URL: https://www.totalrl.com/
Submission: On February 02 via api from US — Scanned from GB

Summary

This website contacted 91 IPs in 12 countries across 68 domains to perform 368 HTTP transactions. The main IP is 5.44.23.147, located in Portsmouth, United Kingdom and belongs to COGECO-PEER1, CA. The main domain is www.totalrl.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on December 31st 2021. Valid for: 3 months.
This is the only time www.totalrl.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
15 5.44.23.147 13768 (COGECO-PEER1)
3 104.111.214.240 16625 (AKAMAI-AS)
4 2a00:1450:400... 15169 (GOOGLE)
28 192.0.77.37 2635 (AUTOMATTIC)
6 2a00:1450:400... 15169 (GOOGLE)
3 192.0.76.3 2635 (AUTOMATTIC)
1 2a00:1450:400... 15169 (GOOGLE)
3 2600:1901:0:3... 15169 (GOOGLE)
21 2a00:1450:400... 15169 (GOOGLE)
27 192.0.77.2 2635 (AUTOMATTIC)
3 52.57.8.134 16509 (AMAZON-02)
7 2a00:1450:400... 15169 (GOOGLE)
3 18.66.122.50 16509 (AMAZON-02)
1 99.86.3.117 16509 (AMAZON-02)
1 2a01:7e01:1::... 63949 (LINODE-AP...)
1 23.32.243.206 16625 (AKAMAI-AS)
9 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 143.204.215.111 16509 (AMAZON-02)
1 65.9.63.17 16509 (AMAZON-02)
2 151.101.193.194 54113 (FASTLY)
5 65.9.71.173 16509 (AMAZON-02)
4 8 2.18.234.21 16625 (AKAMAI-AS)
15 142.250.186.98 15169 (GOOGLE)
1 65.9.63.82 16509 (AMAZON-02)
2 161.35.91.33 14061 (DIGITALOC...)
7 18.66.248.56 16509 (AMAZON-02)
6 2600:9000:205... 16509 (AMAZON-02)
3 54.187.119.242 16509 (AMAZON-02)
5 35.186.236.140 15169 (GOOGLE)
2 99.86.3.103 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 99.86.3.46 16509 (AMAZON-02)
1 143.204.215.76 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 15.197.193.217 16509 (AMAZON-02)
2 34.120.133.55 15169 (GOOGLE)
7 52.30.114.170 16509 (AMAZON-02)
1 23.45.110.243 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
8 35.157.246.167 16509 (AMAZON-02)
2 178.162.133.150 60781 (LEASEWEB-...)
1 4 37.252.173.215 29990 (ASN-APPNEX)
2 99.81.30.72 16509 (AMAZON-02)
2 104.16.68.69 13335 (CLOUDFLAR...)
2 2602:803:c003... 26667 (RUBICONPR...)
2 34.107.148.139 15169 (GOOGLE)
2 18.196.230.57 16509 (AMAZON-02)
2 216.52.2.30 30282 (AS-INAPCD...)
2 204.237.133.116 3257 (GTT-BACKB...)
2 35.158.41.182 16509 (AMAZON-02)
2 54.209.6.173 14618 (AMAZON-AES)
4 134.209.129.254 14061 (DIGITALOC...)
2 23.37.38.181 16625 (AKAMAI-AS)
2 147.75.61.140 54825 (PACKET)
1 34.209.192.116 16509 (AMAZON-02)
12 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:205... 16509 (AMAZON-02)
1 65.9.64.91 16509 (AMAZON-02)
6 2800:3f0:4001... 15169 (GOOGLE)
1 142.250.13.155 15169 (GOOGLE)
2 104.111.232.95 16625 (AKAMAI-AS)
9 35.244.250.22 15169 (GOOGLE)
12 13.35.253.181 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:401... 15169 (GOOGLE)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
5 2a04:4e42:200... 54113 (FASTLY)
1 3 52.211.244.253 16509 (AMAZON-02)
1 1 37.157.2.237 198622 (ADFORM)
1 37.157.2.247 198622 (ADFORM)
1 2a00:1450:400... 15169 (GOOGLE)
1 18.159.247.85 16509 (AMAZON-02)
7 12 172.217.23.98 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:401... 15169 (GOOGLE)
12 2.18.235.40 16625 (AKAMAI-AS)
1 34.250.101.202 16509 (AMAZON-02)
1 15.236.176.210 16509 (AMAZON-02)
1 1 54.154.165.122 16509 (AMAZON-02)
1 3.11.115.229 16509 (AMAZON-02)
1 1 2620:112:f006... 6336 (TURN-US-ASN)
1 2001:678:cb4:... 56396 (AMOBEE)
4 5 3.122.58.191 16509 (AMAZON-02)
2 2 198.47.127.19 3257 (GTT-BACKB...)
2 2 76.223.111.18 16509 (AMAZON-02)
1 2 51.75.86.98 16276 (OVH)
5 104.111.251.57 16625 (AKAMAI-AS)
1 34.120.51.234 15169 (GOOGLE)
2 141.95.3.9 16276 (OVH)
1 1 54.210.154.62 14618 (AMAZON-AES)
2 2 34.243.37.252 16509 (AMAZON-02)
4 184.87.212.24 16625 (AKAMAI-AS)
2 2 18.195.184.255 16509 (AMAZON-02)
2 2 18.156.0.31 16509 (AMAZON-02)
1 1 178.250.0.163 44788 (ASN-CRITE...)
1 1 37.252.172.45 29990 (ASN-APPNEX)
1 178.162.133.149 60781 (LEASEWEB-...)
2 3 198.47.127.18 62713 (AS-PUBMATIC)
2 2 104.36.113.17 62713 (AS-PUBMATIC)
2 2 18.157.231.140 16509 (AMAZON-02)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
368 91
Apex Domain
Subdomains
Transfer
58 wp.com
c0.wp.com — Cisco Umbrella Rank: 7323
stats.wp.com — Cisco Umbrella Rank: 2822
i0.wp.com — Cisco Umbrella Rank: 3215
pixel.wp.com — Cisco Umbrella Rank: 2494
2 MB
34 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 46
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184
stats.g.doubleclick.net — Cisco Umbrella Rank: 96
bid.g.doubleclick.net — Cisco Umbrella Rank: 452
pubads.g.doubleclick.net — Cisco Umbrella Rank: 462
cm.g.doubleclick.net — Cisco Umbrella Rank: 197
218 KB
32 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 100
tpc.googlesyndication.com — Cisco Umbrella Rank: 124
c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com
357 KB
19 gstatic.com
fonts.gstatic.com
www.gstatic.com
csi.gstatic.com
479 KB
16 boltdns.net
cf-images.eu-west-1.prod.boltdns.net — Cisco Umbrella Rank: 19643
manifest.prod.boltdns.net — Cisco Umbrella Rank: 5214
990 KB
15 totalrl.com
www.totalrl.com
201 KB
13 moatads.com
z.moatads.com — Cisco Umbrella Rank: 361
mb.moatads.com — Cisco Umbrella Rank: 561
px.moatads.com — Cisco Umbrella Rank: 391
131 KB
11 4strokemedia.com
fluid.4strokemedia.com — Cisco Umbrella Rank: 117826
cdnb.4strokemedia.com — Cisco Umbrella Rank: 132911
feed.4strokemedia.com — Cisco Umbrella Rank: 128017
347 KB
10 tncid.app
js.tncid.app — Cisco Umbrella Rank: 126989
bd.tncid.app — Cisco Umbrella Rank: 142492
35 KB
10 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 4714
ups.analytics.yahoo.com — Cisco Umbrella Rank: 283
1 KB
10 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47
