-8aLa8BeObmqX9njoqmqzJ1Xg9sB8opNtSn3Ns5wpY3qcz1t6MoYfXD-gqJerOJhlKHJvbg5ko7sqMV6iHjHu8hsLGp55i-O1ONchyzdwi8PBFt4rzvQ4QIJmDNaNvtyMXlifHvEglpslTTwoOtPB8cxq0D6KM1Frcu9xLejlo-k3rNwLq-fDeePu4RrutAGJV56Uum5CnMeguzEWDGx4rMwyNEG4xLORKGB2IS-BlNhQGxDRunPx3hWD2spoaJBV_ZpV6p9OTn-bj0DyGJ-TC2P2B0uOuI5S8ZUG_I3yDv1m7LGy16PARnaE_s8ONhMsEhpD6S7EBRELP1EZ2B155Kekh0JiXTc_xQldfIvnf5sqHx1Xs3OfW55vIhSc9E7MOUFh3LaQLuoDPlar82ePcwfP0RBgbd9o_ZvT5oWcMgfCvrVd6y2cBOfC8_JCPz6G0yHnWwg8AFnUMsEQR5P-5QfOXP1hGVvq8O14L0o1VSZ4hCK0gCdvnFsYNtnXK

Requested by

Host: 24bac2d42da8d01b8705ae2442e3d932.safeframe.googlesyndication.com
URL: https://24bac2d42da8d01b8705ae2442e3d932.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:09:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 36C9 0
20 B 75ms
75ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021081701&jk=3419864441397135&bg=!KCulK2_NAAZvV8FTb1c7ACkAdvg8WnV6YUfsq4XBiIscnim2ji44JFqZSlMdssKOnKMfPxacSkdR8wIAAAEjUgAAACFoAQcKAIF-p27vzBz9cA_TAWRpCf48jCh4M_2gy3OymF0iCve_vGkgV7_J17r2xuOMIYFskUxCmZogUTABHl2aeCugrILzQM687JAmuyH-xJNAYa2LZNPUtChDjX1H_ZIpU1t6wo3jM7bVJu6kh4aE-u7xwim3MjYIRS7wW7TcaJKJR19MpiqZApbRISbvMZ-xCXMroiguvyiqxUqggZWh7Q_Qeej-8zU6MLzWcb9ie5SmmUFWGQIdIpvSx0kEDtjWMPic3Qu_1drl4c_dmjXUfwStKcExXsFPfP5PdHXVip6c8R6Y2xedf2n4qgBf5PIurps92wcManlrVm7Vr8pWal3i3IfGeH9jZYCwN-jBlKDz1iKoDUfqdKQ8IVEfl_6cgsr_G5MoubUiSBvTKHdtMtsVCMqfAUe9MYNlT8iz-qOgQXHfBX7yhZZb_aKC2F1olARC4bsUL_xJBYqEeOJM55Izp7F3Nyqw1ZvVHGLWCS6vLyOkfU20Zls2oT847Lgkg4StbKzcaQmwpFYQAu-iVDt84A42DHnCG41e6NcbU5avoyvMmO7JCGDTyTMAb_y_ppuofNH_fVWHTseJjjnayhqyFTkGwai6QCMPzrXFkCoYLWpZc1fD3FU6lffUODx-xhW0-uncivV8SJMZ7IOU44njHOObgJ0ChV8_a9QhQ4lWmBVr-BFtD28PaoGvjjCIg5lr6c_c99BRSeSMZSI-u-VZ4kWJImhqyUmTsVR7taN0wPUGl0OZJfZYWeR0rhtw4463kSKN5INOS7y50Jv2dQSxLYzDZ1kzuwFFv6QGN-Wnio2W3EFp0C6QWlMMVSb-vKkIXOjJKNuNpbo7Wns39-u-XJLkj9_diH-NzyqzYs-afEedHcccmTYeUvs-lawXo6ojWwDEsgjNfCugMPrlSzblmkeVp98Ba4gI-7xrQezP1dLhCIn4aREx4z8Xl2FxIAQLOzi_2JnH-VrqvCDKOThKAC5I801lJax-lADCUcQM3P9_oUGUoH2GxCP_ryk0ICCeSlwyFb8ObF1107eHm0eFnoqHamKFmkOd2eLl2A

Requested by

Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:09:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F36A 0
20 B 63ms
62ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021081801&jk=141830360301717&bg=!RkWlRQHNAAZvV8FTb1c7ACkAdvg8WvR5Fo-wKqEUJWov99UljlJimKvB3wDHqQJ98PLdqDpFPmQRNAIAAADRUgAAAApoAQcKACEJcooPr1HQiSIqfKPPvxRyy6r1ndQP6P3QU-Jnnm9gJTSZApBlTSK0CkrCah_d4uBFP_2qtaMrMVqo0xB0KqGz1nFIy1IF1VBJHY6BG_rWxWyJjLR2AUmJQZVpI16raHGo8NbDqSkrHzcY0OykukbUsBQxBDHQGH_HiHrvKAdxC3DaK3GRKGZ0hdue3uWvq_cd4KbcqKPLXnXTynGn4gasGU29kGcnAVGWq1yUgCHxPV8HZH7QdXn7NmH0B6LwHRb6K974wNJIPyI8Znv0ySCwxUh-xZUe0eJyS2umiTkjN92MZ1wJ6ub0HyTT-bPg34yp1I5y1U7jU6Xrh-Aw7Qg8d4F_z4yTvMXxXyVJ5skk7em3Px0rPkNcgX4DK0SJBUtxm1cypBbEPqIbe2_iPDdpO3RZx6Iprwez37-3_3f32MeWt8Hy2jpOLzD1_mUsEcieEVU9GoCyokNgq7Cbj5FidFVGM_KRzhQ7dc62itD3YOaKZrLCnazbPKkYEcDbTgBQ6AHVVtgqGJYewYUu0eF5FSK4TQ7aK8h_30gLBclu9W3538_U83cZqw11hbJOBHf--imRlrPHy4EgRHrsUcXBgKbbRmjXcMe53tRvJd37P3Rw-uGYaJs2CtOYb7G55-Z85ZAejm64paX79Q47c9oDaSepQvCzrV0fOz1zzisMwDSac6oKqyrDVL2y4AVcN7hdewfxVPdqoZRzBRHlileUkSiQ9SjSXFQ_FJCZSN6igQXjBF6qTQ-vvMbWMS2fh_Y-fx8eiqN4Tsr9OiiZR_KErKrVnNoGlIBy5CmJNFcbwgFbfKGNrn71vGlBgbq5UcHq12B8AfWHquaM5qqqs-KTggji2kSzPZCKgESVILhYa7KtdvwUXqjc8j0XN2GM5rvcbaoSq4gYA5bLzc74du-TwK1zGQ

Requested by

Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:09:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F36A 42 B
64 B 30ms
27ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssEw0N8TJtYDGoY5Mnro1IF3F8pxDSFIb1REUI9pv-39FU_A7sG3TmoVJ-ARUDV9cweSlt0ZedLqdcvlhQR5EWqpLRM8h1-vZT1bgSoKHzBMNYdQoZG&sig=Cg0ArKJSzEXFmL5RwW2YEAE&id=lidar2&mcvt=1000&p=1061,310,1311,610&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20210820&bin=7&avms=nio&bs=1600,1200&mc=0.56&app=0&itpl=19&adk=1786472045&rs=4&met=ce&la=0&cr=0&osd=1&vs=4&eosm=0&rst=1629529798516&rpt=413&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:09:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK common.js Show response
maps.google.com/maps-api-v3/api/js/46/1/ 87 KB
32 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://maps.google.com/maps-api-v3/api/js/46/1/common.js

Requested by

Host: maps.google.com
URL: http://maps.google.com/maps/api/js?sensor=true

Protocol

HTTP/1.1

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82c40d20ddd554d6df644a2dbaf3cc57d33583cd380556b4e4636a8370a99989

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 18 Aug 2021 18:54:05 GMT
Content-Encoding: gzip
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
Last-Modified: Mon, 16 Aug 2021 20:40:52 GMT
Server: sffe
X-Content-Type-Options: nosniff
Age: 216954
Vary: Accept-Encoding, Origin
Content-Type: text/javascript
Cache-Control: public, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Content-Length: 32231
X-XSS-Protection: 0
Expires: Thu, 18 Aug 2022 18:54:05 GMT

GET
H/1.1 200
OK util.js Show response
maps.google.com/maps-api-v3/api/js/46/1/ 289 KB
89 KB 12ms
7ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://maps.google.com/maps-api-v3/api/js/46/1/util.js

Requested by

Host: maps.google.com
URL: http://maps.google.com/maps/api/js?sensor=true

Protocol

HTTP/1.1

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d109a1be178487629ed3fd50fa1431912642bd2682c7d99eda876da6cb18d37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 18 Aug 2021 18:54:05 GMT
Content-Encoding: gzip
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
Last-Modified: Mon, 16 Aug 2021 20:40:52 GMT
Server: sffe
X-Content-Type-Options: nosniff
Age: 216954
Vary: Accept-Encoding, Origin
Content-Type: text/javascript
Cache-Control: public, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Content-Length: 90584
X-XSS-Protection: 0
Expires: Thu, 18 Aug 2022 18:54:05 GMT

GET
H/1.1 200
OK AuthenticationService.Authenticate Show response
maps.googleapis.com/maps/api/js/ 62 B
481 B 30ms
24ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttp%3A%2F%2Fwww2.kusports.com%2Fusers%2Fjosephinecsanford%2F&5shttp%3A%2F%2Fwww2.kusports.com%2Fusers%2Fjosephinecsanford%2F&callback=_xdc_._x7qw7v&token=125296

Requested by

Host: maps.google.com
URL: http://maps.google.com/maps-api-v3/api/js/46/1/common.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

984b42bc296ab040a37cf8c333f38ba5cbb3d676a8e8029a8426502f7d83fdcd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 21 Aug 2021 07:09:59 GMT
Content-Encoding: gzip
Server: mafe
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=UTF-8
Cache-Control: no-cache, must-revalidate
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment
Server-Timing: gfet4t7; dur=9
Content-Length: 63
X-XSS-Protection: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK request_content.php Show response
hal900014.redintelligence.net/ Frame FF46 4 KB
2 KB 79ms
27ms Document
text/html 176.9.26.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900014.redintelligence.net/request_content.php?s=29579600032670500628846011693014&a=02f85d2d
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request.php?zone=ihaaer67pw2u&nw=20&renderingType=javascript&namespace=bd37d85a6c&subid=&uid=bc9d46d4c5d77ee7&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCuTfyxaYgYeuoIo-PrATPp57wC7v6hIpXn6bi9bcH8C4QASCIgL8UYLn4x4DcAcgBCakCMNUT5B2hsz6oAwGqBMABT9Djwx1yX2CoNwpE8vdArKMEifrKQFpLLXx0g5v6Gts4HxgLcCZY3MqQ8Nyyu1sZffQbf2tJCq0aUHk-wd5OvegmrWWZ65iTdsRqg-lDnZBuIQpM1HFCm9FgdGR17PhmN0ttGDZHTF3FUzyKnxiEKVSiR7i6hnwniri5hYzRk4Y_X9hzTEpsAu0DHyJ_3vgJ25qiHPMVJwR65dSl_ezeSd2EqDdgCe9Sc8slBHRW4JRxzbwbjcEpd3W9lXSoG2kJwASYsqCBxgHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BuoB6qbsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTYwODIxNTkxMjI0MDUwOTeACgOYCwHICwGADAGwE9rQtQrQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoA0-pKwQxVfOBmO4ShPPxiA%26sig%3DAOD64_3TOadfaYu2SdpILcXo5typ6U556g%26client%3Dca-pub-6163857992956964%26dbm_c%3DAKAmf-DDaZQl2eqoD_coQtDkF6qj9nc_9zcL53kxf8BLN9VRm5rQShilZ-gXGSSy-bVUco59N9asUyPckIJDpmDqjSyhvSgkcMfAVpEZCY2X8vnAOKahLfPUECq5HNqMcP9Mm1W8RIkDzqF_CZ9xAXoFIOABmUIJyA%26cry%3D1%26dbm_d%3DAKAmf-BqU8UHEX-c7edzjKYckcKSHK0-bQd30cnzauuDO6BPE0OfJfkgOdlMEF2_n8OlCQe8UHdcBDWJ-Y8pZMkmGl9tMT8x9HwTALn_jLuNuAII-LTY12Af2kHM0LYrIc7nwT0_MRTdHprEwMGZmPAb_OTtdm6lQNkDMJR8l5AsM6aHQnaCo6c6j2QB7DB8nL1UEMffMDYAKERQlyQHbBS_nknFPpg-DgTHWyPvoSBIWvjNY_LlE_s5GQfjn5BTPY0uXyPN_MzMFueLgsLK2pWEZgcINBC0oAb9wiKHOJxpOuhMfoKrvXm1U09lk0GqYWU-WfXwGsUlYX395ufbn-nsh3HlUGh2H93eg81320NelERoJYARzA7nHLwzlentebFhxGoLSMdpQzepLEwW5ZrAt2AQc9Zq3-_qYGbo8G8ZS_MyrUhIvGkx6yTPBRl1IV451fUnFwlh-2EcseFiOQbop52Efp6L2wuH_8TTbMog5z8l25mbKxE%26adurl%3D&documentReferer=http%3A%2F%2Fwww2.kusports.com%2F&ancestorOrigins=http%3A%2F%2Fwww2.kusports.com%2Chttp%3A%2F%2Fwww2.kusports.com&random=6275588517658&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.26.9.176.clients.your-server.de
Software: Apache /
Resource Hash: 58ac62fab63ae94b6ab9f4c5fecd5074a2c000bbcab8962514a33553a63e5a31

