Submitted URL: https://e.mail.mlblists.com/click/EZ2xlbm4ucm9iZXJ0c0BjaGVtb3Vycy5jb20/CeyJtaWQiOiIxNjI3Mzg5MzUyMzUxZTU0MmVkMzNkMDZlIiwiY3Qi...
Effective URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=102...
Submission: On July 27 via api from US

Summary

This website contacted 69 IPs in 8 countries across 73 domains to perform 212 HTTP transactions. The main IP is 2a02:26f0:6c00:29b::1767, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.mlb.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on March 1st 2021. Valid for: a year.
This is the only time www.mlb.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 96.47.24.171 46263 (EDIALOG)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
43 2606:4700::68... 13335 (CLOUDFLAR...)
5 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
4 143.204.98.47 16509 (AMAZON-02)
1 10 34.240.223.28 16509 (AMAZON-02)
4 151.101.14.133 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2.18.235.40 16625 (AKAMAI-AS)
1 143.204.98.67 16509 (AMAZON-02)
1 142.250.186.98 15169 (GOOGLE)
1 151.101.12.157 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
1 33 52.46.130.91 16509 (AMAZON-02)
3 65.9.96.121 16509 (AMAZON-02)
2 2620:116:800d... 16509 (AMAZON-02)
4 2a03:2880:f02... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:212... 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
7 2a03:2880:f12... 32934 (FACEBOOK)
1 52.16.73.168 16509 (AMAZON-02)
1 2 13.36.218.177 16509 (AMAZON-02)
1 1 34.255.166.243 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
5 3.230.55.171 14618 (AMAZON-AES)
1 104.244.42.197 13414 (TWITTER)
1 2a00:1450:400... 15169 (GOOGLE)
1 34.252.133.182 16509 (AMAZON-02)
1 34.249.226.229 16509 (AMAZON-02)
1 52.18.150.20 16509 (AMAZON-02)
2 2 3.8.243.222 16509 (AMAZON-02)
4 2606:4700::68... 13335 (CLOUDFLAR...)
3 4 65.9.96.36 16509 (AMAZON-02)
1 104.244.42.3 13414 (TWITTER)
7 2606:4700::68... 13335 (CLOUDFLAR...)
1 143.204.98.9 16509 (AMAZON-02)
2 2 35.244.174.68 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
4 4 52.57.10.248 16509 (AMAZON-02)
5 5 18.156.0.31 16509 (AMAZON-02)
3 5 37.252.172.250 29990 (ASN-APPNEX)
1 2 2.18.234.233 16625 (AKAMAI-AS)
3 3 185.64.190.78 62713 (AS-PUBMATIC)
3 4 2.18.234.21 16625 (AKAMAI-AS)
1 208.100.17.177 32748 (STEADFAST)
1 2.18.232.130 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:2800:234... 15133 (EDGECAST)
5 2a00:1450:400... 15169 (GOOGLE)
2 2 23.45.99.241 16625 (AKAMAI-AS)
3 3 213.19.147.44 3356 (LEVEL3)
2 2 13.248.242.197 16509 (AMAZON-02)
2 2 18.196.76.242 16509 (AMAZON-02)
2 2 18.158.209.84 16509 (AMAZON-02)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 1 212.82.100.182 34010 (YAHOO-IRD)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 1 65.9.99.177 16509 (AMAZON-02)
1 107.22.179.180 14618 (AMAZON-AES)
1 1 34.192.56.19 14618 (AMAZON-AES)
1 1 34.98.67.61 15169 (GOOGLE)
2 2 37.157.5.142 198622 (ADFORM)
3 4 185.94.180.126 35220 (SPOTX-AMS)
1 1 52.59.21.149 16509 (AMAZON-02)
1 1 54.205.87.49 14618 (AMAZON-AES)
3 4 142.250.181.226 15169 (GOOGLE)
1 1 3.223.81.219 14618 (AMAZON-AES)
3 99.80.93.68 16509 (AMAZON-02)
2 3 34.98.64.218 15169 (GOOGLE)
2 2 77.243.60.138 42697 (NETIC-AS)
1 2 69.173.144.139 26667 (RUBICONPR...)
1 1 65.9.96.18 16509 (AMAZON-02)
2 2 35.227.248.159 15169 (GOOGLE)
1 54.78.254.47 16509 (AMAZON-02)
1 1 66.228.44.10 63949 (LINODE-AP...)
1 1 151.101.14.132 54113 (FASTLY)
1 1 141.226.228.48 200478 (TABOOLA-AS)
1 34.195.31.102 14618 (AMAZON-AES)
2 216.58.212.162 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 34.247.104.176 16509 (AMAZON-02)
4 18.156.195.47 16509 (AMAZON-02)
1 1 2600:1901:0:8... 15169 (GOOGLE)
1 104.244.42.136 13414 (TWITTER)
2 37.252.167.196 29990 (ASN-APPNEX)
1 23.20.220.17 14618 (AMAZON-AES)
2 2 34.253.111.115 16509 (AMAZON-02)
8 8 151.101.14.49 54113 (FASTLY)
1 185.64.189.110 62713 (AS-PUBMATIC)
1 52.35.149.136 16509 (AMAZON-02)
2 104.17.209.240 13335 (CLOUDFLAR...)
4 35.186.226.184 15169 (GOOGLE)
212 69
Apex Domain
Subdomains
Transfer
52 mlbstatic.com
www.mlbstatic.com
builds.mlbstatic.com
mktg.mlbstatic.com
2 MB
33 amazon-adsystem.com
s.amazon-adsystem.com
24 KB
11 demdex.net
dpm.demdex.net
mlb.demdex.net
14 KB
10 yahoo.com
ups.analytics.yahoo.com
cms.analytics.yahoo.com
c2shb.ssp.yahoo.com
8 KB
9 everesttech.net
cm.everesttech.net
sync-tm.everesttech.net
2 KB
8 adnxs.com
ib.adnxs.com
acdn.adnxs.com
rb.adnxs.com
94 KB
8 doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
securepubads.g.doubleclick.net
118 KB
8 krxd.net
cdn.krxd.net
consumer.krxd.net
usermatch.krxd.net
beacon.krxd.net
87 KB
7 gstatic.com
www.gstatic.com
fonts.gstatic.com
466 KB
7 cookielaw.org
cdn.cookielaw.org
169 KB
7 facebook.com
www.facebook.com
657 B
6 google.com
www.google.com
22 KB
6 getpublica.com
sync.getpublica.com
usersync.getpublica.com
7 KB
4 snapchat.com
tr.snapchat.com
305 B
4 spotxchange.com
sync.search.spotxchange.com
2 KB
4 casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
4 KB
4 pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
1 KB
4 advertising.com
pixel.advertising.com
1 KB
4 twitter.com
analytics.twitter.com
platform.twitter.com
syndication.twitter.com
133 KB
4 scorecardresearch.com
sb.scorecardresearch.com
ads.scorecardresearch.com
2 KB
4 facebook.net
connect.facebook.net
247 KB
4 moatads.com
z.moatads.com
mb.moatads.com
geo.moatads.com
px.moatads.com
75 KB
4 bam-forms.com
cdn.bam-forms.com
519 KB
3 openx.net
us-u.openx.net
792 B
3 boomtrain.com
cdn.boomtrain.com
people.api.boomtrain.com
events.api.boomtrain.com
25 KB
3 sc-static.net
sc-static.net
23 KB
3 bing.com
bat.bing.com
9 KB
3 mlb.com
www.mlb.com
ans.mlb.com
74 KB
2 qualtrics.com
znbsk4yipsnfkyadd-mlb.siteintercept.qualtrics.com
siteintercept.qualtrics.com
19 KB
2 crwdcntrl.net
sync.crwdcntrl.net
1 KB
2 tapad.com
pixel.tapad.com
930 B
2 rubiconproject.com
token.rubiconproject.com
pixel.rubiconproject.com
1 KB
2 semasio.net
uipglob.semasio.net
1 KB
2 serving-sys.com
bs.serving-sys.com
lm.serving-sys.com
779 B
2 adform.net
c1.adform.net
996 B
2 myvisualiq.net
t.myvisualiq.net
1 KB
2 bidswitch.net
x.bidswitch.net
886 B
2 adsrvr.org
match.adsrvr.org
913 B
2 1rx.io
sync.1rx.io
1 KB
2 bluekai.com
tags.bluekai.com
2 KB
2 stickyadstv.com
ads.stickyadstv.com
1 KB
2 onetrust.com
geolocation.onetrust.com
572 B
2 rlcdn.com
idsync.rlcdn.com
802 B
2 agkn.com
aa.agkn.com
667 B
2 google.de
www.google.de
171 B
2 quantserve.com
secure.quantserve.com
pixel.quantserve.com
9 KB
2 google-analytics.com
www.google-analytics.com
19 KB
2 googletagmanager.com
www.googletagmanager.com
124 KB
1 ad.gt
ids.ad.gt
75 B
1 pro-market.net
fei.pro-market.net
323 B
1 ml314.com
ml314.com
474 B
1 taboola.com
sync.taboola.com
328 B
1 ispot.tv
pi.ispot.tv
343 B
1 ninthdecimal.com
lciapi.ninthdecimal.com
612 B
1 exelator.com
loadus.exelator.com
324 B
1 placed.com
pixel.placed.com
567 B
1 mookie1.com
odr.mookie1.com
602 B
1 samba.tv
ads.samba.tv
292 B
1 samplicio.us
usersync.samplicio.us
263 B
1 imdb.com
www.imdb.com
887 B
1 zeotap.com
spl.zeotap.com
731 B
1 tremorhub.com
amazon.partners.tremorhub.com
183 B
1 unrulymedia.com
sync.targeting.unrulymedia.com
484 B
1 googletagservices.com
www.googletagservices.com
24 KB
1 33across.com
dp2.33across.com
70 B
1 omtrdc.net
mlbadvancedmedialp.tt.omtrdc.net
511 B
1 t.co
t.co
454 B
1 quantcount.com
rules.quantcount.com
2 KB
1 ads-twitter.com
static.ads-twitter.com
2 KB
1 googleadservices.com
www.googleadservices.com
14 KB
1 unpkg.com
unpkg.com
2 KB
1 mlblists.com
e.mail.mlblists.com
509 B
0 survata.com Failed
px.surveywall-api.survata.com Failed
212 73
Domain Requested by
43 www.mlbstatic.com www.mlb.com
builds.mlbstatic.com
33 s.amazon-adsystem.com 1 redirects www.mlb.com
s.amazon-adsystem.com
10 dpm.demdex.net 1 redirects www.mlbstatic.com
www.mlb.com
8 sync-tm.everesttech.net 8 redirects
7 cdn.cookielaw.org www.mlb.com
cdn.cookielaw.org
7 www.facebook.com www.mlb.com
6 www.gstatic.com www.google.com
www.gstatic.com
6 www.google.com www.mlb.com
cdn.bam-forms.com
www.gstatic.com
5 ib.adnxs.com 3 redirects acdn.adnxs.com
www.mlb.com
5 ups.analytics.yahoo.com 5 redirects
5 usersync.getpublica.com sync.getpublica.com
usersync.getpublica.com
5 builds.mlbstatic.com www.mlb.com
builds.mlbstatic.com
4 tr.snapchat.com
4 c2shb.ssp.yahoo.com acdn.adnxs.com
4 cm.g.doubleclick.net 3 redirects www.mlb.com
4 sync.search.spotxchange.com 3 redirects www.mlb.com
4 pixel.advertising.com 4 redirects
4 mktg.mlbstatic.com cdn.bam-forms.com
4 connect.facebook.net www.mlb.com
connect.facebook.net
4 cdn.bam-forms.com www.mlb.com
cdn.bam-forms.com
3 us-u.openx.net 2 redirects www.mlb.com
3 beacon.krxd.net s.amazon-adsystem.com
cdn.krxd.net
3 ssum-sec.casalemedia.com 3 redirects
3 image6.pubmatic.com 3 redirects
3 sb.scorecardresearch.com 2 redirects www.mlb.com
3 sc-static.net www.mlb.com
sc-static.net
3 bat.bing.com www.mlb.com
bat.bing.com
3 cdn.krxd.net www.mlb.com
cdn.krxd.net
2 sync.crwdcntrl.net 2 redirects
2 rb.adnxs.com acdn.adnxs.com
2 securepubads.g.doubleclick.net www.googletagservices.com
2 pixel.tapad.com 2 redirects
2 uipglob.semasio.net 2 redirects
2 c1.adform.net 2 redirects
2 t.myvisualiq.net 2 redirects
2 x.bidswitch.net 2 redirects
2 match.adsrvr.org 2 redirects
2 sync.1rx.io 2 redirects
2 tags.bluekai.com 2 redirects
2 platform.twitter.com builds.mlbstatic.com
platform.twitter.com
2 ads.stickyadstv.com 1 redirects usersync.getpublica.com
2 geolocation.onetrust.com cdn.cookielaw.org
2 idsync.rlcdn.com 2 redirects
2 aa.agkn.com 2 redirects
2 ans.mlb.com 1 redirects www.mlbstatic.com
2 www.google.de www.mlb.com
2 www.google-analytics.com www.googletagmanager.com
www.mlb.com
2 www.googletagmanager.com www.mlb.com
1 siteintercept.qualtrics.com znbsk4yipsnfkyadd-mlb.siteintercept.qualtrics.com
1 znbsk4yipsnfkyadd-mlb.siteintercept.qualtrics.com www.mlb.com
1 ids.ad.gt www.mlb.com
1 image2.pubmatic.com www.mlb.com
1 dsum-sec.casalemedia.com www.mlb.com
1 pixel.rubiconproject.com www.mlb.com
1 events.api.boomtrain.com cdn.boomtrain.com
1 ads.scorecardresearch.com 1 redirects
1 syndication.twitter.com platform.twitter.com
1 fei.pro-market.net 1 redirects
1 ml314.com 1 redirects
1 fonts.gstatic.com www.google.com
1 people.api.boomtrain.com cdn.boomtrain.com
1 sync.taboola.com 1 redirects
1 pi.ispot.tv 1 redirects
1 lciapi.ninthdecimal.com 1 redirects
1 loadus.exelator.com s.amazon-adsystem.com
1 pixel.placed.com 1 redirects
1 token.rubiconproject.com 1 redirects
1 usermatch.krxd.net 1 redirects
1 lm.serving-sys.com 1 redirects
1 bs.serving-sys.com 1 redirects
1 odr.mookie1.com 1 redirects
1 ads.samba.tv 1 redirects
1 usersync.samplicio.us s.amazon-adsystem.com
1 www.imdb.com 1 redirects
1 spl.zeotap.com s.amazon-adsystem.com
1 cms.analytics.yahoo.com 1 redirects
1 amazon.partners.tremorhub.com s.amazon-adsystem.com
1 sync.targeting.unrulymedia.com 1 redirects
1 www.googletagservices.com builds.mlbstatic.com
1 acdn.adnxs.com builds.mlbstatic.com
1 dp2.33across.com www.mlb.com
1 cdn.boomtrain.com www.mlb.com
1 analytics.twitter.com static.ads-twitter.com
1 consumer.krxd.net cdn.krxd.net
1 mlbadvancedmedialp.tt.omtrdc.net www.mlbstatic.com
1 px.moatads.com www.mlb.com
1 geo.moatads.com z.moatads.com
1 mb.moatads.com z.moatads.com
1 t.co www.mlb.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 pixel.quantserve.com www.mlb.com
1 cm.everesttech.net 1 redirects
1 mlb.demdex.net www.mlbstatic.com
1 rules.quantcount.com secure.quantserve.com
1 stats.g.doubleclick.net www.google-analytics.com
1 secure.quantserve.com www.mlb.com
1 static.ads-twitter.com www.googletagmanager.com
1 www.googleadservices.com www.googletagmanager.com
1 sync.getpublica.com www.googletagmanager.com
1 z.moatads.com www.mlb.com
1 unpkg.com www.mlb.com
1 www.mlb.com
1 e.mail.mlblists.com 1 redirects
0 px.surveywall-api.survata.com Failed s.amazon-adsystem.com
212 104
Subject Issuer Validity Valid
*.mlb.com
DigiCert SHA2 Secure Server CA
2021-03-01 -
2022-03-02
a year crt.sh
*.mlbstatic.com
DigiCert SHA2 Secure Server CA
2020-10-07 -
2021-11-08
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2021-06-28 -
2021-09-20
3 months crt.sh
*.bam-forms.com
DigiCert TLS RSA SHA256 2020 CA1
2021-03-15 -
2022-04-07
a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1
2020-12-02 -
2022-01-02
a year crt.sh
cdn.krxd.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2021-02-08 -
2022-02-07
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-07-02 -
2022-07-01
a year crt.sh
moatads.com
DigiCert SHA2 Secure Server CA
2021-01-21 -
2022-01-25
a year crt.sh
*.getpublica.com
Amazon
2021-07-01 -
2022-07-30
a year crt.sh
www.googleadservices.com
GTS CA 1C3
2021-06-28 -
2021-09-20
3 months crt.sh
ads-twitter.com
DigiCert SHA2 High Assurance Server CA
2020-08-14 -
2021-08-19
a year crt.sh
www.bing.com
Microsoft RSA TLS CA 01
2021-04-12 -
2021-10-12
6 months crt.sh
s.amazon-adsystem.com
Amazon
2021-07-14 -
2022-06-27
a year crt.sh
sc-static.net
DigiCert TLS RSA SHA256 2020 CA1
2021-02-11 -
2022-02-15
a year crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA
2020-10-02 -
2021-10-07
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-05-26 -
2021-08-24
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-07-05 -
2021-09-27
3 months crt.sh
www.google.com
GTS CA 1C3
2021-06-28 -
2021-09-20
3 months crt.sh
www.google.de
GTS CA 1C3
2021-07-05 -
2021-09-27
3 months crt.sh
ans.mlb.com
DigiCert TLS RSA SHA256 2020 CA1
2020-12-07 -
2021-12-14
a year crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1
2021-02-05 -
2022-02-04
a year crt.sh
*.google.com
GTS CA 1C3
2021-06-28 -
2021-09-20
3 months crt.sh
*.google.de
GTS CA 1C3
2021-07-05 -
2021-09-27
3 months crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1
2021-05-25 -
2022-06-25
a year crt.sh
*.tt.omtrdc.net
DigiCert SHA2 Secure Server CA
2020-11-02 -
2021-11-09
a year crt.sh
consumer.krxd.net
DigiCert SHA2 Secure Server CA
2020-09-14 -
2021-09-14
a year crt.sh
*.scorecardresearch.com
Amazon
2021-02-28 -
2022-03-29
a year crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1
2021-02-05 -
2022-02-04
a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3
2021-06-01 -
2022-05-31
a year crt.sh
cdn.boomtrain.com
Amazon
2021-03-16 -
2022-04-14
a year crt.sh
*.gstatic.com
GTS CA 1C3
2021-07-05 -
2021-09-27
3 months crt.sh
onetrust.com
Cloudflare Inc ECC CA-3
2021-02-12 -
2022-02-11
a year crt.sh
ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1
2020-11-13 -
2021-11-17
a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA
2020-06-01 -
2021-09-30
a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018
2021-03-11 -
2022-02-07
a year crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1
2020-11-05 -
2021-11-09
a year crt.sh
*.tremorhub.com
Amazon
2021-06-27 -
2022-07-26
a year crt.sh
*.samplicio.us
Amazon
2021-04-17 -
2022-05-16
a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1
2021-01-13 -
2022-01-07
a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1
2021-06-02 -
2022-06-07
a year crt.sh
*.api.boomtrain.com
Amazon
2020-12-16 -
2022-01-14
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2021-03-05 -
2022-02-19
a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2021-03-18 -
2021-09-08
6 months crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1
2021-02-05 -
2022-02-04
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2020-12-18 -
2022-01-18
a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018
2021-02-05 -
2022-02-09
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2021-07-08 -
2022-08-08
a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2020-12-07 -
2021-12-14
a year crt.sh
*.search.spotxchange.com
GeoTrust RSA CA 2018
2021-04-08 -
2022-05-09
a year crt.sh
*.ad.gt
Amazon
2021-06-09 -
2022-07-08
a year crt.sh
*.qualtrics.com
DigiCert SHA2 Secure Server CA
2020-10-26 -
2021-11-26
a year crt.sh
tr.snapchat.com
DigiCert TLS RSA SHA256 2020 CA1
2021-01-19 -
2022-01-23
a year crt.sh

This page contains 12 frames:

Primary Page: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Frame ID: 36AA90E52D0B7970B1C6EAB5C0BFF645
Requests: 137 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Df676acbf-94c1-b002-cf3b-a141543520c3%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.mlb.com/&ex-hargs=v%3D1.0%3Bc%3D3109057730001%3Bp%3DF676ACBF-94C1-B002-CF3B-A141543520C3&cb=821069144340093300&dcc=t
Frame ID: 774978E76671DA8D020414C34E64D63E
Requests: 1 HTTP requests in this frame

Frame: https://mlb.demdex.net/dest5.html?d_nsid=0
Frame ID: 5753609ABB8EAA64E89F72086847CE33
Requests: 18 HTTP requests in this frame

Frame: https://usersync.getpublica.com/usersync?gpdr=0&consent=&us_privacy=
Frame ID: 6150C34742D21A9EEE5D8BAB8E85568C
Requests: 6 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=gXbyBs2LSuGAG0sVjcJe-g&ep=jfhUBhndbrgDPVWSaDPkhvsqljdYzyaqrCivlFBDwWF_pYu5CYDdLXout7m8O_cRanmrXx8c4pVzY5vJUxjD6jo2aMRysHPtp68wczwIUe8
Frame ID: DAEA761F2525C929C0B64D11D78DEF41
Requests: 37 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfIDmEUAAAAAOvPm-WFoPRcuiL75vw9E2ziAOJc&co=aHR0cHM6Ly93d3cubWxiLmNvbTo0NDM.&hl=en&v=Iwg4ANhK7Iu8SHToSsE0E20K&theme=light&size=normal&cb=yr4rjyr2wybp
Frame ID: FC2D91413A8F18D8D21E150CC8CD1E76
Requests: 8 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fwww.mlb.com
Frame ID: E1BCB8D745F11E0AF12F08759B84DB9C
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Iwg4ANhK7Iu8SHToSsE0E20K&k=6LfIDmEUAAAAAOvPm-WFoPRcuiL75vw9E2ziAOJc&cb=l4i1am4z241o
Frame ID: 249D5D342264D6F1B4C2331A09C1F5B3
Requests: 3 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=0a93d42e-7f1c-48b3-9a24-1f54aa8952d8
Frame ID: 687D6242F6B53A1A7AF4C21C307D5621
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: D545829F6D04E2984BA0F028774F9B1E
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: 3849BB2F4AF18101175CDB5C0BCBF0A2
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: 496B4A8B20EE10D98A7B9B00BA3DCDFB
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://e.mail.mlblists.com/click/EZ2xlbm4ucm9iZXJ0c0BjaGVtb3Vycy5jb20/CeyJtaWQiOiIxNjI3Mzg5MzUyMzUxZTU0... HTTP 302
    https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-44... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /adnxs\.(?:net|com)/i

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • html /<!-- (?:End )?Google Tag Manager -->/i

Overall confidence: 100%
Detected patterns
  • script /adnxs\.com\/[^"]*(?:prebid|\/pb\.js)/i

Overall confidence: 100%
Detected patterns
  • script /\.quantserve\.com\/quant\.js/i

Overall confidence: 100%
Detected patterns
  • script /\/\/platform\.twitter\.com\/widgets\.js/i

Overall confidence: 100%
Detected patterns
  • script /\/recaptcha\/api\.js/i

Page Statistics

212
Requests

100 %
HTTPS

29 %
IPv6

73
Domains

104
Subdomains

69
IPs

8
Countries

4046 kB
Transfer

12515 kB
Size

43
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://e.mail.mlblists.com/click/EZ2xlbm4ucm9iZXJ0c0BjaGVtb3Vycy5jb20/CeyJtaWQiOiIxNjI3Mzg5MzUyMzUxZTU0MmVkMzNkMDZlIiwiY3QiOiJtbGItN2M3MDhkZmE5NTk2OGE5OTdmODZhNWRiZjEwOGFmYTktMSIsInJkIjoiY2hlbW91cnMuY29tIn0/HWkhfTUxCTF9OTkJBTTA3MjcyMDIxNDQzNzIzMSxtbDIsaHR0cHM6Ly93d3cubWxiLmNvbS9mb3Jtcy9tbGItYXQtZmllbGQtb2YtZHJlYW1zLWV4cGVyaWVuY2Utc3dlZXBzdGFrZXM/qP3BhcnRuZXJJZD16aC0yMDIxMDcyNy00NDM3MjItbWxiLTEtQSZxaWQ9MTAyNiZ1dG1faWQ9emgtMjAyMTA3MjctNDQzNzIyLW1sYi0xLUEmYnRfZWU9dDlqUDJOSXVBNFZLOWhDNTgxWnVCaHZibWtUVlJIQ1dDVnVWZUJTZGxIOG5sWDlMdXlHRW9ZYlVOR0RiM1JsQSZidF90cz0xNjI3Mzg5MzUyMzUy/sc6039b6262 HTTP 302
    https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57
  • https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Df676acbf-94c1-b002-cf3b-a141543520c3%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.mlb.com/&ex-hargs=v%3D1.0%3Bc%3D3109057730001%3Bp%3DF676ACBF-94C1-B002-CF3B-A141543520C3&cb=821069144340093300 HTTP 302
  • https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Df676acbf-94c1-b002-cf3b-a141543520c3%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.mlb.com/&ex-hargs=v%3D1.0%3Bc%3D3109057730001%3Bp%3DF676ACBF-94C1-B002-CF3B-A141543520C3&cb=821069144340093300&dcc=t
Request Chain 72
  • https://cm.everesttech.net/cm/dd?d_uuid=18148237789413544872938087795499804871 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YQBISAAAAKsw5hHl
Request Chain 84
  • https://aa.agkn.com/adscores/g.pixel?sid=9211132908&aam=18148237789413544872938087795499804871 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=21&dpuuid=164910903860000449005
Request Chain 87
  • https://ans.mlb.com/b/ss/mlbglobal08,mlbcom08/10/JS-2.7.0/s56167722756262?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=27%2F6%2F2021%2019%3A54%3A17%202%20-120&d.&nsid=0&jsonv=1&.d&sdid=58CA8A7079D5E74A-17B48DD23B14EA0F&mid=18250880675735486232935678700526563199&aamlh=6&ce=UTF-8&ns=mlb&pageName=Major%20League%20Baseball%3A%20Forms%3A%20GEICO%20MLB%20at%20Field%20of%20Dreams%20Experience%20Sweepstakes&g=https%3A%2F%2Fwww.mlb.com%2Fforms%2Fmlb-at-field-of-dreams-experience-sweepstakes%3FpartnerId%3Dzh-20210727-443722-mlb-1-A%26qid%3D1026%26utm_id%3Dzh-20210727-443722-mlb-1-A%26bt_ee%3Dt9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA%26bt_ts%3D1627389352352&c.&getQueryParam=4.0&getPercentPageViewed=5.0.1&.c&cc=USD&ch=Forms&v0=zh-20210727-443722-mlb-1-A&events=event58%2Cevent4&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&h2=zh-20210727-443722-mlb-1-A&c5=Desktop&c6=Landscape&c7=Desktop%3A%20Landscape&v33=zh-20210727-443722-mlb-1-A&v34=Desktop&c35=7%2F27%2F2021%2013%3A54%3A17&v35=Landscape&v36=Desktop%3A%20Landscape&c38=12%3A54%20PM%7CTuesday&c39=Not%20Logged%20In&v39=Not%20Logged%20In&c48=New&v55=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&v56=https%3A%2F%2Fwww.mlb.com%2Fforms%2Fmlb-at-field-of-dreams-experience-sweepstakes%3FpartnerId%3Dzh-20210727-443722-mlb-1-A%26qid%3D1026%26utm_id%3Dzh-20210727-443722-mlb-1-A%26bt_ee%3Dt9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA%26bt_ts%3D1627389352352&v63=web&c64=D%3Ds_vi&v64=D%3Ds_vi&c67=First%20Visit&c68=oqfhPhr8pvCsyuWp1X8ZgCnb3mSTt8Ch&c71=en&v73=mlbglobal08%2Cmlbcom08&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=A65F776A5245B01B0A490D44%40AdobeOrg&AQE=1 HTTP 302
  • https://sb.scorecardresearch.com/r?c2=3005352&d.c=gif&d.o=mlbglobal08&d.x=3269405573&d.t=page&d.u=https%3A%2F%2Fwww.mlb.com%2Fforms%2Fmlb-at-field-of-dreams-experience-sweepstakes%3FpartnerId%3Dzh-20210727-443722-mlb-1-A%26qid%3D1026%26utm_id%3Dzh-20210727-443722-mlb-1-A%26bt_ee%3Dt9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA%26bt_ts%3D1627389352352 HTTP 302
  • https://sb.scorecardresearch.com/r2?c2=3005352&d.c=gif&d.o=mlbglobal08&d.x=3269405573&d.t=page&d.u=https%3A%2F%2Fwww.mlb.com%2Fforms%2Fmlb-at-field-of-dreams-experience-sweepstakes%3FpartnerId%3Dzh-20210727-443722-mlb-1-A%26qid%3D1026%26utm_id%3Dzh-20210727-443722-mlb-1-A%26bt_ee%3Dt9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA%26bt_ts%3D1627389352352
Request Chain 98
  • https://idsync.rlcdn.com/365868.gif?partner_uid=18148237789413544872938087795499804871 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomMTgxNDgyMzc3ODk0MTM1NDQ4NzI5MzgwODc3OTU0OTk4MDQ4NzEQABoNCMmQgYgGEgUI6AcQAEIASgA HTTP 307
  • https://dpm.demdex.net/ibs:dpid=477&dpuuid=885c49b9d1570ae989bf849e61b32438a8930f300158a6d05be6f2de572dd047b0da87c991749652
Request Chain 109
  • https://pixel.advertising.com/ups/58402/sync?redir=true&gdpr=&gdpr_consent=&gdpr=&us_privacy=&consent= HTTP 302
  • https://pixel.advertising.com/ups/58402/sync?redir=true&gdpr=&gdpr_consent=&gdpr=&us_privacy=&consent=&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58402/sync?redir=true&gdpr=&gdpr_consent=&gdpr=&us_privacy=&consent=&apid=UPa9b258a8-ef03-11eb-b64b-0288ce60e328 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58402/sync?redir=true&gdpr=&gdpr_consent=&gdpr=&us_privacy=&consent=&apid=UPa9b258a8-ef03-11eb-b64b-0288ce60e328&verify=true HTTP 302
  • https://usersync.getpublica.com/usermatch?provider=verizon&VerizonID=y-PcTB1tFE2uLqFz4SqGGEOxulohLKZRHn~A~UPa9b258a8-ef03-11eb-b64b-0288ce60e328
Request Chain 110
  • https://ib.adnxs.com/getuid?https://usersync.getpublica.com/usermatch?provider=appnexus&did=7761a23f-a1b2-48cd-8e6e-746a71e19d38&appnexusID=$UID&gdpr=&us_privacy=&consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.getpublica.com%2Fusermatch%3Fprovider%3Dappnexus%26did%3D7761a23f-a1b2-48cd-8e6e-746a71e19d38%26appnexusID%3D%24UID%26gdpr%3D%26us_privacy%3D%26consent%3D HTTP 302
  • https://usersync.getpublica.com/usermatch?provider=appnexus&did=7761a23f-a1b2-48cd-8e6e-746a71e19d38&appnexusID=133935750687525088&gdpr=&us_privacy=&consent=
Request Chain 112
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=&gdpr_consent=&rd=https%3A%2F%2Fusersync.getpublica.com%2Fusermatch%3Fprovider%3Dpubmatic%26did%3D7761a23f-a1b2-48cd-8e6e-746a71e19d38%26PubmaticID%3D%23PM_USER_ID&gdpr=&us_privacy=&consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=&gdpr_consent=&rd=https%3A%2F%2Fusersync.getpublica.com%2Fusermatch%3Fprovider%3Dpubmatic%26did%3D7761a23f-a1b2-48cd-8e6e-746a71e19d38%26PubmaticID%3D%23PM_USER_ID&gdpr=&us_privacy=&consent=&rdf=1 HTTP 302
  • https://usersync.getpublica.com/usermatch?provider=pubmatic&did=7761a23f-a1b2-48cd-8e6e-746a71e19d38&PubmaticID=88948515-A201-4C81-9ED1-2B0A62DB659F
Request Chain 113
  • https://ssum-sec.casalemedia.com/usermatchredir?s=190692&cb=https%3A%2F%2Fusersync.getpublica.com%2Fusermatch%3Fprovider%3Dindex%26did%3D7761a23f-a1b2-48cd-8e6e-746a71e19d38%26IndexID%3D&gdpr=&us_privacy=&consent= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fusersync.getpublica.com%2Fusermatch%3Fprovider%3Dindex%26did%3D7761a23f-a1b2-48cd-8e6e-746a71e19d38%26IndexID%3D&consent=&gdpr=&s=190692&us_privacy=&C=1 HTTP 302
  • https://usersync.getpublica.com/usermatch?provider=index&did=7761a23f-a1b2-48cd-8e6e-746a71e19d38&IndexID=YQBISSfrJIledqzVo_VFmgAABF8AAAIB
Request Chain 123
  • https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dxtf-1621550208998%26id%3D%24_BK_UUID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=xtf-1621550208998&id=PFIYwQ9999YChyOC
Request Chain 124
  • https://aa.agkn.com/adscores/g.pixel?sid=9212284268 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=164910903860000449005&ex=neustar.biz
Request Chain 125
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%5BRX_UUID%5D%26ex%3Drhythmone.com HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3849594441 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3849594441 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/ab92c5b4-106d-465b-893e-fd7d3d423ee9 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-b2d65cdf-89f3-4fb9-9f56-48617cd072f0-003?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DRX-b2d65cdf-89f3-4fb9-9f56-48617cd072f0-003%26ex%3Drhythmone.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=RX-b2d65cdf-89f3-4fb9-9f56-48617cd072f0-003&ex=rhythmone.com
Request Chain 126
  • https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
  • https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=bfa1c527fdf5a74775ea2dfa6e6b8061
Request Chain 127
  • https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=2trkwy9999YChyOC
Request Chain 128
  • https://pixel.advertising.com/ups/56466/sync?redir=true&_origin=1 HTTP 302
  • https://pixel.advertising.com/ups/56466/sync?redir=true&_origin=1&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/56466/sync?redir=true&_origin=1&apid=UPa9b258a8-ef03-11eb-b64b-0288ce60e328 HTTP 302
  • https://ups.analytics.yahoo.com/ups/56466/sync?redir=true&_origin=1&apid=UPa9b258a8-ef03-11eb-b64b-0288ce60e328&verify=true HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=83be8f6b45edf5d176cc719a0f2b1281f3b57ef0&ex=aoldisplay.com
Request Chain 129
  • https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
  • https://t.myvisualiq.net/ul_cb/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=72235ab3-cb67-4670-b1a2-286d6dad94b8
Request Chain 131
  • https://cms.analytics.yahoo.com/cms?partner_id=AMAZON&ex=gemini HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=y-_MMLJCNE2pFfaPNix4FXVbfwYTAJe.YABR0x~A&status=NOT_FOUND&ex=gemini
Request Chain 133
  • https://ads.stickyadstv.com/user-matching?id=2545 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=f6f23daf5b86a26e9d9038b31948a442&ex=freewheel.tv&gdpr=0&gdpr_consent=
Request Chain 134
  • https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com
Request Chain 136
  • https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=de780387192a8a2a
Request Chain 137
  • https://dpm.demdex.net/ibs:dpid=139200&dpuuid=O2DAN69HRieNh1RAxQxAZA&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=18148237789413544872938087795499804871
Request Chain 138
  • https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=0NgxfNMqTTe29-uuVf_wrw HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10818631467970404128&gdpr=&gdpr_consent=
Request Chain 140
  • https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=1210752641584620010
Request Chain 141
  • https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=aad79ef7-ef03-11eb-85b5-14684a3a0206 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=aad79ec3-ef03-11eb-85b5-14684a3a0206
Request Chain 142
  • https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D HTTP 302
  • https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%22d44cdbde-93d3-4988-b95f-203d3eef2dce%22,%22Time%22:%2220210727T135419.223930%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%] HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=d44cdbde-93d3-4988-b95f-203d3eef2dce
Request Chain 143
  • https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEK56btv4yQRd3CyDbtiO98w&google_cver=1
Request Chain 144
  • https://usermatch.krxd.net/um/v2?partner=amzn HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=amzn
Request Chain 145
  • https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=f36689bd613c0bfe61a527945698834e
Request Chain 146
  • https://us-u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=d4976ca4-d0d8-c5a9-3f70-2ab61e63e9de
Request Chain 147
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__ HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=index&id=KFJ_eXffbvEuJO_h2pArrzc4dDg4ZgIC
Request Chain 148
  • https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
  • https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=semasio&id=D3E9EFA9F5B5F3E6
Request Chain 149
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=133935750687525088&ex=appnexus.com
Request Chain 150
  • https://token.rubiconproject.com/token?pid=2179&pt=n HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=yoIvYBbjUt5CQyEFYu5PRA&ex=rubiconproject.com&status=ok
Request Chain 151
  • https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=gXbyBs2LSuGAG0sVjcJe-g& HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=googleHMT
Request Chain 152
  • https://pixel.placed.com/api/v2/sync/custom-pixel?https://s.amazon-adsystem.com/ecm3?ex=placed.com&id= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1682&partner_device_id=amazon-4ec912f0-1e76-405f-96fa-582b70201244&partner_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dplaced.com%26id%3Damazon-4ec912f0-1e76-405f-96fa-582b70201244 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1682&partner_device_id=amazon-4ec912f0-1e76-405f-96fa-582b70201244&partner_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dplaced.com%26id%3Damazon-4ec912f0-1e76-405f-96fa-582b70201244 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=placed.com&id=amazon-4ec912f0-1e76-405f-96fa-582b70201244
Request Chain 154
  • https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=0A2CE4424B480061354A18510238EBA5
Request Chain 155
  • https://ups.analytics.yahoo.com/ups/58297/sync?_origin=1&redir=true HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=verizonums&id=y-0itPFvN1l2Or_j1Qsxmui_bye3c6sJc-
Request Chain 156
  • https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=8093fb283813a227510f8965a3e89d7a406e287ab4e10d7b108d0a612988de7b
Request Chain 157
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=88948515-A201-4C81-9ED1-2B0A62DB659F
Request Chain 158
  • https://sync.taboola.com/sg/amazon-a9-network/1/rtb HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=bcf90b6c-bb5b-4960-adc6-5935764dbf8d-tuct7f9cdcc
Request Chain 165
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MTgxNDgyMzc3ODk0MTM1NDQ4NzI5MzgwODc3OTU0OTk4MDQ4NzE= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEFMB4QRo83gnRPKW8UKPfjA&google_cver=1?gdpr=0&gdpr_consent=
Request Chain 173
  • https://ml314.com/utsync.ashx?eid=50112&et=0&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D22052%26dpuuid%3D[PersonID] HTTP 302
  • https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3620453972572635289
Request Chain 185
  • https://fei.pro-market.net/engine?site=141472;size=1x1;mimetype=img;du=67;csync=18148237789413544872938087795499804871 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=575&dpuuid=-2991424729288521752
Request Chain 189
  • https://ads.scorecardresearch.com/p?c1=9&c2=6034944&c3=2&cs_xi=18148237789413544872938087795499804871&rn=1627408456640&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D18148237789413544872938087795499804871 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=73426&dpuuid=18148237789413544872938087795499804871
Request Chain 192
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=18148237789413544872938087795499804871?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/tpid=18148237789413544872938087795499804871?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=4cd693a1c1cbc661bfdd647eaa535168
Request Chain 193
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WVFCSVNBQUFBS3N3NWhIbA==
Request Chain 194
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YQBISAAAAKsw5hHl&expires=90
Request Chain 195
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YQBISAAAAKsw5hHl
Request Chain 196
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://ib.adnxs.com/setuid?entity=158&code=YQBISAAAAKsw5hHl
Request Chain 198
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YQBISAAAAKsw5hHl
Request Chain 199
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YQBISAAAAKsw5hHl
Request Chain 200
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YQBISAAAAKsw5hHl&img=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YQBISAAAAKsw5hHl&img=1&__user_check__=1&sync_id=aaddd740-ef03-11eb-b037-129210fe0106
Request Chain 201
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=YQBISAAAAKsw5hHl&t=2592000&o=0