ajax.googleapis.com — Cisco Umbrella Rank: 293
imasdk.googleapis.com — Cisco Umbrella Rank: 418
487 KB
9 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 459
image6.pubmatic.com — Cisco Umbrella Rank: 595
image8.pubmatic.com — Cisco Umbrella Rank: 609
image2.pubmatic.com — Cisco Umbrella Rank: 1032
3 KB
9 casalemedia.com
as-sec.casalemedia.com — Cisco Umbrella Rank: 1285
htlb.casalemedia.com — Cisco Umbrella Rank: 461
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 590
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 520
6 KB
9 google.com
www.google.com — Cisco Umbrella Rank: 13
adservice.google.com — Cisco Umbrella Rank: 80
39 KB
9 monu.delivery
monu.delivery — Cisco Umbrella Rank: 23783
ipwatch.monu.delivery — Cisco Umbrella Rank: 31614
imps.monu.delivery — Cisco Umbrella Rank: 26873
203 KB
8 mailchimp.com
downloads.mailchimp.com — Cisco Umbrella Rank: 11981
cdn-images.mailchimp.com — Cisco Umbrella Rank: 5534
87 KB
8 gumgum.com
js.gumgum.com — Cisco Umbrella Rank: 5256
g2.gumgum.com — Cisco Umbrella Rank: 1545
rtb.gumgum.com — Cisco Umbrella Rank: 1288
44 KB
7 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1143
q.stripe.com — Cisco Umbrella Rank: 7622
m.stripe.com — Cisco Umbrella Rank: 1086
76 KB
6 media.net
prebid.media.net — Cisco Umbrella Rank: 1360
contextual.media.net — Cisco Umbrella Rank: 516
cs.media.net — Cisco Umbrella Rank: 1922
3 KB
5 skysports.com
videos.skysports.com — Cisco Umbrella Rank: 124910
1 MB
5 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 287
3 KB
5 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 255
gcdn.2mdn.net — Cisco Umbrella Rank: 957
r2---sn-h0jeln7l.c.2mdn.net
2 MB
5 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 241
secure.adnxs.com — Cisco Umbrella Rank: 404
15 KB
5 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 281
41 KB
5 iubenda.com
cdn.iubenda.com — Cisco Umbrella Rank: 11432
www.iubenda.com — Cisco Umbrella Rank: 13801
hits-i.iubenda.com — Cisco Umbrella Rank: 12837
58 KB
4 gvt1.com
redirector.gvt1.com — Cisco Umbrella Rank: 1864
r4---sn-h0jelnes.gvt1.com — Cisco Umbrella Rank: 288893
16 KB
4 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 205
skyit.demdex.net — Cisco Umbrella Rank: 201707
6 KB
4 serverbid.com
e.serverbid.com — Cisco Umbrella Rank: 3054
2 KB
4 s-onetag.com
get.s-onetag.com — Cisco Umbrella Rank: 3723
onetag-geo.s-onetag.com — Cisco Umbrella Rank: 4374
signal-beacon.s-onetag.com — Cisco Umbrella Rank: 4566
18 KB
3 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 1699
sync.go.sonobi.com — Cisco Umbrella Rank: 1044
2 KB
3 google.co.uk
adservice.google.co.uk — Cisco Umbrella Rank: 5034
www.google.co.uk — Cisco Umbrella Rank: 3223
1 KB
3 rlcdn.com
ats.rlcdn.com — Cisco Umbrella Rank: 1554
api.rlcdn.com — Cisco Umbrella Rank: 812
38 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 876
1 KB
2 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 327
626 B
2 avct.cloud
ads.avct.cloud — Cisco Umbrella Rank: 3163
894 B
2 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 596
2 KB
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1056
483 B
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 389
951 B
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 770
r.turn.com — Cisco Umbrella Rank: 3243
869 B
2 adform.net
track.adform.net — Cisco Umbrella Rank: 3933
s2.adform.net — Cisco Umbrella Rank: 5692
29 KB
2 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 497
53 KB
2 condatis.sky
api.condatis.sky — Cisco Umbrella Rank: 32956
746 B
2 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1204
553 B
2 bfmio.com
display.bfmio.com — Cisco Umbrella Rank: 17486
1 KB
2 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1349
227 B
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 690
1 KB
2 emxdgt.com
hb.emxdgt.com — Cisco Umbrella Rank: 1799
317 B
2 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 467
2 KB
2 districtm.io
dmx.districtm.io — Cisco Umbrella Rank: 1407
319 B
2 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 670
449 B
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 329
1 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1218
16 KB
2 fastly.net
confiant-integrations.global.ssl.fastly.net — Cisco Umbrella Rank: 1580
135 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
20 KB
1 dotomi.com
medianet-match.dotomi.com — Cisco Umbrella Rank: 9478
104 B
1 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 691
529 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1187
428 B
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 992
517 B
1 sky.it
smetrics.sky.it — Cisco Umbrella Rank: 174504
514 B
1 clarium.io
protected-by.clarium.io — Cisco Umbrella Rank: 1904
345 B
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 165
38 KB
1 brightcovecdn.com
playback.brightcovecdn.com — Cisco Umbrella Rank: 148813
7 KB
1 list-manage.com
mc.us20.list-manage.com — Cisco Umbrella Rank: 57538
6 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 777
416 B
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 636
13 KB
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 1747
592 B
1 chimpstatic.com
chimpstatic.com — Cisco Umbrella Rank: 5091
1 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
36 KB
368 68
Domain Requested by
28 c0.wp.com www.totalrl.com
27 i0.wp.com www.totalrl.com
20 pagead2.googlesyndication.com www.totalrl.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
srcdoc
tpc.googlesyndication.com
c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com
www.googletagservices.com
15 www.totalrl.com www.totalrl.com
c0.wp.com