Request headers

Host: hal900014.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: 8lcfmzhxc8d6_uid=6c582eb4d9cbb716
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com/

Response headers

Date: Sat, 21 Aug 2021 07:10:00 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Sat, 21 Aug 2021 08:10:00 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1430
Connection: close
Content-Type: text/html; charset=utf-8

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C7D7 1 KB
864 B 6ms
5ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com
URL: https://466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 20 Aug 2021 11:56:19 GMT
expires: Sat, 21 Aug 2021 11:56:19 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 69221
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame B5D6 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: adea93e655803478bf05f7426a977897cd2e92f59410d0082f95f2e51a82b343

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame C7D7 0
104 B 99ms
66ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESELVJCcCykljp4a2DTNTxs54&google_cver=1&google_push=AYg5qPI8d60351WtN5gojfZj0qrSO6Zd-HHunV-0LGJOhXjT0r6GGlfY3meN94LTWT-topIT_cGYiriDu1I1IfhBg2EPb0Dxksc
Requested by: Host: 466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com
URL: https://466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:10:00 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame C7D7
Redirect Chain

https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEMwsElIgBXTVJTDO_6AwA7g&google_cver=1&google_push=AYg5qPLAD4De024htRtJbkY_mZxw7M6ohc_a82T164yumstIn8rBZ1sLCt2xwf2Gwy69rYZr5Uxq42dHrK...
https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEMwsElIgBXTVJTDO_6AwA7g&google_cver=1&google_push=AYg5qPLAD4De024htRtJbkY_mZxw7M6ohc_a82T164yumstIn8rBZ1sLCt2xwf2Gwy69rYZr5Uxq42dHrK...
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AYg5qPLAD4De024htRtJbkY_mZxw7M6ohc_a82T164yumstIn8rBZ1sLCt2xwf2Gwy69rYZr5Uxq42dHrKnLFPXT__mks-7LQHs&google_hm=MDMwMzAwMDNfNjEyMGE2...

170 B
188 B

32ms
32ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AYg5qPLAD4De024htRtJbkY_mZxw7M6ohc_a82T164yumstIn8rBZ1sLCt2xwf2Gwy69rYZr5Uxq42dHrKnLFPXT__mks-7LQHs&google_hm=MDMwMzAwMDNfNjEyMGE2Yzg4NjNhOQ%3D%3D

Requested by

Host: 466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com
URL: https://466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:10:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 21 Aug 2021 07:10:00 GMT
server: nginx
access-control-allow-origin: *
transfer-encoding: chunked
access-control-allow-methods: POST, GET, OPTIONS
p3p: CP="NOI DEV OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AYg5qPLAD4De024htRtJbkY_mZxw7M6ohc_a82T164yumstIn8rBZ1sLCt2xwf2Gwy69rYZr5Uxq42dHrKnLFPXT__mks-7LQHs&google_hm=MDMwMzAwMDNfNjEyMGE2Yzg4NjNhOQ%3D%3D
cache-control: no-cache
content-type: text/html; charset=UTF-8
access-control-allow-headers: Origin
keep-alive: timeout=10

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame C7D7
Redirect Chain

https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=10&external_id=&google_gid=CAESELfbXD5esXMjz25O9mqCev4&google_cver=1&google_push=AYg5qPJIYF-fMHYuNE0JasGFveM8dqptGsXdtFYTUsilGG3IOqtvCEi5T0Y8EU0WpImG0...
https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPJIYF-fMHYuNE0JasGFveM8dqptGsXdtFYTUsilGG3IOqtvCEi5T0Y8EU0WpImG0-bX7WbKsRLbDed1eNnnu995T2TE2Fw&google_hm=QXdZVy1KZVcyUkRpbkFjU3k2N...

170 B
188 B

255ms
255ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPJIYF-fMHYuNE0JasGFveM8dqptGsXdtFYTUsilGG3IOqtvCEi5T0Y8EU0WpImG0-bX7WbKsRLbDed1eNnnu995T2TE2Fw&google_hm=QXdZVy1KZVcyUkRpbkFjU3k2NkQtWlE=

Requested by

Host: 466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com
URL: https://466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:10:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPJIYF-fMHYuNE0JasGFveM8dqptGsXdtFYTUsilGG3IOqtvCEi5T0Y8EU0WpImG0-bX7WbKsRLbDed1eNnnu995T2TE2Fw&google_hm=QXdZVy1KZVcyUkRpbkFjU3k2NkQtWlE=
Date: Sat, 21 Aug 2021 07:10:00 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame C7D7
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESENiBkoILR88hDN58OLZSrlE&google_cver=1&google_push=AYg5qPKx4YST_KZamAp46GN9VAZLwytVAX4IV9WJt42ngeY8tBhGWw4HAy_mcmUQCkbngxW_mog4qVb-LaiD1ND...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=6VTdBnGmR3Zr4Rcni9wYdVJmE4g&google_push=AYg5qPKx4YST_KZamAp46GN9VAZLwytVAX4IV9WJt42ngeY8tBhGWw4HAy_mcmUQCkbngxW_mog4qVb-LaiD1N...

170 B
188 B

33ms
33ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=6VTdBnGmR3Zr4Rcni9wYdVJmE4g&google_push=AYg5qPKx4YST_KZamAp46GN9VAZLwytVAX4IV9WJt42ngeY8tBhGWw4HAy_mcmUQCkbngxW_mog4qVb-LaiD1NDPVfhu2ic1qQ

Requested by

Host: 466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com
URL: https://466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:10:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=6VTdBnGmR3Zr4Rcni9wYdVJmE4g&google_push=AYg5qPKx4YST_KZamAp46GN9VAZLwytVAX4IV9WJt42ngeY8tBhGWw4HAy_mcmUQCkbngxW_mog4qVb-LaiD1NDPVfhu2ic1qQ
Date: Sat, 21 Aug 2021 07:10:00 GMT
Connection: keep-alive
Content-Length: 240
Content-Type: text/html; charset=utf-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame C7D7
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEHdivVpIS0Sesvo_knr_TBs&google_cver=1&google_push=AYg5qPKq0WczRafXNFpboCwAJ1Z62x-o169r0pnlWEZJnfpGJQJVO7R2WTss5b9Yf84oacXFnMo2YzByZ18VgiCT...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPKq0WczRafXNFpboCwAJ1Z62x-o169r0pnlWEZJnfpGJQJVO7R2WTss5b9Yf84oacXFnMo2YzByZ18VgiCTkx7jMgHmyA
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPKq0WczRafXNFpboCwAJ1Z62x-o169r0pnlWEZJnfpGJQJVO7R2WTss5b9Yf84oacXFnMo2YzByZ18VgiCTkx7jMgHmyA&google_tc=

170 B
188 B

33ms
32ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPKq0WczRafXNFpboCwAJ1Z62x-o169r0pnlWEZJnfpGJQJVO7R2WTss5b9Yf84oacXFnMo2YzByZ18VgiCTkx7jMgHmyA&google_tc=

Requested by

Host: 466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com
URL: https://466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:10:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:10:00 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPKq0WczRafXNFpboCwAJ1Z62x-o169r0pnlWEZJnfpGJQJVO7R2WTss5b9Yf84oacXFnMo2YzByZ18VgiCTkx7jMgHmyA&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame C7D7
Redirect Chain

https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEM8DF5vi6bN_TO0KlowYuek&google_cver=1&google_push=AYg5qPLU-WupJEQVQR54SY1diVPBHpt_ZN2YucvJIlAVaz3lRpk9lPSbwyR8tX6hASGj7L1F8KWvRxEaZ3w2WY1Wl...
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=YmIzYzJjYTctNTI4Zi00ZDBjLWIxMDEtYWFiODM3NzhhM2Yz&google_push=AYg5qPLU-WupJEQVQR54SY1diVPBHpt_ZN2YucvJIlAVaz3lRpk9lPSbwyR8tX6h...

170 B
188 B

114ms
114ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=YmIzYzJjYTctNTI4Zi00ZDBjLWIxMDEtYWFiODM3NzhhM2Yz&google_push=AYg5qPLU-WupJEQVQR54SY1diVPBHpt_ZN2YucvJIlAVaz3lRpk9lPSbwyR8tX6hASGj7L1F8KWvRxEaZ3w2WY1WlW-_5gjG4ww

Requested by

Host: 466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com
URL: https://466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:10:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=YmIzYzJjYTctNTI4Zi00ZDBjLWIxMDEtYWFiODM3NzhhM2Yz&google_push=AYg5qPLU-WupJEQVQR54SY1diVPBHpt_ZN2YucvJIlAVaz3lRpk9lPSbwyR8tX6hASGj7L1F8KWvRxEaZ3w2WY1WlW-_5gjG4ww
date: Sat, 21 Aug 2021 07:10:00 GMT
content-length: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame C7D7
Redirect Chain

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEPCio4oo4B-FZEDIGZbAxbM&google_cver=1&google_push=AYg5qPKFHPZ13iPhCZ1Z_FyjSliuL5wmkBHi2ChREHQod6xo9fnC3XrHaf-VaQxljotQN3YteEZUR3ZLU83RwE9AIp4aPZd...
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPKFHPZ13iPhCZ1Z_FyjSliuL5wmkBHi2ChREHQod6xo9fnC3XrHaf-VaQxljotQN3YteEZUR3ZLU83RwE9AIp4aPZdUObmL&google_hm=NzY4MzYyODQ...
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPKFHPZ13iPhCZ1Z_FyjSliuL5wmkBHi2ChREHQod6xo9fnC3XrHaf-VaQxljotQN3YteEZUR3ZLU83RwE9AIp4aPZdUObmL&google_hm=NzY4MzYyODQ...

170 B
188 B

85ms
85ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPKFHPZ13iPhCZ1Z_FyjSliuL5wmkBHi2ChREHQod6xo9fnC3XrHaf-VaQxljotQN3YteEZUR3ZLU83RwE9AIp4aPZdUObmL&google_hm=NzY4MzYyODQzNTU1NzAwNDk4Ng==&google_tc=

Requested by

Host: 466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com
URL: https://466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:10:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:10:00 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPKFHPZ13iPhCZ1Z_FyjSliuL5wmkBHi2ChREHQod6xo9fnC3XrHaf-VaQxljotQN3YteEZUR3ZLU83RwE9AIp4aPZdUObmL&google_hm=NzY4MzYyODQzNTU1NzAwNDk4Ng==&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 434
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame C7D7 0
59 B 30ms
29ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KxphWePY54_2onbVzrsJ-6HxuqBeQ7IcAYCl0_oNAGovjwQtyz5ByTsfJbAerbQ5eGzxgBmtk

Requested by

Host: 466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com
URL: https://466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:10:00 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DCE1 42 B
64 B 29ms
29ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssw1UatKcUx6wM5YWdfKuuzptTia8DeA0BKIzRsNGDUlhkc2h8_B8jJ9nTRcdu6yLgsphuKwIBKav4HR4ifb-IryMfCG6llVfnCQ2km9ANcl93XIrRD&sig=Cg0ArKJSzBVROqgJJRe1EAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20210820&bin=7&avms=nio&bs=1600,1200&mc=0.56&app=0&itpl=19&adk=2741832870&rs=4&met=ce&la=0&cr=0&osd=1&vs=4&eosm=0&rst=1629529799127&rpt=133&isd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:10:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK mircosoft-en-300-600.jpg
cdn.contentspread.net/24i/advertiser/14265/creativesup/ Frame FF46 77 KB
77 KB 1961ms
66ms Image
image/jpeg 88.99.70.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/advertiser/14265/creativesup/mircosoft-en-300-600.jpg
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=29579600032670500628846011693014&a=02f85d2d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.70.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.21.70.99.88.clients.your-server.de
Software: nginx /
Resource Hash: 83087bdaf1ca3313a7226475026cdb99d853b3c1e0d235192122c7baf7938117

Request headers

Referer: https://hal900014.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:10:02 GMT
Last-Modified: Tue, 29 Sep 2015 15:03:03 GMT
Server: nginx
ETag: "560aa827-13398"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 78744