212 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set mlb-at-field-of-dreams-experience-sweepstakes
www.mlb.com/forms/
Redirect Chain
  • https://e.mail.mlblists.com/click/EZ2xlbm4ucm9iZXJ0c0BjaGVtb3Vycy5jb20/CeyJtaWQiOiIxNjI3Mzg5MzUyMzUxZTU0MmVkMzNkMDZlIiwiY3QiOiJtbGItN2M3MDhkZmE5NTk2OGE5OTdmODZhNWRiZjEwOGFmYTktMSIsInJkIjoiY2hlbW91c...
  • https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBS...
324 KB
73 KB
Document
General
Full URL
https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:29b::1767 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudflare /
Resource Hash
abbe522da85ed66be714773f2945689b595886ca61ff6795b0859bc20b5e61ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
www.mlb.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
text/html; charset=utf-8
X-DNS-Prefetch-Control
off
X-Download-Options
noopen
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
CF-Cache-Status
MISS
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server
cloudflare
CF-RAY
6757bb617f8c2b29-FRA
Content-Encoding
gzip
Cache-Control
public, max-age=180
Date
Tue, 27 Jul 2021 17:54:16 GMT
Transfer-Encoding
chunked
Connection
keep-alive Transfer-Encoding
Vary
Accept-Encoding
Set-Cookie
__cflb=02DiuGHoWUaFv3yrwjZG6cqsB4C1ZzbWAoVpFXB7r3EaQ; SameSite=None; Secure; path=/; expires=Wed, 28-Jul-21 16:54:16 GMT; HttpOnly

Redirect headers

Date
Tue, 27 Jul 2021 17:54:15 GMT
Server
Apache
X-Powered-By
PHP/7.3.28
Location
https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Content-Length
0
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Strict-Transport-Security
max-age=60
proxima-nova-bold.woff2
www.mlbstatic.com/mlb.com/fonts/
87 KB
87 KB
Font
General
Full URL
https://www.mlbstatic.com/mlb.com/fonts/proxima-nova-bold.woff2
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcb9dc30a30ff8cf520ee500709a6b8a5462ea5763d24ad96755f46c81d0853b

Request headers

Origin
https://www.mlb.com
Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:16 GMT
cf-cache-status
HIT
age
387682
x-guploader-uploadid
ABg5-Uz4phWu1wFpLivX2anxtlFnOxfyZM7Y7GuUlaQZbW8E4pCqH96NDJiNDHAm-26IldrK1MCPJgSNx6QlqhpAxg
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
font/woff2
content-length
88748
last-modified
Tue, 24 Mar 2020 21:03:32 GMT
server
cloudflare
etag
"d3be99189455da3b114bf5a130b00e40"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=VAaavA==, md5=076ZGJRV2jsRS/WhMLAOQA==
content-language
en
access-control-allow-origin
*
x-goog-generation
1585083812634793
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
max-age=31536000
x-goog-stored-content-length
88748
accept-ranges
bytes
cf-ray
6757bb645ae34a91-FRA
expires
Mon, 23 May 2022 17:47:44 GMT
proxima-nova-regular.woff2
www.mlbstatic.com/mlb.com/fonts/
85 KB
86 KB
Font
General
Full URL
https://www.mlbstatic.com/mlb.com/fonts/proxima-nova-regular.woff2
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d5704f066511df22ddf7ae3e75d8134bd1a672f29db2171b14da43a6f6acb4b

Request headers

Origin
https://www.mlb.com
Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:16 GMT
cf-cache-status
HIT
age
8256947
x-guploader-uploadid
ABg5-UxjI3Vou-NghAgkNDBQkVLJz1ZxJY5lLRY64W74vFxJ59TMwWYTBaDt5HowSI5hstk902Vc1OHX_SLxZQ3e2hhNGLgDhA
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
font/woff2
content-length
87288
last-modified
Tue, 24 Mar 2020 21:03:33 GMT
server
cloudflare
etag
"fe7a7517200f018db19dd601784e036a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=mWeKTw==, md5=/np1FyAPAY2xndYBeE4Dag==
content-language
en
access-control-allow-origin
*
x-goog-generation
1585083813306306
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
max-age=31536000
x-goog-stored-content-length
87288
accept-ranges
bytes
cf-ray
6757bb645ae64a91-FRA
expires
Wed, 03 Nov 2021 08:34:44 GMT
mlb-okta.js
www.mlbstatic.com/mlb.com/vendor/mlb-okta/
91 KB
28 KB
Script
General
Full URL
https://www.mlbstatic.com/mlb.com/vendor/mlb-okta/mlb-okta.js
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2efe70a51d341e65a49a9441d1eb3cb47213907f07607952fa0ecdfc34563e22

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:16 GMT
content-encoding
gzip
cf-cache-status
HIT
age
228
x-guploader-uploadid
ABg5-UynemdJF3kDj2ksz8uOgacHNR9N1SI-3Jo1mSfjlcb8r6cSuCZXI81XTSDnBdcygctXlw2lFGT4n-fgBQfm_O2DWYLG_w
x-goog-storage-class
REGIONAL
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
content-type
application/javascript
x-goog-meta-
last-modified
Fri, 17 Jul 2020 14:03:18 GMT
server
cloudflare
etag
W/"3ce1180ece0435d41ab31562f298de7d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=m0aTlw==, md5=POEYDs4ENdQasxVi8pjefQ==
content-language
en
access-control-allow-origin
*
x-goog-generation
1594994598221121
access-control-expose-headers
*
cache-control
max-age=600
x-goog-stored-content-length
93148
cf-ray
6757bb645e2d3140-FRA
expires
Tue, 27 Jul 2021 17:51:35 GMT
VisitorAPI.js
www.mlbstatic.com/mlb.com/adobe-analytics/
45 KB
15 KB
Script
General
Full URL
https://www.mlbstatic.com/mlb.com/adobe-analytics/VisitorAPI.js
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f187b8c3553c8e1a3925d8e96e0f2ec42475a20a1a2035235bf908a3172f6231

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1616435668
age
19673
x-guploader-uploadid
ABg5-UyTbu0f1UXfFnhAm0beyvdLS62w2WwAfKPYYT1qyA6Eei5Tl8tvFyWbPECe8Aowi1nxGOe66iTLKoFmHhLdgyG8b3rNCQ
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
application/javascript
last-modified
Mon, 22 Mar 2021 17:54:38 GMT
server
cloudflare
etag
W/"3373ca490434b863333469f1a3244bd1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=LUR0Mw==, md5=M3PKSQQ0uGMzNGnxoyRL0Q==
x-goog-generation
1616435678974967
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=21600
x-goog-stored-content-length
45793
cf-ray
6757bb645e2f3140-FRA
expires
Tue, 27 Jul 2021 16:00:27 GMT
at.js
www.mlbstatic.com/mlb.com/adobe-analytics/target/2.3.0/
91 KB
31 KB
Script
General
Full URL
https://www.mlbstatic.com/mlb.com/adobe-analytics/target/2.3.0/at.js
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d35df4c6ac87e45f7f62b765e4a84f3d53e2c735e077a273b5b57c09d0961069

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1616435668
age
19612
x-guploader-uploadid
ABg5-Ux1ujR_oz7Apo06RLKt0y-4sSdAPJ77oxKLv9sUut15YLY9wsSiu0yGu9jWkR1i8fN-qslSCZcbMCKIJPAB2LUcjOMADQ
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
application/javascript
last-modified
Mon, 22 Mar 2021 17:54:39 GMT
server
cloudflare
etag
W/"52228c7ba06c4a3474d66ab62c66e225"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=G6sJDw==, md5=UiKMe6BsSjR01mq2LGbiJQ==
x-goog-generation
1616435679230975
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=21600
x-goog-stored-content-length
93684
cf-ray
6757bb645e2e3140-FRA
expires
Tue, 27 Jul 2021 16:04:32 GMT
mlb-global-properties-mlb-background-skins-mlb-base-palette.css
www.mlbstatic.com/style/en/
21 KB
3 KB
Stylesheet
General
Full URL
https://www.mlbstatic.com/style/en/mlb-global-properties-mlb-background-skins-mlb-base-palette.css
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25541e3ad240d95792adb5423bc8b6a0e7fe6496b633acfaef57b78a9a6851cc

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:16 GMT
content-encoding
gzip
cf-cache-status
HIT
age
4
x-guploader-uploadid
ABg5-Uz1VYN-TSHyaSP5dERQoh42hPvfSkj5JFZwWoK-zKR6AqXVRkDubGcdUiwe45Iunfsjbia-jRXso45vgxW_Dg
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-type
text/css
content-length
2940
last-modified
Tue, 22 Jun 2021 03:13:50 GMT
server
cloudflare
etag
"97b3acb0626f60c1d724c6b44aed3866"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=ur3QjA==, md5=l7OssGJvYMHXJMa0Su04Zg==
x-goog-generation
1618533788785355
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=60
x-goog-stored-content-length
2940
accept-ranges
bytes
cf-ray
6757bb645e2c3140-FRA
expires
Tue, 27 Jul 2021 17:54:43 GMT
site.css
builds.mlbstatic.com/mlb.com/builds/site-core/1626640049318/dist/styles/
828 KB
93 KB
Stylesheet
General
Full URL
https://builds.mlbstatic.com/mlb.com/builds/site-core/1626640049318/dist/styles/site.css
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46c5535aaaddf350b2bf540730e31e6cff715e9ff34f35690a9658d51ab1d3c9

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:16 GMT
content-encoding
gzip
cf-cache-status
HIT
age
10867
x-guploader-uploadid
ADPycdsx9ocgGhv1OdPDjD1ItMLnwFyxr8sUMVqZSJXW1qDu24IzAtw6fIyDYXzQuRsVL4izW9MDFBu-O4qHuuOXJes
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-type
text/css; charset=utf-8
content-length
94871
last-modified
Sun, 18 Jul 2021 20:33:08 GMT
server
cloudflare
etag
"49233c1b7921561af6a156a2239f4dda"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=Wj5m+w==, md5=SSM8G3khVhr2oVaiI59N2g==
x-goog-generation
1626640388430911
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=86400
x-goog-stored-content-length
94871
accept-ranges
bytes
cf-ray
6757bb64695f431b-FRA
expires
Tue, 27 Jul 2021 20:18:38 GMT
main.css
builds.mlbstatic.com/mlb.com/sections/forms/builds/dfdb682d05a2f27c91a16552487eb5bf7597d5cf_1586807239/styles/
153 B
442 B
Stylesheet
General
Full URL
https://builds.mlbstatic.com/mlb.com/sections/forms/builds/dfdb682d05a2f27c91a16552487eb5bf7597d5cf_1586807239/styles/main.css
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4dddc7c5f2eb0f29016b2a91edd06bc9a9472d9cfc642ef45b91ddb5a6d31175

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:16 GMT
content-encoding
gzip
cf-cache-status
HIT
age
68934
x-guploader-uploadid
ABg5-UynN1S4i40kT2ZSRHAq0Zs1zUUp-mSxB75Dmuveg1yszZIkbw6emPRwnyMcXdwo0AtA-9cCVWK_JXI9r1FFuJI
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-type
text/css; charset=utf-8
content-length
156
last-modified
Mon, 13 Apr 2020 19:49:36 GMT
server
cloudflare
etag
"159a42038478b5fdb9e08acd14358a33"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=JcSJGw==, md5=FZpCA4R4tf254IrNFDWKMw==
x-goog-generation
1586807376747239
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=86400
x-goog-stored-content-length
156
accept-ranges
bytes
cf-ray
6757bb646963431b-FRA
expires
Tue, 27 Jul 2021 18:14:56 GMT
gtm.js
www.googletagmanager.com/
278 KB
77 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TGJ9RZ
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ffa7754e3ab4ea1c25a90b182d7679d87ded37d05a621e7e05651d6b19e95d7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:16 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
78920
x-xss-protection
0
expires
Tue, 27 Jul 2021 17:54:16 GMT
gtm.js
www.googletagmanager.com/
138 KB
47 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MD6MQQP
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d1b630c58df61e680d0d972426876e699fe7bd62213e8fbfe0eff11e98885884
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:16 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47971
x-xss-protection
0
last-modified
Tue, 27 Jul 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 27 Jul 2021 17:54:16 GMT
1.svg
www.mlbstatic.com/team-logos/league-on-dark/
1 KB
1 KB
Image
General
Full URL
https://www.mlbstatic.com/team-logos/league-on-dark/1.svg
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8eb13f1aee1ec1c3a28109dab9170d63b7a100be7cf16cd0e2335a0488886306

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1625081928
age
1116515
x-guploader-uploadid
ADPycduo4pzVlSXVqjKQ0i6FNREp0IFgow4Kxn13D5SwxqYbBS2xedbuf4-36PGsPtU63LYMmiAZwwIB4jvpewJGlairmtd7aw
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/svg+xml
last-modified
Wed, 30 Jun 2021 19:39:21 GMT
server
cloudflare
etag
W/"636ec413377f09da989ee837ec64b7f4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=3x3H0Q==, md5=Y27EEzd/CdqYnug37GS39A==
x-goog-generation
1625081961443367
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=1209600
x-goog-stored-content-length
1373
cf-ray
6757bb64ef763140-FRA
expires
Wed, 28 Jul 2021 19:45:40 GMT
110.svg
www.mlbstatic.com/team-logos/
9 KB
4 KB
Image
General
Full URL
https://www.mlbstatic.com/team-logos/110.svg
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e6476d34cd2e98e792cb73ef06e99b2c243089b3a7e102465db427ec3d26535

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1625081928
age
387488
x-guploader-uploadid
ADPycdskvvKqPA5TBOXh9CiqXqMFDWhSPMUKd2rnGTl-cra-b1cZld2WMhhC8VH5W8_CqtTt4MzDyJZlYlIHFzycjMk
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/svg+xml
last-modified
Wed, 30 Jun 2021 19:39:04 GMT
server
cloudflare
etag
W/"ad9804cb332840199a24054db8c72758"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=6L8Pgg==, md5=rZgEyzMoQBmaJAVNuMcnWA==
x-goog-generation
1625081944540919
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=1209600
x-goog-stored-content-length
8913
cf-ray
6757bb64ef783140-FRA
expires
Wed, 28 Jul 2021 19:45:40 GMT
111.svg
www.mlbstatic.com/team-logos/
5 KB
2 KB
Image
General
Full URL
https://www.mlbstatic.com/team-logos/111.svg
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53eb07384a14fcc54efb807581672b793c75cc1bfdc0c6610345051820cd92af

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1625081928
age
1116475
x-guploader-uploadid
ADPycdubJ9wBv8Y-oV-UlSCY3yqub7Q3aFFd8ETbsa6XvkuLPehJHvpQgwCEzafvGOTBemeiRBV11G0gzCeCFQE4QZpgpId-HA
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/svg+xml
last-modified
Wed, 30 Jun 2021 19:39:06 GMT
server
cloudflare
etag
W/"9c0d6016223f71c94726aeed14f6a901"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=lZ06QQ==, md5=nA1gFiI/cclHJq7tFPapAQ==
x-goog-generation
1625081946776322
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=1209600
x-goog-stored-content-length
5328
cf-ray
6757bb64ef793140-FRA
expires
Wed, 28 Jul 2021 19:45:40 GMT
147.svg
www.mlbstatic.com/team-logos/
1 KB
1 KB
Image
General
Full URL
https://www.mlbstatic.com/team-logos/147.svg
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9041069f46b033c0ecaa1472fd5a12da22f1f5af53fd8a686687540d5586fdd

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1625081928
age
1116504
x-guploader-uploadid
ADPycdtwE4cYp1CgAOKQs4uRJ_UjBGEWFe1vVNKIHCMZIa58tOcbfFl5OLAtkNGVS1OXf2WYlIbEhTv9GpXw16opom8
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/svg+xml
last-modified
Wed, 30 Jun 2021 19:39:04 GMT
server
cloudflare
etag
W/"48d37a66cc16504600ed822674de56d3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=ED7Gvw==, md5=SNN6ZswWUEYA7YImdN5W0w==
x-goog-generation
1625081944362042
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=1209600
x-goog-stored-content-length
1506
cf-ray
6757bb64ef7b3140-FRA
expires
Wed, 28 Jul 2021 19:45:41 GMT
139.svg
www.mlbstatic.com/team-logos/
3 KB
2 KB
Image
General
Full URL
https://www.mlbstatic.com/team-logos/139.svg
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b50fd02140a8fe66e57eb5c421fc6847a52abfbc7469bc3099a49d1e09ff77fc

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1625081928
age
1116475
x-guploader-uploadid
ABg5-Uxpyari-7TBnWjprmUZF00_i22IG_qPlavYdp6p3mHDKVhdgmUMlqlFJG7N8BHK3qWfAWFY7V7n5dwDOcLnRwA
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/svg+xml
last-modified
Wed, 30 Jun 2021 19:39:03 GMT
server
cloudflare
etag
W/"4d6416124eeb9227e3f5d52cc8b61021"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=0DyvJw==, md5=TWQWEk7rkifj9dUsyLYQIQ==
x-goog-generation
1625081943849223
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=1209600
x-goog-stored-content-length
2639
cf-ray
6757bb64ef7d3140-FRA
expires
Wed, 28 Jul 2021 19:45:39 GMT
141.svg
www.mlbstatic.com/team-logos/
6 KB
3 KB
Image
General
Full URL
https://www.mlbstatic.com/team-logos/141.svg
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1920a269c4dce0f8f38d338c4a47380144922a7d84f92ad4609188cac0f4d8e3

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1625081928
age
1116475
x-guploader-uploadid
ADPycduuKcv35DUE--GJ0q6RupfMLvaqSBl6Gm8B0-DMmCYjc0_4NFUqobIVyQfXnPI4OLCHn-SEkrwIV2h_CY6tYxM
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/svg+xml
last-modified
Wed, 30 Jun 2021 19:39:03 GMT
server
cloudflare
etag
W/"a942d6a35b836dd3f3822a7a819a9417"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=WubJPw==, md5=qULWo1uDbdPzgip6gZqUFw==
x-goog-generation
1625081943990893
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=1209600
x-goog-stored-content-length
6124
cf-ray
6757bb64ef7f3140-FRA
expires
Wed, 28 Jul 2021 19:45:40 GMT
145.svg
www.mlbstatic.com/team-logos/
9 KB
4 KB
Image
General
Full URL
https://www.mlbstatic.com/team-logos/145.svg
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca1ee0dc0e5a0f848703d0081ba60a12d44b0364da5c3b146985b6fe33f2e994

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1625081928
age
1116475
x-guploader-uploadid
ADPycdtAJ4KL0aKwZcsXGSR5LvGJxl7WqxSFPolOtfnGqFu6G8eWRsYNZzgjzAXYCPh-wEaSHqKVe0KZYshnNH_Tows
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/svg+xml
last-modified
Wed, 30 Jun 2021 19:39:04 GMT
server
cloudflare
etag
W/"33717e2d0e72525e99173fcd34edb446"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=e3MeBA==, md5=M3F+LQ5yUl6ZFz/NNO20Rg==
x-goog-generation
1625081944308329
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=1209600
x-goog-stored-content-length
8869
cf-ray
6757bb64ef813140-FRA
expires
Wed, 28 Jul 2021 19:45:40 GMT
114.svg
www.mlbstatic.com/team-logos/
558 B
591 B
Image
General
Full URL
https://www.mlbstatic.com/team-logos/114.svg
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec61ebbfacad3db9eadb3406dd797c39a29a0d96a4375cb43f9c7c4ef46f78a7

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1625081928
age
1116475
x-guploader-uploadid
ADPycdt_OpP-oMsOGXZUeoT11bfCzjWZKhpHC95SM2E20SASnyRU9zy8mtGii_nz-Op1s_e77VEcgbJ8mpJtHqjrJMj2R-ggTg
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/svg+xml
last-modified
Wed, 30 Jun 2021 19:39:06 GMT
server
cloudflare
etag
W/"c65abc70867687c014e9100c51f82fd0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=G30q4A==, md5=xlq8cIZ2h8AU6RAMUfgv0A==
x-goog-generation
1625081946420252
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=1209600
x-goog-stored-content-length
558
cf-ray
6757bb64ef833140-FRA
expires
Wed, 28 Jul 2021 19:45:40 GMT
116.svg
www.mlbstatic.com/team-logos/
2 KB
1 KB
Image
General
Full URL
https://www.mlbstatic.com/team-logos/116.svg
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90602ddfa5130edf47241fcde4152d7c7421b881af67ed3d66d0b5d700446c39

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1624482687
age
1116475
x-guploader-uploadid
ADPycdsswXYQLgRZ16QXRK1dqGIyDj5QPZDW3eri_Ghivylr0gxHD1oeh7d0clTkf7DanufqII86m_WlwljFTt7KDwg
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/svg+xml
last-modified
Wed, 30 Jun 2021 19:39:04 GMT
server
cloudflare
etag
W/"ee8cc47f5284c2243b62a9010f065b9e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=msQHIg==, md5=7ozEf1KEwiQ7YqkBDwZbng==
x-goog-generation
1624482957789862
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
max-age=1209600
x-goog-stored-content-length
1961
cf-ray
6757bb64ef853140-FRA
expires
Wed, 28 Jul 2021 19:45:39 GMT
118.svg
www.mlbstatic.com/team-logos/
1 KB
1022 B
Image
General
Full URL
https://www.mlbstatic.com/team-logos/118.svg
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55678f28a752ec5ac86e290b2481b8a5e3d7de7460a3f469412147dc224eb32c

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1625081928
age
387488
x-guploader-uploadid
ADPycduivv5LNgHHtHtJVE8XIZb_Jm-72Z1aETf_m2RC1YP17j5mEYwbUsazTu3WuxsHp2dOyaZ0aCgIfwdGzwRJFbchEHfz7g
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/svg+xml
last-modified
Wed, 30 Jun 2021 19:39:04 GMT
server
cloudflare
etag
W/"429fa43f45910cfe799718c4bbff3590"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=SQHYZQ==, md5=Qp+kP0WRDP55lxjEu/81kA==
x-goog-generation
1625081944992473
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=1209600
x-goog-stored-content-length
1211
cf-ray
6757bb64ef873140-FRA
expires
Wed, 28 Jul 2021 19:45:40 GMT
142.svg
www.mlbstatic.com/team-logos/
1 KB
1 KB
Image
General
Full URL
https://www.mlbstatic.com/team-logos/142.svg
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f1ac330d5dc44156e21d0e76ecd0b9887aebd3e22006a15620025ee91508e77

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1625081928
age
1116475
x-guploader-uploadid
ADPycduF36xGH7rM9Sm_PZLy_V-wJOqJYQvg9kni6mB9H7jTGUPMZpLcDG5dTTX5sOws0Dq9FGr2f_HuKWP0GkIX3zg
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/svg+xml
last-modified
Wed, 30 Jun 2021 19:39:04 GMT
server
cloudflare
etag
W/"a5faa1e18c23880c4214ed6a59cb50c7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=19vq5A==, md5=pfqh4YwjiAxCFO1qWctQxw==
x-goog-generation
1625081944028987
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=1209600
x-goog-stored-content-length
1449
cf-ray
6757bb64ef8b3140-FRA
expires
Wed, 28 Jul 2021 19:45:40 GMT
117.svg
www.mlbstatic.com/team-logos/
3 KB
2 KB
Image
General
Full URL
https://www.mlbstatic.com/team-logos/117.svg
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd2e9fa1d895e8cb88fb9ee3562acb6a1b9852158aa4793aa3a742097cc5556e

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1625081928
age
1116475
x-guploader-uploadid
ADPycduTAzfC7OZ14XVcg5FNyfeKr9riBxJQ8SeVdXxQ5GO4d1QW65dl6MhxuuxgnTfsvDalWUDxlJEAjIJI8qoUunU
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/svg+xml
last-modified
Wed, 30 Jun 2021 19:39:04 GMT
server
cloudflare
etag
W/"08d6a24fe7cd02502a5c03bc1d68e40e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=IIDB/w==, md5=CNaiT+fNAlAqXAO8HWjkDg==
x-goog-generation
1625081944372961
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=1209600
x-goog-stored-content-length
3263
cf-ray
6757bb64ef8c3140-FRA
expires
Wed, 28 Jul 2021 19:45:40 GMT
108.svg
www.mlbstatic.com/team-logos/
4 KB
2 KB
Image
General
Full URL
https://www.mlbstatic.com/team-logos/108.svg
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b73a6c9523ac0a35a817516e13c4e96a7908dc0df389f01f8dba5d6c47d21e6