12 cm.g.doubleclick.net 7 redirects googleads.g.doubleclick.net
c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com
12 cf-images.eu-west-1.prod.boltdns.net cdnb.4strokemedia.com
10 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
imasdk.googleapis.com
tpc.googlesyndication.com
c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com
www.totalrl.com
9 js.tncid.app cdnb.4strokemedia.com
js.tncid.app
9 fonts.gstatic.com fonts.googleapis.com
www.google.com
8 px.moatads.com c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com
8 c2shb.pubgw.yahoo.com monu.delivery
8 securepubads.g.doubleclick.net monu.delivery
securepubads.g.doubleclick.net
7 downloads.mailchimp.com chimpstatic.com
downloads.mailchimp.com
7 www.google.com www.totalrl.com
www.gstatic.com
www.google.com
tpc.googlesyndication.com
c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com
6 pubads.g.doubleclick.net imasdk.googleapis.com
6 csi.gstatic.com imasdk.googleapis.com
6 cdnb.4strokemedia.com fluid.4strokemedia.com
cdnb.4strokemedia.com
www.totalrl.com
6 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com
www.totalrl.com
5 videos.skysports.com cdnb.4strokemedia.com
5 x.bidswitch.net 4 redirects
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
5 g2.gumgum.com js.gumgum.com
monu.delivery
5 imps.monu.delivery www.totalrl.com
5 c.amazon-adsystem.com monu.delivery
c.amazon-adsystem.com
4 manifest.prod.boltdns.net cdnb.4strokemedia.com
4 z.moatads.com www.totalrl.com
z.moatads.com
c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com
4 e.serverbid.com monu.delivery
4 ib.adnxs.com 1 redirects monu.delivery
googleads.g.doubleclick.net
4 imasdk.googleapis.com cdnb.4strokemedia.com
googleads.g.doubleclick.net
imasdk.googleapis.com
4 www.gstatic.com www.google.com
www.gstatic.com
4 fonts.googleapis.com www.totalrl.com
cdnb.4strokemedia.com
googleads.g.doubleclick.net
3 image8.pubmatic.com 2 redirects
3 r4---sn-h0jelnes.gvt1.com
3 dpm.demdex.net 1 redirects cdnb.4strokemedia.com
3 q.stripe.com www.totalrl.com
3 js.stripe.com www.totalrl.com
js.stripe.com
3 fluid.4strokemedia.com www.totalrl.com
fluid.4strokemedia.com
3 monu.delivery www.totalrl.com
monu.delivery
2 cs.media.net
2 pm.w55c.net 2 redirects
2 image2.pubmatic.com 2 redirects
2 ups.analytics.yahoo.com 2 redirects
2 pixel.advertising.com 2 redirects
2 contextual.media.net
2 ads.avct.cloud 2 redirects
2 rtb.gumgum.com
2 id5-sync.com monu.delivery
2 onetag-sys.com 1 redirects c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com
2 eb2.3lift.com 2 redirects
2 image6.pubmatic.com 2 redirects
2 assets.adobedtm.com cdnb.4strokemedia.com
assets.adobedtm.com
2 r2---sn-h0jeln7l.c.2mdn.net
2 s0.2mdn.net imasdk.googleapis.com
c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com
2 c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com securepubads.g.doubleclick.net
confiant-integrations.global.ssl.fastly.net
2 api.condatis.sky ajax.googleapis.com
2 feed.4strokemedia.com cdnb.4strokemedia.com
2 prebid.a-mo.net monu.delivery
2 htlb.casalemedia.com monu.delivery
2 display.bfmio.com monu.delivery
2 btlr.sharethrough.com monu.delivery
2 hbopenbid.pubmatic.com monu.delivery
2 ap.lijit.com monu.delivery
2 hb.emxdgt.com monu.delivery
2 prebid.media.net monu.delivery
2 fastlane.rubiconproject.com monu.delivery
2 dmx.districtm.io monu.delivery
2 ads.yieldmo.com monu.delivery
2 apex.go.sonobi.com monu.delivery
2 api.rlcdn.com js-sec.indexww.com
monu.delivery
2 match.adsrvr.org js-sec.indexww.com
monu.delivery
2 onetag-geo.s-onetag.com get.s-onetag.com
signal-beacon.s-onetag.com
2 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
2 adservice.google.co.uk pagead2.googlesyndication.com
securepubads.g.doubleclick.net
2 m.stripe.network js.stripe.com
m.stripe.network
2 hits-i.iubenda.com cdn.iubenda.com
2 confiant-integrations.global.ssl.fastly.net monu.delivery
confiant-integrations.global.ssl.fastly.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 stats.wp.com www.totalrl.com
2 ajax.googleapis.com www.totalrl.com
cdnb.4strokemedia.com
2 cdn.iubenda.com www.totalrl.com
cdn.iubenda.com
1 medianet-match.dotomi.com
1 sync.go.sonobi.com
1 secure.adnxs.com 1 redirects
1 dis.criteo.com 1 redirects
1 ssum-sec.casalemedia.com 1 redirects
1 sync.ipredictive.com 1 redirects
1 bd.tncid.app js.tncid.app
1 r.turn.com c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com
1 ad.turn.com 1 redirects
1 mb.moatads.com z.moatads.com
1 cm.everesttech.net 1 redirects
1 smetrics.sky.it assets.adobedtm.com
1 skyit.demdex.net assets.adobedtm.com
1 redirector.gvt1.com 1 redirects
1 protected-by.clarium.io c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com
1 www.googletagservices.com c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com
1 s2.adform.net cdnb.4strokemedia.com
1 track.adform.net 1 redirects
1 playback.brightcovecdn.com cdnb.4strokemedia.com
1 gcdn.2mdn.net 1 redirects
1 bid.g.doubleclick.net imasdk.googleapis.com
1 cdn-images.mailchimp.com www.totalrl.com
1 m.stripe.com m.stripe.network
1 as-sec.casalemedia.com js-sec.indexww.com
1 www.google.co.uk www.totalrl.com
1 mc.us20.list-manage.com downloads.mailchimp.com
1 stats.g.doubleclick.net www.google-analytics.com
1 signal-beacon.s-onetag.com get.s-onetag.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 pixel.wp.com www.totalrl.com
1 get.s-onetag.com monu.delivery
1 js-sec.indexww.com monu.delivery
1 js.gumgum.com monu.delivery
1 geo.privacymanager.io ats.rlcdn.com
1 www.iubenda.com cdn.iubenda.com
1 chimpstatic.com www.totalrl.com
1 ipwatch.monu.delivery monu.delivery
1 ats.rlcdn.com monu.delivery
1 www.googletagmanager.com www.totalrl.com
368 119