GET
H/1.1 200
OK viewability Show response
hal900014.redintelligence.net/ Frame FF46 0
150 B 800ms
280ms Script
text/html 176.9.26.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900014.redintelligence.net/viewability?s=29579600032670500628846011693014&a=dee8c254&vb=m
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=29579600032670500628846011693014&a=02f85d2d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.26.9.176.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hal900014.redintelligence.net/request_content.php?s=29579600032670500628846011693014&a=02f85d2d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:10:00 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame FF46 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK request.php Show response
hal90006.redintelligence.net/ Frame 7D13 610 B
935 B 3529ms
348ms Script
application/x-javascript 138.201.63.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90006.redintelligence.net/request.php?zone=dfkx1snbhmf9&nw=20&renderingType=javascript&namespace=620063c898&subid=&uid=f6f38656dafa33ae&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC2lMlxqYgYZGtBIHT3gPbiorYBrv6hIpXn8Oo5tEK8C4QASCIgL8UYLn4x4DcAcgBCakCMNUT5B2hsz6oAwGqBL8BT9B25rzIGjerHEbdFchU2nm-XyWpJByV5X8YYf_bHEWAaJMcLCkEs1oEzv6UB-wld1jGT_9en0p41h-4Drzhl2t7pd43qFW7U9fqF8995Wvh4mTxJbelKRa5p2jgBvRZ9xHt73RAwnnIb4nkqlnHjk5Z7vbe95EtSuZY0Hx6UYljFUuLLW0BltcTpHTIScz4G6H-orheGgAYkJy55q4dAZl53obZqMml12PbQSzlYywgTYjZS0LWGdq_ni7IMgfABJiyoIHGAeAEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG6gHqpuxAtgHANIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNjA4MjE1OTEyMjQwNTA5N4AKA5gLAcgLAYAMAbAT2tC1CtATANgTA4gUAdgUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoJuOkW2UzqJKJI1jE7bgppQ%26sig%3DAOD64_1Lr_QyCNRB8TjwloGQaHAy9-7klA%26client%3Dca-pub-6163857992956964%26dbm_c%3DAKAmf-DQ6D7I4SDwUYkrQPNpG7-04sse_yD6Ph-QguTR4Ne0HKgpn_vwRfDIdPkFVgVfXd11_UN1gghqUzp2eU-alVnqxHrp7Iujvqjm4A3TUlKFHAgDEkz-iXRe34_9Xa1w5qBkF00JZzF2y7_KX-dlEFaGrIbuBw%26cry%3D1%26dbm_d%3DAKAmf-CBwTkLNhwvohDC9AkXwyFcP4D0eKf1x5T09k7Ef5cUxrs2e1Mx0kX32xOzP-88eQeKfCtVxoYW1-aQboopWtAfGWBRt90FW3WSiN75wu4klQKp0BUEKbBcVja-DhWFMB7x5qsDWgOJsOvEvrFcKLsHw-ls2Aa4LDJpuxUVRvUjdUOzKQbXDN0Bivu20370v66dC_uiiZMt6JLvKySK1RSa6YFSgk-a34HlQHfE6K9EUm2ea8ZO9IA7i9VFGYbiprTW4-9M5x0r8BLbyPs0I3usHQzEe-hQiz50XgMzc-SuHOCTd3ARsSI138IWu2vXp1j3k3uJFTXdi8KZFDOgAI-B3wZikA4I6MpPUspsRM5u0QlC5spTRbmCD-WB9euhS5dKfKobzObCRCESkanI7r4I7Kp3aNezWw_t4NJ7jDWOIdNyPH8EjxZwiRm9ufi2x38ooL_lLmfZmhuHobSk8FTEN0cTTbWi2Iigo9j8jv0yii8HxmQ%26adurl%3D&documentReferer=http%3A%2F%2Fwww2.kusports.com%2F&ancestorOrigins=http%3A%2F%2Fwww2.kusports.com%2Chttp%3A%2F%2Fwww2.kusports.com&random=2717235132795&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/dfkx1snbhmf9?subid=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC2lMlxqYgYZGtBIHT3gPbiorYBrv6hIpXn8Oo5tEK8C4QASCIgL8UYLn4x4DcAcgBCakCMNUT5B2hsz6oAwGqBL8BT9B25rzIGjerHEbdFchU2nm-XyWpJByV5X8YYf_bHEWAaJMcLCkEs1oEzv6UB-wld1jGT_9en0p41h-4Drzhl2t7pd43qFW7U9fqF8995Wvh4mTxJbelKRa5p2jgBvRZ9xHt73RAwnnIb4nkqlnHjk5Z7vbe95EtSuZY0Hx6UYljFUuLLW0BltcTpHTIScz4G6H-orheGgAYkJy55q4dAZl53obZqMml12PbQSzlYywgTYjZS0LWGdq_ni7IMgfABJiyoIHGAeAEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG6gHqpuxAtgHANIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNjA4MjE1OTEyMjQwNTA5N4AKA5gLAcgLAYAMAbAT2tC1CtATANgTA4gUAdgUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoJuOkW2UzqJKJI1jE7bgppQ%26sig%3DAOD64_1Lr_QyCNRB8TjwloGQaHAy9-7klA%26client%3Dca-pub-6163857992956964%26dbm_c%3DAKAmf-DQ6D7I4SDwUYkrQPNpG7-04sse_yD6Ph-QguTR4Ne0HKgpn_vwRfDIdPkFVgVfXd11_UN1gghqUzp2eU-alVnqxHrp7Iujvqjm4A3TUlKFHAgDEkz-iXRe34_9Xa1w5qBkF00JZzF2y7_KX-dlEFaGrIbuBw%26cry%3D1%26dbm_d%3DAKAmf-CBwTkLNhwvohDC9AkXwyFcP4D0eKf1x5T09k7Ef5cUxrs2e1Mx0kX32xOzP-88eQeKfCtVxoYW1-aQboopWtAfGWBRt90FW3WSiN75wu4klQKp0BUEKbBcVja-DhWFMB7x5qsDWgOJsOvEvrFcKLsHw-ls2Aa4LDJpuxUVRvUjdUOzKQbXDN0Bivu20370v66dC_uiiZMt6JLvKySK1RSa6YFSgk-a34HlQHfE6K9EUm2ea8ZO9IA7i9VFGYbiprTW4-9M5x0r8BLbyPs0I3usHQzEe-hQiz50XgMzc-SuHOCTd3ARsSI138IWu2vXp1j3k3uJFTXdi8KZFDOgAI-B3wZikA4I6MpPUspsRM5u0QlC5spTRbmCD-WB9euhS5dKfKobzObCRCESkanI7r4I7Kp3aNezWw_t4NJ7jDWOIdNyPH8EjxZwiRm9ufi2x38ooL_lLmfZmhuHobSk8FTEN0cTTbWi2Iigo9j8jv0yii8HxmQ%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.164 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 3fdeab47e75875c664500624f625f981908e092e170f6fc56e104822c6d82708

Request headers

Referer: https://24bac2d42da8d01b8705ae2442e3d932.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 21 Aug 2021 07:10:04 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 91809500032691000628834011693006
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 329
Expires: Sat, 21 Aug 2021 08:10:04 +0200

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame B41B 11 KB
8 KB 19ms
19ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021081901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js?31062334

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

662e123f7702f0b4859ddaae12f8f89b38013e8ca6d4fe8c86ada4d73b2f77e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 21 Aug 2021 07:10:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8586
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame B41B 17 KB
6 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js?31062334

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:10:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Sat, 21 Aug 2021 07:10:00 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame DE31 12 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www2.kusports.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www2.kusports.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Fri, 20 Aug 2021 18:33:19 GMT
expires: Sat, 20 Aug 2022 18:33:19 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 45401
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 96DE 783 B
533 B 15ms
15ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

31d969b208e5049c545a15dad19d0a8ca82f72824ffa2c4d58f6bfbf661f0ae6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FvzogVDKVvYhSuSwrao1Ug' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www2.kusports.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www2.kusports.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 21 Aug 2021 07:10:00 GMT
date: Sat, 21 Aug 2021 07:10:00 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-FvzogVDKVvYhSuSwrao1Ug' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 LPVuzLK1TyzEP0FlVkI4C3aV71n8MLJs6dtRUJPDU8s.js Show response
pagead2.googlesyndication.com/bg/ Frame DE31 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/LPVuzLK1TyzEP0FlVkI4C3aV71n8MLJs6dtRUJPDU8s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2cf56eccb2b54f2cc43f41655642380b7695ef59fc30b26ce9db515093c353cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 18:34:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45341
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13273
x-xss-protection: 0
last-modified: Mon, 09 Aug 2021 14:48:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 Aug 2022 18:34:19 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B41B 0
20 B 41ms
40ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021081901&jk=3759722845301095&bg=!OTqlOn7NAAZvV8FTb1c7ACkAdvg8WkiNYoUFD9jxxWxFEOBZ33jVGL-VPfTtVHtpT6nrUJSGOH7KSQIAAABcUgAAAAtoAQcKAGGuz7rHjrT9eq8ehsh1kTyJ-p_tHexE-UaUplgvE8NdRSXsU43tfi9BrwXn7PzxPEJHmYeCyqH1SOnnoZRz5ucYa6OwEiO5XDiAiWZaNxWP_JKT3QiHc_j-kDoriXzguTYbmQKVCxrUC2ExDb447LsLiuDEob3iZ7noVckgGzk0jZ-T7PexujDYC2cmh57TckwNxmcL9chylwRXNH66mEuLXVudUojaOqUe-u3gRBSWAPdZiECmsaPCXzWcLRN-MbtyB0Rufio9ygf7f3JaaZQXZJjHCaQcLTubxo_iUQUh9F_UQdWNamOGx00IWBnJP6ygU9EJOXaNSf6PEYyjJbmtHJANTQRD4Pe9_0rc65SGaKKR5bA5Y-yJIzlg93HnBs3a3BvRC44yT4F6B-gSYuhVgqWU1BdiBnBubrR0LPBYoZsTAgE4Oo3G92ZXrX_Cb5JHaack2AV99MIKpuGGHkb5PxZF7BZTdpnmbqOGD95aq7BjBP9wAXGkwYJU5LQLFn3kKzsswaMWcEycZd9EUDkIKqrZe7461EcEH1lFJ4a2hm4sXLyDVQVlXwk-CUzKLxQJ1tRdR6DePdL2u3pnxYCrNEjMsCXW-ST_xgOCGd4KwBPZN2S6yOLrmz2PIsEInJ01yWT9bR5ixDN0BFGVlGj7BB51iiYjkyt1DBKGvaK-DTmmTQPFD9nFCcbVDIsbDsysbqwokks5YPGZDYIBGEoZlC9bQUrcc2KZ2PXMrwPl1ne3hWsmmbj_UDqiEqh4AqHQXu4Z39XjmYiFI6WwgeBsUB1RXOCVBwxLV51It0ZMUDMR7Oqd8p9pmKwCvHdwTsN9VtEvS_-Aksp2h-MzM_pAvtcIbUbGFpTZ513Fdz4L25YV3pyP9fqt_z25Q4ST_pudxN3KPiA8M3NBqKm8JRVfkV5Vn0cA9X4Habx8SqEtSSu7veJs0aGFvXCLT_aonDPVES9GYm2TGFe0-wPkC5qISC7yfAiOUCAos0aaAd9Ec-qtvJMYfor1fQ

Requested by

Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:10:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B5D6 42 B
174 B 28ms
28ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstE0Uf33PXIyzXAbERLcbo8NgovMk2_V1YIKQ_UX9TK8NEqvY_bZY05mQaucbOH7AGRsePkr7stz8jmSpqfHKOZ8JssY_PeMmB_lzM7Bz1KNyPt&sai=AMfl-YTyNTtVcJKRlJ9shrFN8fPscY9sI8_bpaHRJJVKRMwoY_lYoW-fChEt1n9v1MgslDFsbiLC9xNNWL1bniwhG_Ni_v5byDEeMiQEs36O8sThAnO31DzS5ahCQ2o&sig=Cg0ArKJSzHWc4hNqaKlzEAE&cid=CAASEuRoA0-pKwQxVfOBmO4ShPPxiA&id=lidar2&mcvt=1000&p=0,0,600,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210820&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=371969004&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&eosm=0&rst=1629529797977&dlt=148&rpt=2262&isd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:10:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal900014.redintelligence.net/ Frame FF46 0
150 B 27ms
27ms Script
text/html 176.9.26.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900014.redintelligence.net/viewability?s=29579600032670500628846011693014&a=dee8c254&vb=v
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=29579600032670500628846011693014&a=02f85d2d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.26.9.176.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hal900014.redintelligence.net/request_content.php?s=29579600032670500628846011693014&a=02f85d2d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:10:01 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

POST
H2 200 v2ukp8--BLTbwcVAXd2m1T6cKHxe_o2FT_5lm-Np7UTZYl-_D7J-dxVg370A1D33CYOv84zM Show response
butterbulb.com/ 216 B
614 B 340ms
255ms Fetch
application/json 35.201.98.64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://butterbulb.com/v2ukp8--BLTbwcVAXd2m1T6cKHxe_o2FT_5lm-Np7UTZYl-_D7J-dxVg370A1D33CYOv84zM

Requested by

Host: quizzicalzephyr.com
URL: https://quizzicalzephyr.com/v2/0/toeMSvHmP_4fPO2bOZYY87iEN82c5Cz4OimLjg_YbLj670aB-v2iE843QETaIw-2wkW6Lth0vCX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.98.64 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