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1625081928
age
1116500
x-guploader-uploadid
ADPycdvIJb3QrkWLeWzPa8_6HPIse8msoP6Hf2FSFBm80dwxw1d3X6rXym8nwVHBoQBEIeyVql1MsWyLm1GWYNF7Kh5ghcXftw
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/svg+xml
last-modified
Wed, 30 Jun 2021 19:39:04 GMT
server
cloudflare
etag
W/"b9102af6d71181e2528bf77d3935c391"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=cy+L4g==, md5=uRAq9tcRgeJSi/d9OTXDkQ==
x-goog-generation
1625081944083197
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=1209600
x-goog-stored-content-length
3648
cf-ray
6757bb64ef8d3140-FRA
expires
Wed, 28 Jul 2021 19:45:40 GMT
133.svg
www.mlbstatic.com/team-logos/
3 KB
2 KB
Image
General
Full URL
https://www.mlbstatic.com/team-logos/133.svg
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
598538b486eef1fc4834f0a88093fc03b26c558e264afc21f5c3c4b2ba209f0c

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1625081928
age
1116475
x-guploader-uploadid
ADPycduyV1NlAGPdxQBPhaC_Ltib07b9ntKmsdabKvV_uaqJLDEkETew5nP8VHZBNBTkkwy7hi5l3Z_IWwkZJqvjZZU8jAdZeg
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/svg+xml
last-modified
Wed, 30 Jun 2021 19:39:04 GMT
server
cloudflare
etag
W/"0aaa068b0dc3187c369aab0025912036"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=UaFWCA==, md5=CqoGiw3DGHw2mqsAJZEgNg==
x-goog-generation
1625081944726546
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=1209600
x-goog-stored-content-length
2853
cf-ray
6757bb64ef8f3140-FRA
expires
Wed, 28 Jul 2021 19:45:40 GMT
136.svg
www.mlbstatic.com/team-logos/
28 KB
12 KB
Image
General
Full URL
https://www.mlbstatic.com/team-logos/136.svg
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9508331d23c9a20493210e9cd23d29978fc5e599efeffe6e180118885ff4d06

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1624998975
age
1116475
x-guploader-uploadid
ADPycdv99YJjRS1XGNl0UOBfYwJvcBybK84YRIk3BNdlvqYPWZFYO6x3cM7ExjRfSmMh8mujwCZW_eOlQnyS9tUQgmk
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/svg+xml
last-modified
Wed, 30 Jun 2021 19:39:03 GMT
server
cloudflare
etag
W/"852a015c5679e9e22b19219d8d202cf6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=zpdyPw==, md5=hSoBXFZ56eIrGSGdjSAs9g==
x-goog-generation
1624998989373009
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
max-age=1209600
x-goog-stored-content-length
28186
cf-ray
6757bb64ef903140-FRA
expires
Wed, 28 Jul 2021 19:45:40 GMT
140.svg
www.mlbstatic.com/team-logos/
1 KB
1 KB
Image
General
Full URL
https://www.mlbstatic.com/team-logos/140.svg
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
775ec1e70b6655e087249f7306c8ea033c2cc5c52bd1da71339df02160190a38

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1625081928
age
1116475
x-guploader-uploadid
ABg5-Uxz1OEfpCyNYgkcbyUKqesz2vLUQ2FXrE4-EyyRkLnWI58Gt8SuFZyGPs_J_zkxGUbJQAWRflmjTowVkL3YZ4r5DrhItg
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/svg+xml
last-modified
Wed, 30 Jun 2021 19:39:04 GMT
server
cloudflare
etag
W/"15a787c4c0c5541f397cb3fac57ed40e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=pg+3lw==, md5=FaeHxMDFVB85fLP6xX7UDg==
x-goog-generation
1625081944005632
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=1209600
x-goog-stored-content-length
1425
cf-ray
6757bb64ef913140-FRA
expires
Wed, 28 Jul 2021 19:45:40 GMT
144.svg
www.mlbstatic.com/team-logos/
3 KB
2 KB
Image
General
Full URL
https://www.mlbstatic.com/team-logos/144.svg
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11162237c379e6e6e54916ee4eebe4407961b4d37293b71b21868077d1bead0d

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1625081928
age
1116475
x-guploader-uploadid
ADPycdsEocWN3d5csXdccqaj4U9uBi2G4Y5ZtdGBn0RJTVdrqOvIX34IkihT3aLZHjpeuLV4IeCWlIyFkevoDbn8TyL_gLCFxA
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/svg+xml
last-modified
Wed, 30 Jun 2021 19:39:04 GMT
server
cloudflare
etag
W/"8ee5fc842252079b034af176cb50a696"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=FrIxUA==, md5=juX8hCJSB5sDSvF2y1Cmlg==
x-goog-generation
1625081944195998
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=1209600
x-goog-stored-content-length
2652
cf-ray
6757bb64ef943140-FRA
expires
Wed, 28 Jul 2021 19:45:39 GMT
146.svg
www.mlbstatic.com/team-logos/
11 KB
5 KB
Image
General
Full URL
https://www.mlbstatic.com/team-logos/146.svg
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a6e50ca9bad01e65aaeb0557d9e7b4dc94647aea42fdd2549643aca35a767df

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1625081928
age
1116475
x-guploader-uploadid
ADPycdtIxOo-YpHc-VdZEiriAOPwCerO6uejdIG85xnj2RF42LUodQaxOvfEFFpBIlus1f50xzCBlebjWzfYQ1m8_2Q
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/svg+xml
last-modified
Wed, 30 Jun 2021 19:39:04 GMT
server
cloudflare
etag
W/"28b6cd9958b0801a614e6c5f62a28617"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=t5DHaw==, md5=KLbNmViwgBphTmxfYqKGFw==
x-goog-generation
1625081944368782
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=1209600
x-goog-stored-content-length
11468
cf-ray
6757bb64efe53140-FRA
expires
Wed, 28 Jul 2021 19:45:41 GMT
121.svg
www.mlbstatic.com/team-logos/
3 KB
2 KB
Image
General
Full URL
https://www.mlbstatic.com/team-logos/121.svg
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8214420e8588f91928f45829e9abd8c5ac30df6293a29597b1aa7cc9bc972e0

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1625081928
age
1116475
x-guploader-uploadid
ADPycdvTifepPTjzPnOOp6kVOqqL6FomaFmvgLdVSd4VxZQH7heP3GqBiWSWnmylkLZeQm6eNdumO4em1jhozUxcoSEfDezYhw
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/svg+xml
last-modified
Wed, 30 Jun 2021 19:39:05 GMT
server
cloudflare
etag
W/"c4e36edef2a07dab01828a7aa2fc1383"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=NvRLuA==, md5=xONu3vKgfasBgop6ovwTgw==
x-goog-generation
1625081945491439
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=1209600
x-goog-stored-content-length
2911
cf-ray
6757bb64efe73140-FRA
expires
Wed, 28 Jul 2021 19:45:40 GMT
143.svg
www.mlbstatic.com/team-logos/
2 KB
2 KB
Image
General
Full URL
https://www.mlbstatic.com/team-logos/143.svg
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
465da43739de56c09d5f8ec3328be11e9318f53959cc05979d3ab3d0a547a3bb

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1625081928
age
1116475
x-guploader-uploadid
ADPycdsrLz-WKh0OC9vP99uikv0L3VRwE8Sgflzy_A_WT35lN061zDWQi3T7nNivKgLugdm3QWxnNyaRM8rCbCcFj2DmEqm0ww
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/svg+xml
last-modified
Wed, 30 Jun 2021 19:39:04 GMT
server
cloudflare
etag
W/"751b795dc00c03a2b38fb9b53eae4395"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=yBi5QQ==, md5=dRt5XcAMA6Kzj7m1Pq5DlQ==
x-goog-generation
1625081944193244
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=1209600
x-goog-stored-content-length
2516
cf-ray
6757bb64efe93140-FRA
expires
Wed, 28 Jul 2021 19:45:40 GMT
120.svg
www.mlbstatic.com/team-logos/
2 KB
1 KB
Image
General
Full URL
https://www.mlbstatic.com/team-logos/120.svg
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69e019986481b7844b548fe2d1cdc88a58815d0b1b8cbf22bd65fcf17f3458d8

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1625081928
age
1116475
x-guploader-uploadid
ABg5-UyChpnhrNkBUWVgSJ2Rr5o1DZZ_wFbV6wiq9qrJnzcRPICA4jYrCeyTaGHQcpiRAjqb60IVsL08zpqDwdtCM-BDHuatOw
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/svg+xml
last-modified
Wed, 30 Jun 2021 19:39:05 GMT
server
cloudflare
etag
W/"e6a690595896d45c1d0367514c2235ac"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=MUemzg==, md5=5qaQWViW1FwdA2dRTCI1rA==
x-goog-generation
1625081945684270
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=1209600
x-goog-stored-content-length
1867
cf-ray
6757bb651ffd3140-FRA
expires
Wed, 28 Jul 2021 19:45:39 GMT
112.svg
www.mlbstatic.com/team-logos/
2 KB
1 KB
Image
General
Full URL
https://www.mlbstatic.com/team-logos/112.svg
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fe99678c053859b50adbbe769aade0011ed6b2349962a9963dcc0b6db162aef

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1625081928
age
1116500
x-guploader-uploadid
ADPycdt5wtwlAjEZP4ThuK3wbJt70S9O_gwwcASJ4N-CmO12ObPHMqGm96CTCWEoE-0jnFVP3x8L2M4svulpodN1Me1f2mnoJw
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/svg+xml
last-modified
Wed, 30 Jun 2021 19:39:05 GMT
server
cloudflare
etag
W/"0d4f7416967b83ac617166aa103abfb8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=8PwMeQ==, md5=DU90FpZ7g6xhcWaqEDq/uA==
x-goog-generation
1625081945036059
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=1209600
x-goog-stored-content-length
2321
cf-ray
6757bb651ffe3140-FRA
expires
Wed, 28 Jul 2021 19:45:40 GMT
113.svg
www.mlbstatic.com/team-logos/
1 KB
1 KB
Image
General
Full URL
https://www.mlbstatic.com/team-logos/113.svg
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
112b22efe0bb3f7352a0630068977526d2fbaf36c67a10683a8b2c9e966c1618

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1625081928
age
1116475
x-guploader-uploadid
ADPycdvZ7VRnqAc5BssLHc1V_JWdFMkQd2mQG_XUZMRKy7zkkWrsdgKZJSr6BeJNYg9xp2EHRbHkzZAhd1QUODQpPc0
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/svg+xml
last-modified
Wed, 30 Jun 2021 19:39:05 GMT
server
cloudflare
etag
W/"2afa0ad44f98e520b4606bad067f8124"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=sQjiLQ==, md5=KvoK1E+Y5SC0YGutBn+BJA==
x-goog-generation
1625081945149903
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=1209600
x-goog-stored-content-length
1432
cf-ray
6757bb651fff3140-FRA
expires
Wed, 28 Jul 2021 19:45:40 GMT
158.svg
www.mlbstatic.com/team-logos/
3 KB
2 KB
Image
General
Full URL
https://www.mlbstatic.com/team-logos/158.svg
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9271da480f41d07eaa124a20dd4bc2dfaf879c17721b61bef9c45d8e6cc837d4

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1624482687
age
1116475
x-guploader-uploadid
ADPycdvSKClouyWG_Htbureh5V3Q9U560oN5Ei6d_eLSWFQ-hmIdGPF7TeyO-FcvcPdzKocyVJmlS1-bVQNZwyHDMcs
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/svg+xml
last-modified
Wed, 30 Jun 2021 19:39:04 GMT
server
cloudflare
etag
W/"72b0887e861a2f64177f40e92f25215b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=SKAwdg==, md5=crCIfoYaL2QXf0DpLyUhWw==
x-goog-generation
1624482830474739
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
max-age=1209600
x-goog-stored-content-length
3351
cf-ray
6757bb6518003140-FRA
expires
Wed, 28 Jul 2021 19:45:39 GMT
134.svg
www.mlbstatic.com/team-logos/
846 B
873 B
Image
General
Full URL
https://www.mlbstatic.com/team-logos/134.svg
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a88e4a6bd86217dd2e1c66f48de97113a7edde01f03d7a9c280b6b05bd0ddaa3

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1625081928
age
387489
x-guploader-uploadid
ADPycdsz2gVjY193_Z9_ISwcykjszumNmJaNGn_AkB6V2U2nA1df9-sYb5vxstnPj5-bydqI9oJVT47Yu5SlGni_MThQArUsQA
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/svg+xml
last-modified
Wed, 30 Jun 2021 19:39:03 GMT
server
cloudflare
etag
W/"ec6ce0428815fd71910d3313433976d0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=0Ku4Zg==, md5=7GzgQogV/XGRDTMTQzl20A==
x-goog-generation
1625081943556479
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=1209600
x-goog-stored-content-length
846
cf-ray
6757bb6518033140-FRA
expires
Wed, 28 Jul 2021 19:45:42 GMT
138.svg
www.mlbstatic.com/team-logos/
2 KB
1 KB
Image
General
Full URL
https://www.mlbstatic.com/team-logos/138.svg
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1f1aa692b825d69521a724ca0848b337bd4fe57120daf3760a4e2eb12e3653d

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1625081928
age
387489
x-guploader-uploadid
ADPycdvmrdynb4_o_C-u4Wobk3AhTwwqxoGxkdtnd4-F3HygFpYhi52psMUZpKLjFyP7hHcj_x0qSWWgJ-u0jJ69RCUI-oav9Q
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/svg+xml
last-modified
Wed, 30 Jun 2021 19:39:03 GMT
server
cloudflare
etag
W/"2b91c54555d7259ee0a40cab0488ce73"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=PPUd7A==, md5=K5HFRVXXJZ7gpAyrBIjOcw==
x-goog-generation
1625081943955589
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=1209600
x-goog-stored-content-length
2481
cf-ray
6757bb6518043140-FRA
expires
Wed, 28 Jul 2021 19:45:40 GMT
109.svg
www.mlbstatic.com/team-logos/
1 KB
1 KB
Image
General
Full URL
https://www.mlbstatic.com/team-logos/109.svg
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c5693d5263a34cbdb98d86327d637d2d9639365c8ccb602f4aba39127cdf3c6

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1625081928
age
1116475
x-guploader-uploadid
ADPycdvdkYssGWQZmYO99Udq328xeoxze3QmzJTfWEoxHvLp42VDQ9lzBTiyOwcyM0l0ClHVJr21FKhnVDMdakLhc5HAQ8SoIw
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/svg+xml
last-modified
Wed, 30 Jun 2021 19:39:03 GMT
server
cloudflare
etag
W/"3ed5fd3bb461fe90facd0ced55a42dfd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=ofZW+A==, md5=PtX9O7Rh/pD6zQztVaQt/Q==
x-goog-generation
1625081943904322
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=1209600
x-goog-stored-content-length
1531
cf-ray
6757bb6518063140-FRA
expires
Wed, 28 Jul 2021 19:45:39 GMT
115.svg
www.mlbstatic.com/team-logos/
3 KB
2 KB
Image
General
Full URL
https://www.mlbstatic.com/team-logos/115.svg
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4ac929c740e482a4c62127cbb0b04c9aa48848f6481dcabfd66f7c064abdd47

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1624482687
age
1116475
x-guploader-uploadid
ADPycdukv5B8GyWexv2O1OWcX8xQ0XuxaRCoR1LsUZbBVQaP6giuOwMfvzo2qPB9Q5CCwDr8aMjsMSgl4H6c6nfGUJW3vBAGaQ
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/svg+xml
last-modified
Wed, 30 Jun 2021 19:39:04 GMT
server
cloudflare
etag
W/"4e7745db19e101bf54680bba572c2df5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=GSy+jA==, md5=TndF2xnhAb9UaAu6Vywt9Q==
x-goog-generation
1624482864833942
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=1209600
x-goog-stored-content-length
2673
cf-ray
6757bb6518093140-FRA
expires
Wed, 28 Jul 2021 19:45:39 GMT
119.svg
www.mlbstatic.com/team-logos/
1 KB
930 B
Image
General
Full URL
https://www.mlbstatic.com/team-logos/119.svg
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9840fd7c20fb4614a1797f1fcf9613586fb54dac49dbe4b894086aa07555280f

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1625081928
age
1116475
x-guploader-uploadid
ADPycdt6Z3nO1Ty9XXgtoqQLd9tSxTm9t04bMTHPHXhOIB15xCqTD3JgJtQ5D56c4mhZPerlcgBa_TVY_1pnh5GLYjI
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/svg+xml
last-modified
Wed, 30 Jun 2021 19:39:06 GMT
server
cloudflare
etag
W/"e0ea2135c95851bde8914cf89d061df4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=kzDMaw==, md5=4OohNclYUb3okUz4nQYd9A==
x-goog-generation
1625081946080228
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=1209600
x-goog-stored-content-length
1188
cf-ray
6757bb65180a3140-FRA
expires
Wed, 28 Jul 2021 19:45:40 GMT
135.svg
www.mlbstatic.com/team-logos/
1 KB
972 B
Image
General
Full URL
https://www.mlbstatic.com/team-logos/135.svg
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0d5f92ef4a58f097c74aedebb9fd1ff4270217d45b75ef7aa6eeded115131da

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1625081928
age
1116475
x-guploader-uploadid
ADPycdvIK3GyqB_UggwW0kBfcGgzE_fJH0Fiwegt5lKSHCQcrdeAk-EVBvaKsL4ianUHn2aiSpv0A6DVOXOaRPUOZs0
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/svg+xml
last-modified
Wed, 30 Jun 2021 19:39:03 GMT
server
cloudflare
etag
W/"e4c262a3a6eac46e812785c5202fb924"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=om++FA==, md5=5MJio6bqxG6BJ4XFIC+5JA==
x-goog-generation
1625081943594670
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=1209600
x-goog-stored-content-length
1286
cf-ray
6757bb65180c3140-FRA
expires
Wed, 28 Jul 2021 19:45:40 GMT
137.svg
www.mlbstatic.com/team-logos/
1 KB
1 KB
Image
General
Full URL
https://www.mlbstatic.com/team-logos/137.svg
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04d8deeb9e7dd172edae9c1a202bf91461d89a973dd243edddb99329cfe99f3c

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1625081928
age
1116475
x-guploader-uploadid
ADPycduhKKQgLh8uvsS1zu1b-9XPcUg2fVk8Vg5SgQBEO5_19ZrVtAC6uUziLjGICohIXFyr5ik4iO8G0GBb4oINMSqJklX3fw
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/svg+xml
last-modified
Wed, 30 Jun 2021 19:39:03 GMT
server
cloudflare
etag
W/"aad69d2cd19903d1216e2477c8a26e7a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=1HbUrQ==, md5=qtadLNGZA9EhbiR3yKJueg==
x-goog-generation
1625081943739077
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=1209600
x-goog-stored-content-length
1535
cf-ray
6757bb65180d3140-FRA
expires
Wed, 28 Jul 2021 19:45:40 GMT
form.css
cdn.bam-forms.com/2.0.0/mlb/mlb/0001626966285613-cab69ce4ffff9d12-0001/live/
19 KB
8 KB
Stylesheet
General
Full URL
https://cdn.bam-forms.com/2.0.0/mlb/mlb/0001626966285613-cab69ce4ffff9d12-0001/live/form.css
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-47.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3e69bd5b131c72158357096c1c23deb0aafd96ae29a85a87fe166a0e2ce33ed

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:17 GMT
content-encoding
gzip
last-modified
Fri, 23 Jul 2021 13:43:32 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
W/"396f74a187cfa233df13cd1a5ce26763"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/css
via
1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
x-amz-cf-id
G0or8deGnWp8-UBgz4b51aA1Wu-IIsrZQp9qt39c2TWGPCW2g9lqVg==
form.js
cdn.bam-forms.com/2.0.0/mlb/mlb/0001626966285613-cab69ce4ffff9d12-0001/live/
387 KB
77 KB
Script
General
Full URL
https://cdn.bam-forms.com/2.0.0/mlb/mlb/0001626966285613-cab69ce4ffff9d12-0001/live/form.js
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-47.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e2c2dd8998ad048f07ab750af295741e70b5317cfba49cd7c340826137a3be2b

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:17 GMT
content-encoding
gzip
last-modified
Fri, 23 Jul 2021 13:43:32 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
W/"2f89a5baecd19c7bc44731dffd3aca5c"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/javascript
via
1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
x-amz-cf-id
A8TQNt0KimAC6cLg0GY1Rq22GgShI5RwuJxG7KdkefPFcCSklFqBXg==
bgca.svg
www.mlbstatic.com/mlb.com/builds/site-core/6ba79ea6e6d26980b58bc4c45f9688f6c41d1c8e_1551285135/images/
20 KB
8 KB
Image
General
Full URL
https://www.mlbstatic.com/mlb.com/builds/site-core/6ba79ea6e6d26980b58bc4c45f9688f6c41d1c8e_1551285135/images/bgca.svg
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98a543740b01df1ff6c5e2aa73f182d3c4e21bf8bcca8be7b5c4cfeb21447373

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:16 GMT
content-encoding
gzip
cf-cache-status
HIT
age
422948
x-guploader-uploadid
ABg5-UxihZ3CVXH79Et37pE-zXptbyYtQZWZ7uqD15KqcQDXhYoerCOYIxDLfddu1cytvaoWFbZz72FPngCwilExV-vJfqohjg
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/svg+xml
last-modified
Tue, 04 Feb 2020 12:07:22 GMT
server
cloudflare
etag
W/"58b9d85430f9608e7335541cd2c8ca84"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=taaBNQ==, md5=WLnYVDD5YI5zNVQc0sjKhA==
x-goog-generation
1580818042884613
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=604800
x-goog-stored-content-length
20620
cf-ray
6757bb6518103140-FRA
expires
Fri, 23 Jul 2021 00:48:02 GMT
site-core.min.js
builds.mlbstatic.com/mlb.com/builds/site-core/1626640049318/
138 KB
50 KB
Script
General
Full URL
https://builds.mlbstatic.com/mlb.com/builds/site-core/1626640049318/site-core.min.js
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fe9a677ee3e7fc70a17f214e444f214ab59931e7d045452aa2f8b418e8d1fde

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:16 GMT
content-encoding
gzip
cf-cache-status
HIT
age
10867
x-guploader-uploadid
ADPycdtFl3iJAgXF7GEcy4H4tK3CZVn7Yy1CVrqSg4NXgX-sqc5iym__sELAbD99nJ1lBp-uLUWB_wNuFV7-ZEKhax4
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-type
application/javascript; charset=utf-8
content-length
50725
last-modified
Sun, 18 Jul 2021 20:33:08 GMT
server
cloudflare
etag
"b7f887c1f6e6bd328564a4d3de32c789"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=xX8N2w==, md5=t/iHwfbmvTKFZKTT3jLHiQ==
x-goog-generation
1626640388154523
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=86400
x-goog-stored-content-length
50725
accept-ranges
bytes
cf-ray
6757bb64eb03431b-FRA
expires
Tue, 27 Jul 2021 20:42:51 GMT
AppMeasurement-mlb.js
www.mlbstatic.com/mlb.com/adobe-analytics/
23 KB
8 KB
Script
General
Full URL
https://www.mlbstatic.com/mlb.com/adobe-analytics/AppMeasurement-mlb.js
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74e7135d5a3970391bcb1f4427827dcfd1cdf0767fe1849720b5992de14e712a

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1626362455
age
20775
x-guploader-uploadid
ADPycdt7Iv3_8ddQeM_N6eKEo-9W4XfJXZ_v1i9EOMXt7hXLVEM2VUU14mGE1Nwu_sLlBfAW8ZVZtZNl8kkIP5i1Dq8
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
application/javascript
last-modified
Thu, 15 Jul 2021 15:21:03 GMT
server
cloudflare
etag
W/"405485302a4381706ca7f6a51f780ad4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=NbwztA==, md5=QFSFMCpDgXBsp/alH3gK1A==
x-goog-generation
1626362463660488
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=21600
x-goog-stored-content-length
23161
cf-ray
6757bb64ef723140-FRA
expires
Tue, 27 Jul 2021 15:48:48 GMT
AppMeasurement.js
www.mlbstatic.com/mlb.com/adobe-analytics/
62 KB
23 KB
Script
General
Full URL
https://www.mlbstatic.com/mlb.com/adobe-analytics/AppMeasurement.js
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc39d04333adbbbcaee077c62ebe63b975db91869cde6a5bfb7feeed4f200227

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1616435668
age
19612
x-guploader-uploadid
ABg5-UxTfR4KqttalKBduu-OIvfrI_mYOb-7m1sQPAWh2zSqLs5TSbj1LNMOOMa0URZya5NkGwNciOhdlaTVMEtSyaIzGJOpmg
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
application/javascript
last-modified
Mon, 22 Mar 2021 17:54:39 GMT
server
cloudflare
etag
W/"3599d9d60784130b4956628b50eb6ecd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=Kt3mKQ==, md5=NZnZ1geEEwtJVmKLUOtuzQ==
x-goog-generation
1616435679167859
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=21600
x-goog-stored-content-length
63926
cf-ray
6757bb64ef753140-FRA
expires
Tue, 27 Jul 2021 16:04:24 GMT
id
dpm.demdex.net/
4 KB
2 KB
XHR
General
Full URL
https://dpm.demdex.net/id?d_visid_ver=3.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=A65F776A5245B01B0A490D44%40AdobeOrg&d_nsid=0&ts=1627408456423
Requested by
Host: www.mlbstatic.com
URL: https://www.mlbstatic.com/mlb.com/adobe-analytics/VisitorAPI.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.223.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-223-28.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a0ca38e753c57ed8f0d05e0be3ccdbbcf57f37062bcfb672ba1d6c55b8a2ab71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-1-v012-0d2ac0246.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
NMpB00/GRW4=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.mlb.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
1404
Expires
Thu, 01 Jan 1970 00:00:00 UTC
rja6bo8zd.js
cdn.krxd.net/controltag/
22 KB
6 KB
Script
General
Full URL
https://cdn.krxd.net/controltag/rja6bo8zd.js
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
470707f75483b5f7d771528c3a25fef49334afb13468d1e108fadc99c4052b25

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date
Tue, 27 Jul 2021 17:54:16 GMT
via
1.1 varnish, 1.1 varnish
age
885
x-cache
MISS, HIT, HIT
x-app-cache
HIT
x-age
0
content-encoding
gzip
content-length
5290
x-served-by
config-service-a001-ash-prod.krxd.net, cache-bwi5132-BWI, cache-fra19138-FRA
x-response-time
1
x-do-esi
esi
x-timer
S1627408457.566369,VS0,VE1
etag
"6682001e082d6f440e33b74f6fb5bc4c65153cfc"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=1200
accept-ranges
bytes
x-cache-hits
0, 5, 1
proxima-nova-medium.woff2
www.mlbstatic.com/mlb.com/fonts/
86 KB
86 KB
Font
General
Full URL
https://www.mlbstatic.com/mlb.com/fonts/proxima-nova-medium.woff2
Requested by
Host: builds.mlbstatic.com
URL: https://builds.mlbstatic.com/mlb.com/builds/site-core/1626640049318/dist/styles/site.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2797770bdbe2a8d3c7a5fa994715ef1d5429e0f64e56d73e443473723f46b3bc

Request headers

Origin
https://www.mlb.com
Referer
https://builds.mlbstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:16 GMT
cf-cache-status
HIT
age
8320898
x-guploader-uploadid
ABg5-UzW0rDd5izudoeNksudyl1p88FCe2Ef_fy3ig_ha_QcfchRK1J66BjcBl7rrWO0OGMeKtGDmWRt6YRuYhugDgfIsuyRBQ
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
font/woff2
content-length
87648
last-modified
Tue, 24 Mar 2020 21:03:33 GMT
server
cloudflare
etag
"aff88f43ed7e46a19af01254f838372d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=FgW5Uw==, md5=r/iPQ+1+RqGa8BJU+Dg3LQ==
content-language
en
access-control-allow-origin
*
x-goog-generation
1585083813243480
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
max-age=31536000
x-goog-stored-content-length
87648
accept-ranges
bytes
cf-ray
6757bb650cb54a91-FRA
expires
Thu, 04 Nov 2021 09:21:43 GMT
web-vitals.es5.min.js
unpkg.com/web-vitals@0.2.4/dist/
4 KB
2 KB
Script
General
Full URL
https://unpkg.com/web-vitals@0.2.4/dist/web-vitals.es5.min.js?module
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
5ba0bf6ef5c7c5f7d88e23576a710d8b815eb6dca299be64de090197f52c1d17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://www.mlb.com
Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
10961140
x-powered-by
Express
vary
Accept-Encoding
server
cloudflare
etag
W/"ec3-v6tFuXU0cfkzIKsxLIHkQhK/ns0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
125546f2e9839f019f28849ac1929ffd
cache-control
public, max-age=31536000
cf-ray
6757bb6559a34e2b-FRA
moatheader.js
z.moatads.com/mlbheader874053601219/
209 KB
73 KB
Script
General
Full URL
https://z.moatads.com/mlbheader874053601219/moatheader.js
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f8d1384fe847558bc9b4d3ae6f902d694d5ebe3effb2f077f0e58bcb5f96adb4

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:16 GMT
content-encoding
gzip
last-modified
Thu, 22 Jul 2021 19:32:08 GMT
server
AmazonS3
x-amz-request-id
CRCVN5SXHBVFKJKC
etag
"5d224b3dfb20c1221d3e935440e39cf2"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=33836
accept-ranges
bytes
content-length
74772
x-amz-id-2
plbWFKjRy091FkEMgSdlZv8Un6YQk5Rmezo+RzGUoGm/hU89JhZ/N/QAV/nIIcqC1URyLARxVWc=
sync.js
sync.getpublica.com/
12 KB
5 KB
Script
General
Full URL
https://sync.getpublica.com/sync.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MD6MQQP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-67.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
91334cdcfe6d4d7383242be8d537d18b4287cc2dd5ed03686da1550601893ab6

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Jul 2021 22:45:39 GMT
content-encoding
gzip
last-modified
Thu, 06 May 2021 16:57:06 GMT
server
AmazonS3
age
673718
etag
W/"be46e57077436902de2fa4928df87f5a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
cache-control
max-age=2592000, public
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
o1LqSKqDazdXMVJZpgHe7hTpblTslHl9Po2AjspDds8RpBx4gP_STg==
conversion_async.js
www.googleadservices.com/pagead/
36 KB
14 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGJ9RZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
6d2b2652cd4f5b0c8ce1b586871e24d54cc134737f50f8ba6a16c469ad9cf5fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13913
x-xss-protection
0
server
cafe
etag
9921229738351535883
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 27 Jul 2021 17:54:16 GMT
uwt.js
static.ads-twitter.com/
5 KB
2 KB
Script
General
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGJ9RZ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a53ea60fbea6cb1775430998564d5f295aba7d3bfe548a0ba79aa2a049aba839

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:16 GMT
via
1.1 varnish
last-modified
Mon, 12 Jul 2021 21:25:31 GMT
age
64028
etag
"65cf0c0ceb852397f0d1e6732cd3c533+gzip"
vary
Accept-Encoding,Host
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding
gzip
cache-control
no-cache
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
1958
x-timer
S1627408457.684114,VS0,VE0
x-served-by
cache-fra19137-FRA
analytics.js
www.google-analytics.com/
48 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGJ9RZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Jun 2021 17:36:57 GMT
server
Golfe2
age
6174
date
Tue, 27 Jul 2021 16:11:22 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19661
expires
Tue, 27 Jul 2021 18:11:22 GMT
bat.js
bat.bing.com/
30 KB
9 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6e9e8d16e703a71a0020912bb5435e8af2e5b41bbd4661905471f84dfb52e1d3

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-encoding
gzip
last-modified
Tue, 20 Jul 2021 18:24:21 GMT
x-msedge-ref
Ref A: DB229288476C428480C8187B6B658402 Ref B: FRAEDGE1221 Ref C: 2021-07-27T17:54:16Z
etag
"80b87575947dd71:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
9014
Cookie set iu3
s.amazon-adsystem.com/ Frame 7749
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Df676acbf-94c1-b002-cf3b-a141543520c3%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.mlb.com/&ex-hargs=v%3D1.0%3Bc%3D310905773...
  • https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Df676acbf-94c1-b002-cf3b-a141543520c3%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.mlb.com/&ex-hargs=v%3D1.0%3Bc%3D310905773...
582 B
1 KB
Document
General
Full URL
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Df676acbf-94c1-b002-cf3b-a141543520c3%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.mlb.com/&ex-hargs=v%3D1.0%3Bc%3D3109057730001%3Bp%3DF676ACBF-94C1-B002-CF3B-A141543520C3&cb=821069144340093300&dcc=t
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
f94232a3cc2460813a3e6c012dbcd2351cb7bb0acd8e308a4e71d03ad612a209
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Host
s.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.mlb.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A6Wm47Rvp0uWs9I4GoJ3Ybc|t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.mlb.com/