This site contains links to these domains. Also see Links.

Domain
www.iubenda.com
twitter.com
www.facebook.com
www.premiersports.com
www.skysports.com
Subject Issuer Validity Valid
totalrl.com
cPanel, Inc. Certification Authority
2021-12-31 -
2022-03-31
3 months crt.sh
www.iubenda.com
DigiCert SHA2 Secure Server CA
2022-01-31 -
2023-01-31
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-01-10 -
2022-04-04
3 months crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA
2020-04-02 -
2022-07-05
2 years crt.sh
*.google-analytics.com
GTS CA 1C3
2021-12-27 -
2022-03-21
3 months crt.sh
*.monu.delivery
Sectigo RSA Domain Validation Secure Server CA
2020-08-18 -
2022-02-11
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-12-27 -
2022-03-21
3 months crt.sh
adx.4strokemedia.com
Amazon
2021-06-03 -
2022-07-02
a year crt.sh
www.google.com
GTS CA 1C3
2021-12-27 -
2022-03-21
3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA
2022-01-26 -
2022-05-04
3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2021-02-25 -
2022-03-28
a year crt.sh
wildcardsan.us15.list-manage.com
DigiCert SHA2 Secure Server CA
2021-11-19 -
2022-11-19
a year crt.sh
*.gstatic.com
GTS CA 1C3
2021-12-27 -
2022-03-21
3 months crt.sh
*.privacymanager.io
Amazon
2021-09-25 -
2022-10-24
a year crt.sh
*.gumgum.com
Amazon
2021-10-15 -
2022-11-12
a year crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2020
2021-04-27 -
2022-05-29
a year crt.sh
c.amazon-adsystem.com
Amazon
2021-07-06 -
2022-06-27
a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018
2021-12-12 -
2022-12-13
a year crt.sh
*.s-onetag.com
Amazon
2022-01-04 -
2023-02-01
a year crt.sh
*.iubenda.com
Sectigo RSA Domain Validation Secure Server CA
2022-01-14 -
2023-02-14
a year crt.sh
downloads.mailchimp.com
Amazon
2021-07-21 -
2022-08-19
a year crt.sh
cdnb.4strokemedia.com
Amazon
2022-01-13 -
2023-02-11
a year crt.sh
*.stripe.com
DigiCert SHA2 Secure Server CA
2021-09-08 -
2022-09-07
a year crt.sh
imps.monu.delivery
GTS CA 1D4
2021-12-18 -
2022-03-18
3 months crt.sh
*.google.com
GTS CA 1C3
2021-12-27 -
2022-03-21
3 months crt.sh
*.google.co.uk
GTS CA 1C3
2021-12-27 -
2022-03-21
3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2021-03-18 -
2022-04-19
a year crt.sh
wildcardsan.list-manage.com
DigiCert SHA2 Secure Server CA
2021-09-27 -
2022-09-27
a year crt.sh
www.google.co.uk
GTS CA 1C3
2021-12-27 -
2022-03-21
3 months crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2021-10-14 -
2022-04-06
6 months crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2
2021-12-08 -
2023-01-09
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2021-03-05 -
2022-02-19
a year crt.sh
*.yieldmo.com
Amazon
2021-05-25 -
2022-06-23
a year crt.sh
districtm.io
Cloudflare Inc ECC CA-3
2021-06-02 -
2022-06-01
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2021-03-30 -
2022-04-04
a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA
2021-04-12 -
2022-05-05
a year crt.sh
*.emxdgt.com
Amazon
2021-07-02 -
2022-07-31
a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2
2021-03-11 -
2022-04-12
a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2021-08-04 -
2022-09-04
a year crt.sh
*.sharethrough.com
Amazon
2021-08-13 -
2022-09-11
a year crt.sh
*.bfmio.com
Amazon
2021-04-23 -
2022-05-22
a year crt.sh
e.serverbid.com
R3
2022-01-17 -
2022-04-17
3 months crt.sh
*.a-mo.net
R3
2021-12-20 -
2022-03-20
3 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1
2022-01-11 -
2022-05-04
4 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2021-12-27 -
2022-03-21
3 months crt.sh
*.4strokemedia.com
Amazon
2021-04-25 -
2022-05-24
a year crt.sh
cdn-images.mailchimp.com
Amazon
2021-07-21 -
2022-08-19
a year crt.sh
api.condatis.sky
DigiCert SHA2 Secure Server CA
2021-08-24 -
2022-08-24
a year crt.sh
js.tncid.app
GTS CA 1D4
2022-01-02 -
2022-04-02
3 months crt.sh
*.prod.boltdns.net
Amazon
2021-11-18 -
2022-12-17
a year crt.sh
*.doubleclick.net
GTS CA 1C3
2022-01-10 -
2022-04-04
3 months crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1
2021-09-10 -
2022-09-10
a year crt.sh
*.adapter.ooyala.com
GlobalSign Atlas R3 DV TLS CA 2020
2021-05-13 -
2022-06-14
a year crt.sh
*.c.docs.google.com
GTS CA 1C3
2022-01-25 -
2022-04-05
2 months crt.sh
protected-by.clarium.io
Gandi Standard SSL CA 2
2020-04-03 -
2022-04-26
2 years crt.sh
moatads.com
DigiCert SHA2 Secure Server CA
2021-11-27 -
2022-11-29
a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1
2021-10-19 -
2022-11-19
a year crt.sh
smetrics.sky.it
DigiCert TLS RSA SHA256 2020 CA1
2021-04-13 -
2022-05-14
a year crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1
2021-05-25 -
2022-06-25
a year crt.sh
www.skysports.com
DigiCert SHA2 Secure Server CA
2021-10-01 -
2022-10-01
a year crt.sh
bd.tncid.app
GTS CA 1D4
2021-12-20 -
2022-03-20
3 months crt.sh
*.id5-sync.com
R3
2021-12-20 -
2022-03-20
3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2020-04-23 -
2022-05-04
2 years crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018
2021-08-10 -
2022-09-11
a year crt.sh

This page contains 25 frames:

Primary Page: https://www.totalrl.com/
Frame ID: C7A43BCE0B24D845D356B946CC2023F4
Requests: 235 HTTP requests in this frame

Frame: https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.html
Frame ID: 03A14022F75EC3C90023D59D2F4D74BE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220131/r20190131/zrt_lookup.html
Frame ID: 4625C4CA8A893A3B7FB583BFB704744B
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-08a1fefa46cfc8cc94fc477ddcdb0555.html
Frame ID: C3ADB8479E20F292A3C2D818B424C43A
Requests: 3 HTTP requests in this frame