64.98.201.35.bc.googleusercontent.com

Software

Resource Hash

c32a0425a5aaca3e034a857df93ca646b580f3ea8837a83b9b818aaa800a6e74

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
date: Sat, 21 Aug 2021 07:10:02 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: http://www2.kusports.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: 0586a9fb
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 216
expires: Sat, 21 Aug 2021 07:10:00 GMT

GET
H/1.1 200
OK request_content.php Show response
hal90002.redintelligence.net/ Frame 65E5 7 KB
3 KB 79ms
27ms Document
text/html 46.4.10.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90002.redintelligence.net/request_content.php?s=46191500029690300628834011693002&a=c650bb98
Requested by: Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request.php?zone=dfkx1snbhmf9&nw=20&renderingType=javascript&namespace=6e06e48382&subid=&uid=fb409a6483662485&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCM7MzxqYgYbyZCJzD7_UPweyjmAu7-oSKV5_DqObRCvAuEAEgiIC_FGC5-MeA3AHIAQmpAjDVE-QdobM-qAMBqgS_AU_QYAPQJhkC-9iPkfpO0NCtpaeho88dvIGzzg5vE2fCjcAk1dn8FwFj8rv22si8R1Cf1Gje1P-Xwh2oiq68iqkg3uZ1BEOD5PuH7uDE2UYDdyDsu2Eof-9NBmRZVMkGiAQQz60SCEykLVakqnrQZ6ckGRMyFHTRu2z0jDTIuz4dad5oGnr1rFcOpkClWQqTfJR-InMe0vZQvIIDrvqtTTIPru2TK02vvHQn_5Z7hIY24tC-HYWmzOB5g0jF2S8jwASYsqCBxgHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BuoB6qbsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTYwODIxNTkxMjI0MDUwOTeACgOYCwHICwGADAGwE9rQtQrQEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRohWf2q64xqbLQpwnCo92Uaw%26sig%3DAOD64_3skvvU0FV1nQkILwVMRdQmx_vSgQ%26client%3Dca-pub-6163857992956964%26dbm_c%3DAKAmf-Duq9Ff2_qClMOSEtOF8ighv6maVSig6o3QkjVMeKHX6UI30AGdEraNKva3Pzsqab49phmo9ARDOgi4URUIDyLvEc7ARrxqE8ZysenqcWDKIabF2RbjCTsriOqGjaNa-8fKnc2QIswhvekHJhhLF8jzaPV9nw%26cry%3D1%26dbm_d%3DAKAmf-D2fmDFn7eCHsYsJfjlUTtiX_4kGt7hd-XG16z2JbrpY0rsiKNIchBsD43aDY_2tP0KAaVaix5QDn8t6QcR7SHLLzXKePaZ6-qHp1YZ8EuKjL8YaVwUX4dBeiVQHf1TcxvfYid312PFQHf4pM5bTeieQvQFIBqG86HI6QX4WUUfNojQ9zEB7HctwOQdRzOQgJNwufImG0HFahVpHKkD2DXgz0r8P_HJPIlPG5j3Yy5RfWc53NQty7V9VH-QneILygarCYmDBmbPxO_5C0dDdSp_r_XO7zbs58Gn6oZFPeFiqN84GfNKfCG8izxiX1F4k5snlxfSGpO4R1Cx9UcGnb6AwnUDn5RPa7EBMHfx9m9HtMH-8ff89Fp9-hdEzM4AxfHjB4v0YHbUVh3r7QEI__Fe2a6DI6QQ4NaOjQSaQKvtsPxFSOBIZKtIQFZngpogqBKR_9XAKyIXUuN8NTlD-EXCkrH3Ge6Mab8vTopuPUCcNpsOALA%26adurl%3D&documentReferer=http%3A%2F%2Fwww2.kusports.com%2F&ancestorOrigins=http%3A%2F%2Fwww2.kusports.com%2Chttp%3A%2F%2Fwww2.kusports.com&random=9286033183112&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.47.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: f5de0a94a29afb8b2ff87bec929e3d7f961c14076a4c1e98623ab4244982faf2

Request headers

Host: hal90002.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: 8lcfmzhxc8d6_uid=e1e78e789029fb19
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com/

Response headers

Date: Sat, 21 Aug 2021 07:10:02 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Sat, 21 Aug 2021 08:10:02 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2316
Connection: close
Content-Type: text/html; charset=utf-8

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0B04 1 KB
749 B 6ms
6ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com
URL: https://370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 21 Aug 2021 03:09:05 GMT
expires: Sun, 22 Aug 2021 03:09:05 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 14456
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 4FBA 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 874ca1f813b32def0c6593a8b8bd33c5dee86b0a97d290ea680631cca98577b7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 0B04
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAeF1MZgNFd1BO718kq3Hik&google_cver=1&google_push=AYg5qPKfbjF3vBK1PHuyCvw-AhYsWRlpcgu_vAj1hg_FWvsswKwMJB5bJ1QQg6Xs96tWoQQ0T088GPd03Nl3WWsZViJOGu5HU-6i
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODYzODcyMTk1OTAyMTA3NDQ2NA==
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm=&google_sc=&google_hm=ODYzODcyMTk1OTAyMTA3NDQ2NA==&google_tc=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEIfavHZ7arJblrWM-YWPBIM&google_cver=1

43 B
407 B

20ms
13ms

Image
image/gif

2001:678:cb4:bbbb::11
TURN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEIfavHZ7arJblrWM-YWPBIM&google_cver=1
Requested by: Host: 370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com
URL: https://370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:10:01 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:10:02 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEIfavHZ7arJblrWM-YWPBIM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 0B04 0
191 B 37ms
35ms Image
text/plain 66.155.71.149
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEGvZVQMR1GL2xen-4OhxZoQ&google_cver=1&google_push=AYg5qPJoEZMb6jmwbIduAUulSUUITqNAWExsV6HYhtoxwTd2jQQJRx-fgTdNHOrjko-r4GvAVJYHKLhGFlEsRL6GVIyo5kFAcbCm
Requested by: Host: 370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com
URL: https://370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:10:01 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 0B04 0
136 B 60ms
22ms Image
text/plain 34.96.105.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEHf2JYV0jbJc8M03CUXcPPA&google_cver=1&google_push=AYg5qPIdXK5GOC_GG-vjGegt9Ecachq2R_ukkWE6Hn8CVDT5WOaeT1pFDTVI7iIHBJo4NewmOYOmsHFZriWHC_nn-cX8p7T_UTEO
Requested by: Host: 370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com
URL: https://370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:10:02 GMT
via: 1.1 google
alt-svc: clear

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 0B04
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIjJLpSMx_Ul3cG69OD22AU&google_cver=1&google_push=AYg5qPIYtB7tkqUdLtUg_wZ851QJ3GWo72laMGAFyUh5VeftgpD_IERhoZfTGv6OkcDb4vcnPMUsZSGICeNQG5krjRtjF-x...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPIYtB7tkqUdLtUg_wZ851QJ3GWo72laMGAFyUh5VeftgpD_IERhoZfTGv6OkcDb4vcnPMUsZSGICeNQG5krjRtjF-xvJ8U&google_hm=NzIyOTU0NjAxNTI0Mzc1Nzk...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPIYtB7tkqUdLtUg_wZ851QJ3GWo72laMGAFyUh5VeftgpD_IERhoZfTGv6OkcDb4vcnPMUsZSGICeNQG5krjRtjF-xvJ8U&google_hm=NzIyOTU0NjAxNTI0Mzc1Nzk...

170 B
188 B

33ms
33ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPIYtB7tkqUdLtUg_wZ851QJ3GWo72laMGAFyUh5VeftgpD_IERhoZfTGv6OkcDb4vcnPMUsZSGICeNQG5krjRtjF-xvJ8U&google_hm=NzIyOTU0NjAxNTI0Mzc1NzkzMw%3D%3D&google_tc=

Requested by

Host: 370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com
URL: https://370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:10:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:10:02 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPIYtB7tkqUdLtUg_wZ851QJ3GWo72laMGAFyUh5VeftgpD_IERhoZfTGv6OkcDb4vcnPMUsZSGICeNQG5krjRtjF-xvJ8U&google_hm=NzIyOTU0NjAxNTI0Mzc1NzkzMw%3D%3D&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 426
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 0B04
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RRWS0OcnTzqNqTC4AU3QXw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

33ms
32ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RRWS0OcnTzqNqTC4AU3QXw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJXwyd6x7GZ1P_RHUquvO1htF4hGV552_CueAM9Ai_ZDjKod3G6o4zXaGI46ozNSo0uO4b1umgUGo35aXYcJycK1rR1qS2X

Requested by

Host: 370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com
URL: https://370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:10:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RRWS0OcnTzqNqTC4AU3QXw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJXwyd6x7GZ1P_RHUquvO1htF4hGV552_CueAM9Ai_ZDjKod3G6o4zXaGI46ozNSo0uO4b1umgUGo35aXYcJycK1rR1qS2X
date: Sat, 21 Aug 2021 07:10:02 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 0B04
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEK4C2DQG-AThdx43ROQImIc&google_cver=1&google_push=AYg5qPLbqOC-HlaZN2k1GPck6I2FfCWSEXrLssKrCxdEGJ58eoxOyMWW7nUPsnRdh7TgcRYJR0g0q7OL1KAaU42iahJKpQ...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEK4C2DQG-AThdx43ROQImIc&google_cver=1&google_push=AYg5qPLbqOC-HlaZN2k1GPck6I2FfCWSEXrLssKrCxdEGJ58eoxOyMWW7nUPsnRdh7TgcRYJR0g0q7OL1KAaU42i...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=c2nG1QrHTqaDe_OlCc-1HQ&google_push=AYg5qPLbqOC-HlaZN2k1GPck6I2FfCWSEXrLssKrCxdEGJ58eoxOyMWW7nUPsnRdh7TgcRYJR0g0q7OL1KAaU42...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=c2nG1QrHTqaDe_OlCc-1HQ&google_push=AYg5qPLbqOC-HlaZN2k1GPck6I2FfCWSEXrLssKrCxdEGJ58eoxOyMWW7nUPsnRdh7TgcRYJR0g0q7OL1KAaU42...

170 B
188 B

92ms
91ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=c2nG1QrHTqaDe_OlCc-1HQ&google_push=AYg5qPLbqOC-HlaZN2k1GPck6I2FfCWSEXrLssKrCxdEGJ58eoxOyMWW7nUPsnRdh7TgcRYJR0g0q7OL1KAaU42iahJKpQKN4zdw&google_tc=

Requested by

Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:10:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:10:03 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=c2nG1QrHTqaDe_OlCc-1HQ&google_push=AYg5qPLbqOC-HlaZN2k1GPck6I2FfCWSEXrLssKrCxdEGJ58eoxOyMWW7nUPsnRdh7TgcRYJR0g0q7OL1KAaU42iahJKpQKN4zdw&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 430
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 0B04
Redirect Chain

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEPCio4oo4B-FZEDIGZbAxbM&google_cver=1&google_push=AYg5qPL43AXpIdmg3JHCSOHhrXsmtYET5PhvNHvcSKoXir46IY08XBW3OwPIOmbBTsRIJ6ap-5c4Zv9Gvp1XnzN-2SZAVeX...
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPL43AXpIdmg3JHCSOHhrXsmtYET5PhvNHvcSKoXir46IY08XBW3OwPIOmbBTsRIJ6ap-5c4Zv9Gvp1XnzN-2SZAVeXkXNpY&google_hm=NzY4MzYyODQ...
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPL43AXpIdmg3JHCSOHhrXsmtYET5PhvNHvcSKoXir46IY08XBW3OwPIOmbBTsRIJ6ap-5c4Zv9Gvp1XnzN-2SZAVeXkXNpY&google_hm=NzY4MzYyODQ...