Response headers

Server
Server
Date
Tue, 27 Jul 2021 17:54:17 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
582
Connection
keep-alive
x-amz-rid
SXSSQADCNM6FDYQQ7BT4
Set-Cookie
ad-id=A6Wm47Rvp0uWs9I4GoJ3Ybc; Domain=.amazon-adsystem.com; Expires=Fri, 01-Apr-2022 17:54:17 GMT; Path=/; Secure; HttpOnly; SameSite=None ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Thu, 01-Oct-2026 17:54:17 GMT; Path=/; Secure; HttpOnly; SameSite=None
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

Server
Server
Date
Tue, 27 Jul 2021 17:54:16 GMT
Content-Length
0
Connection
keep-alive
x-amz-rid
6Q086D6ZD81RD7N507XS
Set-Cookie
ad-id=A6Wm47Rvp0uWs9I4GoJ3Ybc|t; Domain=.amazon-adsystem.com; Expires=Fri, 01-Apr-2022 17:54:16 GMT; Path=/; Secure; HttpOnly; SameSite=None
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Df676acbf-94c1-b002-cf3b-a141543520c3%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.mlb.com/&ex-hargs=v%3D1.0%3Bc%3D3109057730001%3Bp%3DF676ACBF-94C1-B002-CF3B-A141543520C3&cb=821069144340093300&dcc=t
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()
scevent.min.js
sc-static.net/
15 KB
6 KB
Script
General
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.96.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
a92b99b413aa8afe65e9a4943c148fdedab142e7b913dafc52a040d850a5b197

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:16 GMT
content-encoding
gzip
server
CloudFront
x-amz-cf-pop
PRG50-C1
x-cache
LambdaGeneratedResponse from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
private, s-maxage=0, max-age=600
access-control-allow-headers
Content-Type
content-length
5873
via
1.1 e14614617e85116e937d5168b35a94df.cloudfront.net (CloudFront)
x-amz-cf-id
nb1_dBGcJhW7aPvtzQn6IGIv2t-lLu8Ro0IAmYRG71JPdDjenm4aAQ==
quant.js
secure.quantserve.com/
24 KB
9 KB
Script
General
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:16 GMT
content-encoding
gzip
etag
"WhyxmPkT7L77qVDcrjxwGw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Tue, 03 Aug 2021 17:54:16 GMT
fbevents.js
connect.facebook.net/en_US/
95 KB
24 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0d17b8a38d3dce6f7357bbc8da105d92c21b6cf1c4b92351ce2b1861b065f2c5
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
24676
x-xss-protection
0
pragma
public
x-fb-debug
1fj2YcqzQBM5L65s5B0liy+NuJQ6haOn4w/f8Lj8YPb2w0dtmkCAMeUY9Ix6x7oZ1KXJkhr9Yk2Euuu64G7d2A==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
date
Tue, 27 Jul 2021 17:54:16 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
controltag.js.e4cdf7ad64ebac73f207c1ce55cc1727
cdn.krxd.net/ctjs/
249 KB
80 KB
Script
General
Full URL
https://cdn.krxd.net/ctjs/controltag.js.e4cdf7ad64ebac73f207c1ce55cc1727
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/rja6bo8zd.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3c9c46bb150b2ed41f5dd685ff25b03747e5b29eac72b1baa63a6e54a4a1bccb

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date
Tue, 27 Jul 2021 17:54:16 GMT
content-encoding
gzip
age
1273793
x-amz-server-side-encryption
AES256
x-cache
HIT
x-cache-hits
3206
content-length
81295
x-served-by
cache-fra19138-FRA
last-modified
Wed, 11 Mar 2020 14:15:55 GMT
x-timer
S1627408457.637849,VS0,VE0
etag
"e4cdf7ad64ebac73f207c1ce55cc1727"
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=315360000
accept-ranges
bytes
expires
Sat, 09 Mar 2030 14:15:54 GMT
collect
stats.g.doubleclick.net/j/
4 B
86 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-136513251-1&cid=1520865501.1627408457&jid=1005238304&gjid=241744270&_gid=1422078819.1627408457&_u=YGBAgUABAAAAAE~&z=4920428
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 27 Jul 2021 17:54:16 GMT
content-type
text/plain
access-control-allow-origin
https://www.mlb.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j91&a=1936151801&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mlb.com%2Fforms%2Fmlb-at-field-of-dreams-experience-sweepstakes%3FpartnerId%3Dzh-20210727-443722-mlb-1-A%26qid%3D1026%26utm_id%3Dzh-20210727-443722-mlb-1-A%26bt_ee%3Dt9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA%26bt_ts%3D1627389352352&dr=%2F&dp=%2Fforms%2Fmlb-at-field-of-dreams-experience-sweepstakes%2F%3FpartnerId%3Dzh-20210727-443722-mlb-1-A%26qid%3D1026%26utm_id%3Dzh-20210727-443722-mlb-1-A%26bt_ee%3Dt9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA%26bt_ts%3D1627389352352&ul=en-us&de=UTF-8&dt=GEICO%20MLB%20at%20Field%20of%20Dreams%20Experience%20Sweepstakes%20%7C%20MLB.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgUAB~&jid=1005238304&gjid=241744270&cid=1520865501.1627408457&tid=UA-136513251-1&_gid=1422078819.1627408457&gtm=2wg7l1TGJ9RZ&cg1=MLB&cg2=forms&cd1=GTM-TGJ9RZ&cd2=147&cd3=&cd5=Tue%20Jul%2027%202021%2019%3A54%3A16%20GMT%2B0200%20(Central%20European%20Summer%20Time)&cd6=1627408456595.bcl1z4q9&cd7=-2&cd8=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&cd9=en&cd10=desktop&cd12=GA%20Page%20View%20-%20Core%20Page%20View&cd13=MLBsite&cd18=MLB&cd43=forms&cd44=zh-20210727-443722-mlb-1-A&cd45=&cd15=1520865501.1627408457&z=1072388512
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Jul 2021 20:42:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
76334
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
2892474421069407
connect.facebook.net/signals/config/
260 KB
74 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/2892474421069407?v=2.9.43&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d550370c35a7b384f0537d1d4fa2094c3b23af4a09c5baaaadccf114b0fa3585
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
75746
x-xss-protection
0
pragma
public
x-fb-debug
4/h3fvCs7vKfJqf3biWcUx5Ge/qA8z+xnGTkCNQYPzsdWQilPLUe1UTWTgu9SkysejqC2nWdvhHgxZlrFopuQw==
x-frame-options
DENY
date
Tue, 27 Jul 2021 17:54:16 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
rules-p-Ms-zd1Whjf6AU.js
rules.quantcount.com/
7 KB
2 KB
Script
General
Full URL
https://rules.quantcount.com/rules-p-Ms-zd1Whjf6AU.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:c000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fa37d96a5c78efb88191c3285d7b5f9d308ac1addce868810f56bffe4b2858ba

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 16:57:54 GMT
content-encoding
gzip
age
3476
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Tue, 14 Jul 2020 16:20:29 GMT
server
AmazonS3
etag
W/"71a0ae12f3ea6004cce2adba0e701919"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 1f98172ca4214b0e937b7d3d534b34cd.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
PRG50-C1
x-amz-cf-id
QhuerZ0I79sNwvOUE34Mq-efSsczqZRm4HeMxPsXAV0qPkd49biV5g==
ga-audiences
www.google.com/ads/
42 B
111 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-136513251-1&cid=1520865501.1627408457&jid=1005238304&_u=YGBAgUABAAAAAE~&z=1295133574
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Jul 2021 17:54:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-136513251-1&cid=1520865501.1627408457&jid=1005238304&_u=YGBAgUABAAAAAE~&z=1295133574
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Jul 2021 17:54:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
26053341.js
bat.bing.com/p/action/
0
150 B
Script
General
Full URL
https://bat.bing.com/p/action/26053341.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 27 Jul 2021 17:54:16 GMT
cache-control
private,max-age=86400
x-msedge-ref
Ref A: 981FE9B89C6E407798298ECBA799D152 Ref B: FRAEDGE1221 Ref C: 2021-07-27T17:54:16Z
x-powered-by
ARR/3.0
x-cache
CONFIG_NOCACHE
/
www.facebook.com/tr/
44 B
147 B
Image
General
Full URL
https://www.facebook.com/tr/?id=2892474421069407&ev=PageView&dl=https%3A%2F%2Fwww.mlb.com%2Fforms%2Fmlb-at-field-of-dreams-experience-sweepstakes%3FpartnerId%3Dzh-20210727-443722-mlb-1-A%26qid%3D1026%26utm_id%3Dzh-20210727-443722-mlb-1-A%26bt_ee%3Dt9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA%26bt_ts%3D1627389352352&rl=&if=false&ts=1627408456676&sw=1600&sh=1200&v=2.9.43&r=stable&ec=0&o=30&fbp=fb.1.1627408456675.638128371&it=1627408456639&coo=false&rqm=GET
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:16 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Tue, 27 Jul 2021 17:54:16 GMT
dest5.html
mlb.demdex.net/ Frame 5753
7 KB
3 KB
Document
General
Full URL
https://mlb.demdex.net/dest5.html?d_nsid=0
Requested by
Host: www.mlbstatic.com
URL: https://www.mlbstatic.com/mlb.com/adobe-analytics/VisitorAPI.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.73.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Host
mlb.demdex.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.mlb.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
demdex=18148237789413544872938087795499804871
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.mlb.com/

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
Content-Type
text/html;charset=UTF-8
date
Tue, 27 Jul 2021 17:54:16 GMT
DCS
dcs-prod-irl1-1-v012-0a778d318.edge-irl1.demdex.com 6.3.1.20210623115127
Expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Fri, 2 Jul 2021 08:33:30 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
vary
accept-encoding
X-TID
KYcMXWdtQNs=
Content-Length
2791
Connection
keep-alive
id
ans.mlb.com/
48 B
505 B
XHR
General
Full URL
https://ans.mlb.com/id?d_visid_ver=3.0.0&d_fieldgroup=A&mcorgid=A65F776A5245B01B0A490D44%40AdobeOrg&mid=18250880675735486232935678700526563199&ts=1627408456684
Requested by
Host: www.mlbstatic.com
URL: https://www.mlbstatic.com/mlb.com/adobe-analytics/VisitorAPI.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
36773a1d1f54c9dd9d88b75a0cd6ca9cdb96394eda71459f99c61d3f0bd30485
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 27 Jul 2021 17:54:16 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-58944c9887-xglsq
vary
Origin
x-c
main-1489.I96e1bb.M0-504
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.mlb.com
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript;charset=utf-8
content-length
48
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=YQBISAAAAKsw5hHl
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=18148237789413544872938087795499804871
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YQBISAAAAKsw5hHl
42 B
958 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YQBISAAAAKsw5hHl
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.223.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-223-28.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v012-037df3aea.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
MIRquqdaRjA=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YQBISAAAAKsw5hHl
Date
Tue, 27 Jul 2021 17:54:16 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
pixel;r=877228259;labels=_fp.event.Default;rf=0;a=p-Ms-zd1Whjf6AU;url=https%3A%2F%2Fwww.mlb.com%2Fforms%2Fmlb-at-field-of-dreams-experience-sweepstakes%3FpartnerId%3Dzh-20210727-443722-mlb-1-A%26qi...
pixel.quantserve.com/
35 B
371 B
Image
General
Full URL
https://pixel.quantserve.com/pixel;r=877228259;labels=_fp.event.Default;rf=0;a=p-Ms-zd1Whjf6AU;url=https%3A%2F%2Fwww.mlb.com%2Fforms%2Fmlb-at-field-of-dreams-experience-sweepstakes%3FpartnerId%3Dzh-20210727-443722-mlb-1-A%26qid%3D1026%26utm_id%3Dzh-20210727-443722-mlb-1-A%26bt_ee%3Dt9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA%26bt_ts%3D1627389352352;uht=2;fpan=1;fpa=P0-519600153-1627408456689;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=82efd7d8-20210517233434;cm=;gdpr=0;ref=;d=mlb.com;je=0;sr=1600x1200x24;dst=1;et=1627408456689;tzo=-120;ogl=description.Enter%20for%20your%20chance%20to%20win%20a%20once%20in%20a%20lifetime%20experience%2Ctitle.GEICO%20MLB%20at%20Field%20of%20Dreams%20Experience%20Sweepstakes%2Cimage.https%3A%2F%2Fwww%252Emlbstatic%252Ecom%2Fteam-logos%2Fshare%2Fmlb%252Ejpg%3Fv%3D2%2Csite_name.MLB%252Ecom%2Ctype.website%2Curl.https%3A%2F%2Fwww%252Emlb%252Ecom%2Fforms%2Fmlb-at-field-of-dreams-experience-sweepstakes
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Jul 2021 17:54:16 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1022743323/
3 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1022743323/?random=1627408456731&cv=9&fst=1627408456731&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7l1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.mlb.com%2Fforms%2Fmlb-at-field-of-dreams-experience-sweepstakes%3FpartnerId%3Dzh-20210727-443722-mlb-1-A%26qid%3D1026%26utm_id%3Dzh-20210727-443722-mlb-1-A%26bt_ee%3Dt9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA%26bt_ts%3D1627389352352&tiba=GEICO%20MLB%20at%20Field%20of%20Dreams%20Experience%20Sweepstakes%20%7C%20MLB.com&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
19fb9d0dc218a87c6cf9321f55cc8d9c02b99a5b7c45417e81816ab09d0ddf62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Jul 2021 17:54:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1186
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Cookie set usersync
usersync.getpublica.com/ Frame 6150
1003 B
1 KB
Document
General
Full URL
https://usersync.getpublica.com/usersync?gpdr=0&consent=&us_privacy=
Requested by
Host: sync.getpublica.com
URL: https://sync.getpublica.com/sync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.55.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
6d54fda040266105163f5ae40902f5c7e6ba17b9923b3c207c1380437006d49f

Request headers

Host
usersync.getpublica.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.mlb.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.mlb.com/

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate
Expires
0
Pragma
no-cache
Set-Cookie
p_uid=7761a23f-a1b2-48cd-8e6e-746a71e19d38; Path=/; Domain=getpublica.com; Expires=Sat, 25 Sep 2021 17:54:17 GMT; Max-Age=5184000; Secure; SameSite=None
Vary
Origin
Date
Tue, 27 Jul 2021 17:54:17 GMT
Content-Length
1003
Content-Type
text/html; charset=utf-8
adsct
t.co/i/
43 B
454 B
Image
General
Full URL
https://t.co/i/adsct?type=javascript&version=2.0.1&p_id=Twitter&p_user_id=0&txn_id=nwb6i&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fwww.mlb.com%2Fforms%2Fmlb-at-field-of-dreams-experience-sweepstakes%3FpartnerId%3Dzh-20210727-443722-mlb-1-A%26qid%3D1026%26utm_id%3Dzh-20210727-443722-mlb-1-A%26bt_ee%3Dt9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA%26bt_ts%3D1627389352352
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
pragma
no-cache
last-modified
Tue, 27 Jul 2021 17:54:16 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
9cb8836c99a24973ac37f40dfb2577e4a6ad6be613cd0a9c4fe000c45096b4a6
x-transaction
2a6a6ee65088c936
expires
Tue, 31 Mar 1981 05:00:00 GMT
/
www.google.com/pagead/1p-user-list/1022743323/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/1022743323/?random=1627408456731&cv=9&fst=1627405200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7l1&sendb=1&frm=0&url=https%3A%2F%2Fwww.mlb.com%2Fforms%2Fmlb-at-field-of-dreams-experience-sweepstakes%3FpartnerId%3Dzh-20210727-443722-mlb-1-A%26qid%3D1026%26utm_id%3Dzh-20210727-443722-mlb-1-A%26bt_ee%3Dt9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA%26bt_ts%3D1627389352352&tiba=GEICO%20MLB%20at%20Field%20of%20Dreams%20Experience%20Sweepstakes%20%7C%20MLB.com&async=1&fmt=3&is_vtc=1&random=3700345768&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Jul 2021 17:54:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1022743323/
42 B
64 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/1022743323/?random=1627408456731&cv=9&fst=1627405200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7l1&sendb=1&frm=0&url=https%3A%2F%2Fwww.mlb.com%2Fforms%2Fmlb-at-field-of-dreams-experience-sweepstakes%3FpartnerId%3Dzh-20210727-443722-mlb-1-A%26qid%3D1026%26utm_id%3Dzh-20210727-443722-mlb-1-A%26bt_ee%3Dt9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA%26bt_ts%3D1627389352352&tiba=GEICO%20MLB%20at%20Field%20of%20Dreams%20Experience%20Sweepstakes%20%7C%20MLB.com&async=1&fmt=3&is_vtc=1&random=3700345768&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Jul 2021 17:54:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v2
mb.moatads.com/yi/
353 B
528 B
Script
General
Full URL
https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-oriDNgRTPmCpsGPVCywBEAhKBRM3uwndnCs78ABRGBCPEpDfmAqnEVFZ&sc=1&os=1-2A%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.mlb.com%2Fforms%2Fmlb-at-field-of-dreams-experience-sweepstakes%3FpartnerId%3Dzh-20210727-443722-mlb-1-A%26qid%3D1026%26utm_id%3Dzh-20210727-443722-mlb-1-A%26bt_ee%3Dt9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA%26bt_ts%3D1627389352352&pcode=mlbheader874053601219&callback=MoatNadoAllJsonpRequest_92096283
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/mlbheader874053601219/moatheader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.133.182 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TornadoServer/4.5.3 /
Resource Hash
dcdc859049b5ebbc3fe18a7650df197555253fb75c0bc6c266d98eb5aab3555e

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:16 GMT
cache-control
max-age=900
server
TornadoServer/4.5.3
timing-allow-origin
*
etag
"95381e23b4262ebee9e532c63bfacccc34bc056a"
content-length
353
content-type
text/html; charset=UTF-8
n.js
geo.moatads.com/
113 B
288 B
Script
General
Full URL
https://geo.moatads.com/n.js?e=35&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-oriDNgRTPmCpsGPVCywBEAhKBRM3uwndnCs78ABRGBCPEpDfmAqnEVFZ&sc=1&os=1-2A%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.mlb.com%2Fforms%2Fmlb-at-field-of-dreams-experience-sweepstakes%3FpartnerId%3Dzh-20210727-443722-mlb-1-A%26qid%3D1026%26utm_id%3Dzh-20210727-443722-mlb-1-A%26bt_ee%3Dt9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA%26bt_ts%3D1627389352352&pcode=mlbheader874053601219&ql=&qo=0&i=MLB_HEADER1&hp=1&wf=1&pxm=5&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=11&f=0&j=&t=1627408456795&de=840469717147&rx=497255628192&m=0&ar=29ad59d-clean&iw=306bc21&q=1&cb=0&cu=1627408456795&ll=2&lm=0&ln=0&em=0&en=0&d=undefined%3Aundefined%3Aundefined%3Aundefined&zMoatAdUnit1=-&zMoatAdUnit2=-&zMoatAdUnit3=-&zMoatAdUnit4=-&zMoatAdUnit5=-&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.mlb.com%2Fforms%2Fmlb-at-field-of-dreams-experience-sweepstakes%3FpartnerId%3Dzh-20210727-443722-mlb-1-A%26qid%3D1026%26utm_id%3Dzh-20210727-443722-mlb-1-A%26bt_ee%3Dt9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA%26bt_ts%3D1627389352352&id=1&ii=4&bo=undefined&bd=undefined&gw=mlbheader874053601219&fd=1&ac=1&it=500&pe=1%3A1094%3A-%3A0%3A0&fs=193224&na=1473428251&cs=0&callback=MoatDataJsonpRequest_92096283
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/mlbheader874053601219/moatheader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.226.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TornadoServer/4.5.3 /
Resource Hash
9864936e544a8f85c3390426a1f57c772700cbcdd58443c1c3c41aa1f371e476

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:16 GMT
cache-control
max-age=900
server
TornadoServer/4.5.3
timing-allow-origin
*
etag
"ad4ec00f64f7ee66a2137655e644a213c27985e1"
content-length
113
content-type
text/html; charset=UTF-8
pixel.gif
px.moatads.com/
43 B
260 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=17&t=1627408456795&de=644634296372&d=MLB_HEADER1%3ADesktop%3A-%3A-&i=YIELD_INTELLIGENCE_INTERNAL1&sgs=5&ar=29ad59d-clean&iw=306bc21&zMoatRendered=0&zMoatSlotTargetingLoaded=0&zMoatSlotTargetingSet=0&zMoatPageDataTargetingSet=0&zMoatSafetyTargetingSet=0&zMoatEmptySlot=0&zMoatNadoDataLoadTime=Not%20Loaded&zMoatAllDataLoadTime=Not%20Loaded&bo=mlb.com&bd=mlb.com%2Fforms%2Fmlb-at-field-of-dreams-experience-sweepstakes&ac=1&bq=11&f=0&na=771580605&cs=0
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Jul 2021 17:54:16 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 27 Jul 2021 17:54:16 GMT
delivery
mlbadvancedmedialp.tt.omtrdc.net/rest/v1/
291 B
511 B
XHR
General
Full URL
https://mlbadvancedmedialp.tt.omtrdc.net/rest/v1/delivery?client=mlbadvancedmedialp&sessionId=022a1256011a4e588b76200a2ac71708&version=2.3.0
Requested by
Host: www.mlbstatic.com
URL: https://www.mlbstatic.com/mlb.com/adobe-analytics/target/2.3.0/at.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.150.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-150-20.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
f3aa944271577ba2029a9470123e93a8832f05263d69f4a5486215a73f88eda5

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.mlb.com
date
Tue, 27 Jul 2021 17:54:17 GMT
content-encoding
gzip
access-control-allow-credentials
true
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
x-request-id
063a15dc3e33c2f07ab63cb27c682ff2
content-type
application/json;charset=UTF-8
8a5beb1e-7c54-4a9b-802f-9b064436798e
consumer.krxd.net/consent/get/
233 B
430 B
Script
General
Full URL
https://consumer.krxd.net/consent/get/8a5beb1e-7c54-4a9b-802f-9b064436798e?idt=device&dt=kxcookie&callback=Krux.ns.mlb.kxjsonp_consent_get_0
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.e4cdf7ad64ebac73f207c1ce55cc1727
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
64043c475d7580abd009a1341505eadc10dbe8e825772cce2a4befde3a6ed5e2

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:16 GMT
via
1.1 varnish
age
0
x-served-by
consumer-a012-dub-prod.krxd.net, cache-fra19136-FRA
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
content-encoding
gzip
cache-control
max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1627408457.956820,VS0,VE23
content-length
191
x-cache-hits
0, 0
ibs:dpid=21&dpuuid=164910903860000449005
dpm.demdex.net/ Frame 5753
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9211132908&aam=18148237789413544872938087795499804871
  • https://dpm.demdex.net/ibs:dpid=21&dpuuid=164910903860000449005
42 B
958 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=21&dpuuid=164910903860000449005
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.223.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-223-28.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://mlb.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v012-070ade798.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
dM4e8tXYTIU=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Tue, 27 Jul 2021 17:54:17 GMT
server
AAWebServer
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://dpm.demdex.net/ibs:dpid=21&dpuuid=164910903860000449005
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
mlb-sponsorship-2021-mlb-at-field-of-dreams-experience-sweepstakes-bg-1680x900.jpg
mktg.mlbstatic.com/mlb/images/sponsorship/background-skins/
322 KB
323 KB
Image
General
Full URL
https://mktg.mlbstatic.com/mlb/images/sponsorship/background-skins/mlb-sponsorship-2021-mlb-at-field-of-dreams-experience-sweepstakes-bg-1680x900.jpg
Requested by
Host: cdn.bam-forms.com
URL: https://cdn.bam-forms.com/2.0.0/mlb/mlb/0001626966285613-cab69ce4ffff9d12-0001/live/form.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58789936f057975399b169076f37d04d334ec7016da5726854850acd1147fcfc

Request headers

Referer
https://cdn.bam-forms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:17 GMT
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1626984400
x-guploader-uploadid
ADPycdtsBuHlnM3TGpFbsiGe9-KK27MTl4QN4px-H5KU-brxs20MqLi6ayKyQ21-OEpOeSTHk6Wz3ShTLbv9zcqUqQHAewsnAw
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/jpeg
content-length
330209
expires
Tue, 27 Jul 2021 17:56:25 GMT
last-modified
Thu, 22 Jul 2021 20:06:51 GMT
server
cloudflare
etag
"c6d78b262b253463b766fdba042c310d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=lLw8wg==, md5=xteLJislNGO3Zv26BCwxDQ==
x-goog-generation
1626984411674950
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=300
x-goog-stored-content-length
330209
accept-ranges
bytes
cf-ray
6757bb691ad84a55-FRA
cf-bgj
h2pri
truncated
/
209 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
581c27864594ec355870c8348ca71e04b90b1d54066652ef4c13465fb40b1aed

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
r2
sb.scorecardresearch.com/
Redirect Chain
  • https://ans.mlb.com/b/ss/mlbglobal08,mlbcom08/10/JS-2.7.0/s56167722756262?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=27%2F6%2F2021%2019%3A54%3A17%202%20-120&d.&nsid=0&jsonv=1&.d&sdid=58...
  • https://sb.scorecardresearch.com/r?c2=3005352&d.c=gif&d.o=mlbglobal08&d.x=3269405573&d.t=page&d.u=https%3A%2F%2Fwww.mlb.com%2Fforms%2Fmlb-at-field-of-dreams-experience-sweepstakes%3FpartnerId%3Dzh-...
  • https://sb.scorecardresearch.com/r2?c2=3005352&d.c=gif&d.o=mlbglobal08&d.x=3269405573&d.t=page&d.u=https%3A%2F%2Fwww.mlb.com%2Fforms%2Fmlb-at-field-of-dreams-experience-sweepstakes%3FpartnerId%3Dzh...
48 B
316 B
Script
General
Full URL
https://sb.scorecardresearch.com/r2?c2=3005352&d.c=gif&d.o=mlbglobal08&d.x=3269405573&d.t=page&d.u=https%3A%2F%2Fwww.mlb.com%2Fforms%2Fmlb-at-field-of-dreams-experience-sweepstakes%3FpartnerId%3Dzh-20210727-443722-mlb-1-A%26qid%3D1026%26utm_id%3Dzh-20210727-443722-mlb-1-A%26bt_ee%3Dt9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA%26bt_ts%3D1627389352352
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.96.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ee403944cf9c0065eee14f507f8eb887d8e333c8627d7347e137380f46a88938

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:17 GMT
via
1.1 6ec6c63eb2f7ec00507af95b1621674c.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
etag
W/"30-K3w/+rPqfRuZ+eZGax9xsuNr3hM"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
48
x-amz-cf-id
ZXr7EWTRjhlYM9dKdvN4V_1U4zj-IPwEDE0YCJHgyyvY6GuG6cDxAQ==

Redirect headers

date
Tue, 27 Jul 2021 17:54:17 GMT
via
1.1 6ec6c63eb2f7ec00507af95b1621674c.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/r2?c2=3005352&d.c=gif&d.o=mlbglobal08&d.x=3269405573&d.t=page&d.u=https%3A%2F%2Fwww.mlb.com%2Fforms%2Fmlb-at-field-of-dreams-experience-sweepstakes%3FpartnerId%3Dzh-20210727-443722-mlb-1-A%26qid%3D1026%26utm_id%3Dzh-20210727-443722-mlb-1-A%26bt_ee%3Dt9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA%26bt_ts%3D1627389352352
content-length
393
x-amz-cf-id
aJ15GW0AN809-UkKmjMfNTo6rEIfqingJpRxvXbOkhm1tv5ev7oIAQ==
adsct
analytics.twitter.com/i/
31 B
659 B
Script
General
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.1&p_id=Twitter&p_user_id=0&txn_id=nwb6i&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.mlb.com%2Fforms%2Fmlb-at-field-of-dreams-experience-sweepstakes%3FpartnerId%3Dzh-20210727-443722-mlb-1-A%26qid%3D1026%26utm_id%3Dzh-20210727-443722-mlb-1-A%26bt_ee%3Dt9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA%26bt_ts%3D1627389352352
Requested by
Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.3 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
57
x-xss-protection
0
pragma
no-cache
last-modified
Tue, 27 Jul 2021 17:54:17 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
application/javascript;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
ababc21401871825582d62ade1e71ff18d5c3bb965ad34f4cab0ff3c6ec47a06
x-transaction
44fcd8a5f92f4702
expires
Tue, 31 Mar 1981 05:00:00 GMT
availability.json
cdn.bam-forms.com/service/
72 B
465 B
XHR
General
Full URL
https://cdn.bam-forms.com/service/availability.json
Requested by
Host: cdn.bam-forms.com
URL: https://cdn.bam-forms.com/2.0.0/mlb/mlb/0001626966285613-cab69ce4ffff9d12-0001/live/form.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-47.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
52b400bb4af7cff3dbc0d0c9ca5be3389a6ab84070cd21738dd21166f0be9611

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:18 GMT
via
1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
last-modified
Wed, 05 Feb 2020 11:21:55 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"1ee8a0ed11a0b305b51ade12c37894db"
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store
x-cache
Miss from cloudfront
accept-ranges
bytes
content-length
72
x-amz-cf-id
swP2QgbnhjbvFc9koLOFBpcm3XnZA_-ws2IMPKrQPHJpT9gwr9peZQ==
api.js
www.google.com/recaptcha/
930 B
616 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?onload=__BamFormsUiCaptcha_1_fieldkrf1qhwu&render=explicit&hl=en
Requested by
Host: cdn.bam-forms.com
URL: https://cdn.bam-forms.com/2.0.0/mlb/mlb/0001626966285613-cab69ce4ffff9d12-0001/live/form.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
177ea786c7d22b9292f50b776b84a5d951981cc5264fcf51d5781093d34b58e6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
595
x-xss-protection
1; mode=block
expires
Tue, 27 Jul 2021 17:54:17 GMT
0001626983394644-cab69ce4ffff9d12-0001.jpg
cdn.bam-forms.com/images/
433 KB
433 KB
Image
General
Full URL
https://cdn.bam-forms.com/images/0001626983394644-cab69ce4ffff9d12-0001.jpg
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-47.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
213a6116e66c198a32090e09ab965f9565a940285908c6749a2a8ed40e46fc42

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:18 GMT
via
1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
last-modified
Thu, 22 Jul 2021 19:49:55 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"94c5bad7a8b44ee05d99ddcad8eb4cf9"
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
443008
x-amz-cf-id
2gLJgWIoIN7U9wqa96-aAqrIX4jtG5shI5mQq_N1-qpc-OGHFKtHEQ==
0
bat.bing.com/action/
0
149 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=26053341&Ver=2&mid=3cbd8cd6-c78e-4897-a234-99e2d6440681&sid=a96f3b00ef0311eb8e8519362787cc10&vid=a96f6440ef0311eb842799c4a5f56d07&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=GEICO%20MLB%20at%20Field%20of%20Dreams%20Experience%20Sweepstakes%20%7C%20MLB.com&kw=MLB,%20Baseball,%20Major%20League%20Baseball&p=https%3A%2F%2Fwww.mlb.com%2Fforms%2Fmlb-at-field-of-dreams-experience-sweepstakes%3FpartnerId%3Dzh-20210727-443722-mlb-1-A%26qid%3D1026%26utm_id%3Dzh-20210727-443722-mlb-1-A%26bt_ee%3Dt9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA%26bt_ts%3D1627389352352&r=&lt=1709&evt=pageLoad&msclkid=N&sv=1&rn=310542
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 27 Jul 2021 17:54:16 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: 1B9280CD87194C2C85BEE87DEFDE1E1B Ref B: FRAEDGE1221 Ref C: 2021-07-27T17:54:17Z
x-cache
CONFIG_NOCACHE
expires
Fri, 01 Jan 1990 00:00:00 GMT
site-desktop.min.js
builds.mlbstatic.com/mlb.com/builds/site-core/1626640049318/dist/scripts/
2 MB
726 KB
Script
General
Full URL
https://builds.mlbstatic.com/mlb.com/builds/site-core/1626640049318/dist/scripts/site-desktop.min.js
Requested by
Host: builds.mlbstatic.com
URL: https://builds.mlbstatic.com/mlb.com/builds/site-core/1626640049318/site-core.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c176a0dc795909f449ab7843140e10b962220b2179e09ce6bf1cb9232d2a263