Frame: https://cdnb.4strokemedia.com/carousel/v4/carousel.min.js
Frame ID: EA809C67219BE0D9E9B3F53F40ABB41A
Requests: 16 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfm3oIUAAAAAKkd1Pvuo7oga7904JqI2XssiyRU&co=aHR0cHM6Ly93d3cudG90YWxybC5jb206NDQz&hl=en&v=dPctOHA2ifhWm5WzFM_B5TjT&size=invisible&cb=mke76natqopm
Frame ID: 0350C53AA7B028863FF1FD61C1E335F3
Requests: 8 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 83B21F85D7EAA7979DCC994ADD1B46D9
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4705059117442027&output=html&adk=708909399&adf=3265821210&lmt=1643812415&plat=1%3A16777216%2C2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.totalrl.com%2F&ea=0&flash=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643812414931&bpp=4&bdt=949&idt=317&shv=r20220131&mjsv=m202201250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2633743878419&frm=20&pv=2&ga_vid=595393601.1643812415&ga_sid=1643812415&ga_hid=1187097879&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C31064677&oid=2&pvsid=3287223837664&pem=958&tmod=1551199038&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=336
Frame ID: 5FA5BD4F210252802B442A0DD475E3EB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4705059117442027&output=html&h=280&slotname=2668966041&adk=1628465507&adf=10553288&pi=t.ma~as.2668966041&w=655&fwrn=4&fwrnh=100&lmt=1643812415&rafmt=1&psa=0&format=655x280&url=https%3A%2F%2Fwww.totalrl.com%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643812414935&bpp=11&bdt=953&idt=339&shv=r20220131&mjsv=m202201250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2633743878419&frm=20&pv=1&ga_vid=595393601.1643812415&ga_sid=1643812415&ga_hid=1187097879&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=186&ady=2165&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C31064677&oid=2&pvsid=3287223837664&pem=958&tmod=1551199038&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=4BWeu2OjFf&p=https%3A//www.totalrl.com&dtd=344
Frame ID: 0DAF324C45E35FABBDBE3457D0BD96D2
Requests: 17 HTTP requests in this frame

Frame: https://downloads.mailchimp.com/css/signup-forms/popup/dad5257e8784c6cb4633ebbf068517135d2e0d05/common.css
Frame ID: B45DC9020D1BC6DCF3FDD6113631A689
Requests: 2 HTTP requests in this frame

Frame: https://downloads.mailchimp.com/css/signup-forms/popup/dad5257e8784c6cb4633ebbf068517135d2e0d05/common.css
Frame ID: EB9934241B135CFB134B197391A761FA
Requests: 3 HTTP requests in this frame

Frame: https://cdnb.4strokemedia.com/adobe2.htm
Frame ID: CB85A8FF3B94B3A6C75DE20EA71687F1
Requests: 7 HTTP requests in this frame

Frame: https://c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: ED814B23E31D0F0EF34E471FDC7926EE
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Frame ID: 24FC936879B7812B7D45E002948017D8
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: D37B99D5ADE52A3065217840FCC37913
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: D39FC71409C61DDA557B575EAE200387
Requests: 3 HTTP requests in this frame

Frame: https://js.tncid.app/cacheid.html
Frame ID: 7EE3D7793C3E0C2591F2E5A2D2803247
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 488FCBA67E00706E13011EB567B01D96
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8DEF155F64B440A9AAA4DCD74A2134C6
Requests: 2 HTTP requests in this frame

Frame: https://c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3A16F1BAC68FB9BEB8E7629E76574EBD
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjepwIQtJmtAhj-j7p4MAE&v=APEucNXdZFxncfbLn2k7Gz-XV5IGN14Mr7JoYIkxDwdUAY8cWta6RVZmXSV0s3HWMuNF-bG2juLgdaFE-dW8pWoWf1EzXxaqT1qjlkWILsVT2DupGkr9fbkIBLTUKPSwGcJgaO24HTGfGk1dWTQ9UG4uAkeCedFvRRK2HI7SRZZRHVTKNY0BiTQ
Frame ID: AC775603B7CB570776FDB53B7E57D9E8
Requests: 5 HTTP requests in this frame

Frame: https://skyit.demdex.net/dest5.html?d_nsid=0
Frame ID: F7EA95387DD9460AC853F2F7F1387996
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 15ADF5F875C5FF124790611B2E13B99E
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 36C4DA33E47314BD41513CB0E4CB426B
Requests: 9 HTTP requests in this frame

Frame: https://z.moatads.com/fallback/ad.js
Frame ID: 996CAF5EFCBCC57F6ED0BAC7377199A8
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

TotalRL.com | Rugby League Express | Rugby League World

Detected technologies

Overall confidence: 100%
Detected patterns
  • /woocommerce(?:\.min)?\.js(?:\?ver=([0-9.]+))?

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • iubenda\.com/cookie-solution/confs/js/