170 B
188 B

33ms
33ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPL43AXpIdmg3JHCSOHhrXsmtYET5PhvNHvcSKoXir46IY08XBW3OwPIOmbBTsRIJ6ap-5c4Zv9Gvp1XnzN-2SZAVeXkXNpY&google_hm=NzY4MzYyODQzNTU1NzAwNDk4Ng==&google_tc=

Requested by

Host: 370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com
URL: https://370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:10:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:10:02 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPL43AXpIdmg3JHCSOHhrXsmtYET5PhvNHvcSKoXir46IY08XBW3OwPIOmbBTsRIJ6ap-5c4Zv9Gvp1XnzN-2SZAVeXkXNpY&google_hm=NzY4MzYyODQzNTU1NzAwNDk4Ng==&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 434
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame 0B04 0
12 B 31ms
30ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K4FeF_bYpNkicqIeK_557CFamqBsUxWdmzYN7jA-yZd9GU0__RFpwwUw-luPv5-_BPFm9Oow

Requested by

Host: 370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com
URL: https://370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:10:02 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame 65E5 89 KB
32 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js

Requested by

Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=46191500029690300628834011693002&a=c650bb98

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:07:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43357
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32245
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Aug 2022 19:07:25 GMT

GET
H/1.1 200
OK 728x90-MSSTORE-Office2016-Launch%20(1).jpg
cdn.contentspread.net/24i/advertiser/14265/creativesup/ Frame 65E5 38 KB
38 KB 589ms
56ms Image
image/jpeg 88.99.70.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/advertiser/14265/creativesup/728x90-MSSTORE-Office2016-Launch%20(1).jpg
Requested by: Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=46191500029690300628834011693002&a=c650bb98
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.70.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.21.70.99.88.clients.your-server.de
Software: nginx /
Resource Hash: befc03cec33e0f6c9233dc9c2284cec6da376b548ab30a9e291a12226c9135f4

Request headers

Referer: https://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:10:02 GMT
Last-Modified: Tue, 16 Feb 2016 11:37:05 GMT
Server: nginx
ETag: "56c309e1-96da"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 38618

GET
H/1.1 200
OK viewability Show response
hal90002.redintelligence.net/ Frame 65E5 0
150 B 82ms
28ms Script
text/html 46.4.10.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90002.redintelligence.net/viewability?s=46191500029690300628834011693002&a=16456f0e&vb=m
Requested by: Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=46191500029690300628834011693002&a=c650bb98
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.47.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hal90002.redintelligence.net/request_content.php?s=46191500029690300628834011693002&a=c650bb98
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:10:02 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 65E5 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

POST
H2 200 v2mccxWpZajNYRxhfJcqvrov5zhTSHRkPhvy_eHCP89yGf5Ek81mdUMFanbZTi9VUafYBHI8 Show response
butterbulb.com/ 3 B
36 B 42ms
41ms Fetch
application/json 35.201.98.64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://butterbulb.com/v2mccxWpZajNYRxhfJcqvrov5zhTSHRkPhvy_eHCP89yGf5Ek81mdUMFanbZTi9VUafYBHI8

Requested by

Host: quizzicalzephyr.com
URL: https://quizzicalzephyr.com/v2/0/toeMSvHmP_4fPO2bOZYY87iEN82c5Cz4OimLjg_YbLj670aB-v2iE843QETaIw-2wkW6Lth0vCX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.98.64 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

64.98.201.35.bc.googleusercontent.com

Software

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
date: Sat, 21 Aug 2021 07:10:02 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: http://www2.kusports.com
access-control-allow-credentials: true
x-hostname: 0586a9fb
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 3

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 23FA 11 KB
8 KB 21ms
20ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021081701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js?31062328

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5c128e53b1c1c71606909577244c2c1a21a5cc74bc2093cc923e4ac2f35b1df3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 21 Aug 2021 07:10:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8387
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 23FA 17 KB
6 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js?31062328

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:10:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Sat, 21 Aug 2021 07:10:02 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 779E 12 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www2.kusports.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www2.kusports.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Fri, 20 Aug 2021 18:33:19 GMT
expires: Sat, 20 Aug 2022 18:33:19 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 45403
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame FAA7 783 B
531 B 35ms
34ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

767f78008f46acdd51dddcda8996f7ead8c6bc3bb931d752890df17e451dc3d3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MsDMKgipDb76WzndPyuHaA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www2.kusports.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www2.kusports.com/

Response headers

expires: Sat, 21 Aug 2021 07:10:02 GMT
date: Sat, 21 Aug 2021 07:10:02 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-MsDMKgipDb76WzndPyuHaA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 LPVuzLK1TyzEP0FlVkI4C3aV71n8MLJs6dtRUJPDU8s.js Show response
pagead2.googlesyndication.com/bg/ Frame 779E 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/LPVuzLK1TyzEP0FlVkI4C3aV71n8MLJs6dtRUJPDU8s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2cf56eccb2b54f2cc43f41655642380b7695ef59fc30b26ce9db515093c353cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 18:34:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45343
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13273
x-xss-protection: 0
last-modified: Mon, 09 Aug 2021 14:48:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 Aug 2022 18:34:19 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 23FA 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021081701&jk=4163108954001560&bg=!NTalNnLNAAZvV8FTb1c7ACkAdvg8WpR5I50aspISgfxTANeLRFEMmuxOKixK2gsZzB2WVhYG6WxhkAIAAABqUgAAABVoAQcKABoHZm-d1A6NnJ8kK3u6Gdm_vg2J2y5g-tGzAZkCh68SJAfOgW628tFcCDMHvWHkFXhdJGUtdus_SGiHkl-Alhfdo_eYswiyIX7iww_Od5jHLvkj4AYKQ4JPnryVNEcY5_M-zzXMsVb49BG4HoxtQ7iY7vojsbMrmBXGfLvuROHFKQCSjt07mKhBmYufYc2us4T6okFHIGgijTOnvsOkYPNgqExcA95FHk4fSmLo2ImxRqEFdZKYjtsvKaGGg2gQD9-SqYXY2nZp-9DYyxaGmCNhJfzPe4IRC2-o6Gpj5K1cdoLe4-TVpUSI7lxFlSkh62Khzd9Qal4oPg46XORZGGLv_z5JFvBdPOka2YGQkqT8nHqho163OrRUIZYwoASOX85Ke3sctcViOeDvgMRxHdrz5ro2q92Bi7Qv8CvRI3Zv8h81KZLjnconJraXfJ_w2KUUCklXLc62E7MkRsNKnueZjeGHzwuaT4umwDX_zEdK8hTK1pX9o4zy00HNW6UHLIjvssrhsE19REttMc8IBoGTzgqW2u8OlR5Iy7WlLUdl9_sjUZrkDo3SMUvS6CT7ZLnfqqaYfi0cBZTCj__RlBWwOWw5py7Be2fRffZSD3CQgcuV-7Xg7UPYXXjZ3XDF6bfkpxrqoDuiilqK4YOHILGK3ngUK-8laxpmFgsJSUr3yjb2CD0GsSStTpEXfvlUOUJSwH0N-YWGSJ3Q1Y_cOE0_7UOYjRSknBB3OX_1BnCOFLKHYqNcFjHdsrbe1p3B7xzDQfojoVdpIelr-f9UOF35bAQs0Aguz0ZwAqpg8NAMxb6bppVnz4UGv_e8UChmwyH1d_9o2F0puNqxrVNpF-CV5a8jvs96NfyRTw7BamRms0psjlc56wxtzxQLzK9b6Y_-Z6e1

Requested by

Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www2.kusports.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:10:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK request_content.php Show response
hal90006.redintelligence.net/ Frame 6D36 7 KB
3 KB 82ms
28ms Document
text/html 138.201.63.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90006.redintelligence.net/request_content.php?s=91809500032691000628834011693006&a=4810d49f
Requested by: Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request.php?zone=dfkx1snbhmf9&nw=20&renderingType=javascript&namespace=620063c898&subid=&uid=f6f38656dafa33ae&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC2lMlxqYgYZGtBIHT3gPbiorYBrv6hIpXn8Oo5tEK8C4QASCIgL8UYLn4x4DcAcgBCakCMNUT5B2hsz6oAwGqBL8BT9B25rzIGjerHEbdFchU2nm-XyWpJByV5X8YYf_bHEWAaJMcLCkEs1oEzv6UB-wld1jGT_9en0p41h-4Drzhl2t7pd43qFW7U9fqF8995Wvh4mTxJbelKRa5p2jgBvRZ9xHt73RAwnnIb4nkqlnHjk5Z7vbe95EtSuZY0Hx6UYljFUuLLW0BltcTpHTIScz4G6H-orheGgAYkJy55q4dAZl53obZqMml12PbQSzlYywgTYjZS0LWGdq_ni7IMgfABJiyoIHGAeAEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG6gHqpuxAtgHANIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNjA4MjE1OTEyMjQwNTA5N4AKA5gLAcgLAYAMAbAT2tC1CtATANgTA4gUAdgUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoJuOkW2UzqJKJI1jE7bgppQ%26sig%3DAOD64_1Lr_QyCNRB8TjwloGQaHAy9-7klA%26client%3Dca-pub-6163857992956964%26dbm_c%3DAKAmf-DQ6D7I4SDwUYkrQPNpG7-04sse_yD6Ph-QguTR4Ne0HKgpn_vwRfDIdPkFVgVfXd11_UN1gghqUzp2eU-alVnqxHrp7Iujvqjm4A3TUlKFHAgDEkz-iXRe34_9Xa1w5qBkF00JZzF2y7_KX-dlEFaGrIbuBw%26cry%3D1%26dbm_d%3DAKAmf-CBwTkLNhwvohDC9AkXwyFcP4D0eKf1x5T09k7Ef5cUxrs2e1Mx0kX32xOzP-88eQeKfCtVxoYW1-aQboopWtAfGWBRt90FW3WSiN75wu4klQKp0BUEKbBcVja-DhWFMB7x5qsDWgOJsOvEvrFcKLsHw-ls2Aa4LDJpuxUVRvUjdUOzKQbXDN0Bivu20370v66dC_uiiZMt6JLvKySK1RSa6YFSgk-a34HlQHfE6K9EUm2ea8ZO9IA7i9VFGYbiprTW4-9M5x0r8BLbyPs0I3usHQzEe-hQiz50XgMzc-SuHOCTd3ARsSI138IWu2vXp1j3k3uJFTXdi8KZFDOgAI-B3wZikA4I6MpPUspsRM5u0QlC5spTRbmCD-WB9euhS5dKfKobzObCRCESkanI7r4I7Kp3aNezWw_t4NJ7jDWOIdNyPH8EjxZwiRm9ufi2x38ooL_lLmfZmhuHobSk8FTEN0cTTbWi2Iigo9j8jv0yii8HxmQ%26adurl%3D&documentReferer=http%3A%2F%2Fwww2.kusports.com%2F&ancestorOrigins=http%3A%2F%2Fwww2.kusports.com%2Chttp%3A%2F%2Fwww2.kusports.com&random=2717235132795&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.164 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 1609904e950fae9abb8ab94ee19689323fd48c50025cae62cae456af824bb360

Request headers

Host: hal90006.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://24bac2d42da8d01b8705ae2442e3d932.safeframe.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: 8lcfmzhxc8d6_uid=6c582eb4d9cbb716
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://24bac2d42da8d01b8705ae2442e3d932.safeframe.googlesyndication.com/

Response headers

Date: Sat, 21 Aug 2021 07:10:04 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Sat, 21 Aug 2021 08:10:04 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2316
Connection: close
Content-Type: text/html; charset=utf-8

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame FAD4 1 KB
788 B 6ms
6ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 24bac2d42da8d01b8705ae2442e3d932.safeframe.googlesyndication.com
URL: https://24bac2d42da8d01b8705ae2442e3d932.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://24bac2d42da8d01b8705ae2442e3d932.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://24bac2d42da8d01b8705ae2442e3d932.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 20 Aug 2021 11:56:19 GMT
expires: Sat, 21 Aug 2021 11:56:19 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 69225
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 7D13 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb5ad1edb93954ca2bd21e431dc25f7af17c03bc65202ed44bd3a41bd5fd92de

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame FAD4
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAFglsFCB5RfZVEfv7SbdRc&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAFglsFCB5RfZVEfv7SbdRc&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dWs2NlV3UlkxTWhsOE01&google_gid=CAESEAFglsFCB5RfZVEfv7SbdRc&google_cver=1&google_push=AYg5qPJBoVRkKShipX8t7aHjLotLfSyFm2UxYAa7Ssh6Rhj...

170 B
188 B

34ms
34ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dWs2NlV3UlkxTWhsOE01&google_gid=CAESEAFglsFCB5RfZVEfv7SbdRc&google_cver=1&google_push=AYg5qPJBoVRkKShipX8t7aHjLotLfSyFm2UxYAa7Ssh6RhjPCcHJGYrRsRGkL4von6pKEz5nCXL3oFWzDl3h0Lf-CB-QI48kEMU

Requested by

Host: 24bac2d42da8d01b8705ae2442e3d932.safeframe.googlesyndication.com
URL: https://24bac2d42da8d01b8705ae2442e3d932.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:10:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 21 Aug 2021 07:10:04 GMT
Server: PingMatch/v2.0.30-661-ga8ef792#rel-ec2-master i-07ed93884cf47b6e0@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=604800; includeSubDomains
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dWs2NlV3UlkxTWhsOE01&google_gid=CAESEAFglsFCB5RfZVEfv7SbdRc&google_cver=1&google_push=AYg5qPJBoVRkKShipX8t7aHjLotLfSyFm2UxYAa7Ssh6RhjPCcHJGYrRsRGkL4von6pKEz5nCXL3oFWzDl3h0Lf-CB-QI48kEMU
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame FAD4
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJnVF2Z_rP2l5zQXmwawky8&google_push=AYg5qPKihcSsC3jZKIf0IWDv1494Hrzb6-LwXd7uPnzwlmZ6ThWn1daf4M...