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:17 GMT
content-encoding
gzip
cf-cache-status
HIT
age
10680
x-guploader-uploadid
ADPycduygBmjKidqg6-xFnNEQzzuhyMY2tUehrsl26GMvKmoJCz758cYzsd5KUBDQWOP5-eNhRhsYeC0A8gskyJlE9I
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-type
application/javascript; charset=utf-8
content-length
741895
last-modified
Sun, 18 Jul 2021 20:33:08 GMT
server
cloudflare
etag
"a6aff86013ef97c7ce09f7efa141d55a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=nrKofg==, md5=pq/4YBPvl8fOCffvoUHVWg==
x-goog-generation
1626640388619584
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=86400
x-goog-stored-content-length
741895
accept-ranges
bytes
cf-ray
6757bb693e41431b-FRA
expires
Tue, 27 Jul 2021 20:42:55 GMT
otSDKStub.js
cdn.cookielaw.org/scripttemplates/
19 KB
7 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cb4f8ad1c77d76c76fec82ee2bb6ec3709d9d724e09f447327d62cc590aa067
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 27 Jul 2021 17:54:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
ElyA2tEJE7gBmVkJbkUH5A==
age
3865
vary
Accept-Encoding
content-length
6319
x-ms-lease-status
unlocked
last-modified
Fri, 23 Jul 2021 01:58:42 GMT
server
cloudflare
etag
0x8D94D7D65E6FA72
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
1ff76ed5-101e-0024-1f7e-7f41a8000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6757bb695b444de8-FRA
otCCPAiab.js
cdn.cookielaw.org/opt-out/
23 KB
6 KB
Script
General
Full URL
https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b53a8679f64261d270c8e531fe1e2b8e463f3592155dcf4c2dbc5deeab2f3b63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 27 Jul 2021 17:54:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
vK1pqwR5vAdncTOZa1Txzw==
age
3857
vary
Accept-Encoding
x-ms-lease-status
unlocked
last-modified
Tue, 29 Jun 2021 08:52:03 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
1ddce9b3-b01e-0044-76d0-6c048a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
6757bb695b464de8-FRA
1737068226554254
connect.facebook.net/signals/config/
261 KB
74 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1737068226554254?v=2.9.43&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
283258613224359d0a24f0234f6113e6a5888d1ca1c49c9f22783aab0c3713f7
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
75949
x-xss-protection
0
pragma
public
x-fb-debug
dTKBDwMn0aqEfRwDhtlAEV5OVJmBb0mNdQTMeDa49JXmt+rTJaGOZQjLR6CrVzy1HDJ5jAnNMF0HdBPCFP6Ufg==
x-frame-options
DENY
date
Tue, 27 Jul 2021 17:54:17 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
p13n.min.js
cdn.boomtrain.com/p13n/mlb/
73 KB
24 KB
Script
General
Full URL
https://cdn.boomtrain.com/p13n/mlb/p13n.min.js
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-9.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6919ef96ba76483f2f0418538556d535e2546873e9822016664088069ca16720

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
UmjHfLbKXiCi7MbeYRVYGenmFiwwk5TW
Content-Encoding
gzip
ETag
W/"9f1a22904f33218768a696d260d8173c"
Age
1986
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Last-Modified
Wed, 21 Jul 2021 03:12:16 GMT
Server
AmazonS3
Date
Tue, 27 Jul 2021 17:21:46 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
Cache-Control
public, max-age=3600
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Cf-Id
Z4EQkBf9CA83dva6E0opzdiEGGcQzMYKizWUWggrGrOW-gGvHtQNpg==
ibs:dpid=477&dpuuid=885c49b9d1570ae989bf849e61b32438a8930f300158a6d05be6f2de572dd047b0da87c991749652
dpm.demdex.net/ Frame 5753
Redirect Chain
  • https://idsync.rlcdn.com/365868.gif?partner_uid=18148237789413544872938087795499804871
  • https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomMTgxNDgyMzc3ODk0MTM1NDQ4NzI5MzgwODc3OTU0OTk4MDQ4NzEQABoNCMmQgYgGEgUI6AcQAEIASgA
  • https://dpm.demdex.net/ibs:dpid=477&dpuuid=885c49b9d1570ae989bf849e61b32438a8930f300158a6d05be6f2de572dd047b0da87c991749652
42 B
958 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=477&dpuuid=885c49b9d1570ae989bf849e61b32438a8930f300158a6d05be6f2de572dd047b0da87c991749652
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.223.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-223-28.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://mlb.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v012-037df3aea.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
KwXQyCEFRK0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date
Tue, 27 Jul 2021 17:54:17 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dpm.demdex.net/ibs:dpid=477&dpuuid=885c49b9d1570ae989bf849e61b32438a8930f300158a6d05be6f2de572dd047b0da87c991749652
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
clear
content-length
0
recaptcha__en.js
www.gstatic.com/recaptcha/releases/Iwg4ANhK7Iu8SHToSsE0E20K/
341 KB
133 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/Iwg4ANhK7Iu8SHToSsE0E20K/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=__BamFormsUiCaptcha_1_fieldkrf1qhwu&render=explicit&hl=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
edb6f1ba6e05bf7ceac236730c44bbd3bd10dfc3dbe6758e66d297c63358c64a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.mlb.com
Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 14:29:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12301
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
136001
x-xss-protection
0
last-modified
Mon, 19 Jul 2021 04:06:17 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 27 Jul 2022 14:29:16 GMT
87e3b067-33e7-4a28-84ad-4aaeb74b4d5a.json
cdn.cookielaw.org/consent/87e3b067-33e7-4a28-84ad-4aaeb74b4d5a/
3 KB
2 KB
XHR
General
Full URL
https://cdn.cookielaw.org/consent/87e3b067-33e7-4a28-84ad-4aaeb74b4d5a/87e3b067-33e7-4a28-84ad-4aaeb74b4d5a.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2277c6d948d116466cb8a6cbca5bb7bf145f1f5b3fc001dd719019b2968a4c54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 27 Jul 2021 17:54:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
FEzsj0/ABl1PjKHINYey1Q==
age
3244
vary
Accept-Encoding
content-length
1293
x-ms-lease-status
unlocked
last-modified
Thu, 01 Oct 2020 20:00:54 GMT
server
cloudflare
etag
0x8D86644B43ADC87
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
39f9cd81-201e-008d-7df6-259440000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6757bb69ae4d0605-FRA
284946448544018
connect.facebook.net/signals/config/
261 KB
74 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/284946448544018?v=2.9.43&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d62e2b78517e495fde3098768fe575b846b4c89ee748caa9cb402e695551b9be
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
75999
x-xss-protection
0
pragma
public
x-fb-debug
1AIeWbw7dnZ/FlF/6xtrgtwmgrObnPlwiTXKGKV1Kn+0IJ6xClEctptFPvUni5hQaU9T05kblnterWMTZrPkbg==
x-frame-options
DENY
date
Tue, 27 Jul 2021 17:54:17 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
44 B
91 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1737068226554254&ev=PageView&dl=https%3A%2F%2Fwww.mlb.com%2Fforms%2Fmlb-at-field-of-dreams-experience-sweepstakes%3FpartnerId%3Dzh-20210727-443722-mlb-1-A%26qid%3D1026%26utm_id%3Dzh-20210727-443722-mlb-1-A%26bt_ee%3Dt9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA%26bt_ts%3D1627389352352&rl=&if=false&ts=1627408457215&sw=1600&sh=1200&v=2.9.43&r=stable&ec=0&o=30&fbp=fb.1.1627408456675.638128371&it=1627408456639&coo=false&rqm=GET
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:17 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Tue, 27 Jul 2021 17:54:17 GMT
dnsfeed
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/
162 B
371 B
Script
General
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfeb7783a538aaf85df056bf149c808937dccdb3e3af5714d6fba017054e2f94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:17 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6757bb69db00975a-FRA
pr
s.amazon-adsystem.com/v3/ Frame DAEA
5 KB
6 KB
Document
General
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=gXbyBs2LSuGAG0sVjcJe-g&ep=jfhUBhndbrgDPVWSaDPkhvsqljdYzyaqrCivlFBDwWF_pYu5CYDdLXout7m8O_cRanmrXx8c4pVzY5vJUxjD6jo2aMRysHPtp68wczwIUe8
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Df676acbf-94c1-b002-cf3b-a141543520c3%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.mlb.com/&ex-hargs=v%3D1.0%3Bc%3D3109057730001%3Bp%3DF676ACBF-94C1-B002-CF3B-A141543520C3&cb=821069144340093300&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
1ebb4e364be58859d03e5b76c143dfc843e7a8f54ff64a533cde8392c4f86d30
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Host
s.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Df676acbf-94c1-b002-cf3b-a141543520c3%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.mlb.com/&ex-hargs=v%3D1.0%3Bc%3D3109057730001%3Bp%3DF676ACBF-94C1-B002-CF3B-A141543520C3&cb=821069144340093300&dcc=t
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A6Wm47Rvp0uWs9I4GoJ3Ybc; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Df676acbf-94c1-b002-cf3b-a141543520c3%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.mlb.com/&ex-hargs=v%3D1.0%3Bc%3D3109057730001%3Bp%3DF676ACBF-94C1-B002-CF3B-A141543520C3&cb=821069144340093300&dcc=t

Response headers

Server
Server
Date
Tue, 27 Jul 2021 17:54:17 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
5180
Connection
keep-alive
x-amz-rid
FY06BHBE6J7ZM631BZGX
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/
164 B
201 B
Script
General
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:17 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6757bb69db01975a-FRA
anchor
www.google.com/recaptcha/api2/ Frame FC2D
40 KB
20 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfIDmEUAAAAAOvPm-WFoPRcuiL75vw9E2ziAOJc&co=aHR0cHM6Ly93d3cubWxiLmNvbTo0NDM.&hl=en&v=Iwg4ANhK7Iu8SHToSsE0E20K&theme=light&size=normal&cb=yr4rjyr2wybp
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Iwg4ANhK7Iu8SHToSsE0E20K/recaptcha__en.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9817291427e84ea6c1d7416b3bb13a4cd5874e2f0cb1a4f7408cea201537cf31
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-BVo+oIViGec3W4ob3kH9kQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6LfIDmEUAAAAAOvPm-WFoPRcuiL75vw9E2ziAOJc&co=aHR0cHM6Ly93d3cubWxiLmNvbTo0NDM.&hl=en&v=Iwg4ANhK7Iu8SHToSsE0E20K&theme=light&size=normal&cb=yr4rjyr2wybp
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.mlb.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.mlb.com/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 27 Jul 2021 17:54:17 GMT
content-security-policy
script-src 'report-sample' 'nonce-BVo+oIViGec3W4ob3kH9kQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
20559
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
www.facebook.com/tr/
44 B
88 B
Image
General
Full URL
https://www.facebook.com/tr/?id=284946448544018&ev=PageView&dl=https%3A%2F%2Fwww.mlb.com%2Fforms%2Fmlb-at-field-of-dreams-experience-sweepstakes%3FpartnerId%3Dzh-20210727-443722-mlb-1-A%26qid%3D1026%26utm_id%3Dzh-20210727-443722-mlb-1-A%26bt_ee%3Dt9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA%26bt_ts%3D1627389352352&rl=&if=false&ts=1627408457281&sw=1600&sh=1200&v=2.9.43&r=stable&ec=0&o=30&fbp=fb.1.1627408456675.638128371&it=1627408456639&coo=false&rqm=GET
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:17 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Tue, 27 Jul 2021 17:54:17 GMT
/
www.facebook.com/tr/
44 B
88 B
Image
General
Full URL
https://www.facebook.com/tr/?id=2892474421069407&ev=Microdata&dl=https%3A%2F%2Fwww.mlb.com%2Fforms%2Fmlb-at-field-of-dreams-experience-sweepstakes%3FpartnerId%3Dzh-20210727-443722-mlb-1-A%26qid%3D1026%26utm_id%3Dzh-20210727-443722-mlb-1-A%26bt_ee%3Dt9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA%26bt_ts%3D1627389352352&rl=&if=false&ts=1627408457282&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22GEICO%20MLB%20at%20Field%20of%20Dreams%20Experience%20Sweepstakes%20%7C%20MLB.com%22%2C%22meta%3Adescription%22%3A%22Enter%20for%20your%20chance%20to%20win%20a%20once%20in%20a%20lifetime%20experience%22%2C%22meta%3Akeywords%22%3A%22MLB%2C%20Baseball%2C%20Major%20League%20Baseball%22%7D&cd[OpenGraph]=%7B%22og%3Adescription%22%3A%22Enter%20for%20your%20chance%20to%20win%20a%20once%20in%20a%20lifetime%20experience%22%2C%22og%3Atitle%22%3A%22GEICO%20MLB%20at%20Field%20of%20Dreams%20Experience%20Sweepstakes%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.mlbstatic.com%2Fteam-logos%2Fshare%2Fmlb.jpg%3Fv%3D2%22%2C%22og%3Asite_name%22%3A%22MLB.com%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.mlb.com%2Fforms%2Fmlb-at-field-of-dreams-experience-sweepstakes%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.43&r=stable&ec=1&o=30&fbp=fb.1.1627408456675.638128371&it=1627408456639&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:17 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Tue, 27 Jul 2021 17:54:17 GMT
usermatch
usersync.getpublica.com/ Frame 6150
Redirect Chain
  • https://pixel.advertising.com/ups/58402/sync?redir=true&gdpr=&gdpr_consent=&gdpr=&us_privacy=&consent=
  • https://pixel.advertising.com/ups/58402/sync?redir=true&gdpr=&gdpr_consent=&gdpr=&us_privacy=&consent=&verify=true
  • https://ups.analytics.yahoo.com/ups/58402/sync?redir=true&gdpr=&gdpr_consent=&gdpr=&us_privacy=&consent=&apid=UPa9b258a8-ef03-11eb-b64b-0288ce60e328
  • https://ups.analytics.yahoo.com/ups/58402/sync?redir=true&gdpr=&gdpr_consent=&gdpr=&us_privacy=&consent=&apid=UPa9b258a8-ef03-11eb-b64b-0288ce60e328&verify=true
  • https://usersync.getpublica.com/usermatch?provider=verizon&VerizonID=y-PcTB1tFE2uLqFz4SqGGEOxulohLKZRHn~A~UPa9b258a8-ef03-11eb-b64b-0288ce60e328
0
198 B
Image
General
Full URL
https://usersync.getpublica.com/usermatch?provider=verizon&VerizonID=y-PcTB1tFE2uLqFz4SqGGEOxulohLKZRHn~A~UPa9b258a8-ef03-11eb-b64b-0288ce60e328
Requested by
Host: usersync.getpublica.com
URL: https://usersync.getpublica.com/usersync?gpdr=0&consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.55.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://usersync.getpublica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Jul 2021 17:54:18 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate
Content-Length
0
Vary
Origin
Expires
0

Redirect headers

Date
Tue, 27 Jul 2021 17:54:17 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://usersync.getpublica.com/usermatch?provider=verizon&VerizonID=y-PcTB1tFE2uLqFz4SqGGEOxulohLKZRHn~A~UPa9b258a8-ef03-11eb-b64b-0288ce60e328
Connection
keep-alive
Content-Length
0
usermatch
usersync.getpublica.com/ Frame 6150
Redirect Chain
  • https://ib.adnxs.com/getuid?https://usersync.getpublica.com/usermatch?provider=appnexus&did=7761a23f-a1b2-48cd-8e6e-746a71e19d38&appnexusID=$UID&gdpr=&us_privacy=&consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.getpublica.com%2Fusermatch%3Fprovider%3Dappnexus%26did%3D7761a23f-a1b2-48cd-8e6e-746a71e19d38%26appnexusID%3D%24UID%26gdpr%3D%26us_pri...
  • https://usersync.getpublica.com/usermatch?provider=appnexus&did=7761a23f-a1b2-48cd-8e6e-746a71e19d38&appnexusID=133935750687525088&gdpr=&us_privacy=&consent=
0
198 B
Image
General
Full URL
https://usersync.getpublica.com/usermatch?provider=appnexus&did=7761a23f-a1b2-48cd-8e6e-746a71e19d38&appnexusID=133935750687525088&gdpr=&us_privacy=&consent=
Requested by
Host: usersync.getpublica.com
URL: https://usersync.getpublica.com/usersync?gpdr=0&consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.55.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://usersync.getpublica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Jul 2021 17:54:17 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate
Content-Length
0
Vary
Origin
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 27 Jul 2021 17:54:17 GMT
X-Proxy-Origin
185.236.201.227; 185.236.201.227; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
93e973cc-2b02-46f6-904f-28cbf5543d9c
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://usersync.getpublica.com/usermatch?provider=appnexus&did=7761a23f-a1b2-48cd-8e6e-746a71e19d38&appnexusID=133935750687525088&gdpr=&us_privacy=&consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
user-registering
ads.stickyadstv.com/ Frame 6150
43 B
734 B
Image
General
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1297&userId=7761a23f-a1b2-48cd-8e6e-746a71e19d38&gdpr=&us_privacy=&consent=
Requested by
Host: usersync.getpublica.com
URL: https://usersync.getpublica.com/usersync?gpdr=0&consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://usersync.getpublica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Jul 2021 17:54:17 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1627408457461081-408
Expires
Tue, 27 Jul 2021 17:54:17 GMT
usermatch
usersync.getpublica.com/ Frame 6150
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=&gdpr_consent=&rd=https%3A%2F%2Fusersync.getpublica.com%2Fusermatch%3Fprovider%3Dpubmatic%26did%3D7761a23f-a1b2-48cd-8e6e-746a71e19d38%26Pubm...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=&gdpr_consent=&rd=https%3A%2F%2Fusersync.getpublica.com%2Fusermatch%3Fprovider%3Dpubmatic%26did%3D7761a23f-a1b2-48cd-8e6e-746a71e19d38%26Pubm...
  • https://usersync.getpublica.com/usermatch?provider=pubmatic&did=7761a23f-a1b2-48cd-8e6e-746a71e19d38&PubmaticID=88948515-A201-4C81-9ED1-2B0A62DB659F
0
198 B
Image
General
Full URL
https://usersync.getpublica.com/usermatch?provider=pubmatic&did=7761a23f-a1b2-48cd-8e6e-746a71e19d38&PubmaticID=88948515-A201-4C81-9ED1-2B0A62DB659F
Requested by
Host: usersync.getpublica.com
URL: https://usersync.getpublica.com/usersync?gpdr=0&consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.55.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://usersync.getpublica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Jul 2021 17:54:17 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate
Content-Length
0
Vary
Origin
Expires
0

Redirect headers

location
https://usersync.getpublica.com/usermatch?provider=pubmatic&did=7761a23f-a1b2-48cd-8e6e-746a71e19d38&PubmaticID=88948515-A201-4C81-9ED1-2B0A62DB659F
date
Tue, 27 Jul 2021 17:54:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
usermatch
usersync.getpublica.com/ Frame 6150
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=190692&cb=https%3A%2F%2Fusersync.getpublica.com%2Fusermatch%3Fprovider%3Dindex%26did%3D7761a23f-a1b2-48cd-8e6e-746a71e19d38%26IndexID%3D&gdpr=&us_p...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fusersync.getpublica.com%2Fusermatch%3Fprovider%3Dindex%26did%3D7761a23f-a1b2-48cd-8e6e-746a71e19d38%26IndexID%3D&consent=&gdpr=&s=19...
  • https://usersync.getpublica.com/usermatch?provider=index&did=7761a23f-a1b2-48cd-8e6e-746a71e19d38&IndexID=YQBISSfrJIledqzVo_VFmgAABF8AAAIB
0
198 B
Image
General
Full URL
https://usersync.getpublica.com/usermatch?provider=index&did=7761a23f-a1b2-48cd-8e6e-746a71e19d38&IndexID=YQBISSfrJIledqzVo_VFmgAABF8AAAIB
Requested by
Host: usersync.getpublica.com
URL: https://usersync.getpublica.com/usersync?gpdr=0&consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.55.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://usersync.getpublica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Jul 2021 17:54:18 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate
Content-Length
0
Vary
Origin
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 27 Jul 2021 17:54:17 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://usersync.getpublica.com/usermatch?provider=index&did=7761a23f-a1b2-48cd-8e6e-746a71e19d38&IndexID=YQBISSfrJIledqzVo_VFmgAABF8AAAIB
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
330
Expires
Tue, 27 Jul 2021 17:54:17 GMT
/
dp2.33across.com/ps/ Frame 5753
0
70 B
Image
General
Full URL
https://dp2.33across.com/ps/?pid=897&random=182460768
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.177 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip177.208-100-17.static.steadfastdns.net
Software
33XP005 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mlb.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-33x-status
20008
date
Tue, 27 Jul 2021 17:54:17 GMT
server
33XP005
pb.js
acdn.adnxs.com/prebid/c/mlb_prebidv1/
316 KB
89 KB
Script
General
Full URL
https://acdn.adnxs.com/prebid/c/mlb_prebidv1/pb.js
Requested by
Host: builds.mlbstatic.com
URL: https://builds.mlbstatic.com/mlb.com/builds/site-core/1626640049318/dist/scripts/site-desktop.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
9528e470863e4c719859035f1ceb4d9376571426a39f2dd5e4242dd15222e547

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Jul 2021 17:54:17 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Mar 2021 21:36:49 GMT
Server
nginx/1.13.10
ETag
"605bb0f1-4ef8d"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Length
90622
Expires
Wed, 28 Jul 2021 17:54:19 GMT
gpt.js
www.googletagservices.com/tag/js/
70 KB
24 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: builds.mlbstatic.com
URL: https://builds.mlbstatic.com/mlb.com/builds/site-core/1626640049318/dist/scripts/site-desktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6674aa15377dcc243d09c1cdb2a61f8bbed49ea0561679ab4e4f5cada4435907
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"941 / 427 of 1000 / last-modified: 1627384227"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24814
x-xss-protection
0
expires
Tue, 27 Jul 2021 17:54:17 GMT
widgets.js
platform.twitter.com/
95 KB
29 KB
Script
General
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: builds.mlbstatic.com
URL: https://builds.mlbstatic.com/mlb.com/builds/site-core/1626640049318/dist/scripts/site-desktop.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6752) /
Resource Hash
a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Jul 2021 17:54:17 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 17:57:32 GMT
Server
ECS (frb/6752)
Age
951
Etag
"9eb59e5602fef4b3ebf6090856ff21db+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
28779
main.js
builds.mlbstatic.com/mlb.com/sections/forms/builds/dfdb682d05a2f27c91a16552487eb5bf7597d5cf_1586807239/scripts/
817 B
800 B
Script
General
Full URL
https://builds.mlbstatic.com/mlb.com/sections/forms/builds/dfdb682d05a2f27c91a16552487eb5bf7597d5cf_1586807239/scripts/main.js
Requested by
Host: builds.mlbstatic.com
URL: https://builds.mlbstatic.com/mlb.com/builds/site-core/1626640049318/site-core.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cad71faf85122d34e94d72122b1c455b00252893cba575bc3dfa42948091c0e9

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:17 GMT
content-encoding
gzip
cf-cache-status
HIT
age
68924
x-guploader-uploadid
ABg5-UyeI8Zw7vCCzqLYFTlzMFU9X7_G71OyiLYxyV1b5W6g5aUINxe6t8mlWE2WGt8-37ercZ-i3-P6DN4Tt8swAw6zJVIj2Q
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-type
application/javascript; charset=utf-8
content-length
534
last-modified
Mon, 13 Apr 2020 19:49:36 GMT
server
cloudflare
etag
"31bfa7b983d8de29cca2be69bf264c70"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=6eEZfA==, md5=Mb+nuYPY3inMor5pvyZMcA==
x-goog-generation
1586807376757643
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=86400
x-goog-stored-content-length
534
accept-ranges
bytes
cf-ray
6757bb6bad7d431b-FRA
expires
Tue, 27 Jul 2021 14:39:22 GMT
mlb-sponsorship-2021-mlb-at-field-of-dreams-experience-sweepstakes-bg-1680x900.jpg
mktg.mlbstatic.com/mlb/images/sponsorship/background-skins/
322 KB
0
Image
General
Full URL
http://mktg.mlbstatic.com/mlb/images/sponsorship/background-skins/mlb-sponsorship-2021-mlb-at-field-of-dreams-experience-sweepstakes-bg-1680x900.jpg
Requested by
Host: cdn.bam-forms.com
URL: https://cdn.bam-forms.com/2.0.0/mlb/mlb/0001626966285613-cab69ce4ffff9d12-0001/live/form.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58789936f057975399b169076f37d04d334ec7016da5726854850acd1147fcfc

Request headers

Referer

Response headers

date
Tue, 27 Jul 2021 17:54:17 GMT
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1626984400
access-control-allow-origin
*
x-guploader-uploadid
ADPycdtsBuHlnM3TGpFbsiGe9-KK27MTl4QN4px-H5KU-brxs20MqLi6ayKyQ21-OEpOeSTHk6Wz3ShTLbv9zcqUqQHAewsnAw
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
cf-bgj
h2pri
content-length
330209
last-modified
Thu, 22 Jul 2021 20:06:51 GMT
server
cloudflare
etag
"c6d78b262b253463b766fdba042c310d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=lLw8wg==, md5=xteLJislNGO3Zv26BCwxDQ==
content-type
image/jpeg
x-goog-generation
1626984411674950
access-control-expose-headers
*
cache-control
max-age=300
x-goog-stored-content-length
330209
accept-ranges
bytes
cf-ray
6757bb691ad84a55-FRA
expires
Tue, 27 Jul 2021 17:56:25 GMT
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.7.0/
338 KB
72 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.7.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1e3d87e5966b1193f8e51bec035a9de6de1c02243deb8f2b9bd280a67715112
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 27 Jul 2021 17:54:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
39GJ8QXxSjBaTmaIgt+tLg==
age
3855
vary
Accept-Encoding
content-length
73268
x-ms-lease-status
unlocked
last-modified
Fri, 09 Oct 2020 06:35:45 GMT
server
cloudflare
etag
0x8D86C1D8DA49AF8
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
5b2c2628-401e-0133-37b1-64c79e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6757bb6bb9324de8-FRA
styles__ltr.css
www.gstatic.com/recaptcha/releases/Iwg4ANhK7Iu8SHToSsE0E20K/ Frame FC2D
52 KB
25 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/Iwg4ANhK7Iu8SHToSsE0E20K/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfIDmEUAAAAAOvPm-WFoPRcuiL75vw9E2ziAOJc&co=aHR0cHM6Ly93d3cubWxiLmNvbTo0NDM.&hl=en&v=Iwg4ANhK7Iu8SHToSsE0E20K&theme=light&size=normal&cb=yr4rjyr2wybp
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 16:44:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4164
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25732
x-xss-protection
0
last-modified
Mon, 19 Jul 2021 04:06:17 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 27 Jul 2022 16:44:53 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/Iwg4ANhK7Iu8SHToSsE0E20K/ Frame FC2D
341 KB
133 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/Iwg4ANhK7Iu8SHToSsE0E20K/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfIDmEUAAAAAOvPm-WFoPRcuiL75vw9E2ziAOJc&co=aHR0cHM6Ly93d3cubWxiLmNvbTo0NDM.&hl=en&v=Iwg4ANhK7Iu8SHToSsE0E20K&theme=light&size=normal&cb=yr4rjyr2wybp
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
edb6f1ba6e05bf7ceac236730c44bbd3bd10dfc3dbe6758e66d297c63358c64a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 10:05:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
28138
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
136001
x-xss-protection
0
last-modified
Mon, 19 Jul 2021 04:06:17 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 27 Jul 2022 10:05:19 GMT
ecm3
s.amazon-adsystem.com/ Frame DAEA
Redirect Chain
  • https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dxtf-1621550208998%26id%3D%24_BK_UUID
  • https://s.amazon-adsystem.com/ecm3?ex=xtf-1621550208998&id=PFIYwQ9999YChyOC
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=xtf-1621550208998&id=PFIYwQ9999YChyOC
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=gXbyBs2LSuGAG0sVjcJe-g&ep=jfhUBhndbrgDPVWSaDPkhvsqljdYzyaqrCivlFBDwWF_pYu5CYDdLXout7m8O_cRanmrXx8c4pVzY5vJUxjD6jo2aMRysHPtp68wczwIUe8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Jul 2021 17:54:18 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
KX9QRQ4E5QPB9G4G5PN7
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=xtf-1621550208998&id=PFIYwQ9999YChyOC
Date
Tue, 27 Jul 2021 17:54:17 GMT
Connection
keep-alive
Content-Length
0
BK-Server
1a52
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
ecm3
s.amazon-adsystem.com/ Frame DAEA
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212284268
  • https://s.amazon-adsystem.com/ecm3?id=164910903860000449005&ex=neustar.biz
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=164910903860000449005&ex=neustar.biz
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=gXbyBs2LSuGAG0sVjcJe-g&ep=jfhUBhndbrgDPVWSaDPkhvsqljdYzyaqrCivlFBDwWF_pYu5CYDdLXout7m8O_cRanmrXx8c4pVzY5vJUxjD6jo2aMRysHPtp68wczwIUe8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Jul 2021 17:54:17 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
BZW6C1AQ38AX5244WEVD
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 27 Jul 2021 17:54:17 GMT
server
AAWebServer
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://s.amazon-adsystem.com/ecm3?id=164910903860000449005&ex=neustar.biz
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
ecm3
s.amazon-adsystem.com/ Frame DAEA
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%5BRX_UUID%5D%26ex%3Drhythmone.com
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3849594441
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3849594441
  • https://sync.1rx.io/usersync/tradedesk/ab92c5b4-106d-465b-893e-fd7d3d423ee9
  • https://sync.targeting.unrulymedia.com/csync/RX-b2d65cdf-89f3-4fb9-9f56-48617cd072f0-003?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DRX-b2d65cdf-89f3-4fb9-9f56-48617cd072f0-003%26ex%3Dr...
  • https://s.amazon-adsystem.com/ecm3?id=RX-b2d65cdf-89f3-4fb9-9f56-48617cd072f0-003&ex=rhythmone.com
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=RX-b2d65cdf-89f3-4fb9-9f56-48617cd072f0-003&ex=rhythmone.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=gXbyBs2LSuGAG0sVjcJe-g&ep=jfhUBhndbrgDPVWSaDPkhvsqljdYzyaqrCivlFBDwWF_pYu5CYDdLXout7m8O_cRanmrXx8c4pVzY5vJUxjD6jo2aMRysHPtp68wczwIUe8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Jul 2021 17:54:18 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
45CY126PGNAJYS7XYQXN
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?id=RX-b2d65cdf-89f3-4fb9-9f56-48617cd072f0-003&ex=rhythmone.com
date
Tue, 27 Jul 2021 17:54:18 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXb2d65cdf89f34fb99f5648617cd072f0003
content-type
text/html
ecm3
s.amazon-adsystem.com/ Frame DAEA
Redirect Chain
  • https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
  • https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=bfa1c527fdf5a74775ea2dfa6e6b8061
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=bfa1c527fdf5a74775ea2dfa6e6b8061
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=gXbyBs2LSuGAG0sVjcJe-g&ep=jfhUBhndbrgDPVWSaDPkhvsqljdYzyaqrCivlFBDwWF_pYu5CYDdLXout7m8O_cRanmrXx8c4pVzY5vJUxjD6jo2aMRysHPtp68wczwIUe8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Jul 2021 17:54:18 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
K21ETNS114E6RFZ9S68V
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=bfa1c527fdf5a74775ea2dfa6e6b8061
date
Tue, 27 Jul 2021 17:54:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
ecm3
s.amazon-adsystem.com/ Frame DAEA
Redirect Chain
  • https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID
  • https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=2trkwy9999YChyOC
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=2trkwy9999YChyOC
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=gXbyBs2LSuGAG0sVjcJe-g&ep=jfhUBhndbrgDPVWSaDPkhvsqljdYzyaqrCivlFBDwWF_pYu5CYDdLXout7m8O_cRanmrXx8c4pVzY5vJUxjD6jo2aMRysHPtp68wczwIUe8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Jul 2021 17:54:18 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
2CGCK8N8R7MWEQ0B82SV
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=2trkwy9999YChyOC
Date
Tue, 27 Jul 2021 17:54:17 GMT
Connection
keep-alive
Content-Length
0
BK-Server
b1af
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
ecm3
s.amazon-adsystem.com/ Frame DAEA
Redirect Chain
  • https://pixel.advertising.com/ups/56466/sync?redir=true&_origin=1
  • https://pixel.advertising.com/ups/56466/sync?redir=true&_origin=1&verify=true
  • https://ups.analytics.yahoo.com/ups/56466/sync?redir=true&_origin=1&apid=UPa9b258a8-ef03-11eb-b64b-0288ce60e328
  • https://ups.analytics.yahoo.com/ups/56466/sync?redir=true&_origin=1&apid=UPa9b258a8-ef03-11eb-b64b-0288ce60e328&verify=true
  • https://s.amazon-adsystem.com/ecm3?id=83be8f6b45edf5d176cc719a0f2b1281f3b57ef0&ex=aoldisplay.com
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=83be8f6b45edf5d176cc719a0f2b1281f3b57ef0&ex=aoldisplay.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=gXbyBs2LSuGAG0sVjcJe-g&ep=jfhUBhndbrgDPVWSaDPkhvsqljdYzyaqrCivlFBDwWF_pYu5CYDdLXout7m8O_cRanmrXx8c4pVzY5vJUxjD6jo2aMRysHPtp68wczwIUe8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Jul 2021 17:54:18 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
BKQ4ZYYFSQR7SBNT8R4T
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Tue, 27 Jul 2021 17:54:17 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://s.amazon-adsystem.com/ecm3?id=83be8f6b45edf5d176cc719a0f2b1281f3b57ef0&ex=aoldisplay.com
Connection
keep-alive
Content-Length
0
ecm3
s.amazon-adsystem.com/ Frame DAEA
Redirect Chain
  • https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D
  • https://t.myvisualiq.net/ul_cb/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=72235ab3-cb67-4670-b1a2-286d6dad94b8
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=72235ab3-cb67-4670-b1a2-286d6dad94b8
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=gXbyBs2LSuGAG0sVjcJe-g&ep=jfhUBhndbrgDPVWSaDPkhvsqljdYzyaqrCivlFBDwWF_pYu5CYDdLXout7m8O_cRanmrXx8c4pVzY5vJUxjD6jo2aMRysHPtp68wczwIUe8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Jul 2021 17:54:18 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
154WSH54JFT7RK088X06
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