Overall confidence: 100%
Detected patterns
  • chimpstatic\.com/mcjs-connected

Overall confidence: 100%
Detected patterns
  • moatads\.com

Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

368
Requests

93 %
HTTPS

29 %
IPv6

68
Domains

119
Subdomains

91
IPs

12
Countries

9137 kB
Transfer

16618 kB
Size

79
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 254
  • https://gcdn.2mdn.net/videoplayback/id/02e0aeb5f1637a1f/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3786858446/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/14BE30BC01CE272399E35466CDEFCA881AD184B8.B77CDA9E6A62392B814893B5EB771D35A9C49BD0/key/ck2/file/file.mp4 HTTP 302
  • https://r2---sn-h0jeln7l.c.2mdn.net/videoplayback/id/02e0aeb5f1637a1f/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3786858446/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/6A65921466D7EF8A3A5060A4CEE4F4087EA9EE40.4723F1C0CB853E409DB38527C3B6010D77B75D10/key/cms1/cms_redirect/yes/mh/EH/mip/2a01:4a0:2c::10/mm/42/mn/sn-h0jeln7l/ms/onc/mt/1643812161/mv/u/mvi/2/pl/48/file/file.mp4
Request Chain 271
  • https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=1A124673527853290A490D45%40AdobeOrg&d_nsid=0&ts=1643812417105 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=1A124673527853290A490D45%40AdobeOrg&d_nsid=0&ts=1643812417105
Request Chain 273
  • https://track.adform.net/serving/scripts/trackpoint/async/ HTTP 301
  • https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Request Chain 290
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECrOu4Tb_qjeGjJ16Re_ys8&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECrOu4Tb_qjeGjJ16Re_ys8&google_cver=1&C=1
Request Chain 291
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YfqWQYRUodm3ZrwEjRCWFwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECrOu4Tb_qjeGjJ16Re_ys8&google_cver=1
Request Chain 292
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGJPp1Cm_wJIoRhg2ZkAfoI&google_cver=1
Request Chain 293
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzA2ODkxOTEyMTYzMDQ1MTE3OA%3D%3D
Request Chain 294
  • https://redirector.gvt1.com/videoplayback/id/e614b1d5bd2cf9d0/itag/44/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1643834017/sparams/ip,ipbits,expire,id,itag,source,requiressl,acao,mime,ctier/signature/16068419FFAB352782B9C1B5FEFBE34BEB544619.A9FD4346AEB9810FBC6FE2A4E8B406F80741677C/key/ck2/file/file.webm HTTP 302
  • https://r4---sn-h0jelnes.gvt1.com/videoplayback/id/e614b1d5bd2cf9d0/itag/44/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1643834017/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,requiressl,source/signature/3CD7011036201A15EA27821445A9F048ED55875D.3962C977F9E5742DAB0EAB31CD09AA4D43420D7E/key/cms1/cms_redirect/yes/mh/_z/mip/2a01:4a0:2c::10/mm/28/mn/sn-h0jelnes/ms/nvh/mt/1643811671/mv/u/mvi/4/pl/48/file/file.webm
Request Chain 298
  • https://cm.everesttech.net/cm/dd?d_uuid=21736693000665342020065033899279355244 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YfqWQQAAAKIJ1gP0
Request Chain 312
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEMqE180UHbKtcUswxmtdVoA&google_cver=1&google_push=AYg5qPKJ0HLb4c5_YG5EGKRMgwXWqr2YKVfjHkWeT3aYWuW4QRMkvtAwX6SfwqirK4nnF02zjER-9a7mwS94R7CuNqj156CowGg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzE3MzQwOTQ1NTM2MTM2OTA4OA==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJoqAuPE2sVQO8T0DyDrUQc&google_cver=1
Request Chain 313
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJ_khhgP78f0VQnoQXKJGLs&google_cver=1&google_push=AYg5qPLcuCyupu4d5AwmSnCCNa404Fk9veJR98FVJogynyMsOPiOcy21-gYXnMnX21PRd4-WrEwjuWIdWgCFQnvLojStUzq-6Q HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEJ_khhgP78f0VQnoQXKJGLs&google_cver=1&google_push=AYg5qPLcuCyupu4d5AwmSnCCNa404Fk9veJR98FVJogynyMsOPiOcy21-gYXnMnX21PRd4-WrEwjuWIdWgCFQnvLojStUzq-6Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPLcuCyupu4d5AwmSnCCNa404Fk9veJR98FVJogynyMsOPiOcy21-gYXnMnX21PRd4-WrEwjuWIdWgCFQnvLojStUzq-6Q&google_hm=tbzUJioLQEiF2Ak_Rjt2OQ==
Request Chain 315
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMygtt7Dmz5obUdXrmtqHa4&google_cver=1&google_push=AYg5qPKuc7H-qQu-MXJ-wYXW3THjOnm5Mpqnu_bgq1u16LdcMiYbU9TOtxux4DJjqszD9CFis-pqOi230-bZ9J_8QQUI50FxMdA HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMygtt7Dmz5obUdXrmtqHa4&google_cver=1&google_push=AYg5qPKuc7H-qQu-MXJ-wYXW3THjOnm5Mpqnu_bgq1u16LdcMiYbU9TOtxux4DJjqszD9CFis-pqOi230-bZ9J_8QQUI50FxMdA&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=XQWfrO8qQ9eWopRub3HoYA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKuc7H-qQu-MXJ-wYXW3THjOnm5Mpqnu_bgq1u16LdcMiYbU9TOtxux4DJjqszD9CFis-pqOi230-bZ9J_8QQUI50FxMdA
Request Chain 316
  • https://match.360yield.com/match/ebda?google_gid=CAESEMLoRs4JWU4ojxu1fzF47Yk&google_cver=1&google_push=AYg5qPJUShcpGd6EMX_RNBnQLvGL5JYabbRhTzGEfkCosywXQqytjbtaaqBoZRUCEmwzxtLg1JdYZtFuXxsIWh62e_j6023_kk0 HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEMLoRs4JWU4ojxu1fzF47Yk&google_cver=1&google_push=AYg5qPJUShcpGd6EMX_RNBnQLvGL5JYabbRhTzGEfkCosywXQqytjbtaaqBoZRUCEmwzxtLg1JdYZtFuXxsIWh62e_j6023_kk0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=8P6qEasKRGG-WLPVqqds2Q&google_push=AYg5qPJUShcpGd6EMX_RNBnQLvGL5JYabbRhTzGEfkCosywXQqytjbtaaqBoZRUCEmwzxtLg1JdYZtFuXxsIWh62e_j6023_kk0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=8P6qEasKRGG-WLPVqqds2Q&google_push=AYg5qPJUShcpGd6EMX_RNBnQLvGL5JYabbRhTzGEfkCosywXQqytjbtaaqBoZRUCEmwzxtLg1JdYZtFuXxsIWh62e_j6023_kk0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=8P6qEasKRGG-WLPVqqds2Q&google_push=AYg5qPJUShcpGd6EMX_RNBnQLvGL5JYabbRhTzGEfkCosywXQqytjbtaaqBoZRUCEmwzxtLg1JdYZtFuXxsIWh62e_j6023_kk0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=8P6qEasKRGG-WLPVqqds2Q&google_push=AYg5qPJUShcpGd6EMX_RNBnQLvGL5JYabbRhTzGEfkCosywXQqytjbtaaqBoZRUCEmwzxtLg1JdYZtFuXxsIWh62e_j6023_kk0