170 B
188 B

198ms
198ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJnVF2Z_rP2l5zQXmwawky8&google_push=AYg5qPKihcSsC3jZKIf0IWDv1494Hrzb6-LwXd7uPnzwlmZ6ThWn1daf4MvlV_GrGajLbrZMHA_0ZZoyxG3UjC96UWVlVv3HDwI

Requested by

Host: 24bac2d42da8d01b8705ae2442e3d932.safeframe.googlesyndication.com
URL: https://24bac2d42da8d01b8705ae2442e3d932.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:10:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:10:04 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1629529804.399686,VS0,VE94
x-served-by: cache-fra19131-FRA
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJnVF2Z_rP2l5zQXmwawky8&google_push=AYg5qPKihcSsC3jZKIf0IWDv1494Hrzb6-LwXd7uPnzwlmZ6ThWn1daf4MvlV_GrGajLbrZMHA_0ZZoyxG3UjC96UWVlVv3HDwI
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame FAD4
Redirect Chain

https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=10&external_id=&google_gid=CAESELfbXD5esXMjz25O9mqCev4&google_cver=1&google_push=AYg5qPLNkyi-Vuq9CLPN-8Iyk9G_HEMYKQQqE6VC4-BXyJGGsNdUhQRA1W7fzPZyF2gKK...
https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPLNkyi-Vuq9CLPN-8Iyk9G_HEMYKQQqE6VC4-BXyJGGsNdUhQRA1W7fzPZyF2gKK5XIG593yYPsN_jO9U3myh5mgnId7A&google_hm=QU5uUUVKYTlvbFZ3OVZhYUM3V2...

170 B
188 B

34ms
34ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPLNkyi-Vuq9CLPN-8Iyk9G_HEMYKQQqE6VC4-BXyJGGsNdUhQRA1W7fzPZyF2gKK5XIG593yYPsN_jO9U3myh5mgnId7A&google_hm=QU5uUUVKYTlvbFZ3OVZhYUM3V2J6anc=

Requested by

Host: 24bac2d42da8d01b8705ae2442e3d932.safeframe.googlesyndication.com
URL: https://24bac2d42da8d01b8705ae2442e3d932.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:10:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPLNkyi-Vuq9CLPN-8Iyk9G_HEMYKQQqE6VC4-BXyJGGsNdUhQRA1W7fzPZyF2gKK5XIG593yYPsN_jO9U3myh5mgnId7A&google_hm=QU5uUUVKYTlvbFZ3OVZhYUM3V2J6anc=
Date: Sat, 21 Aug 2021 07:10:04 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame FAD4
Redirect Chain

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEFOSTvY5HDwbQ9I6NXQQRlY&google_cver=1&google_push=AYg5qPJYUAGTai7lMBxD_o9NAbDIS9h9DLV0Gv-WGfLDd5P-wCoz3D7A0tGDy9L62AKi-c1OLMC2aagRHJpGn...
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEFOSTvY5HDwbQ9I6NXQQRlY&google_push=AYg5qPJYUAGTai7lMBxD_o9NAbDIS9h9DLV0Gv-WGfLDd5P-wCoz3D7A0tGDy9L62AKi-c1OLMC2aagRHJpGn...
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPJYUAGTai7lMBxD_o9NAbDIS9h9DLV0Gv-WGfLDd5P-wCoz3D7A0tGDy9L62AKi-c1OLMC2aagRHJpGnnB_5H8JpLbOmw&google_hm=YkVVU1ZzelJ1aVNPem1Cc0...

170 B
188 B

62ms
60ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPJYUAGTai7lMBxD_o9NAbDIS9h9DLV0Gv-WGfLDd5P-wCoz3D7A0tGDy9L62AKi-c1OLMC2aagRHJpGnnB_5H8JpLbOmw&google_hm=YkVVU1ZzelJ1aVNPem1Cc0tpVW4=

Requested by

Host: 24bac2d42da8d01b8705ae2442e3d932.safeframe.googlesyndication.com
URL: https://24bac2d42da8d01b8705ae2442e3d932.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:10:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 21 Aug 2021 07:10:05 GMT
P3p: CP="We do not support P3P header."
Location: https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPJYUAGTai7lMBxD_o9NAbDIS9h9DLV0Gv-WGfLDd5P-wCoz3D7A0tGDy9L62AKi-c1OLMC2aagRHJpGnnB_5H8JpLbOmw&google_hm=YkVVU1ZzelJ1aVNPem1Cc0tpVW4=
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Content-Length: 234
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame FAD4
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEF...
https://sync.targeting.unrulymedia.com/csync/RX-e887bdba-2eb9-4635-bb24-038934586fe8-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPIFXFGtNq-QfD88EMbQx...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPIFXFGtNq-QfD88EMbQx15WWOc-TS8JB-yF76TwLeHEZqs9d0KMKNPNXv9Sq3OlYcHqEFrTm1KCehPNevlfehfTBTnz4w&google_hm=A-iHvbouuUY1uyQDiTRYb-g
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPIFXFGtNq-QfD88EMbQx15WWOc-TS8JB-yF76TwLeHEZqs9d0KMKNPNXv9Sq3OlYcHqEFrTm1KCehPNevlfehfTBTnz4w&google_hm=A-iHvbouuUY1uyQDiTRYb-g&goo...

170 B
188 B

32ms
32ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPIFXFGtNq-QfD88EMbQx15WWOc-TS8JB-yF76TwLeHEZqs9d0KMKNPNXv9Sq3OlYcHqEFrTm1KCehPNevlfehfTBTnz4w&google_hm=A-iHvbouuUY1uyQDiTRYb-g&google_tc=

Requested by

Host: www2.kusports.com
URL: http://www2.kusports.com/users/josephinecsanford/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:10:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:10:09 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPIFXFGtNq-QfD88EMbQx15WWOc-TS8JB-yF76TwLeHEZqs9d0KMKNPNXv9Sq3OlYcHqEFrTm1KCehPNevlfehfTBTnz4w&google_hm=A-iHvbouuUY1uyQDiTRYb-g&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 413
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame FAD4
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEPfT_KCp9HgsDE81oRw94BM&google_cver=1&google_push=AYg5qPKkcYdZd6A4UOhgnlBfhwXRXkY6G-94ldXQsnp9ZWxWqJ_wjSfQheoSuZLWa7-a0jlXWe...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEPfT_KCp9HgsDE81oRw94BM&google_cver=1&google_push=AYg5qPKkcYdZd6A4UOhgnlBfhwXRXkY6G-94ldXQsnp9ZWxWqJ_wjSfQheoSuZLWa7-a0jlXWe...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS00QW9qSnBaRTJ1RWlWSzJ2am9VN2RRNGNhcnhGWUpoMn5B&google_push=AYg5qPKkcYdZd6A4UOhgnlBfhwXRXkY6G-94ldXQsnp9ZWxWqJ_wjSfQh...

170 B
188 B

32ms
32ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS00QW9qSnBaRTJ1RWlWSzJ2am9VN2RRNGNhcnhGWUpoMn5B&google_push=AYg5qPKkcYdZd6A4UOhgnlBfhwXRXkY6G-94ldXQsnp9ZWxWqJ_wjSfQheoSuZLWa7-a0jlXWe9oF8oSoI6qZs9iuR4fDbjAuo8

Requested by

Host: 24bac2d42da8d01b8705ae2442e3d932.safeframe.googlesyndication.com
URL: https://24bac2d42da8d01b8705ae2442e3d932.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:10:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 21 Aug 2021 07:10:04 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS00QW9qSnBaRTJ1RWlWSzJ2am9VN2RRNGNhcnhGWUpoMn5B&google_push=AYg5qPKkcYdZd6A4UOhgnlBfhwXRXkY6G-94ldXQsnp9ZWxWqJ_wjSfQheoSuZLWa7-a0jlXWe9oF8oSoI6qZs9iuR4fDbjAuo8
Connection: keep-alive
Content-Length: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame FAD4
Redirect Chain

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEPCio4oo4B-FZEDIGZbAxbM&google_cver=1&google_push=AYg5qPJEywKJyCDXRZk_Ts9E_CAljlpm08N8qI_CA_scTn4qvWLvOGxLpUNiyf0oguhBvuosBecqvShJT_z15dQ8Y8-ZIpa...
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPJEywKJyCDXRZk_Ts9E_CAljlpm08N8qI_CA_scTn4qvWLvOGxLpUNiyf0oguhBvuosBecqvShJT_z15dQ8Y8-ZIpaUO-in&google_hm=NzY4MzYyODQ...

170 B
188 B

32ms
32ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPJEywKJyCDXRZk_Ts9E_CAljlpm08N8qI_CA_scTn4qvWLvOGxLpUNiyf0oguhBvuosBecqvShJT_z15dQ8Y8-ZIpaUO-in&google_hm=NzY4MzYyODQzNTU1NzAwNDk4Ng==

Requested by

Host: 24bac2d42da8d01b8705ae2442e3d932.safeframe.googlesyndication.com
URL: https://24bac2d42da8d01b8705ae2442e3d932.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:10:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPJEywKJyCDXRZk_Ts9E_CAljlpm08N8qI_CA_scTn4qvWLvOGxLpUNiyf0oguhBvuosBecqvShJT_z15dQ8Y8-ZIpaUO-in&google_hm=NzY4MzYyODQzNTU1NzAwNDk4Ng==
Date: Sat, 21 Aug 2021 07:10:04 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame FAD4 0
12 B 31ms
31ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kr67Ft5T6zebZyBaI5EJxvID53ppjxaG9vxdSyVZW4KXvcVlYOLNTwwXI0YFCzSXhlWQn6SVI

Requested by

Host: 24bac2d42da8d01b8705ae2442e3d932.safeframe.googlesyndication.com
URL: https://24bac2d42da8d01b8705ae2442e3d932.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 07:10:04 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame 6D36 89 KB
32 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js

Requested by

Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request_content.php?s=91809500032691000628834011693006&a=4810d49f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hal90006.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 19:07:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43359
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32245
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Aug 2022 19:07:25 GMT

GET
H/1.1 200
OK 728x90-MSSTORE-Office2016-Launch%20(1).jpg
cdn.contentspread.net/24i/advertiser/14265/creativesup/ Frame 6D36 38 KB
38 KB 162ms
54ms Image
image/jpeg 88.99.70.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/advertiser/14265/creativesup/728x90-MSSTORE-Office2016-Launch%20(1).jpg
Requested by: Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request_content.php?s=91809500032691000628834011693006&a=4810d49f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.70.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.21.70.99.88.clients.your-server.de
Software: nginx /
Resource Hash: befc03cec33e0f6c9233dc9c2284cec6da376b548ab30a9e291a12226c9135f4

Request headers

Referer: https://hal90006.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:10:04 GMT
Last-Modified: Tue, 16 Feb 2016 11:37:05 GMT
Server: nginx
ETag: "56c309e1-96da"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 38618

GET
H/1.1 200
OK viewability Show response
hal90006.redintelligence.net/ Frame 6D36 0
150 B 331ms
58ms Script
text/html 138.201.63.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90006.redintelligence.net/viewability?s=91809500032691000628834011693006&a=54f21d5b&vb=m
Requested by: Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request_content.php?s=91809500032691000628834011693006&a=4810d49f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.164 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hal90006.redintelligence.net/request_content.php?s=91809500032691000628834011693006&a=4810d49f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:10:04 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 6D36 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7D13 42 B
64 B 29ms
28ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsspe9cQEfUD7b612zvMeQlHhpnCj3rOJvzxSAIq4ot7mksIgPhcUmcCd8ZLuHXM6fAW0B67LBgQKVFV2Y5bJWKuEg1Po3IBvSUqlm3H47HsrWOP&sai=AMfl-YQrVfAdYEnafL2sDGIBjbkBG1DEKbsRw3hIIey7O_lwq6oAMZzx2aFq-AH6XrtPRhzVHkc4Kn27Rzih3iiccxJiVWk4IqPzIL8LW0WLRStZyIo4MBa4s-F4gmg&sig=Cg0ArKJSzDb5h5I1tuaGEAE&cid=CAASEuRoJuOkW2UzqJKJI1jE7bgppQ&id=lidar2&mcvt=1001&p=0,0,90,728&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210820&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=933181869&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&eosm=0&rst=1629529798556&dlt=102&rpt=5828&isd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://24bac2d42da8d01b8705ae2442e3d932.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Aug 2021 07:10:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal90006.redintelligence.net/ Frame 6D36 0
150 B 1599ms
288ms Script
text/html 138.201.63.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90006.redintelligence.net/viewability?s=91809500032691000628834011693006&a=54f21d5b&vb=v
Requested by: Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request_content.php?s=91809500032691000628834011693006&a=4810d49f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.164 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hal90006.redintelligence.net/request_content.php?s=91809500032691000628834011693006&a=4810d49f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:10:06 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK viewability Show response
hal900014.redintelligence.net/ Frame FF46 0
150 B 330ms
27ms Script
text/html 176.9.26.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900014.redintelligence.net/viewability?s=29579600032670500628846011693014&a=dee8c254&vb=v20
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=29579600032670500628846011693014&a=02f85d2d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.26.9.176.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hal900014.redintelligence.net/request_content.php?s=29579600032670500628846011693014&a=02f85d2d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:10:20 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK viewability Show response
hal90006.redintelligence.net/ Frame 6D36 0
150 B 82ms
28ms Script
text/html 138.201.63.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90006.redintelligence.net/viewability?s=91809500032691000628834011693006&a=54f21d5b&vb=v20
Requested by: Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request_content.php?s=91809500032691000628834011693006&a=4810d49f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.164 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hal90006.redintelligence.net/request_content.php?s=91809500032691000628834011693006&a=4810d49f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 07:10:24 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: dsum-sec.casalemedia.com
URL: https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1