access-control-allow-origin
*
Date
Tue, 27 Jul 2021 17:54:17 GMT
Cache-Control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
Connection
keep-alive
Content-Length
0
Location
https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=72235ab3-cb67-4670-b1a2-286d6dad94b8
sync
amazon.partners.tremorhub.com/ Frame DAEA
43 B
183 B
Image
General
Full URL
https://amazon.partners.tremorhub.com/sync?UIAM&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtelaria.com%26id%3D%5BPARTNER_ID%5D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=gXbyBs2LSuGAG0sVjcJe-g&ep=jfhUBhndbrgDPVWSaDPkhvsqljdYzyaqrCivlFBDwWF_pYu5CYDdLXout7m8O_cRanmrXx8c4pVzY5vJUxjD6jo2aMRysHPtp68wczwIUe8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4264:a698:31e8:5977:4024 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:17 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
ecm3
s.amazon-adsystem.com/ Frame DAEA
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=AMAZON&ex=gemini
  • https://s.amazon-adsystem.com/ecm3?id=y-_MMLJCNE2pFfaPNix4FXVbfwYTAJe.YABR0x~A&status=NOT_FOUND&ex=gemini
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=y-_MMLJCNE2pFfaPNix4FXVbfwYTAJe.YABR0x~A&status=NOT_FOUND&ex=gemini
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=gXbyBs2LSuGAG0sVjcJe-g&ep=jfhUBhndbrgDPVWSaDPkhvsqljdYzyaqrCivlFBDwWF_pYu5CYDdLXout7m8O_cRanmrXx8c4pVzY5vJUxjD6jo2aMRysHPtp68wczwIUe8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Jul 2021 17:54:18 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
P0G44SB7SVA4K4CVJQND
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Tue, 27 Jul 2021 17:54:17 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
text/html;charset=utf-8
location
https://s.amazon-adsystem.com/ecm3?id=y-_MMLJCNE2pFfaPNix4FXVbfwYTAJe.YABR0x~A&status=NOT_FOUND&ex=gemini
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
/
spl.zeotap.com/ Frame DAEA
731 B
731 B
Image
General
Full URL
https://spl.zeotap.com/?zdid=1353&env=mWeb&eventType=pageview&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dzeotap%26id%3D%24_ZTP_UUID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=gXbyBs2LSuGAG0sVjcJe-g&ep=jfhUBhndbrgDPVWSaDPkhvsqljdYzyaqrCivlFBDwWF_pYu5CYDdLXout7m8O_cRanmrXx8c4pVzY5vJUxjD6jo2aMRysHPtp68wczwIUe8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:17 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6757bb6c0903c2c7-FRA
content-type
text/html
access-control-allow-origin
*
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
ecm3
s.amazon-adsystem.com/ Frame DAEA
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545
  • https://s.amazon-adsystem.com/ecm3?id=f6f23daf5b86a26e9d9038b31948a442&ex=freewheel.tv&gdpr=0&gdpr_consent=
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=f6f23daf5b86a26e9d9038b31948a442&ex=freewheel.tv&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=gXbyBs2LSuGAG0sVjcJe-g&ep=jfhUBhndbrgDPVWSaDPkhvsqljdYzyaqrCivlFBDwWF_pYu5CYDdLXout7m8O_cRanmrXx8c4pVzY5vJUxjD6jo2aMRysHPtp68wczwIUe8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Jul 2021 17:54:17 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
VHVRT40VFR62YQ347SEA
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 27 Jul 2021 17:54:17 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=f6f23daf5b86a26e9d9038b31948a442&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1627408457680003-349
Expires
Tue, 27 Jul 2021 17:54:17 GMT
ecm3
s.amazon-adsystem.com/ Frame DAEA
Redirect Chain
  • https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com
  • https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=gXbyBs2LSuGAG0sVjcJe-g&ep=jfhUBhndbrgDPVWSaDPkhvsqljdYzyaqrCivlFBDwWF_pYu5CYDdLXout7m8O_cRanmrXx8c4pVzY5vJUxjD6jo2aMRysHPtp68wczwIUe8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Jul 2021 17:54:18 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
N9VRZBAGYZEE1A3J8M6F
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Tue, 27 Jul 2021 17:54:17 GMT
via
1.1 a1c66294cb416b399374a845b97656d3.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
PRG50-C1
content-security-policy-report-only
default-src http://*.amazon.com http://*.media-amazon.com http://*.ssl-images-amazon.com http://*.amazon-adsystem.com; script-src http://*.amazon.com http://*.media-amazon.com http://*.ssl-images-amazon.com http://*.amazon-adsystem.com 'unsafe-inline' 'unsafe-eval'; style-src http://*.amazon.com http://*.media-amazon.com http://*.ssl-images-amazon.com http://*.amazon-adsystem.com 'unsafe-inline'; report-uri /1/batch/2/OE/mid=ATVPDKIKX0DER:sid=:rid=687P32D9ZV96V8FHD8T8:sn=www.imdb.com
x-cache
Miss from cloudfront
vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
content-length
0
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
server
Server
x-amz-rid
687P32D9ZV96V8FHD8T8
strict-transport-security
max-age=47474747; includeSubDomains; preload
location
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com
permissions-policy
interest-cohort=()
x-amz-cf-id
2hUmtW8Fk7XKEVlrh1QHDwhwSwvy7biVy8lguXYANp9V-t8smTzbxQ==
pixel.gif
usersync.samplicio.us/amazon/ Frame DAEA
0
263 B
Image
General
Full URL
https://usersync.samplicio.us/amazon/pixel.gif?https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=gXbyBs2LSuGAG0sVjcJe-g&ep=jfhUBhndbrgDPVWSaDPkhvsqljdYzyaqrCivlFBDwWF_pYu5CYDdLXout7m8O_cRanmrXx8c4pVzY5vJUxjD6jo2aMRysHPtp68wczwIUe8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.179.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Jul 2021 17:54:18 GMT
Server
nginx/1.16.1
Location
https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
ecm3
s.amazon-adsystem.com/ Frame DAEA
Redirect Chain
  • https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D
  • https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=de780387192a8a2a
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=de780387192a8a2a
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=gXbyBs2LSuGAG0sVjcJe-g&ep=jfhUBhndbrgDPVWSaDPkhvsqljdYzyaqrCivlFBDwWF_pYu5CYDdLXout7m8O_cRanmrXx8c4pVzY5vJUxjD6jo2aMRysHPtp68wczwIUe8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Jul 2021 17:54:19 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
WP2XSJF1P5S7PX98AP91
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=de780387192a8a2a
date
Tue, 27 Jul 2021 17:54:19 GMT
access-control-allow-origin
*
access-control-allow-headers
Content-Type, Authorization
content-length
93
access-control-allow-methods
HEAD,OPTIONS,GET
content-type
text/html; charset=utf-8
ecm3
s.amazon-adsystem.com/ Frame DAEA
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=139200&dpuuid=O2DAN69HRieNh1RAxQxAZA&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=18148237789413544872938087795499804871
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=18148237789413544872938087795499804871
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=gXbyBs2LSuGAG0sVjcJe-g&ep=jfhUBhndbrgDPVWSaDPkhvsqljdYzyaqrCivlFBDwWF_pYu5CYDdLXout7m8O_cRanmrXx8c4pVzY5vJUxjD6jo2aMRysHPtp68wczwIUe8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Jul 2021 17:54:18 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
6H2JGX8FMNN60QTH0P7N
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

DCS
dcs-prod-irl1-1-v012-0c7f2393d.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
h8qplJwEQR0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=18148237789413544872938087795499804871
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
ecm3
s.amazon-adsystem.com/ Frame DAEA
Redirect Chain
  • https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=0NgxfNMqTTe29-uuVf_wrw
  • https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10818631467970404128&gdpr=&gdpr_consent=
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10818631467970404128&gdpr=&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=gXbyBs2LSuGAG0sVjcJe-g&ep=jfhUBhndbrgDPVWSaDPkhvsqljdYzyaqrCivlFBDwWF_pYu5CYDdLXout7m8O_cRanmrXx8c4pVzY5vJUxjD6jo2aMRysHPtp68wczwIUe8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Jul 2021 17:54:19 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
1F8SJTDCRAKTVPKY0XMQ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 27 Jul 2021 17:54:19 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location
https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10818631467970404128&gdpr=&gdpr_consent=
cache-control
no-cache, no-store, must-revalidate
alt-svc
clear
content-length
0
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
z
px.surveywall-api.survata.com/ Frame DAEA
0
0

ecm3
s.amazon-adsystem.com/ Frame DAEA
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=1210752641584620010
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=1210752641584620010
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=gXbyBs2LSuGAG0sVjcJe-g&ep=jfhUBhndbrgDPVWSaDPkhvsqljdYzyaqrCivlFBDwWF_pYu5CYDdLXout7m8O_cRanmrXx8c4pVzY5vJUxjD6jo2aMRysHPtp68wczwIUe8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Jul 2021 17:54:21 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
FCET39NCV272S19K12DJ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 27 Jul 2021 17:54:21 GMT
server
nginx
location
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=1210752641584620010
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
ecm3
s.amazon-adsystem.com/ Frame DAEA
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=aad79ef7-ef03-11eb-85b5-14684a3a0206
  • https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=aad79ec3-ef03-11eb-85b5-14684a3a0206
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=aad79ec3-ef03-11eb-85b5-14684a3a0206
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=gXbyBs2LSuGAG0sVjcJe-g&ep=jfhUBhndbrgDPVWSaDPkhvsqljdYzyaqrCivlFBDwWF_pYu5CYDdLXout7m8O_cRanmrXx8c4pVzY5vJUxjD6jo2aMRysHPtp68wczwIUe8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Jul 2021 17:54:19 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
1F80EF97K194SYG3AP6S
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Tue, 27 Jul 2021 17:54:19 GMT
Server
nginx
Location
https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=aad79ec3-ef03-11eb-85b5-14684a3a0206
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
84
Connection
keep-alive
Content-Length
0
ecm3
s.amazon-adsystem.com/ Frame DAEA
Redirect Chain
  • https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D
  • https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%22d44cdbde-93d3-4988-b95f-203d3eef2dce%22,%22Time%22:%2220210727T135419.223930%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%]
  • https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=d44cdbde-93d3-4988-b95f-203d3eef2dce
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=d44cdbde-93d3-4988-b95f-203d3eef2dce
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=gXbyBs2LSuGAG0sVjcJe-g&ep=jfhUBhndbrgDPVWSaDPkhvsqljdYzyaqrCivlFBDwWF_pYu5CYDdLXout7m8O_cRanmrXx8c4pVzY5vJUxjD6jo2aMRysHPtp68wczwIUe8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Jul 2021 17:54:20 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
J8NKXR72T8PN0TA9C6AK
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=d44cdbde-93d3-4988-b95f-203d3eef2dce
Server
LogModule 0.4
Content-Length
204
Content-Type
text/html; charset=UTF-8
ecm3
s.amazon-adsystem.com/ Frame DAEA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net
  • https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEK56btv4yQRd3CyDbtiO98w&google_cver=1
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEK56btv4yQRd3CyDbtiO98w&google_cver=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=gXbyBs2LSuGAG0sVjcJe-g&ep=jfhUBhndbrgDPVWSaDPkhvsqljdYzyaqrCivlFBDwWF_pYu5CYDdLXout7m8O_cRanmrXx8c4pVzY5vJUxjD6jo2aMRysHPtp68wczwIUe8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Jul 2021 17:54:18 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
FD8PX1NS3DZX5P2XSFPE
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 27 Jul 2021 17:54:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEK56btv4yQRd3CyDbtiO98w&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
311
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame DAEA
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=amzn
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=amzn
0
338 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=amzn
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=gXbyBs2LSuGAG0sVjcJe-g&ep=jfhUBhndbrgDPVWSaDPkhvsqljdYzyaqrCivlFBDwWF_pYu5CYDdLXout7m8O_cRanmrXx8c4pVzY5vJUxjD6jo2aMRysHPtp68wczwIUe8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.93.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-93-68.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:20 GMT
cache-control
private, no-cache, no-store
x-request-time
D=30 t=1627408460
x-served-by
beacon-n021-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=amzn
date
Tue, 27 Jul 2021 17:54:18 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a007-ash-prod.krxd.net
ecm3
s.amazon-adsystem.com/ Frame DAEA
Redirect Chain
  • https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
  • https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=f36689bd613c0bfe61a527945698834e
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=f36689bd613c0bfe61a527945698834e
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=gXbyBs2LSuGAG0sVjcJe-g&ep=jfhUBhndbrgDPVWSaDPkhvsqljdYzyaqrCivlFBDwWF_pYu5CYDdLXout7m8O_cRanmrXx8c4pVzY5vJUxjD6jo2aMRysHPtp68wczwIUe8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Jul 2021 17:54:17 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
NFT3480MR69NAWBK07T3
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Tue, 27 Jul 2021 17:54:17 GMT
via
1.1 6ec6c63eb2f7ec00507af95b1621674c.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=f36689bd613c0bfe61a527945698834e
content-length
108
x-amz-cf-id
9x-ioDQakAHyOSyNXQAk0oEd8GaIkC7PD13ZIZp0aBz4VOtDN3D0ZQ==
ecm3
s.amazon-adsystem.com/ Frame DAEA
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=d4976ca4-d0d8-c5a9-3f70-2ab61e63e9de
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=d4976ca4-d0d8-c5a9-3f70-2ab61e63e9de
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=gXbyBs2LSuGAG0sVjcJe-g&ep=jfhUBhndbrgDPVWSaDPkhvsqljdYzyaqrCivlFBDwWF_pYu5CYDdLXout7m8O_cRanmrXx8c4pVzY5vJUxjD6jo2aMRysHPtp68wczwIUe8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Jul 2021 17:54:18 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
KB31D85JX14432T4N5P2
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Tue, 27 Jul 2021 17:54:18 GMT
content-encoding
gzip
server
OXGW/16.211.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=d4976ca4-d0d8-c5a9-3f70-2ab61e63e9de
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
ecm3
s.amazon-adsystem.com/ Frame DAEA
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__
  • https://s.amazon-adsystem.com/ecm3?ex=index&id=KFJ_eXffbvEuJO_h2pArrzc4dDg4ZgIC
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index&id=KFJ_eXffbvEuJO_h2pArrzc4dDg4ZgIC
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=gXbyBs2LSuGAG0sVjcJe-g&ep=jfhUBhndbrgDPVWSaDPkhvsqljdYzyaqrCivlFBDwWF_pYu5CYDdLXout7m8O_cRanmrXx8c4pVzY5vJUxjD6jo2aMRysHPtp68wczwIUe8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Jul 2021 17:54:18 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
77TN61FHNGRHVS672W0C
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 27 Jul 2021 17:54:18 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://s.amazon-adsystem.com/ecm3?ex=index&id=KFJ_eXffbvEuJO_h2pArrzc4dDg4ZgIC
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
267
Expires
Tue, 27 Jul 2021 17:54:18 GMT
ecm3
s.amazon-adsystem.com/ Frame DAEA
Redirect Chain
  • https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
  • https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
  • https://s.amazon-adsystem.com/ecm3?ex=semasio&id=D3E9EFA9F5B5F3E6
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=D3E9EFA9F5B5F3E6
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=gXbyBs2LSuGAG0sVjcJe-g&ep=jfhUBhndbrgDPVWSaDPkhvsqljdYzyaqrCivlFBDwWF_pYu5CYDdLXout7m8O_cRanmrXx8c4pVzY5vJUxjD6jo2aMRysHPtp68wczwIUe8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Jul 2021 17:54:19 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
1PW3XWXAZRSQNV7M16MF
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 27 Jul 2021 17:54:17 GMT
frontend-id
13
location
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=D3E9EFA9F5B5F3E6
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame DAEA
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
  • https://s.amazon-adsystem.com/ecm3?id=133935750687525088&ex=appnexus.com
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=133935750687525088&ex=appnexus.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=gXbyBs2LSuGAG0sVjcJe-g&ep=jfhUBhndbrgDPVWSaDPkhvsqljdYzyaqrCivlFBDwWF_pYu5CYDdLXout7m8O_cRanmrXx8c4pVzY5vJUxjD6jo2aMRysHPtp68wczwIUe8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Jul 2021 17:54:18 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
HJRJ6JRYK9D7RM6GST6E
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 27 Jul 2021 17:54:18 GMT
X-Proxy-Origin
185.236.201.227; 185.236.201.227; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
f1a5a7eb-6f45-4a1a-91fc-caf7b0812a72
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://s.amazon-adsystem.com/ecm3?id=133935750687525088&ex=appnexus.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame DAEA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2179&pt=n
  • https://s.amazon-adsystem.com/ecm3?id=yoIvYBbjUt5CQyEFYu5PRA&ex=rubiconproject.com&status=ok
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=yoIvYBbjUt5CQyEFYu5PRA&ex=rubiconproject.com&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=gXbyBs2LSuGAG0sVjcJe-g&ep=jfhUBhndbrgDPVWSaDPkhvsqljdYzyaqrCivlFBDwWF_pYu5CYDdLXout7m8O_cRanmrXx8c4pVzY5vJUxjD6jo2aMRysHPtp68wczwIUe8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Jul 2021 17:54:19 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
4KACZ4Y49QCVZXA5G900
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?id=yoIvYBbjUt5CQyEFYu5PRA&ex=rubiconproject.com&status=ok
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame DAEA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=gXbyBs2LSuGAG0sVjcJe-g&
  • https://s.amazon-adsystem.com/ecm3?ex=googleHMT
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=googleHMT
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=gXbyBs2LSuGAG0sVjcJe-g&ep=jfhUBhndbrgDPVWSaDPkhvsqljdYzyaqrCivlFBDwWF_pYu5CYDdLXout7m8O_cRanmrXx8c4pVzY5vJUxjD6jo2aMRysHPtp68wczwIUe8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Jul 2021 17:54:18 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
V4WRH2TDAJPY8CXTTPJE
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 27 Jul 2021 17:54:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://s.amazon-adsystem.com/ecm3?ex=googleHMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
244
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame DAEA
Redirect Chain
  • https://pixel.placed.com/api/v2/sync/custom-pixel?https://s.amazon-adsystem.com/ecm3?ex=placed.com&id=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1682&partner_device_id=amazon-4ec912f0-1e76-405f-96fa-582b70201244&partner_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dplaced.com%26id...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1682&partner_device_id=amazon-4ec912f0-1e76-405f-96fa-582b70201244&partner_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dplaced.co...
  • https://s.amazon-adsystem.com/ecm3?ex=placed.com&id=amazon-4ec912f0-1e76-405f-96fa-582b70201244
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=placed.com&id=amazon-4ec912f0-1e76-405f-96fa-582b70201244
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=gXbyBs2LSuGAG0sVjcJe-g&ep=jfhUBhndbrgDPVWSaDPkhvsqljdYzyaqrCivlFBDwWF_pYu5CYDdLXout7m8O_cRanmrXx8c4pVzY5vJUxjD6jo2aMRysHPtp68wczwIUe8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Jul 2021 17:54:19 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
0E1V7QYD2J0SV9WG0JJ4
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=placed.com&id=amazon-4ec912f0-1e76-405f-96fa-582b70201244
date
Tue, 27 Jul 2021 17:54:19 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
/
loadus.exelator.com/load/ Frame DAEA
0
324 B
Image
General
Full URL
https://loadus.exelator.com/load/?p=204&g=8888&j=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=gXbyBs2LSuGAG0sVjcJe-g&ep=jfhUBhndbrgDPVWSaDPkhvsqljdYzyaqrCivlFBDwWF_pYu5CYDdLXout7m8O_cRanmrXx8c4pVzY5vJUxjD6jo2aMRysHPtp68wczwIUe8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:18 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
ecm3
s.amazon-adsystem.com/ Frame DAEA
Redirect Chain
  • https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D
  • https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=0A2CE4424B480061354A18510238EBA5
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=0A2CE4424B480061354A18510238EBA5
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=gXbyBs2LSuGAG0sVjcJe-g&ep=jfhUBhndbrgDPVWSaDPkhvsqljdYzyaqrCivlFBDwWF_pYu5CYDdLXout7m8O_cRanmrXx8c4pVzY5vJUxjD6jo2aMRysHPtp68wczwIUe8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Jul 2021 17:54:19 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
PC9V8C872ANMRA4K9WJK
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Tue, 27 Jul 2021 17:54:19 GMT
Server
openresty/1.15.8.2
P3P
CP="This is not a P3P policy! See http://www.ninthdecimal.com/privacy-policy-terms-of-service for more info."
Location
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=0A2CE4424B480061354A18510238EBA5
Cache-Control
no-cache, private
Connection
keep-alive
Content-Type
text/html
Content-Length
151
Expires
Tue, 27 Jul 2021 17:54:18 GMT
ecm3
s.amazon-adsystem.com/ Frame DAEA
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58297/sync?_origin=1&redir=true
  • https://s.amazon-adsystem.com/ecm3?ex=verizonums&id=y-0itPFvN1l2Or_j1Qsxmui_bye3c6sJc-
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=verizonums&id=y-0itPFvN1l2Or_j1Qsxmui_bye3c6sJc-
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=gXbyBs2LSuGAG0sVjcJe-g&ep=jfhUBhndbrgDPVWSaDPkhvsqljdYzyaqrCivlFBDwWF_pYu5CYDdLXout7m8O_cRanmrXx8c4pVzY5vJUxjD6jo2aMRysHPtp68wczwIUe8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Jul 2021 17:54:19 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
YM0FG5N54E55ZZ1KSTZW
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Tue, 27 Jul 2021 17:54:19 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://s.amazon-adsystem.com/ecm3?ex=verizonums&id=y-0itPFvN1l2Or_j1Qsxmui_bye3c6sJc-
Connection
keep-alive
Content-Length
0
ecm3
s.amazon-adsystem.com/ Frame DAEA
Redirect Chain
  • https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=8093fb283813a227510f8965a3e89d7a406e287ab4e10d7b108d0a612988de7b
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=8093fb283813a227510f8965a3e89d7a406e287ab4e10d7b108d0a612988de7b
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=gXbyBs2LSuGAG0sVjcJe-g&ep=jfhUBhndbrgDPVWSaDPkhvsqljdYzyaqrCivlFBDwWF_pYu5CYDdLXout7m8O_cRanmrXx8c4pVzY5vJUxjD6jo2aMRysHPtp68wczwIUe8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Jul 2021 17:54:19 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
ZB8FWBGT1ZV8KSTFYCE9
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 27 Jul 2021 17:54:19 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=8093fb283813a227510f8965a3e89d7a406e287ab4e10d7b108d0a612988de7b
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
0
retry-after
0
expires
0
ecm3
s.amazon-adsystem.com/ Frame DAEA
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID
  • https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=88948515-A201-4C81-9ED1-2B0A62DB659F
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=88948515-A201-4C81-9ED1-2B0A62DB659F
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=gXbyBs2LSuGAG0sVjcJe-g&ep=jfhUBhndbrgDPVWSaDPkhvsqljdYzyaqrCivlFBDwWF_pYu5CYDdLXout7m8O_cRanmrXx8c4pVzY5vJUxjD6jo2aMRysHPtp68wczwIUe8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Jul 2021 17:54:19 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
WDNXRY6EHZFCHEK3DNHW
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=88948515-A201-4C81-9ED1-2B0A62DB659F
date
Tue, 27 Jul 2021 17:54:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
ecm3
s.amazon-adsystem.com/ Frame DAEA
Redirect Chain
  • https://sync.taboola.com/sg/amazon-a9-network/1/rtb
  • https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=bcf90b6c-bb5b-4960-adc6-5935764dbf8d-tuct7f9cdcc
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=bcf90b6c-bb5b-4960-adc6-5935764dbf8d-tuct7f9cdcc
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=gXbyBs2LSuGAG0sVjcJe-g&ep=jfhUBhndbrgDPVWSaDPkhvsqljdYzyaqrCivlFBDwWF_pYu5CYDdLXout7m8O_cRanmrXx8c4pVzY5vJUxjD6jo2aMRysHPtp68wczwIUe8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Jul 2021 17:54:20 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
NVW7WWAZDCF9S6T636EA
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=bcf90b6c-bb5b-4960-adc6-5935764dbf8d-tuct7f9cdcc
tbl-x-upstream
10.41.14.127:10213
date
Tue, 27 Jul 2021 17:54:20 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
15445
resolve
people.api.boomtrain.com/identify/
421 B
736 B
XHR
General
Full URL
https://people.api.boomtrain.com/identify/resolve?data=eyJjb29raWUiOnsiYnNpbiI6IiJ9LCJxdWVyeXN0cmluZyI6eyJlZSI6InQ5alAyTkl1QTRWSzloQzU4MVp1Qmh2Ym1rVFZSSENXQ1Z1VmVCU2RsSDhubFg5THV5R0VvWWJVTkdEYjNSbEEifX0%3D&site_id=mlb
Requested by
Host: cdn.boomtrain.com
URL: https://cdn.boomtrain.com/p13n/mlb/p13n.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.31.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
1428d6ed5b68065990a4f229bc807a814c955ba2340c9dce006821919b36bf45

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Jul 2021 17:54:18 GMT
Server
nginx
Access-Control-Allow-Methods
GET,PUT,POST,DELETE
Content-Type
application/json
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With,Content-Type,Authorization,x-app-id
Content-Length
421
ads.json
www.mlbstatic.com/mlb.com/video/config/mlb-vpp-aws/ads/advertise/adsense/banner/smart/atlas/appnexus/adserver/
174 B
508 B
XHR
General
Full URL
https://www.mlbstatic.com/mlb.com/video/config/mlb-vpp-aws/ads/advertise/adsense/banner/smart/atlas/appnexus/adserver/ads.json?54526163
Requested by
Host: builds.mlbstatic.com
URL: https://builds.mlbstatic.com/mlb.com/builds/site-core/1626640049318/dist/scripts/site-desktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8d501f104482ae28191afc0847fbb789a99d480ec9d36cbd652f488c03d7029

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:18 GMT
content-encoding
gzip
cf-cache-status
MISS
x-goog-meta-goog-reserved-file-mtime
1619794442
x-guploader-uploadid
ADPycdsyAcCpJMG54uGvC7J3anxpoRl3_TBAVRyTBqOzzU5SR25baT4x0Y3Ltqgl-8kVdX2Svpr1Ewn-QnpG3Gsm9z0
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
application/json
last-modified
Fri, 30 Apr 2021 14:54:11 GMT
server
cloudflare
etag
W/"44fda6a24d496f8de14f13ea5e73d180"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=oxgchA==, md5=RP2mok1Jb43hTxPqXnPRgA==
x-goog-generation
1619794451029185
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
max-age=300
x-goog-stored-content-length
174
cf-ray
6757bb6bee034a91-FRA
expires
Tue, 27 Jul 2021 17:59:17 GMT
pubads_impl_2021072401.js
securepubads.g.doubleclick.net/gpt/
329 KB
115 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072401.js?31062007
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
e614b80bf4e26b3c3568c60b2ae65ed06ffc3c69cec05807e2b60b38ef9498c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 24 Jul 2021 19:52:44 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117151
x-xss-protection
0
expires
Tue, 27 Jul 2021 17:54:17 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
335 B
804 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.mlb.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
a472a830ceec2f186b4fbbad1a28dffe9fd05f22ea46cfd23a0e09a13311467e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 27 Jul 2021 17:54:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
146
x-xss-protection
0
expires
Tue, 27 Jul 2021 17:54:17 GMT
widget_iframe.06c6ee58c3810956b7509218508c7b56.html
platform.twitter.com/widgets/ Frame E1BC
319 KB
103 KB
Document
General
Full URL
https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fwww.mlb.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6760) /
Resource Hash
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.mlb.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
personalization_id="v1_OUJQvO9yBlBGlwnU4bJcPg=="
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.mlb.com/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
515801
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Tue, 27 Jul 2021 17:54:17 GMT
Etag
"dab7ee9ff99366614e06e117bab5e542+gzip"
Last-Modified
Wed, 28 Apr 2021 17:56:54 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6760)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105298
mlb-sponsorship-2021-mlb-at-field-of-dreams-experience-sweepstakes-bg-1680x900.jpg
mktg.mlbstatic.com/mlb/images/sponsorship/background-skins/
322 KB
0
Image
General
Full URL
http://mktg.mlbstatic.com/mlb/images/sponsorship/background-skins/mlb-sponsorship-2021-mlb-at-field-of-dreams-experience-sweepstakes-bg-1680x900.jpg
Requested by
Host: cdn.bam-forms.com
URL: https://cdn.bam-forms.com/2.0.0/mlb/mlb/0001626966285613-cab69ce4ffff9d12-0001/live/form.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58789936f057975399b169076f37d04d334ec7016da5726854850acd1147fcfc