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=8P6qEasKRGG-WLPVqqds2Q&google_push=AYg5qPJUShcpGd6EMX_RNBnQLvGL5JYabbRhTzGEfkCosywXQqytjbtaaqBoZRUCEmwzxtLg1JdYZtFuXxsIWh62e_j6023_kk0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=8P6qEasKRGG-WLPVqqds2Q&google_push=AYg5qPJUShcpGd6EMX_RNBnQLvGL5JYabbRhTzGEfkCosywXQqytjbtaaqBoZRUCEmwzxtLg1JdYZtFuXxsIWh62e_j6023_kk0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=8P6qEasKRGG-WLPVqqds2Q&google_push=AYg5qPJUShcpGd6EMX_RNBnQLvGL5JYabbRhTzGEfkCosywXQqytjbtaaqBoZRUCEmwzxtLg1JdYZtFuXxsIWh62e_j6023_kk0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=8P6qEasKRGG-WLPVqqds2Q&google_push=AYg5qPJUShcpGd6EMX_RNBnQLvGL5JYabbRhTzGEfkCosywXQqytjbtaaqBoZRUCEmwzxtLg1JdYZtFuXxsIWh62e_j6023_kk0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=8P6qEasKRGG-WLPVqqds2Q&google_push=AYg5qPJUShcpGd6EMX_RNBnQLvGL5JYabbRhTzGEfkCosywXQqytjbtaaqBoZRUCEmwzxtLg1JdYZtFuXxsIWh62e_j6023_kk0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=8P6qEasKRGG-WLPVqqds2Q&google_push=AYg5qPJUShcpGd6EMX_RNBnQLvGL5JYabbRhTzGEfkCosywXQqytjbtaaqBoZRUCEmwzxtLg1JdYZtFuXxsIWh62e_j6023_kk0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=8P6qEasKRGG-WLPVqqds2Q&google_push=AYg5qPJUShcpGd6EMX_RNBnQLvGL5JYabbRhTzGEfkCosywXQqytjbtaaqBoZRUCEmwzxtLg1JdYZtFuXxsIWh62e_j6023_kk0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=8P6qEasKRGG-WLPVqqds2Q&google_push=AYg5qPJUShcpGd6EMX_RNBnQLvGL5JYabbRhTzGEfkCosywXQqytjbtaaqBoZRUCEmwzxtLg1JdYZtFuXxsIWh62e_j6023_kk0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=8P6qEasKRGG-WLPVqqds2Q&google_push=AYg5qPJUShcpGd6EMX_RNBnQLvGL5JYabbRhTzGEfkCosywXQqytjbtaaqBoZRUCEmwzxtLg1JdYZtFuXxsIWh62e_j6023_kk0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=8P6qEasKRGG-WLPVqqds2Q&google_push=AYg5qPJUShcpGd6EMX_RNBnQLvGL5JYabbRhTzGEfkCosywXQqytjbtaaqBoZRUCEmwzxtLg1JdYZtFuXxsIWh62e_j6023_kk0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=8P6qEasKRGG-WLPVqqds2Q&google_push=AYg5qPJUShcpGd6EMX_RNBnQLvGL5JYabbRhTzGEfkCosywXQqytjbtaaqBoZRUCEmwzxtLg1JdYZtFuXxsIWh62e_j6023_kk0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=8P6qEasKRGG-WLPVqqds2Q&google_push=AYg5qPJUShcpGd6EMX_RNBnQLvGL5JYabbRhTzGEfkCosywXQqytjbtaaqBoZRUCEmwzxtLg1JdYZtFuXxsIWh62e_j6023_kk0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=8P6qEasKRGG-WLPVqqds2Q&google_push=AYg5qPJUShcpGd6EMX_RNBnQLvGL5JYabbRhTzGEfkCosywXQqytjbtaaqBoZRUCEmwzxtLg1JdYZtFuXxsIWh62e_j6023_kk0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=8P6qEasKRGG-WLPVqqds2Q&google_push=AYg5qPJUShcpGd6EMX_RNBnQLvGL5JYabbRhTzGEfkCosywXQqytjbtaaqBoZRUCEmwzxtLg1JdYZtFuXxsIWh62e_j6023_kk0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=8P6qEasKRGG-WLPVqqds2Q&google_push=AYg5qPJUShcpGd6EMX_RNBnQLvGL5JYabbRhTzGEfkCosywXQqytjbtaaqBoZRUCEmwzxtLg1JdYZtFuXxsIWh62e_j6023_kk0
Request Chain 317
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEMa5r1BmL4-n5BSPHGZApdE&google_cver=1&google_push=AYg5qPKjN0thI6_A17JW1PRk1IZHcYJr1CbTy3YSd9qmSgfbJz4IiuwkG0MEMsALCIkJkeSzR6WJQMEfo-xg3wW03YmLKwfeyN0 HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPKjN0thI6_A17JW1PRk1IZHcYJr1CbTy3YSd9qmSgfbJz4IiuwkG0MEMsALCIkJkeSzR6WJQMEfo-xg3wW03YmLKwfeyN0&google_gid=CAESEMa5r1BmL4-n5BSPHGZApdE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTY4MDYzMjI1OTQ2MTY0MDg4NjY1NA%3D%3D&google_push=AYg5qPKjN0thI6_A17JW1PRk1IZHcYJr1CbTy3YSd9qmSgfbJz4IiuwkG0MEMsALCIkJkeSzR6WJQMEfo-xg3wW03YmLKwfeyN0
Request Chain 318
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESENj6IbkS_do1p9GIqU6y23U&google_cver=1&google_push=AYg5qPIiG_m09tNwg0f1kgHro6QpEaSiH-Ct2QKeoCL82KEtE53sAjGz_XAJLK1rhGFTGVaMPuvmHXbLw6c524vaSZ7SZmf7ByOF HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AYg5qPIiG_m09tNwg0f1kgHro6QpEaSiH-Ct2QKeoCL82KEtE53sAjGz_XAJLK1rhGFTGVaMPuvmHXbLw6c524vaSZ7SZmf7ByOF HTTP 302
  • https://onetag-sys.com/sync/i,19/?google_error=5
Request Chain 349
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=vnt&i=1d5510e0-8435-11ec-a6ce-4582b9d74417
Request Chain 350
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&gdpr_pd=1 HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dmedianet HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dmedianet HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=92abe6c2-9be2-4d96-b08f-571c8fb1e27a&ssp=medianet HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=b5bcd426-2a0b-4048-85d8-093f463b7639&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 351
  • https://pixel.advertising.com/ups/56621/occ HTTP 302
  • https://pixel.advertising.com/ups/56621/occ?verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP1d0f07a1-8435-11ec-b9b5-0213114c0708 HTTP 302
  • https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP1d0f07a1-8435-11ec-b9b5-0213114c0708&verify=true HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP1d0f07a1-8435-11ec-b9b5-0213114c0708
Request Chain 352
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26a%3Dtrue%26userId%3D HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&a=true&userId=YfqWQYRUodm3ZrwEjRCWJAAA%26319
Request Chain 354
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=1189342d-e72a-4afa-8d01-0dbbb7410791
Request Chain 356
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://rtb.gumgum.com/usersync?b=apn&i=3068919121630451178
Request Chain 358
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156972 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NUQwNTlGQUMtRUYyQS00M0Q3LTk2QTItOTQ2RTZGNzFFODYw&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEP3QrMZQzH-SXzHzrPD2fSc&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 359
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Ddxu%26ovsid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Ddxu%26ovsid%3D_wfivefivec_ HTTP 302
  • https://cs.media.net/cksync.php?cs=8&type=dxu&ovsid=HcNfqIU31NfgHx5