Domain: media.adfrontiers.com
URL: http://media.adfrontiers.com/pq?t=j2&s=1779&ac=19&at=2&xvk=13362417.036762604

Verdicts & Comments Add Verdict or Comment

176 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js(Line 6) Message: The googletag.pubads().definePassback function has been deprecated. The function may break in certain contexts, see https://developers.google.com/publisher-tag/guides/passback-tags#construct_passback_tags for how to correctly create a passback.
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081901.js?31062334(Line 6) Message: The googletag.pubads().definePassback function has been deprecated. The function may break in certain contexts, see https://developers.google.com/publisher-tag/guides/passback-tags#construct_passback_tags for how to correctly create a passback.
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js?31062328(Line 6) Message: The googletag.pubads().definePassback function has been deprecated. The function may break in certain contexts, see https://developers.google.com/publisher-tag/guides/passback-tags#construct_passback_tags for how to correctly create a passback.
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js?31062328(Line 6) Message: The googletag.pubads().definePassback function has been deprecated. The function may break in certain contexts, see https://developers.google.com/publisher-tag/guides/passback-tags#construct_passback_tags for how to correctly create a passback.
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js(Line 6) Message: The googletag.pubads().definePassback function has been deprecated. The function may break in certain contexts, see https://developers.google.com/publisher-tag/guides/passback-tags#construct_passback_tags for how to correctly create a passback.
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081801.js?31062329(Line 6) Message: The googletag.pubads().definePassback function has been deprecated. The function may break in certain contexts, see https://developers.google.com/publisher-tag/guides/passback-tags#construct_passback_tags for how to correctly create a passback.
console-api	warning	URL: http://maps.google.com/maps-api-v3/api/js/46/1/util.js(Line 242) Message: Google Maps JavaScript API warning: NoApiKeys https://developers.google.com/maps/documentation/javascript/error-messages#no-api-keys
console-api	warning	URL: http://maps.google.com/maps-api-v3/api/js/46/1/util.js(Line 242) Message: Google Maps JavaScript API warning: SensorNotRequired https://developers.google.com/maps/documentation/javascript/error-messages#sensor-not-required