Request headers

Referer

Response headers

date
Tue, 27 Jul 2021 17:54:17 GMT
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1626984400
access-control-allow-origin
*
x-guploader-uploadid
ADPycdtsBuHlnM3TGpFbsiGe9-KK27MTl4QN4px-H5KU-brxs20MqLi6ayKyQ21-OEpOeSTHk6Wz3ShTLbv9zcqUqQHAewsnAw
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
cf-bgj
h2pri
content-length
330209
last-modified
Thu, 22 Jul 2021 20:06:51 GMT
server
cloudflare
etag
"c6d78b262b253463b766fdba042c310d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=lLw8wg==, md5=xteLJislNGO3Zv26BCwxDQ==
content-type
image/jpeg
x-goog-generation
1626984411674950
access-control-expose-headers
*
cache-control
max-age=300
x-goog-stored-content-length
330209
accept-ranges
bytes
cf-ray
6757bb691ad84a55-FRA
expires
Tue, 27 Jul 2021 17:56:25 GMT
ibs:dpid=771&dpuuid=CAESEFMB4QRo83gnRPKW8UKPfjA&google_cver=1
dpm.demdex.net/ Frame 5753
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MTgxNDgyMzc3ODk0MTM1NDQ4NzI5MzgwODc3OTU0OTk4MDQ4NzE=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEFMB4QRo83gnRPKW8UKPfjA&google_cver=1?gdpr=0&gdpr_consent=
42 B
958 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEFMB4QRo83gnRPKW8UKPfjA&google_cver=1?gdpr=0&gdpr_consent=
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.223.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-223-28.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://mlb.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v012-0f214c960.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
oHNsLDvBTJ0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Tue, 27 Jul 2021 17:54:17 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEFMB4QRo83gnRPKW8UKPfjA&google_cver=1?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
en.json
cdn.cookielaw.org/consent/87e3b067-33e7-4a28-84ad-4aaeb74b4d5a/d4605d1f-9773-4170-82d8-d02da7ee14a7/
1 MB
65 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/consent/87e3b067-33e7-4a28-84ad-4aaeb74b4d5a/d4605d1f-9773-4170-82d8-d02da7ee14a7/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.7.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62b7c90e415ede317e4540acdeb0a390ae037d7964261b0e700972561bac3cc1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 27 Jul 2021 17:54:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
7xAb9viwJU6svDspLOSeBA==
age
2909
vary
Accept-Encoding
content-length
66652
x-ms-lease-status
unlocked
last-modified
Thu, 01 Oct 2020 20:01:19 GMT
server
cloudflare
etag
0x8D86644C3A82A58
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
c338286e-a01e-00fa-36b7-2d1101000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6757bb6c2c010605-FRA
truncated
/ Frame FC2D
14 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame FC2D
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame FC2D
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Iwg4ANhK7Iu8SHToSsE0E20K/styles__ltr.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gstatic.com/recaptcha/releases/Iwg4ANhK7Iu8SHToSsE0E20K/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 00:00:30 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
age
64427
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
expires
Tue, 03 Aug 2021 00:00:30 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame FC2D
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfIDmEUAAAAAOvPm-WFoPRcuiL75vw9E2ziAOJc&co=aHR0cHM6Ly93d3cubWxiLmNvbTo0NDM.&hl=en&v=Iwg4ANhK7Iu8SHToSsE0E20K&theme=light&size=normal&cb=yr4rjyr2wybp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.google.com
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 21:27:21 GMT
x-content-type-options
nosniff
age
73616
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Jul 2022 21:27:21 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame FC2D
102 B
132 B
Other
General
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=Iwg4ANhK7Iu8SHToSsE0E20K
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ed4b06b4fbf7117c1910a1480845b4880615606bb4f399cb5df51583889fdc27
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfIDmEUAAAAAOvPm-WFoPRcuiL75vw9E2ziAOJc&co=aHR0cHM6Ly93d3cubWxiLmNvbTo0NDM.&hl=en&v=Iwg4ANhK7Iu8SHToSsE0E20K&theme=light&size=normal&cb=yr4rjyr2wybp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Tue, 27 Jul 2021 17:54:17 GMT
/
www.facebook.com/tr/
44 B
88 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1737068226554254&ev=Microdata&dl=https%3A%2F%2Fwww.mlb.com%2Fforms%2Fmlb-at-field-of-dreams-experience-sweepstakes%3FpartnerId%3Dzh-20210727-443722-mlb-1-A%26qid%3D1026%26utm_id%3Dzh-20210727-443722-mlb-1-A%26bt_ee%3Dt9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA%26bt_ts%3D1627389352352&rl=&if=false&ts=1627408457726&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22GEICO%20MLB%20at%20Field%20of%20Dreams%20Experience%20Sweepstakes%20%7C%20MLB.com%22%2C%22meta%3Adescription%22%3A%22Enter%20for%20your%20chance%20to%20win%20a%20once%20in%20a%20lifetime%20experience%22%2C%22meta%3Akeywords%22%3A%22MLB%2C%20Baseball%2C%20Major%20League%20Baseball%22%7D&cd[OpenGraph]=%7B%22og%3Adescription%22%3A%22Enter%20for%20your%20chance%20to%20win%20a%20once%20in%20a%20lifetime%20experience%22%2C%22og%3Atitle%22%3A%22GEICO%20MLB%20at%20Field%20of%20Dreams%20Experience%20Sweepstakes%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.mlbstatic.com%2Fteam-logos%2Fshare%2Fmlb.jpg%3Fv%3D2%22%2C%22og%3Asite_name%22%3A%22MLB.com%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.mlb.com%2Fforms%2Fmlb-at-field-of-dreams-experience-sweepstakes%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.43&r=stable&ec=1&o=30&fbp=fb.1.1627408456675.638128371&it=1627408456639&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:17 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Tue, 27 Jul 2021 17:54:17 GMT
ibs:dpid=22052&dpuuid=3620453972572635289
dpm.demdex.net/ Frame 5753
Redirect Chain
  • https://ml314.com/utsync.ashx?eid=50112&et=0&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D22052%26dpuuid%3D[PersonID]
  • https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3620453972572635289
42 B
958 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3620453972572635289
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.223.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-223-28.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://mlb.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v012-03d9cf435.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
hB3DqSRwQ+s=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma
no-cache
Date
Tue, 27 Jul 2021 17:54:20 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
p3P
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Location
https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3620453972572635289
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
185
Expires
0,Wed, 28 Jul 2021 13:54:20 GMT
otFlat.json
cdn.cookielaw.org/scripttemplates/6.7.0/assets/
12 KB
3 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.7.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.7.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06b10167b8d0ac41c1b681a2cce2977f08c4bb49f3261d7ff2fce60b0e59f7c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 27 Jul 2021 17:54:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
6g5s6eICehvPXWb9nycIcQ==
age
3750
vary
Accept-Encoding
content-length
3328
x-ms-lease-status
unlocked
last-modified
Fri, 09 Oct 2020 06:35:38 GMT
server
cloudflare
etag
0x8D86C1D890DBAF3
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
15bb8ddc-601e-0046-0f5e-1f0670000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6757bb6d3f000605-FRA
otPcTab.json
cdn.cookielaw.org/scripttemplates/6.7.0/assets/
57 KB
14 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.7.0/assets/otPcTab.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.7.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17630b57706201a67ca2a0b562b0d97591b6305f799877d26105ae8d5c55ad97
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 27 Jul 2021 17:54:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
XYpxY9G9pW1MxFP56E6j6g==
age
3650
vary
Accept-Encoding
content-length
14113
x-ms-lease-status
unlocked
last-modified
Fri, 09 Oct 2020 06:35:39 GMT
server
cloudflare
etag
0x8D86C1D8A098862
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
77ea22b0-901e-00b6-755e-1fd61e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6757bb6d3f030605-FRA
bframe
www.google.com/recaptcha/api2/ Frame 249D
7 KB
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=Iwg4ANhK7Iu8SHToSsE0E20K&k=6LfIDmEUAAAAAOvPm-WFoPRcuiL75vw9E2ziAOJc&cb=l4i1am4z241o
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Iwg4ANhK7Iu8SHToSsE0E20K/recaptcha__en.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5422e2ccff9cbe54d68ad8a2b908304c6239541e1562896afbb9e5edbf5ac2d1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-w1op8+Wi1UvzVbXEclfMiA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/bframe?hl=en&v=Iwg4ANhK7Iu8SHToSsE0E20K&k=6LfIDmEUAAAAAOvPm-WFoPRcuiL75vw9E2ziAOJc&cb=l4i1am4z241o
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.mlb.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.mlb.com/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 27 Jul 2021 17:54:17 GMT
content-security-policy
script-src 'report-sample' 'nonce-w1op8+Wi1UvzVbXEclfMiA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1112
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
www.facebook.com/tr/
44 B
88 B
Image
General
Full URL
https://www.facebook.com/tr/?id=284946448544018&ev=Microdata&dl=https%3A%2F%2Fwww.mlb.com%2Fforms%2Fmlb-at-field-of-dreams-experience-sweepstakes%3FpartnerId%3Dzh-20210727-443722-mlb-1-A%26qid%3D1026%26utm_id%3Dzh-20210727-443722-mlb-1-A%26bt_ee%3Dt9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA%26bt_ts%3D1627389352352&rl=&if=false&ts=1627408457821&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22GEICO%20MLB%20at%20Field%20of%20Dreams%20Experience%20Sweepstakes%20%7C%20MLB.com%22%2C%22meta%3Adescription%22%3A%22Enter%20for%20your%20chance%20to%20win%20a%20once%20in%20a%20lifetime%20experience%22%2C%22meta%3Akeywords%22%3A%22MLB%2C%20Baseball%2C%20Major%20League%20Baseball%22%7D&cd[OpenGraph]=%7B%22og%3Adescription%22%3A%22Enter%20for%20your%20chance%20to%20win%20a%20once%20in%20a%20lifetime%20experience%22%2C%22og%3Atitle%22%3A%22GEICO%20MLB%20at%20Field%20of%20Dreams%20Experience%20Sweepstakes%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.mlbstatic.com%2Fteam-logos%2Fshare%2Fmlb.jpg%3Fv%3D2%22%2C%22og%3Asite_name%22%3A%22MLB.com%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.mlb.com%2Fforms%2Fmlb-at-field-of-dreams-experience-sweepstakes%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.43&r=stable&ec=1&o=30&fbp=fb.1.1627408456675.638128371&it=1627408456639&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:17 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Tue, 27 Jul 2021 17:54:17 GMT
prebid
ib.adnxs.com/ut/v3/
53 B
885 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/prebid/c/mlb_prebidv1/pb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 27 Jul 2021 17:54:17 GMT
X-Proxy-Origin
185.236.201.227; 185.236.201.227; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
277ab8ce-64fb-40f5-825a-c06d04490eff
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.mlb.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
53
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bidRequest
c2shb.ssp.yahoo.com/
62 B
743 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691ba01777792dbf792fd25610008&pos=8a96944a01777792e0659300f67d0005&cmd=bid&secure=1
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/prebid/c/mlb_prebidv1/pb.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS/7.1.2.128 /
Resource Hash
de88e6994a484608e780dd265637019b67882df89c5728d7b4babb458a9fad66

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 27 Jul 2021 17:54:17 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.mlb.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/
62 B
743 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691ba01777792dbf792fd25610008&pos=8a96944a01777792e0659300fa190006&cmd=bid&secure=1
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/prebid/c/mlb_prebidv1/pb.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS/7.1.2.128 /
Resource Hash
bc7c92f7c11039868a3e8f83ec00f1162a012373bbd1baee429243c67e3fe80e

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 27 Jul 2021 17:54:18 GMT
Server
ATS/7.1.2.128
Age
1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.mlb.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/
62 B
743 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691ba01777792dbf792fd25610008&pos=8a96944a01777792e0659300fe660007&cmd=bid&secure=1
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/prebid/c/mlb_prebidv1/pb.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS/7.1.2.128 /
Resource Hash
cee19473c82e9c47aa66ea26b9af407792c4d13c524d29eb18a1768b1b5e8ba5

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 27 Jul 2021 17:54:18 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.mlb.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/
62 B
743 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691ba01777792dbf792fd25610008&pos=8a96944a01777792e0659300ff930008&cmd=bid&secure=1
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/prebid/c/mlb_prebidv1/pb.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS/7.1.2.128 /
Resource Hash
590a472817789a9f3788e099e8ffecbd3da4dc37145134ca82cf05dfd5ac98e0

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 27 Jul 2021 17:54:18 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.mlb.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
truncated
/
817 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
proxima-nova-semibold.woff2
www.mlbstatic.com/mlb.com/fonts/
85 KB
86 KB
Font
General
Full URL
https://www.mlbstatic.com/mlb.com/fonts/proxima-nova-semibold.woff2
Requested by
Host: builds.mlbstatic.com
URL: https://builds.mlbstatic.com/mlb.com/builds/site-core/1626640049318/dist/styles/site.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7802d1f8ca3930a70fc1d688331df9609b9bd226246e9a9a998c1508513e9417

Request headers

Origin
https://www.mlb.com
Referer
https://builds.mlbstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:17 GMT
cf-cache-status
HIT
age
8612734
x-guploader-uploadid
ABg5-UxkaBUDG4vkXiWqvwSAylWx-rWbCyfnncqFjMlXpT6NBIToKPW7zYXIf4WbL9VoGuLumjaJtz3f8JSIfy-hvDFQ4dILaA
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
font/woff2
content-length
87200
last-modified
Tue, 24 Mar 2020 21:03:33 GMT
server
cloudflare
etag
"167529152bc0c2f7d625eafab3b46176"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=VwVFRQ==, md5=FnUpFSvAwvfWJer6s7Rhdg==
content-language
en
access-control-allow-origin
*
x-goog-generation
1585083813277630
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
max-age=31536000
x-goog-stored-content-length
87200
accept-ranges
bytes
cf-ray
6757bb6dda714a91-FRA
expires
Fri, 25 Mar 2022 17:18:03 GMT
ibs:dpid=575&dpuuid=-2991424729288521752
dpm.demdex.net/ Frame 5753
Redirect Chain
  • https://fei.pro-market.net/engine?site=141472;size=1x1;mimetype=img;du=67;csync=18148237789413544872938087795499804871
  • https://dpm.demdex.net/ibs:dpid=575&dpuuid=-2991424729288521752
42 B
958 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=575&dpuuid=-2991424729288521752
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.223.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-223-28.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://mlb.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v012-0461d9108.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
NIy37t3UQUY=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Tue, 27 Jul 2021 17:54:16 GMT
via
1.1 google
server
Apache-Coyote/1.1
access-control-allow-origin
*
anserver
gapp-eu-4.c.datonics-gcp-01.internal
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://dpm.demdex.net/ibs:dpid=575&dpuuid=-2991424729288521752
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
clear
content-length
0
expires
Mon, 1 Jan 1990 0:0:0 GMT
settings
syndication.twitter.com/ Frame E1BC
232 B
431 B
Fetch
General
Full URL
https://syndication.twitter.com/settings?session_id=006a8bbe9e709e90a554e5785efc16e9db5d02f3
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fwww.mlb.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:17 GMT
content-encoding
gzip
last-modified
Tue, 27 Jul 2021 17:54:18 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
c674f4abe57b639363ef8924cac91e3c18e208902a3bb43993b110daa286208b
content-length
166
styles__ltr.css
www.gstatic.com/recaptcha/releases/Iwg4ANhK7Iu8SHToSsE0E20K/ Frame 249D
52 KB
25 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/Iwg4ANhK7Iu8SHToSsE0E20K/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Iwg4ANhK7Iu8SHToSsE0E20K&k=6LfIDmEUAAAAAOvPm-WFoPRcuiL75vw9E2ziAOJc&cb=l4i1am4z241o
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 16:44:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4164
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25732
x-xss-protection
0
last-modified
Mon, 19 Jul 2021 04:06:17 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 27 Jul 2022 16:44:53 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/Iwg4ANhK7Iu8SHToSsE0E20K/ Frame 249D
341 KB
133 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/Iwg4ANhK7Iu8SHToSsE0E20K/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Iwg4ANhK7Iu8SHToSsE0E20K&k=6LfIDmEUAAAAAOvPm-WFoPRcuiL75vw9E2ziAOJc&cb=l4i1am4z241o
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
edb6f1ba6e05bf7ceac236730c44bbd3bd10dfc3dbe6758e66d297c63358c64a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 10:05:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
28138
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
136001
x-xss-protection
0
last-modified
Mon, 19 Jul 2021 04:06:17 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 27 Jul 2022 10:05:19 GMT
ibs:dpid=73426&dpuuid=18148237789413544872938087795499804871
dpm.demdex.net/ Frame 5753
Redirect Chain
  • https://ads.scorecardresearch.com/p?c1=9&c2=6034944&c3=2&cs_xi=18148237789413544872938087795499804871&rn=1627408456640&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D181482377894135...
  • https://dpm.demdex.net/ibs:dpid=73426&dpuuid=18148237789413544872938087795499804871
42 B
958 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=73426&dpuuid=18148237789413544872938087795499804871
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.223.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-223-28.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://mlb.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v012-0e429de18.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
Z5HtehNdQyQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date
Tue, 27 Jul 2021 17:54:18 GMT
via
1.1 6ec6c63eb2f7ec00507af95b1621674c.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://dpm.demdex.net/ibs:dpid=73426&dpuuid=18148237789413544872938087795499804871
content-length
105
x-amz-cf-id
BVQmlyGN_LcHm4pd7G7CwenGi1yGJfRfxFxUFsIH_N0mSKz-aqNJrg==
pack
rb.adnxs.com/
0
270 B
XHR
General
Full URL
https://rb.adnxs.com/pack?log=log_prebid_events&format=protobuf
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/prebid/c/mlb_prebidv1/pb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.252.167.196 Bethnal Green, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=utf8

Response headers

access-control-allow-origin
https://www.mlb.com
date
Tue, 27 Jul 2021 17:54:19 GMT
access-control-allow-credentials
true
server
nginx/1.18.0
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
access-control-allow-methods
POST, OPTIONS, GET
track
events.api.boomtrain.com/event/
2 B
248 B
XHR
General
Full URL
https://events.api.boomtrain.com/event/track
Requested by
Host: cdn.boomtrain.com
URL: https://cdn.boomtrain.com/p13n/mlb/p13n.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.20.220.17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 27 Jul 2021 17:54:21 GMT
server
nginx
allow
GET, HEAD, OPTIONS, POST
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
X-Requested-With, Content-Type, Authorization, x-app-id
content-length
2
ibs:dpid=121998&dpuuid=4cd693a1c1cbc661bfdd647eaa535168
dpm.demdex.net/ Frame 5753
Redirect Chain
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=18148237789413544872938087795499804871?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
  • https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/tpid=18148237789413544872938087795499804871?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=4cd693a1c1cbc661bfdd647eaa535168
42 B
958 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=4cd693a1c1cbc661bfdd647eaa535168
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.223.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-223-28.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://mlb.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v012-0f1d2efda.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
hw1ZBSizTfk=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Tue, 27 Jul 2021 17:54:18 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=4cd693a1c1cbc661bfdd647eaa535168
cache-control
no-cache
x-server
10.45.8.119
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 5753
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WVFCSVNBQUFBS3N3NWhIbA==
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WVFCSVNBQUFBS3N3NWhIbA==
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://mlb.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Jul 2021 17:54:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 27 Jul 2021 17:54:18 GMT
via
1.1 varnish
server
Varnish
x-timer
S1627408458.395994,VS0,VE0
x-served-by
cache-fra19163-FRA
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WVFCSVNBQUFBS3N3NWhIbA==
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
tap.php
pixel.rubiconproject.com/ Frame 5753
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YQBISAAAAKsw5hHl&expires=90
42 B
754 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YQBISAAAAKsw5hHl&expires=90
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://mlb.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 27 Jul 2021 17:54:18 GMT
via
1.1 varnish
server
Varnish
x-timer
S1627408458.395958,VS0,VE0
x-served-by
cache-fra19163-FRA
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YQBISAAAAKsw5hHl&expires=90
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rum
dsum-sec.casalemedia.com/ Frame 5753
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YQBISAAAAKsw5hHl
43 B
883 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YQBISAAAAKsw5hHl
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://mlb.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Jul 2021 17:54:18 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 27 Jul 2021 17:54:18 GMT

Redirect headers

pragma
no-cache
date
Tue, 27 Jul 2021 17:54:18 GMT
via
1.1 varnish
server
Varnish
x-timer
S1627408458.426776,VS0,VE0
x-served-by
cache-fra19163-FRA
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YQBISAAAAKsw5hHl
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
setuid
ib.adnxs.com/ Frame 5753
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
  • https://ib.adnxs.com/setuid?entity=158&code=YQBISAAAAKsw5hHl
43 B
1012 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=158&code=YQBISAAAAKsw5hHl
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://mlb.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Jul 2021 17:54:18 GMT
X-Proxy-Origin
185.236.201.227; 185.236.201.227; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
548644f1-5227-4380-b4ab-bddce49ccfaa
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 27 Jul 2021 17:54:18 GMT
via
1.1 varnish
server
Varnish
x-timer
S1627408459.527790,VS0,VE0
x-served-by
cache-fra19163-FRA
x-cache
HIT
location
https://ib.adnxs.com/setuid?entity=158&code=YQBISAAAAKsw5hHl
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pack
rb.adnxs.com/
0
269 B
XHR
General
Full URL
https://rb.adnxs.com/pack?log=log_prebid_events&format=protobuf
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/prebid/c/mlb_prebidv1/pb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.252.167.196 Bethnal Green, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=utf8

Response headers

access-control-allow-origin
https://www.mlb.com
date
Tue, 27 Jul 2021 17:54:19 GMT
access-control-allow-credentials
true
server
nginx/1.18.0
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
access-control-allow-methods
POST, OPTIONS, GET
sd
us-u.openx.net/w/1.0/ Frame 5753
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YQBISAAAAKsw5hHl
43 B
172 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YQBISAAAAKsw5hHl
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.211.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://mlb.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Jul 2021 17:54:18 GMT
via
1.1 google
server
OXGW/16.211.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 27 Jul 2021 17:54:18 GMT
via
1.1 varnish
server
Varnish
x-timer
S1627408459.628323,VS0,VE0
x-served-by
cache-fra19163-FRA
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YQBISAAAAKsw5hHl
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
image2.pubmatic.com/AdServer/ Frame 5753
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YQBISAAAAKsw5hHl
1 B
547 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YQBISAAAAKsw5hHl
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mlb.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:17 GMT
cache-control
no-store, no-cache, private
x-lat
amspug014:0:372
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 27 Jul 2021 17:54:18 GMT
via
1.1 varnish
server
Varnish
x-timer
S1627408459.729969,VS0,VE0
x-served-by
cache-fra19163-FRA
x-cache
HIT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YQBISAAAAKsw5hHl
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
partner
sync.search.spotxchange.com/ Frame 5753
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YQBISAAAAKsw5hHl&img=1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YQBISAAAAKsw5hHl&img=1&__user_check__=1&sync_id=aaddd740-ef03-11eb-b037-129210fe0106
43 B
548 B
Image
General
Full URL
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YQBISAAAAKsw5hHl&img=1&__user_check__=1&sync_id=aaddd740-ef03-11eb-b037-129210fe0106
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.94.180.126 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
https://mlb.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Jul 2021 17:54:19 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
34
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Tue, 27 Jul 2021 17:54:19 GMT
Server
nginx
Location
/partner?adv_id=6409&uid=YQBISAAAAKsw5hHl&img=1&__user_check__=1&sync_id=aaddd740-ef03-11eb-b037-129210fe0106
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
98
Connection
keep-alive
Content-Length
0
b.php
www.facebook.com/fr/ Frame 5753
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=YQBISAAAAKsw5hHl&t=2592000&o=0
43 B
67 B
Image
General
Full URL
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YQBISAAAAKsw5hHl&t=2592000&o=0
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://mlb.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 10:54:19 PDT
content-encoding
br
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
public
x-fb-debug
9y+yXALVxg9lVOy3Is3Rx4oqUY7h94WNHoVbnb5Hxq/urLEyfzIhnhpJOpM42xitEpa+KDa8cF2ofc7o0IjTZg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
cross-origin-opener-policy
same-origin-allow-popups
strict-transport-security
max-age=15552000; preload
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
image/gif
vary
Accept-Encoding
cache-control
public, max-age=0
priority
u=3,i
expires
Tue, 27 Jul 2021 10:54:19 PDT

Redirect headers

pragma
no-cache
date
Tue, 27 Jul 2021 17:54:18 GMT
via
1.1 varnish
server
Varnish
x-timer
S1627408459.932503,VS0,VE0
x-served-by
cache-fra19163-FRA
x-cache
HIT
location
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YQBISAAAAKsw5hHl&t=2592000&o=0
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
adb
ids.ad.gt/api/v1/put/ Frame 5753
0
75 B
Image
General
Full URL
https://ids.ad.gt/api/v1/put/adb?adb=$18148237789413544872938087795499804871
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.149.136 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mlb.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:19 GMT
server
nginx/1.18.0
content-length
0
content-type
text/html; charset=utf-8
/
znbsk4yipsnfkyadd-mlb.siteintercept.qualtrics.com/WRSiteInterceptEngine/
7 KB
3 KB
Script
General
Full URL
https://znbsk4yipsnfkyadd-mlb.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_SIID=SI_78Pyax7rwjK0O7H&Q_LOC=https%3A%2F%2Fwww.mlb.com%2Fforms%2Fmlb-at-field-of-dreams-experience-sweepstakes%3FpartnerId%3Dzh-20210727-443722-mlb-1-A%26qid%3D1026%26utm_id%3Dzh-20210727-443722-mlb-1-A%26bt_ee%3Dt9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA%26bt_ts%3D1627389352352&t=1627408461495
Requested by
Host: www.mlb.com
URL: https://www.mlb.com/forms/mlb-at-field-of-dreams-experience-sweepstakes?partnerId=zh-20210727-443722-mlb-1-A&qid=1026&utm_id=zh-20210727-443722-mlb-1-A&bt_ee=t9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA&bt_ts=1627389352352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
c642f5dcd384c686093e4288f7ccd79379c42a9c769d09c9dbd975c72d85365a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:21 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
496817
cf-polished
origSize=8126
edge-control
max-age=604800
x-envoy-upstream-service-time
5
vary
Accept-Encoding
cf-bgj
minify
server
cloudflare
x-powered-by
Express
etag
W/"1fbe-gqf2fEpGDzDuNqL1ka1jvNL/Q30"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=604800
cf-ray
6757bb86281223df-ZRH
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
optout_check
beacon.krxd.net/
76 B
235 B
Script
General
Full URL
https://beacon.krxd.net/optout_check?callback=Krux.ns.mlb.kxjsonp_optOutCheck
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.e4cdf7ad64ebac73f207c1ce55cc1727
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.93.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-93-68.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6be4d3fc0cff2b4071c88e709411965095bef4e80fee7000031ab92188f90f5c

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:21 GMT
cache-control
private, max-age=0, s-max-age=0
x-request-time
D=24 t=1627408461
x-served-by
beacon-n007-dub-prod.krxd.net
content-type
text/javascript
get
cdn.krxd.net/userdata/
349 B
495 B
Script
General
Full URL
https://cdn.krxd.net/userdata/get?pub=8a5beb1e-7c54-4a9b-802f-9b064436798e&technographics=1&callback=Krux.ns.mlb.kxjsonp_userdata
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.e4cdf7ad64ebac73f207c1ce55cc1727
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
91a5614313daa93c80068caa08362704619197368da8d51ae42beffabc11073d

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_userdata_ash_prod_krxd_net___UserData_Service_V2
date
Tue, 27 Jul 2021 17:54:21 GMT
content-encoding
gzip
age
0
x-served-by
userdata-a016-ash-prod.krxd.net, cache-fra19138-FRA
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript
via
1.1 varnish
cache-control
private, max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1627408462.529307,VS0,VE97
content-length
267
x-cache-hits
0, 0
i
tr.snapchat.com/cm/ Frame 687D
0
262 B
Document
General
Full URL
https://tr.snapchat.com/cm/i?pid=0a93d42e-7f1c-48b3-9a24-1f54aa8952d8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:method
GET
:authority
tr.snapchat.com
:scheme
https
:path
/cm/i?pid=0a93d42e-7f1c-48b3-9a24-1f54aa8952d8
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.mlb.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.mlb.com/

Response headers

server
nginx/1.17.3
date
Tue, 27 Jul 2021 17:54:21 GMT
content-type
text/html
content-length
0
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
js-sha256-v1.min.js
sc-static.net/
22 KB
8 KB
Script
General
Full URL
https://sc-static.net/js-sha256-v1.min.js
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.96.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ba3d77e0be4f968f93a865602a9d4c51631083244a570b7a31690cc9e414a253

Request headers

Origin
https://www.mlb.com
Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 22:45:45 GMT
content-encoding
gzip
age
68918
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Fri, 05 Apr 2019 00:32:08 GMT
server
AmazonS3
etag
W/"68f2467c84878293c9ee497dbc99a17f"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 f3303a5632dc925c26253530523fa328.cloudfront.net (CloudFront)
access-control-expose-headers
Content-Type
cache-control
public, s-maxage=86400, max-age=600
x-amz-cf-pop
PRG50-C1
x-amz-cf-id
EnkXJT_plq4ptVNeh2B4KEYMTtaXtrxRXPcnocNJUiVCzXzMpjfdiA==
pixel.gif
beacon.krxd.net/
0
337 B
Image
General
Full URL
https://beacon.krxd.net/pixel.gif?source=smarttag&fired=report&confid=rja6bo8zd&_kpid=8a5beb1e-7c54-4a9b-802f-9b064436798e&_kcp_s=MLB&_kcp_d=www.mlb.com&_knifr=11&_kua_kx_tz=-120&geo_country=ch&geo_region=zh&_kua_kx_lang=en-us&_kua_kx_tech_browser_language=en-us&_kua_kx_whistle=0&_kua_kx_tech_browser=Chrome%208&_kua_kx_tech_manufacturer=Microsoft%20Corporation&_kua_kx_tech_device=Computer&_kua_kx_tech_os=Windows%2010&_kua_kx_geo_country=ch&_kua_kx_geo_region=zh&_kpa_url_path_1=forms&_kpa_url_path_2=mlb-at-field-of-dreams-experience-sweepstakes&_kpa_meta_keywords=MLB%2C%20Baseball%2C%20Major%20League%20Baseball&_kpa_host=www&_kpa_domain=mlb.com&_kpa_channel=Forms&_kpa_page_name=Major%20League%20Baseball%3A%20Forms%3A%20GEICO%20MLB%20at%20Field%20of%20Dreams%20Experience%20Sweepstakes&_kpa_prop5=Desktop&_kpa_prop39=Not%20Logged%20In&t_navigation_type=0&t_dns=1&t_tcp=13&t_http_request=-1&t_http_response=9&t_content_ready=1648&t_window_load=6078&t_redirect=0&interchange_ran=false&userdata_was_requested=true&userdata_did_respond=true&store_user_after=wiw0539nm&_kurl_=https%3A%2F%2Fwww.mlb.com%2Fforms%2Fmlb-at-field-of-dreams-experience-sweepstakes&userdata_user=OQ_9199Q%2Cwiw0539nm&sview=1&kplt0=29247&kplt1=29509&kplt2=29571&kplt3=29823&jsonp_requests=https%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2F8a5beb1e-7c54-4a9b-802f-9b064436798e%2C273%2Chttps%3A%2F%2Fbeacon.krxd.net%2Foptout_check%2C278%2Chttps%3A%2F%2Fcdn.krxd.net%2Fuserdata%2Fget%2C265
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.93.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-93-68.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:21 GMT
cache-control
private, no-cache, no-store
x-request-time
D=76 t=1627408461
x-served-by
beacon-n023-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
10.15708b1c3532abbcd42a.chunk.js
siteintercept.qualtrics.com/dxjsmodule/
49 KB
15 KB
Script
General
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/10.15708b1c3532abbcd42a.chunk.js?Q_CLIENTVERSION=1.56.0&Q_CLIENTTYPE=web
Requested by
Host: znbsk4yipsnfkyadd-mlb.siteintercept.qualtrics.com
URL: https://znbsk4yipsnfkyadd-mlb.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_SIID=SI_78Pyax7rwjK0O7H&Q_LOC=https%3A%2F%2Fwww.mlb.com%2Fforms%2Fmlb-at-field-of-dreams-experience-sweepstakes%3FpartnerId%3Dzh-20210727-443722-mlb-1-A%26qid%3D1026%26utm_id%3Dzh-20210727-443722-mlb-1-A%26bt_ee%3Dt9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA%26bt_ts%3D1627389352352&t=1627408461495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
89773dcc919194843e14879bc301c33cc95196ebaa6206f67ab198b16829f8c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:54:21 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
496899
cf-polished
origSize=51127
edge-control
max-age=604800
x-envoy-upstream-service-time
6
vary
Accept-Encoding
last-modified
Wed, 14 Jul 2021 20:04:04 GMT
server
cloudflare
x-powered-by
Express
etag
W/"c7b7-17aa69e8320"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
cf-ray
6757bb86786723df-ZRH
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-bgj
minify
p
tr.snapchat.com/ Frame D545
0
15 B
Document
General
Full URL
https://tr.snapchat.com/p
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:method
POST
:authority
tr.snapchat.com
:scheme
https
:path
/p
content-length
540
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
origin
https://www.mlb.com
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.mlb.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
Origin
https://www.mlb.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.mlb.com/

Response headers

server
nginx/1.17.3
date
Tue, 27 Jul 2021 17:54:22 GMT
content-type
text/html
content-length
0
access-control-allow-origin
*
cache-control
no-cache, no-transform
set-cookie
sc_at=v2|H4sIAAAAAAAAAAXBgQ0AIAgDsItIYMyB5xjjFxxvqwuuumXnKI2Bsu1LJm5kIPU6Z0IoelMY/7LtAm0yAAAA;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
js-sha256-v1.min.js
sc-static.net/
22 KB
8 KB
Script
General
Full URL
https://sc-static.net/js-sha256-v1.min.js
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.96.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ba3d77e0be4f968f93a865602a9d4c51631083244a570b7a31690cc9e414a253

Request headers

Origin
https://www.mlb.com
Referer
https://www.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 22:45:45 GMT
content-encoding
gzip
age
68918
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Fri, 05 Apr 2019 00:32:08 GMT
server
AmazonS3
etag
W/"68f2467c84878293c9ee497dbc99a17f"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 f3303a5632dc925c26253530523fa328.cloudfront.net (CloudFront)
access-control-expose-headers
Content-Type
cache-control
public, s-maxage=86400, max-age=600
x-amz-cf-pop
PRG50-C1
x-amz-cf-id
F_lISCwSQZDw3MomxD71vynNp18ukN8LjfbvhyXT1CY0IZuyc_Lv0w==
p
tr.snapchat.com/ Frame 3849
0
14 B
Document
General
Full URL
https://tr.snapchat.com/p
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:method
POST
:authority
tr.snapchat.com
:scheme
https
:path
/p
content-length
540
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
origin
https://www.mlb.com
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.mlb.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
sc_at=v2|H4sIAAAAAAAAAAXBgQ0AIAgDsItIYMyB5xjjFxxvqwuuumXnKI2Bsu1LJm5kIPU6Z0IoelMY/7LtAm0yAAAA
Upgrade-Insecure-Requests
1
Origin
https://www.mlb.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.mlb.com/

Response headers

server
nginx/1.17.3
date
Tue, 27 Jul 2021 17:54:22 GMT
content-type
text/html
content-length
0
access-control-allow-origin
*
cache-control
no-cache, no-transform
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
p
tr.snapchat.com/ Frame 496B
0
14 B
Document
General
Full URL
https://tr.snapchat.com/p
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:method
POST
:authority
tr.snapchat.com
:scheme
https
:path
/p
content-length
540
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
origin
https://www.mlb.com
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.mlb.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
sc_at=v2|H4sIAAAAAAAAAAXBgQ0AIAgDsItIYMyB5xjjFxxvqwuuumXnKI2Bsu1LJm5kIPU6Z0IoelMY/7LtAm0yAAAA
Upgrade-Insecure-Requests
1
Origin
https://www.mlb.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.mlb.com/

Response headers

server
nginx/1.17.3
date
Tue, 27 Jul 2021 17:54:22 GMT
content-type
text/html
content-length
0
access-control-allow-origin
*
cache-control
no-cache, no-transform
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
mlb-sponsorship-2021-mlb-at-field-of-dreams-experience-sweepstakes-bg-1680x900.jpg
mktg.mlbstatic.com/mlb/images/sponsorship/background-skins/
322 KB
0
Image
General
Full URL
http://mktg.mlbstatic.com/mlb/images/sponsorship/background-skins/mlb-sponsorship-2021-mlb-at-field-of-dreams-experience-sweepstakes-bg-1680x900.jpg
Requested by
Host: cdn.bam-forms.com
URL: https://cdn.bam-forms.com/2.0.0/mlb/mlb/0001626966285613-cab69ce4ffff9d12-0001/live/form.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58789936f057975399b169076f37d04d334ec7016da5726854850acd1147fcfc

Request headers

Referer

Response headers

date
Tue, 27 Jul 2021 17:54:17 GMT
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1626984400
access-control-allow-origin
*
x-guploader-uploadid
ADPycdtsBuHlnM3TGpFbsiGe9-KK27MTl4QN4px-H5KU-brxs20MqLi6ayKyQ21-OEpOeSTHk6Wz3ShTLbv9zcqUqQHAewsnAw
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
cf-bgj
h2pri
content-length
330209
last-modified
Thu, 22 Jul 2021 20:06:51 GMT
server
cloudflare
etag
"c6d78b262b253463b766fdba042c310d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=lLw8wg==, md5=xteLJislNGO3Zv26BCwxDQ==
content-type
image/jpeg
x-goog-generation
1626984411674950
access-control-expose-headers
*
cache-control
max-age=300
x-goog-stored-content-length
330209
accept-ranges
bytes
cf-ray
6757bb691ad84a55-FRA
expires
Tue, 27 Jul 2021 17:56:25 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
px.surveywall-api.survata.com
URL
https://px.surveywall-api.survata.com/z?l=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsurvata.com%26id%3D

Verdicts & Comments Add Verdict or Comment

205 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| dataLayer function| deviceBootstrap function| getStartupDeviceTypeString function| setImmediate function| clearImmediate object| mlbOkta function| targetPageParams function| Visitor object| s_c_il number| s_c_in object| visitor object| adobe object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate object| pageTags object| contentIdSKUMap undefined| gatedContentStyles undefined| styleSheet undefined| accessToken undefined| idToken undefined| oktaID undefined| subsUrls object| contentIdGeoMap function| checkForLocaleMatches undefined| gatedContentGeoStyles undefined| geoStyleSheet object| server_path object| i18n_dictionary object| team_info function| Krux object| google_tag_manager function| postscribe object| google_tag_manager_external boolean| isPhone object| google_tag_data function| twq boolean| include string| GoogleAnalyticsObject function| ga object| uetq object| _pix string| protocol number| a function| snaptr object| r object| _qevents function| fbq function| _fbq object| products object| gaplugins object| gaGlobal object| gaData function| quantserve function| __qc object| ezt object| _qoptions function| qtrack function| UET function| UET_init function| UET_push string| pubcidCookie function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| twttr boolean| triedToSendCookieToNative object| WebJSBridge undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| isDomless undefined| documentReferrer undefined| isBeta undefined| viewHash undefined| tagType undefined| pxSrc undefined| moat_px object| Moat#G26 object| MoatSuperV26 object| googletag object| MoatNadoAllJsonpRequest_92096283 object| Moat#PML#26#1.2 boolean| Moat#EVA object| MoatDataJsonpRequest_92096283 object| moatPrebidApi object| BamFormsFanUi function| requirejs function| require function| define object| ES6Promise function| $ function| jQuery object| lazySizesConfig object| lazySizes function| setAppMeasurementConfig function| AppMeasurement_Module_ActivityMap function| AppMeasurement_Module_AudienceManagement function| AppMeasurement function| s_gi function| s_pgicq function| DIL number| s_objectID number| s_giq object| adobeAnalytics function| trackPageView string| f0 string| pageName function| cookieWrite function| cookieRead function| p_fo boolean| ppvChange string| ppvID string| g object| __fo object| s_i_mlbglobal08_mlbcom08 function| trackAsync function| __BamFormsUiCaptcha_1_fieldkrf1qhwu function| OptanonWrapper string| site_id function| bt object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| OneTrustStub string| OnetrustActiveGroups string| OptanonActiveGroups function| addUspapiFrame function| optOutMsgHandler function| __uspapi object| usPrivacyCookie object| gamoo object| otCcpaOptOut function| dnsfeed function| jsonFeed object| recaptcha object| closure_lm_887256 function| _ function| P object| Modernizr object| regeneratorRuntime object| visibly string| b object| gptadslots object| pbjs object| appNexus function| setSponsoredOverlay function| setTakeover function| makeTFL object| mlbDoubleclick object| mlbMoment object| mlbLinker object| tokens object| __otccpaooLocation object| otStubData object| _bt object| ggeac object| google_js_reporting_queue object| __twttrll object| __twttr function| moatYieldReady object| Optanon object| OneTrust number| PREBID_TIMEOUT boolean| REQUEST_BIDS_ON_PAGE_LOAD object| SHOW_ADS_ON_PAGE_LOAD boolean| IS_PREBID_LEGACY function| pbjsChunk function| AppNexusPrebidAnalytics object| _pbjsGlobals function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing number| pvt object| searchSvgTitles object| moreOptionsTitle object| QSI object| WAFQualtricsWebpackJsonP-cloud-1.56.0 object| scpixel

43 Cookies

Domain/Path Name / Value
.demdex.net/ Name: dextp
Value: 21-1-1627408456947|60-1-1627408457168|477-1-1627408457275|601-1-1627408457509|771-1-1627408457619|22052-1-1627408457757|575-1-1627408457914|73426-1-1627408458015|121998-1-1627408458115|144230-1-1627408458216|144231-1-1627408458317|144232-1-1627408458418|144233-1-1627408458519|144234-1-1627408458619|144235-1-1627408458720|144236-1-1627408458822|144237-1-1627408458922|348447-1-1627408459023
.amazon-adsystem.com/ Name: ad-id
Value: A6Wm47Rvp0uWs9I4GoJ3Ybc
www.mlb.com/ Name: kxmlb_geo
Value: region%3Dzh%26longitude%3D8.52%26latitude%3D47.37%26country%3Dch%26zip%3D8000
.mlb.com/ Name: s_tp
Value: 1868
www.mlb.com/ Name: kxmlb_user
Value: wiw0539nm
.mlb.com/ Name: _bti
Value: %7B%22app_id%22%3A%22mlb%22%2C%22attributes%22%3A%5B%7B%22name%22%3A%22created_at%22%2C%22value%22%3A%222021-07-27T17%3A54%3A18%2B00%3A00%22%7D%2C%7B%22name%22%3A%22last_updated%22%2C%22value%22%3A%222021-07-27T17%3A54%3A18%2B00%3A00%22%7D%5D%2C%22bsin%22%3A%22XMU6dPyiY81sgne%2BEE5R%2FGuO%2BFUUk6kZDfv9JwopTfQVZKPCJVjweFdTnsm6Gr5j%2B1me4RzWsjA2ue0M3XQegg%3D%3D%22%2C%22created_at%22%3A%222021-07-27T17%3A54%3A18%2B00%3A00%22%2C%22email%22%3A%22glenn.roberts%40chemours.com%22%2C%22last_updated%22%3A%222021-07-27T17%3A54%3A18%2B00%3A00%22%2C%22sub_site_ids%22%3A%5B%22mlb%22%2C%22mlb-auctions%22%2C%22mlb-pirates%22%5D%7D
.mlb.com/ Name: OptanonConsent
Value: isIABGlobal=false&datestamp=Tue+Jul+27+2021+19%3A54%3A17+GMT%2B0200+(Central+European+Summer+Time)&version=6.7.0&hosts=&consentId=37f75670-4903-4a90-9a1f-fb991ff832bd&interactionCount=0&landingPath=https%3A%2F%2Fwww.mlb.com%2Fforms%2Fmlb-at-field-of-dreams-experience-sweepstakes%3FpartnerId%3Dzh-20210727-443722-mlb-1-A%26qid%3D1026%26utm_id%3Dzh-20210727-443722-mlb-1-A%26bt_ee%3Dt9jP2NIuA4VK9hC581ZuBhvbmkTVRHCWCVuVeBSdlH8nlX9LuyGEoYbUNGDb3RlA%26bt_ts%3D1627389352352&groups=C0001%3A1%2CC0003%3A0%2CC0002%3A0%2CC0004%3A0
.mlb.com/ Name: _bts
Value: 16e73a7e-c82c-4361-db05-71b899ca4fb1
www.mlb.com/ Name: usprivacy
Value: 1---
www.mlb.com/ Name: kxmlb_whistle
Value: 0
.demdex.net/ Name: demdex
Value: 18148237789413544872938087795499804871
.mlb.com/ Name: _scid
Value: b9684a0d-32fc-4ffa-82bc-e7ab648503da
.mlb.com/ Name: _uetvid
Value: a96f6440ef0311eb842799c4a5f56d07
.mlb.com/ Name: s_cc
Value: true
.mlb.com/ Name: s_ppn
Value: Major%20League%20Baseball%3A%20Forms%3A%20GEICO%20MLB%20at%20Field%20of%20Dreams%20Experience%20Sweepstakes
.mlb.com/ Name: _uetsid
Value: a96f3b00ef0311eb8e8519362787cc10
.twitter.com/ Name: personalization_id
Value: "v1_OUJQvO9yBlBGlwnU4bJcPg=="
.mlb.com/ Name: s_ppv
Value: Major%2520League%2520Baseball%253A%2520Forms%253A%2520GEICO%2520MLB%2520at%2520Field%2520of%2520Dreams%2520Experience%2520Sweepstakes%2C64%2C64%2C1200%2C1%2C1
.mlb.com/ Name: mbox
Value: session#022a1256011a4e588b76200a2ac71708#1627410317|PC#022a1256011a4e588b76200a2ac71708.37_0#1690653258
.mlb.com/ Name: s_ips
Value: 1200
.mlb.com/ Name: _fbp
Value: fb.1.1627408456675.638128371
.mlb.com/ Name: s_lv
Value: 1627408457047
.mlb.com/ Name: s_ecid
Value: MCMID%7C18250880675735486232935678700526563199
.mlb.com/ Name: s_getNewRepeat
Value: 1627408457047-New
.mlb.com/ Name: btIdentify
Value: 3501c0db-f6c4-494c-c8d7-10b3f0ff4fe8
.mlb.com/ Name: s_campaign_stack
Value: %5B%5B%27zh-20210727-443722-mlb-1-A%27%2C%271627408457046%27%5D%5D
.mlb.com/ Name: at_check
Value: true
.mlb.com/ Name: _dc_gtm_UA-136513251-1
Value: 1
.mlb.com/ Name: AMCV_A65F776A5245B01B0A490D44%40AdobeOrg
Value: 1687686476%7CMCIDTS%7C18836%7CMCMID%7C18250880675735486232935678700526563199%7CMCAAMLH-1628013256%7C6%7CMCAAMB-1628013256%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1627415656s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18843%7CvVersion%7C3.0.0
www.mlb.com/ Name: kxmlb_visits
Value: 1
.mlb.com/ Name: mboxEdgeCluster
Value: 37
.mlb.com/ Name: __qca
Value: P0-519600153-1627408456689
.mlb.com/ Name: gpv_v48
Value: Major%20League%20Baseball%3A%20Forms%3A%20GEICO%20MLB%20at%20Field%20of%20Dreams%20Experience%20Sweepstakes
.mlb.com/ Name: s_lv_s
Value: First%20Visit
www.mlb.com/ Name: kxmlb_kuid
Value: OQ_9199Q
.mlb.com/ Name: AMCVS_A65F776A5245B01B0A490D44%40AdobeOrg
Value: 1
.mlb.com/ Name: _gcl_au
Value: 1.1.1983334074.1627408457
.mlb.com/ Name: _gid
Value: GA1.2.1422078819.1627408457
.mlb.com/ Name: _ga
Value: GA1.2.1520865501.1627408457
.getpublica.com/ Name: p_uid
Value: 7761a23f-a1b2-48cd-8e6e-746a71e19d38
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
www.mlb.com/ Name: kxmlb_tech
Value: browser%3DChrome%25208%26manufacturer%3DMicrosoft%2520Corporation%26device%3DComputer%26os%3DWindows%252010
www.mlb.com/ Name: __cflb
Value: 02DiuGHoWUaFv3yrwjZG6cqsB4C1ZzbWAoVpFXB7r3EaQ

10 Console Messages

Source Level URL
Text
console-api log URL: https://www.mlbstatic.com/mlb.com/vendor/mlb-okta/mlb-okta.js(Line 13)
Message:
[okta-auth-sdk] WARN: This browser doesn't support localStorage. Switching to sessionStorage.
console-api warning URL: https://www.mlbstatic.com/mlb.com/vendor/mlb-okta/mlb-okta.js(Line 155)
Message:
Client has no id_token, please check type or login.
console-api warning URL: https://www.mlbstatic.com/mlb.com/vendor/mlb-okta/mlb-okta.js(Line 155)
Message:
Client has no id_token, please check type or login.
console-api warning URL: https://www.mlbstatic.com/mlb.com/vendor/mlb-okta/mlb-okta.js(Line 155)
Message:
Client has no id_token, please check type or login.
console-api warning URL: https://www.mlbstatic.com/mlb.com/vendor/mlb-okta/mlb-okta.js(Line 155)
Message:
Client has no id_token, please check type or login.
console-api warning URL: https://www.mlbstatic.com/mlb.com/vendor/mlb-okta/mlb-okta.js(Line 155)
Message:
Client has no id_token, please check type or login.
console-api warning URL: https://www.mlbstatic.com/mlb.com/vendor/mlb-okta/mlb-okta.js(Line 155)
Message:
Client has no id_token, please check type or login.
console-api log URL: https://builds.mlbstatic.com/mlb.com/builds/site-core/1626640049318/dist/scripts/site-desktop.min.js(Line 192)
Message:
site-core: desktop
console-api log URL: https://builds.mlbstatic.com/mlb.com/builds/site-core/1626640049318/dist/scripts/site-desktop.min.js(Line 88)
Message:
AdBlockDetector ::: cors ::: onReady ::: (adBlockEnabled, false)
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072401.js?31062007(Line 6)
Message:
[GPT] Invalid arguments: PubAdsService.refresh([]).

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
acdn.adnxs.com
ads.samba.tv
ads.scorecardresearch.com
ads.stickyadstv.com
amazon.partners.tremorhub.com
analytics.twitter.com
ans.mlb.com
bat.bing.com
beacon.krxd.net
bs.serving-sys.com
builds.mlbstatic.com
c1.adform.net
c2shb.ssp.yahoo.com
cdn.bam-forms.com
cdn.boomtrain.com
cdn.cookielaw.org
cdn.krxd.net
cm.everesttech.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
consumer.krxd.net
dp2.33across.com
dpm.demdex.net
dsum-sec.casalemedia.com
e.mail.mlblists.com
events.api.boomtrain.com
fei.pro-market.net
fonts.gstatic.com
geo.moatads.com
geolocation.onetrust.com
googleads.g.doubleclick.net
ib.adnxs.com
ids.ad.gt
idsync.rlcdn.com
image2.pubmatic.com
image6.pubmatic.com
lciapi.ninthdecimal.com
lm.serving-sys.com
loadus.exelator.com
match.adsrvr.org
mb.moatads.com
mktg.mlbstatic.com
ml314.com
mlb.demdex.net
mlbadvancedmedialp.tt.omtrdc.net
odr.mookie1.com
people.api.boomtrain.com
pi.ispot.tv
pixel.advertising.com
pixel.placed.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
platform.twitter.com
px.moatads.com
px.surveywall-api.survata.com
rb.adnxs.com
rules.quantcount.com
s.amazon-adsystem.com
sb.scorecardresearch.com
sc-static.net
secure.quantserve.com
securepubads.g.doubleclick.net
siteintercept.qualtrics.com
spl.zeotap.com
ssum-sec.casalemedia.com
static.ads-twitter.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.getpublica.com
sync.search.spotxchange.com
sync.taboola.com
sync.targeting.unrulymedia.com
syndication.twitter.com
t.co
t.myvisualiq.net
tags.bluekai.com
token.rubiconproject.com
tr.snapchat.com
uipglob.semasio.net
unpkg.com
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
usersync.getpublica.com
usersync.samplicio.us
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.imdb.com
www.mlb.com
www.mlbstatic.com
x.bidswitch.net
z.moatads.com
znbsk4yipsnfkyadd-mlb.siteintercept.qualtrics.com
px.surveywall-api.survata.com
104.17.209.240
104.244.42.136
104.244.42.197
104.244.42.3
107.22.179.180
13.248.242.197
13.36.218.177
141.226.228.48
142.250.181.226
142.250.186.98
143.204.98.47
143.204.98.67
143.204.98.9
151.101.12.157
151.101.14.132
151.101.14.133
151.101.14.49
18.156.0.31
18.156.195.47
18.158.209.84
18.196.76.242
185.64.189.110
185.64.190.78
185.94.180.126
2.18.232.130
2.18.234.21
2.18.234.233
2.18.235.40
208.100.17.177
212.82.100.182
213.19.147.44
216.58.212.162
23.20.220.17
23.45.99.241
2600:1901:0:8eee::
2600:1f18:612b:4264:a698:31e8:5977:4024
2600:9000:2127:c000:6:44e3:f8c0:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6814:b944
2606:4700:10::6816:1857
2606:4700::6810:7daf
2606:4700::6810:9440
2606:4700::6812:13d
2606:4700::6812:816
2606:4700::6812:b1c
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2620:1ec:c11::200
2a00:1450:4001:800::2003
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:812::2003
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:828::2008
2a00:1450:4001:828::200e
2a00:1450:4001:830::2002
2a00:1450:4001:831::2003
2a00:1450:400c:c08::9d
2a02:26f0:6c00:29b::1767
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
3.223.81.219
3.230.55.171
3.8.243.222
34.192.56.19
34.195.31.102
34.240.223.28
34.247.104.176
34.249.226.229
34.252.133.182
34.253.111.115
34.255.166.243
34.98.64.218
34.98.67.61
35.186.226.184
35.227.248.159
35.244.174.68
37.157.5.142
37.252.167.196
37.252.172.250
52.16.73.168
52.18.150.20
52.35.149.136
52.46.130.91
52.57.10.248
52.59.21.149
54.205.87.49
54.78.254.47
65.9.96.121
65.9.96.18
65.9.96.36
65.9.99.177
66.228.44.10
69.173.144.139
77.243.60.138
96.47.24.171
99.80.93.68
04d8deeb9e7dd172edae9c1a202bf91461d89a973dd243edddb99329cfe99f3c
06b10167b8d0ac41c1b681a2cce2977f08c4bb49f3261d7ff2fce60b0e59f7c0
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0b73a6c9523ac0a35a817516e13c4e96a7908dc0df389f01f8dba5d6c47d21e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c176a0dc795909f449ab7843140e10b962220b2179e09ce6bf1cb9232d2a263
0d17b8a38d3dce6f7357bbc8da105d92c21b6cf1c4b92351ce2b1861b065f2c5
0f1ac330d5dc44156e21d0e76ecd0b9887aebd3e22006a15620025ee91508e77
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11162237c379e6e6e54916ee4eebe4407961b4d37293b71b21868077d1bead0d
112b22efe0bb3f7352a0630068977526d2fbaf36c67a10683a8b2c9e966c1618
1428d6ed5b68065990a4f229bc807a814c955ba2340c9dce006821919b36bf45
17630b57706201a67ca2a0b562b0d97591b6305f799877d26105ae8d5c55ad97
177ea786c7d22b9292f50b776b84a5d951981cc5264fcf51d5781093d34b58e6
1920a269c4dce0f8f38d338c4a47380144922a7d84f92ad4609188cac0f4d8e3
19fb9d0dc218a87c6cf9321f55cc8d9c02b99a5b7c45417e81816ab09d0ddf62
1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1cb4f8ad1c77d76c76fec82ee2bb6ec3709d9d724e09f447327d62cc590aa067
1ebb4e364be58859d03e5b76c143dfc843e7a8f54ff64a533cde8392c4f86d30
213a6116e66c198a32090e09ab965f9565a940285908c6749a2a8ed40e46fc42
2277c6d948d116466cb8a6cbca5bb7bf145f1f5b3fc001dd719019b2968a4c54
25541e3ad240d95792adb5423bc8b6a0e7fe6496b633acfaef57b78a9a6851cc
2797770bdbe2a8d3c7a5fa994715ef1d5429e0f64e56d73e443473723f46b3bc
283258613224359d0a24f0234f6113e6a5888d1ca1c49c9f22783aab0c3713f7
2efe70a51d341e65a49a9441d1eb3cb47213907f07607952fa0ecdfc34563e22
36773a1d1f54c9dd9d88b75a0cd6ca9cdb96394eda71459f99c61d3f0bd30485
3c9c46bb150b2ed41f5dd685ff25b03747e5b29eac72b1baa63a6e54a4a1bccb
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
465da43739de56c09d5f8ec3328be11e9318f53959cc05979d3ab3d0a547a3bb
46c5535aaaddf350b2bf540730e31e6cff715e9ff34f35690a9658d51ab1d3c9
470707f75483b5f7d771528c3a25fef49334afb13468d1e108fadc99c4052b25
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4dddc7c5f2eb0f29016b2a91edd06bc9a9472d9cfc642ef45b91ddb5a6d31175
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
52b400bb4af7cff3dbc0d0c9ca5be3389a6ab84070cd21738dd21166f0be9611
53eb07384a14fcc54efb807581672b793c75cc1bfdc0c6610345051820cd92af
5422e2ccff9cbe54d68ad8a2b908304c6239541e1562896afbb9e5edbf5ac2d1
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55678f28a752ec5ac86e290b2481b8a5e3d7de7460a3f469412147dc224eb32c
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
581c27864594ec355870c8348ca71e04b90b1d54066652ef4c13465fb40b1aed
58789936f057975399b169076f37d04d334ec7016da5726854850acd1147fcfc
590a472817789a9f3788e099e8ffecbd3da4dc37145134ca82cf05dfd5ac98e0
598538b486eef1fc4834f0a88093fc03b26c558e264afc21f5c3c4b2ba209f0c
5ba0bf6ef5c7c5f7d88e23576a710d8b815eb6dca299be64de090197f52c1d17
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
5fe9a677ee3e7fc70a17f214e444f214ab59931e7d045452aa2f8b418e8d1fde
62b7c90e415ede317e4540acdeb0a390ae037d7964261b0e700972561bac3cc1
64043c475d7580abd009a1341505eadc10dbe8e825772cce2a4befde3a6ed5e2
6674aa15377dcc243d09c1cdb2a61f8bbed49ea0561679ab4e4f5cada4435907
6919ef96ba76483f2f0418538556d535e2546873e9822016664088069ca16720
69e019986481b7844b548fe2d1cdc88a58815d0b1b8cbf22bd65fcf17f3458d8
6a6e50ca9bad01e65aaeb0557d9e7b4dc94647aea42fdd2549643aca35a767df
6be4d3fc0cff2b4071c88e709411965095bef4e80fee7000031ab92188f90f5c
6d2b2652cd4f5b0c8ce1b586871e24d54cc134737f50f8ba6a16c469ad9cf5fb
6d54fda040266105163f5ae40902f5c7e6ba17b9923b3c207c1380437006d49f
6e9e8d16e703a71a0020912bb5435e8af2e5b41bbd4661905471f84dfb52e1d3
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
74e7135d5a3970391bcb1f4427827dcfd1cdf0767fe1849720b5992de14e712a
775ec1e70b6655e087249f7306c8ea033c2cc5c52bd1da71339df02160190a38
7802d1f8ca3930a70fc1d688331df9609b9bd226246e9a9a998c1508513e9417
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89773dcc919194843e14879bc301c33cc95196ebaa6206f67ab198b16829f8c6
8c5693d5263a34cbdb98d86327d637d2d9639365c8ccb602f4aba39127cdf3c6
8eb13f1aee1ec1c3a28109dab9170d63b7a100be7cf16cd0e2335a0488886306
8fe99678c053859b50adbbe769aade0011ed6b2349962a9963dcc0b6db162aef
90602ddfa5130edf47241fcde4152d7c7421b881af67ed3d66d0b5d700446c39
91334cdcfe6d4d7383242be8d537d18b4287cc2dd5ed03686da1550601893ab6
91a5614313daa93c80068caa08362704619197368da8d51ae42beffabc11073d
9271da480f41d07eaa124a20dd4bc2dfaf879c17721b61bef9c45d8e6cc837d4
9528e470863e4c719859035f1ceb4d9376571426a39f2dd5e4242dd15222e547
9817291427e84ea6c1d7416b3bb13a4cd5874e2f0cb1a4f7408cea201537cf31
9840fd7c20fb4614a1797f1fcf9613586fb54dac49dbe4b894086aa07555280f
9864936e544a8f85c3390426a1f57c772700cbcdd58443c1c3c41aa1f371e476
98a543740b01df1ff6c5e2aa73f182d3c4e21bf8bcca8be7b5c4cfeb21447373
9d5704f066511df22ddf7ae3e75d8134bd1a672f29db2171b14da43a6f6acb4b
9e6476d34cd2e98e792cb73ef06e99b2c243089b3a7e102465db427ec3d26535
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0ca38e753c57ed8f0d05e0be3ccdbbcf57f37062bcfb672ba1d6c55b8a2ab71
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19
a472a830ceec2f186b4fbbad1a28dffe9fd05f22ea46cfd23a0e09a13311467e
a53ea60fbea6cb1775430998564d5f295aba7d3bfe548a0ba79aa2a049aba839
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
a88e4a6bd86217dd2e1c66f48de97113a7edde01f03d7a9c280b6b05bd0ddaa3
a9041069f46b033c0ecaa1472fd5a12da22f1f5af53fd8a686687540d5586fdd
a92b99b413aa8afe65e9a4943c148fdedab142e7b913dafc52a040d850a5b197
abbe522da85ed66be714773f2945689b595886ca61ff6795b0859bc20b5e61ce
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b50fd02140a8fe66e57eb5c421fc6847a52abfbc7469bc3099a49d1e09ff77fc
b53a8679f64261d270c8e531fe1e2b8e463f3592155dcf4c2dbc5deeab2f3b63
b8214420e8588f91928f45829e9abd8c5ac30df6293a29597b1aa7cc9bc972e0
ba3d77e0be4f968f93a865602a9d4c51631083244a570b7a31690cc9e414a253
bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012
bc7c92f7c11039868a3e8f83ec00f1162a012373bbd1baee429243c67e3fe80e
c0d5f92ef4a58f097c74aedebb9fd1ff4270217d45b75ef7aa6eeded115131da
c1f1aa692b825d69521a724ca0848b337bd4fe57120daf3760a4e2eb12e3653d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c642f5dcd384c686093e4288f7ccd79379c42a9c769d09c9dbd975c72d85365a
c9508331d23c9a20493210e9cd23d29978fc5e599efeffe6e180118885ff4d06
ca1ee0dc0e5a0f848703d0081ba60a12d44b0364da5c3b146985b6fe33f2e994
cad71faf85122d34e94d72122b1c455b00252893cba575bc3dfa42948091c0e9
cee19473c82e9c47aa66ea26b9af407792c4d13c524d29eb18a1768b1b5e8ba5
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1b630c58df61e680d0d972426876e699fe7bd62213e8fbfe0eff11e98885884
d35df4c6ac87e45f7f62b765e4a84f3d53e2c735e077a273b5b57c09d0961069
d550370c35a7b384f0537d1d4fa2094c3b23af4a09c5baaaadccf114b0fa3585
d62e2b78517e495fde3098768fe575b846b4c89ee748caa9cb402e695551b9be
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
dcb9dc30a30ff8cf520ee500709a6b8a5462ea5763d24ad96755f46c81d0853b
dcdc859049b5ebbc3fe18a7650df197555253fb75c0bc6c266d98eb5aab3555e
de88e6994a484608e780dd265637019b67882df89c5728d7b4babb458a9fad66
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
dfeb7783a538aaf85df056bf149c808937dccdb3e3af5714d6fba017054e2f94
e2c2dd8998ad048f07ab750af295741e70b5317cfba49cd7c340826137a3be2b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e69bd5b131c72158357096c1c23deb0aafd96ae29a85a87fe166a0e2ce33ed
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e614b80bf4e26b3c3568c60b2ae65ed06ffc3c69cec05807e2b60b38ef9498c6
e8d501f104482ae28191afc0847fbb789a99d480ec9d36cbd652f488c03d7029
ec61ebbfacad3db9eadb3406dd797c39a29a0d96a4375cb43f9c7c4ef46f78a7
ed4b06b4fbf7117c1910a1480845b4880615606bb4f399cb5df51583889fdc27
edb6f1ba6e05bf7ceac236730c44bbd3bd10dfc3dbe6758e66d297c63358c64a
ee403944cf9c0065eee14f507f8eb887d8e333c8627d7347e137380f46a88938
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f187b8c3553c8e1a3925d8e96e0f2ec42475a20a1a2035235bf908a3172f6231
f1e3d87e5966b1193f8e51bec035a9de6de1c02243deb8f2b9bd280a67715112
f3aa944271577ba2029a9470123e93a8832f05263d69f4a5486215a73f88eda5
f4ac929c740e482a4c62127cbb0b04c9aa48848f6481dcabfd66f7c064abdd47
f8d1384fe847558bc9b4d3ae6f902d694d5ebe3effb2f077f0e58bcb5f96adb4
f94232a3cc2460813a3e6c012dbcd2351cb7bb0acd8e308a4e71d03ad612a209
fa37d96a5c78efb88191c3285d7b5f9d308ac1addce868810f56bffe4b2858ba
fc39d04333adbbbcaee077c62ebe63b975db91869cde6a5bfb7feeed4f200227
fd2e9fa1d895e8cb88fb9ee3562acb6a1b9852158aa4793aa3a742097cc5556e
ffa7754e3ab4ea1c25a90b182d7679d87ded37d05a621e7e05651d6b19e95d7a