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

24bac2d42da8d01b8705ae2442e3d932.safeframe.googlesyndication.com
370c6b992c0aa7dd3a2ac842a80a80e5.safeframe.googlesyndication.com
466cee8c60d200ef81f06585f3c30507.safeframe.googlesyndication.com
4b06f1ec4271cca4fc333408d857ee6a.safeframe.googlesyndication.com
51a6ece29b16f420bcfac8ec06484ba5.safeframe.googlesyndication.com
a.rfihub.com
ad.turn.com
ads.yahoo.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
b1sync.zemanta.com
butterbulb.com
c.eu1.dyntrk.com
c1.adform.net
cd91c949272e9512194b1eb023734aa5.safeframe.googlesyndication.com
cdn.contentspread.net
cdn.includemodal.com
cdn.taboola.com
cdn01.basis.net
cm.g.doubleclick.net
connect.facebook.net
d2s8wlbatk24s7.cloudfront.net
dclk-match.dotomi.com
dsum-sec.casalemedia.com
edge.quantserve.com
eed9815900d665eda5c086a66887158a.safeframe.googlesyndication.com
eu-u.openx.net
googleads.g.doubleclick.net
green.erne.co
hal9000.redintelligence.net
hal900014.redintelligence.net
hal90002.redintelligence.net
hal90006.redintelligence.net
ib.adnxs.com
image6.pubmatic.com
includemodal.com
includemodal.global.ssl.fastly.net
insight.adsrvr.org
inv-nets.admixer.net
j.mrpdata.net
loada.exelator.com
maps.google.com
maps.googleapis.com
match.360yield.com
match.adsrvr.org
match.justpremium.com
match.prod.bidr.io
match.sharethrough.com
media.adfrontiers.com
openx2-match.dotomi.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.quantserve.com
pixel.sitescout.com
pm.w55c.net
pr-bh.ybp.yahoo.com
quizzicalzephyr.com
r.turn.com
rtb.openx.net
rules.quantcount.com
s.ad.smaato.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
servedbyadbutler.com
ssp.adriver.ru
static.adsafeprotected.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.mathtag.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
tpc.googlesyndication.com
tr.blismedia.com
um.simpli.fi
ups.analytics.yahoo.com
us-ads.openx.net
us-u.openx.net
worldonline.media.clients.ellingtoncms.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www2.kusports.com
x.bidswitch.net
dsum-sec.casalemedia.com
media.adfrontiers.com
104.90.104.248
116.202.46.88
13.224.96.7
13.225.87.64
13.248.242.197
138.201.63.164
142.250.181.226
142.250.186.130
146.0.227.110
151.101.13.194
151.101.13.44
151.101.14.49
151.101.194.133
159.253.128.188
176.9.26.250
178.79.227.76
18.156.133.101
18.184.122.71
18.194.125.59
185.29.132.241
185.33.221.53
185.64.190.78
185.94.180.125
193.0.160.129
2.18.234.21
2001:678:cb4:bbbb::11
208.91.60.6
208.91.60.7
213.19.147.44
2600:9000:2156:a800:6:44e3:f8c0:93a1
2600:9000:2190:5000:d:77c3:2dc0:21
2620:116:800d:21:5a23:9c4e:e774:96c1
2620:116:800d:21:f916:5049:f87f:108e
2a00:1288:110:c305::8000
2a00:1288:80:800::7001
2a00:1450:4001:802::2002
2a00:1450:4001:803::200e
2a00:1450:4001:809::2001
2a00:1450:4001:811::2001
2a00:1450:4001:811::2002
2a00:1450:4001:812::2003
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:827::200e
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200a
2a00:1450:4001:830::2002
2a00:1450:4001:831::2001
2a00:1450:400c:c04::9a
2a02:fa8:8806:12::1370
2a02:fa8:8806:20::2010
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
3.126.56.137
3.20.200.22
3.67.233.59
34.204.22.100
34.254.108.170
34.254.143.3
34.96.105.8
34.98.64.218
35.157.53.20
35.190.90.202
35.201.98.64
35.227.252.103
35.244.159.8
37.157.4.39
46.4.10.47
51.178.20.140
51.79.83.225
52.209.141.213
52.215.67.80
52.43.92.3
66.155.71.149
70.42.32.159
81.222.128.213
87.98.242.60
88.99.70.21
94.130.102.164
012f33ee906d36ea8570c8116543eacf5392819bbb5ef4eb881cff6283636307
015090622f85a98899567e1af638e780559ecee6ac757e2b7fec302ee941b199
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
06192831a43dac617bb42d64a4e83c98ceb7c25203f434f2aaddc8c036f7d239
06ea3f6c711322097aef91b87415a2b67cdacce2b8a08baf5129935fed10591e
083b830df1f0be4914c02cc6d70b7b8c90b64cdc392146adeede388503b30e0a
088af930b2f10323f6fd31263e5977e50e82c36e704e1138ad26966e14ab2416
0a9fde07a5d576fc2edb2396849cd8f16d7d18cb5c7c7e432554bf4b5debb3e8
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb5eb51c0ee0972c3b2b6ebf6bcb3b0c1cbb7c4c93b0acd442110005c1c3289
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0cdfd1d55abcd8bc48f8b30dd402e795d4c9038ea92c3072902f4bf152b2b715
0d35142f32786296129b89d4acaee1ff5201114af38d139b384412fa38777d7a
0f8255be3850044a56c22e52aa672b62f08ee46a5b58bdffe989a32f53a507a4
0fb1fbfbe9d4bc18c5d70a4118433d8c9eb035d292c21b4237d605e12a6216e4
0fc0fbb7321bca17d95d35cbb2bcbc81ac7e78c61a50b2af2ed130a1fe6f1691
10c7052706fee828ed043c3d3fe5747abeafb811f863227f5306afecf55b7e9f
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1121d7f8fb131bce05cbaf9b75a1272f9fbed57a53cd239d2fe91ece63ed9424
11881936e5ca1aefbc53a62c35677bb5126d10ed69b15ec00f0904aa05e49e45
12799f0e028306ffe86cee47fffbfcb2d8c7bab99ab331348d6accb79b3ce11b
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
15cd950fdf0a22946139981c83584014730ea322856de684bbb7b9a638e99330
1609904e950fae9abb8ab94ee19689323fd48c50025cae62cae456af824bb360
17b91841811d67da94317ebd549a5a35e66e380be5a2ca51a34a8139f9a1415a
1979e136df73c0182593b957b1ccb3c6b659c018e3ae61b13f9db6ca3377acbd
198709e2be17bab491d8096135ba1b75ba635aa519c9c69f0272ba98626766eb
1a2dbac6703072221e5f364d332a9c6fae19f29effdf189d2d43362f5a75a650
1b67d92a3588252269bc6cdeca8fbfccb5446d70e0cfcdcdaf78898d815d9c62
1b985b833fe5443b89d4f969d7c3ce1111521d270a4776019c4098b9a3b6d516
1d109a1be178487629ed3fd50fa1431912642bd2682c7d99eda876da6cb18d37
1dc57ccb0185b12c29636693a4f836ef153ce4091e9940f405f12d2f5dfdfb8f
1df7bd13d940b25dbbab25924a720382e3d792128d3cc98218aa15a9d0611a4c
1e4fc0e49ca2874111d918ccc54573eccd37e2e64ef60f2eed8b5ed71746590e
1e6d070b6dfc55e901e9280547ca443bf3089030043408df167cf7ae5b1025c7
1e891ad9fb190d8f493649b4467cced4b19b03cc9c81b67382011f7ab7122f5d
1ec1b64569213e566a1f2e7f414d74ce31fa934122c5d9e027edb3c0e5dc0ce6
22d21b322e3fe150a8db9e8caf72847304e8470712d37e4626f9df51c4db52d4
25049c305b208bde887cde10dc3fe87d0e39d98d7f126acaa42338f2fb51cb6a
25448d726b855b27800bb52df8df45a1683ca45cee9b667379dbc08270bc9846
26e2c6e5dcba43026ac44b78c9c73bb51d099a786ca808c9a2061c3ed81625e2
2cf56eccb2b54f2cc43f41655642380b7695ef59fc30b26ce9db515093c353cb
2d91b96b2bb9a2a1ff7c0c3250cb5854a0d3ff1118ae2c68bb940538ca765e10
2de1199c3f4b43870dd853793aa6ebd07891d22cff529f70af2536686c28e2cd
2f9c35e984c1b63a7e6b13f07d6afb5d8335a1aba0e382d7e0c66e23b049de68
3023b8c8a44629993a179f9b49e46244f8d9ec755e3068d1532bb48c0235ecd6
31d969b208e5049c545a15dad19d0a8ca82f72824ffa2c4d58f6bfbf661f0ae6
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34983bb02be1afc41c4bd28a7bf5f89d84138fc3d37b09ad61d3fbe680fc466e
3752258f545f1cd6c4be6593f9f64ec4eb2d377b8d7e5ce52a1b908d9dcf1875
38e1a9e4658d70d798d6be91e5271bc0a0eb761608b24b556e11ce18531e1bbc
39457b13b9249a12ddc4a950786592c50037a04f39fe53286437d34c8b59caba
3d313e573148b8aa541b772ed63b36b5b05520fd0ca9e20dce848bb65916c1ce
3db2e3e0ea440fdcfcf411886f7727edd7bad9fc08af01e17d1dd175120cf008
3e3a046ced82c535e241eabb055f167216023555f6e989d2d148f93fae41c585
3fde16febe487398469364de1dad7fa7640a9fb9dfe2c109c616d6df38d91ba6
3fdeab47e75875c664500624f625f981908e092e170f6fc56e104822c6d82708
416c66b64adf83bfdfcdd37b98c3d88ae15cc77370bd0f7b5edcc3e5b480e641
42148095370337e7a3fc885f0a3e4520322e0e21bff085456fcedb10373603aa
4289c6d28867186710bae0634f34ae387a75c785504a7011092e04ba518f31a5
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
47c5e249b77f4d899201515137948aa576e757aface0c78258050ba529136518
482c5ca644f49f87f08ea6ad0e046a21d98ca5009192127e25c3c7342bd81ba1
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48cccb1cf28ff216e07c484533501c791e75d445a78c51765cab70a7d33b90a0
4af952994baa0cdd0cee4927dbb7f207a7a28f34bd4b748f4cf5ef30c9a6cde4
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ccef46226379c740762a246657a0771b1899a5e970dba9c8846581c0ad531be
4d64cca2d081e3574a789840fb2d888796a38e8a6cb8c09df541c03a7c2fe627
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
50235ec9793a0ef9fa1e16fc5d47fdfd56f199b343586308c7cbec1e9937435a
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
515afb6755769c7e4508252432a3a20b98320cf03bc511bf059103d06d7ea1d0
51d53492d7322fd92bdeb78693bda92a5810de0906203c9d800f36f3650e7c58
525f091870c1282bb4823f9e64192983f1652a3bbc84c97ca5e6c4f063ca6e82
5764d6c4c286ff7fe2021eeee223d22d6d681e62d07d3edf8c6a446c5f04e322
583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485
58ac62fab63ae94b6ab9f4c5fecd5074a2c000bbcab8962514a33553a63e5a31
5a2eb5d311d6bb2660277bee125d79e12e0eb9d6e5b8bbd162cd885234b8e949
5bdf1120c4df8c868092d0bcb7f2540a85456fd94cd1e1a5570c9b63906b1a5b
5c128e53b1c1c71606909577244c2c1a21a5cc74bc2093cc923e4ac2f35b1df3
5d8fd3f14efb8161ba371fca5e1c668a2f73a94fa589a775568a5c7f373411d7
5eb36e706198384d1cba1c3920e5e0fcf3b76e9a84d5bd270bd1139f5bf608d7
63ed4c66bf3ba06512f7028be62a4bd53295e1ba68a919a7591f5fd392e72b90
662e123f7702f0b4859ddaae12f8f89b38013e8ca6d4fe8c86ada4d73b2f77e7
66e7511656064992603c104af628bbc2dde9b48e02acc219e75cd38a1e4269c5
6dd9c52de77964061f706c1650a89766e99348f63be12b7b6467970bb34ccfbe
6e443204f38067f93ad9709e6b1296e339de8f5af752ea34a839fadf93791cce
6e9edb0ccb86b24c0915460e40c5c45c651139cc323cf68b60b5ae3227e4baf0
6f0ef85989f0672278187889280276665f43bfb9bec28acfca3b329f1389720d
6ff6c41c1b3e156f7f83074f774356106087b7149eb7fa198673d2c50eaa9490
71f59d13d69d502b117d87f28fa286757c478447b06f87d4b02c44361c4a4855
7570438a0529b26bd6717920c1bb18389b0b0daa24f5e58a6f86585cce3eb198
762f2135d7f709ed01ed2a4829ac28b051d6df007aec607df238d60950b03453
767f78008f46acdd51dddcda8996f7ead8c6bc3bb931d752890df17e451dc3d3
7a2478978968eefdc87127bfe6619a9de514b2ccb89b2a95824a53e6bea1f9cf
7a392aff832fda02ab5453f9fe8f6a0d243dcfcdd2ab6416271e2c69e1e1f49c
7ac61bbd491ea91981ae5f8c99a162d2cf7f6836e80e2283448ae4c29fdf2420
7b44242b62ec6d2fd82a18e158c43f007596cc54a3b5af6e2f60882f2f423c3d
7bed20d98b7e5a7f90dd7a52439a559903fcaae26215767eb9cfd86fa6de9368
7c6681b3b487f6567969153a0573c07fd0ac75c30e638d9c413b39469045d582
7cf1f4c7ce75e8f14dbfff2966ebbcb4368370aa1bdb047b9ac23640db3a16b4
7e2ed03bbc185372cb541663170321544300747ae296389772dc8f722551eb3c
7e520ff58e2e4280a1adac4f10358f2a28803df7fb7714df1ae1396dd9253048
82c40d20ddd554d6df644a2dbaf3cc57d33583cd380556b4e4636a8370a99989
83087bdaf1ca3313a7226475026cdb99d853b3c1e0d235192122c7baf7938117
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86bf95b1170e8103cd8524d40829bdca306fdaa62b8a33b6d156fb80fd251abf
874ca1f813b32def0c6593a8b8bd33c5dee86b0a97d290ea680631cca98577b7
8a215ebe4733750286ea1780bcb0c9500c96aa14ebf1abe588193e76b7763f1e
8b1534cfd26c623f8770751704410b0aec0bf66123bdaa9154feba3802c01865
8ca119bc1f1fc4736ccedf20d3aafcc50aead2109a92e32c89bf74af72a1e057
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e3c124520f136bd31f51db7504c41590e86a39c13e8ea479547e2c2cdfeb0db
8eb0885d968635a6e7a706c190c00a8a6f1d88f0b528201eec558e441395d7f8
8fb5d5bd19346c62e4ec0fa000dc5a67c81c6c0eddde7bc4dd7c6efb11e7cdcb
8fda2396e315276e1fc4e8fe3a0a265fdfbfdb0e45f8005d142b78015a76503c
9012780938c6b68f83f65ac3fdf82858d88944d65dded8fb9b3391acbb476d14
904341d95fce95e7520a3a6ecb4d0b337038c2f5d277874a563e0e24fd90e709
9385acd7cebb8c85b4def734c446db3d06c06da9ff0d09f1d46ae010ce2b7b29
940d55f419c328ba45d8a3a4a669eddf2cf116e87c712e3d06d5fd467304dc0a
94d904ccdca1d9dacf1a3ca056e17113252f6d1a341e26b115397669dfb77fa6
95198d15e9143f236b500154fb73d618f3aaebcc1a11667c2789a88da0a4f41d
956130a5128980106fbf0a389ac67dc012d91840bbdd52383b953ade75d52c65
95af646b01ee702570f9abad3701e98b1713487822310baba992363f92513e26
95b17ad661699c049d42195b8ccd1d855045a1fcfbd20d8609a6d87fa5703810
984b42bc296ab040a37cf8c333f38ba5cbb3d676a8e8029a8426502f7d83fdcd
99abd515a086017d67c94e254d41bf752ec718d90c4dad424cdf6db19aadfac4
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9e25ba946939ee4a3d6b5acc652b3a3d3c87f0b982d9a35b9fd19f37b3bee4ab
9f0e38142f0b67f679d1eaff046562070e44443234a81c1f313f6d0ff41e6f86
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a28911c4d1772a78d6695cedbc8ee91270f45522cf68d01747d771401647b6ee
a2d074f404db6be35db76b540d112b50368171d1732902a10aada039c9ee6123
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4baea0ff7a6b0b8e98747039a503018a774be250e8dc96aa653da2d3b88df7e
a4d78cb3179e31e023c31a61852067f835d4572a361d942db93cc44e9f77d8fe
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a821eac48e731c18eb2ed4bce2c2804add93870078ce7a75b643357e6a98a9fe
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa5f185e7c327bc34525d29785309cdb9ecb8a470be2af0bfbef85d6317feb61
aad4f11790ae41d11a7c7bb613b9f82206f37eb4894966fe15e5f880c5d9b72a
abbd59f9adfee346bc15ba4bf83884ddd51a2faaca24f5b10a27da977c113dc1
adc019b1e318271934b5121cd64b271a3414d1d228fc37903345ee3140c0edc9
adea93e655803478bf05f7426a977897cd2e92f59410d0082f95f2e51a82b343
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2c4af40afb1e40563e65b50bf08c21a4b1543fab3050440be96974445edf7dc
b376a0b726739e6332f8211451df9174ece5b98d3b56ee3454a0ced5598d1dd7
b39943b1dfc6d84728212c71ad8d8955c6734037c09660963d23a0ddf2cbd083
b52b462981cc78e389d0dbc4ab48681864af602bf8521a7734a7f05283d26e6d
b66082b1f2d1671e280bd82da4bdd27a857cc0774015d781f1e29ef093ac94f4
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b98008ad770fed8298d565a3ee5da7d233895b23d0a9e13cae7f92c5ac15d7e9
be18e4f5d4b03d521cd77cab0bd078809764b28e93abd36def170df9b9a93411
be8e3fb00d98e93afe954eb362d24a5d80537eb55c896bba9734e5771b6b34b3
bee87022a9100fad82223a830c766f130393205ab22823c26abf16c8a1023df2
befc03cec33e0f6c9233dc9c2284cec6da376b548ab30a9e291a12226c9135f4
c04e60055a4ae24aeb5dc2bd0edb02f12f777fc9b745c73e7a33863f65390c9d
c2649fe7038373ff54dad37ec66375566c9c703a00fd790ae8a62a5d14a2c796
c28e3960e5eb7dc2d9f678c56b2f5506bc09695a823f858c0075a4a50ed323a6
c3154e7201e9596f6ffa4eed85f6111037c7dc4b9b005a69d5a0da3fddd98b10
c32a0425a5aaca3e034a857df93ca646b580f3ea8837a83b9b818aaa800a6e74
c58c505aca5b0e7adb2a8c9af7acc3468a2180163443a84ed34f76696d082253
c62a47cec69600ead1bf26de0cb7de0c64486dd08172d2b17135c4af30bacd89
c6cfa708f15c96fd953d28663e8554a043b45480ae650188705a70862d858b7f
c811c1d4d37f09db4679371b49b0c876fa0f66aa47963274b176c824a64ae3ea
ca29fa98b9edf564b5abb0a0f06c7fc1658a5db5ac05759183e34f44a58db9eb
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caec87957c05cdbb8e00a40a049cbe56ea700cd6ef053120890cec1501b5ebad
cc2b3d3b7d318b13ef434f16ba8e3721ea7ffc5eaf062a2bb0ce57abd20a0cd5
cfe02651cc3b330b3f3f3753625c6a041d93fd68843c59a635002c1f04a27bda
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d19014113c6e3bc66cce58926e871c6dededdc36814e53e452c2e4105794deeb
d1aec0f91475a9d3eefd64516c068aff487a6790a76ff4b8ac14a52e7a367ceb
d25f51b5723e8fd55643810e21e8e797fdc1ac3279e6331fa9448b7602e41749
d304d3893c1e5d376a2fea38d0e86d5c7edac3ef85135d3f1e699c474a910b0c
d667eb81ed1272cb8be644bb1277bd4a3b2a38adf5a134e68ada86c5414220f6
d7d2ea8ff2fce035832a62aa177972c5476ea584bb5d862944466aabfc8f4a62
d80e5177d7cc173424caf8c3a5a3d5f260123d61ae92678b1a3e9a6bbf99ada5
dca7bbc648cf414d7f0c1df977fe368d55dbd83c904cf665d03014a131b2b7e8
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
deea56467e818b9345873eec410a3e53c1be3a1ea2f4f3486a42e8ff64534e6a
df8ec000a7d7d3477574eae45ba67bccca2db06390ae5a5dabc026d43e891248
e08ca95e336aa2064ca626b92a88312bc0085957dc3c51667973c5bba0dde4ef
e091428a3e077a75d1682f66d7249ed7dfa85829b2c5b77b2c4153d9db2e8727
e0c5c27ad304e1d5b111c4c67d9c3aa45d64b35e6d322c2bc4c7462813b1d204
e2620ec1450df117f489787115b7bb59f776aef606e7c745b463f2cfa457d278
e2d3f8696617c48a1f82529015ed2050d19c0a961a7249466dbb16456fe733bc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e678f057332a81514ac9719a101737d107488a36cdfa6b612799283695492545
e6cebb9926e8b8717f5439f886d97b0a330be21fc19efc63c4858146d6bacabc
e8001091ddb9fd2dc2e2b0abdff2871a848067c4d573d98a9360ee30709004ac
ea9a79a34edcc8e07ef629cb2185cf0b242f4a33c75011b5a7c9d585dd09e3ba
ecd32eb71a5485583bf1ae1486b871f48bcddbe47c7fd898681a71f215d766f3
ed487d3653a97a046f43fd2607e986c6aabf8ff0863ef5d6ac5415e300909bc7
edce0f5742c946e7271ad95325d3ab2c2ad012adc0a790e52b69c04a37a6a9f7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb9cf046162368a8deaa49ecad329158eccb03d6f4caefaecb7e83dac394fda
f2b4bc917d959cf17a7189de367cee58c78178c62401ca3ca95f2db05e51dfb8
f468984b790ea1d07e142f28767f58c6bad90ea469427dfa19bf0deeac8e50fb
f515ed490405435b0c8a7ede74fd2c8e7834ee45c81aa76db3736fe50dc1da87
f5de0a94a29afb8b2ff87bec929e3d7f961c14076a4c1e98623ab4244982faf2
f5e803421e3dba7fbd3768d344caefd4cdcdb08e1d2e3ef3830d7ef879345e79
f6ad42df1345f0e703f461d349913a3cef7e7cbfc51b463224265c09f25b129e
f941d2795ca2cb77b8c28fbfdb69b10bdac6f1cc4fb8bea5352e5c11ca87f4b6
fa1bbe501b149144f7d0195697ed240c0bbfab218313922bd1733fa02d4f3bcd
fb5ad1edb93954ca2bd21e431dc25f7af17c03bc65202ed44bd3a41bd5fd92de
fb9234052ac419d5c2aab3ec5f16365d70ff41096426b821c2b693593a1a559a
fcf8a02102c695c381e74234f4a4bdf158f63d9c405697970f46816e572550bd
feeab718072b4a4d047a582abb7dede4ee9f8ee0b3ba36cfd6828a5afa78c572

www2.kusports.com Open in urlscan Pro 208.91.60.6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

399 Requests

69 %HTTPS

33 %IPv6

62 Domains

91 Subdomains

59 IPs

11 Countries

4637 kBTransfer

10543 kBSize

0 Cookies

17 Outgoing links

Redirected requests

399 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 16 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www2.kusports.com Open in urlscan Pro
208.91.60.6 Public Scan

Screenshot
Live screenshot

Full Image

399
Requests

69 %
HTTPS

33 %
IPv6

62
Domains

91
Subdomains

59
IPs

11
Countries

4637 kB
Transfer

10543 kB
Size

0
Cookies

399 HTTP transactions
16 data transactions