368 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.totalrl.com/
168 KB
25 KB
Document
General
Full URL
https://www.totalrl.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.44.23.147 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
server.leaguepublications.co.uk
Software
Apache /
Resource Hash
16b7151c309a42d06e006110e17a6b6da40d713f98950a3b371a87224b66a56b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9

Response headers

Date
Wed, 02 Feb 2022 14:33:32 GMT
Server
Apache
Link
<https://www.totalrl.com/wp-json/>; rel="https://api.w.org/", <https://www.totalrl.com/wp-json/wp/v2/pages/2802348>; rel="alternate"; type="application/json", <https://wp.me/P9BJeW-bL1a>; rel=shortlink
Cache-Control
private, must-revalidate
Expires
Wed, 02 Feb 2022 16:33:32 GMT
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
Content-Length
25326
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
iubenda_cs.js
cdn.iubenda.com/cs/
591 B
562 B
Script
General
Full URL
https://cdn.iubenda.com/cs/iubenda_cs.js
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.214.240 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-214-240.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2b91370e789086e60b5b8b97843078053e709be24dd2eaea8d135a5a3eacf058

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 14:33:34 GMT
content-encoding
br
last-modified
Wed, 02 Feb 2022 08:51:51 GMT
etag
"61fa4627-133"
p3p
CP="DSP NOI COR", policyref="http://www.iubenda.com/w3c/p3p.xml"
access-control-allow-origin
*
cache-control
public, must-revalidate, proxy-revalidate, max-age=10800
content-type
application/javascript
content-length
307
expires
Wed, 02 Feb 2022 17:33:34 GMT
css
fonts.googleapis.com/
10 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Playfair+Display:400,400i,700,700i|Domine:400,700|Oswald:400,700|Patua+One
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a0c2ad1c8ca6305bbc61243360d2cab13ec3bffd6ad915b07a83952f14a7a2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 02 Feb 2022 14:33:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 02 Feb 2022 14:33:34 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 02 Feb 2022 14:33:34 GMT
css
fonts.googleapis.com/
19 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700,700i|Roboto+Condensed:400,400i,700,700i
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
13fe424f0269038ee50e77d5d3ba2e31746e9444081365ba8d623506d7c154aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 02 Feb 2022 14:33:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 02 Feb 2022 14:33:34 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 02 Feb 2022 14:33:34 GMT
style.min.css
c0.wp.com/c/5.8.3/wp-includes/css/dist/block-library/
79 KB
10 KB
Stylesheet
General
Full URL
https://c0.wp.com/c/5.8.3/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT lhr 1
date
Wed, 02 Feb 2022 14:33:34 GMT
content-encoding
br
last-modified
Wed, 01 Sep 2021 04:05:58 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Thu, 02 Feb 2023 14:33:34 GMT
mediaelementplayer-legacy.min.css
c0.wp.com/c/5.8.3/wp-includes/js/mediaelement/
11 KB
2 KB
Stylesheet
General
Full URL
https://c0.wp.com/c/5.8.3/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT lhr 1
date
Wed, 02 Feb 2022 14:33:34 GMT
content-encoding
br
last-modified
Tue, 29 Sep 2020 15:53:06 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Thu, 02 Feb 2023 14:33:34 GMT
wp-mediaelement.min.css
c0.wp.com/c/5.8.3/wp-includes/js/mediaelement/
4 KB
1 KB
Stylesheet
General
Full URL
https://c0.wp.com/c/5.8.3/wp-includes/js/mediaelement/wp-mediaelement.min.css
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT lhr 1
date
Wed, 02 Feb 2022 14:33:34 GMT
content-encoding
br
last-modified
Fri, 07 Jun 2019 20:45:02 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Thu, 02 Feb 2023 14:33:34 GMT
wc-blocks-vendors-style.css
c0.wp.com/p/woocommerce/6.1.1/packages/woocommerce-blocks/build/
5 KB
1 KB
Stylesheet
General
Full URL
https://c0.wp.com/p/woocommerce/6.1.1/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
7fcaa4d432eb8627f0ab7efdc3ce11a4e593f29443fc6bb1888f4955c55f868b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT lhr 1
date
Wed, 02 Feb 2022 14:33:34 GMT
content-encoding
br
last-modified
Tue, 24 Aug 2021 20:39:36 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Thu, 02 Feb 2023 14:33:34 GMT
wc-blocks-style.css
c0.wp.com/p/woocommerce/6.1.1/packages/woocommerce-blocks/build/
193 KB
19 KB
Stylesheet
General
Full URL
https://c0.wp.com/p/woocommerce/6.1.1/packages/woocommerce-blocks/build/wc-blocks-style.css
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
41ac98831a8184099454864cc91dd7ec13a196dc0134aa631b4fdc58307c7fb9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT lhr 1
date
Wed, 02 Feb 2022 14:33:34 GMT
content-encoding
br
last-modified
Tue, 21 Dec 2021 19:24:57 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Thu, 02 Feb 2023 14:33:34 GMT
wpo-minify-header-9c790ecf.min.css
www.totalrl.com/wp-content/cache/wpo-minify/1643046242/assets/
2 KB
1 KB
Stylesheet
General
Full URL
https://www.totalrl.com/wp-content/cache/wpo-minify/1643046242/assets/wpo-minify-header-9c790ecf.min.css
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.44.23.147 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
server.leaguepublications.co.uk
Software
Apache /
Resource Hash
01ef6ebd6eb1681f764ebaaca655e0fb590967176f2df5b3fd9e67e1bd525ebe

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 14:33:34 GMT
Content-Encoding
gzip
Last-Modified
Mon, 24 Jan 2022 17:44:06 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Cache-Control
public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
854
Expires
Wed, 02 Feb 2022 16:33:34 GMT
jquery-ui.min.css
ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/themes/ui-lightness/
29 KB
8 KB
Stylesheet
General
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/themes/ui-lightness/jquery-ui.min.css
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
550ceb9559bb4237527909ff21e719804f6b9df337f741f756821c0c9963392b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 12:01:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
527527
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7490
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Jan 2023 12:01:27 GMT
wpo-minify-header-e58210a9.min.css
www.totalrl.com/wp-content/cache/wpo-minify/1643046242/assets/
648 B
693 B
Stylesheet
General
Full URL
https://www.totalrl.com/wp-content/cache/wpo-minify/1643046242/assets/wpo-minify-header-e58210a9.min.css
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.44.23.147 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
server.leaguepublications.co.uk
Software
Apache /
Resource Hash
5ecd74fe5c5171b7ab7f31b3fa784739b88dd4616f517dc794cb480a42a9e104

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 14:33:34 GMT
Content-Encoding
gzip
Last-Modified
Mon, 24 Jan 2022 17:44:06 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Cache-Control
public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
332
Expires
Wed, 02 Feb 2022 16:33:34 GMT
woocommerce-layout.css
c0.wp.com/p/woocommerce/6.1.1/assets/css/
17 KB
2 KB
Stylesheet
General
Full URL
https://c0.wp.com/p/woocommerce/6.1.1/assets/css/woocommerce-layout.css
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
dd18a408a35aa5d393458657eb24fb56ab754ece3f88bd78a038e5793d3f6991
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT lhr 1
date
Wed, 02 Feb 2022 14:33:34 GMT
content-encoding
br
last-modified
Tue, 21 Dec 2021 19:24:57 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Thu, 02 Feb 2023 14:33:34 GMT
woocommerce.css
c0.wp.com/p/woocommerce/6.1.1/assets/css/
61 KB
8 KB
Stylesheet
General
Full URL
https://c0.wp.com/p/woocommerce/6.1.1/assets/css/woocommerce.css
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
d3322ccb3912f7a9485eb1d75971fd5e1eb49c6575ff5ad985fb5496333e8c8b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT lhr 1
date
Wed, 02 Feb 2022 14:33:34 GMT
content-encoding
br
last-modified
Tue, 21 Dec 2021 19:24:57 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Thu, 02 Feb 2023 14:33:34 GMT
wpo-minify-header-48f028e6.min.css
www.totalrl.com/wp-content/cache/wpo-minify/1643046242/assets/
307 KB
40 KB
Stylesheet
General
Full URL
https://www.totalrl.com/wp-content/cache/wpo-minify/1643046242/assets/wpo-minify-header-48f028e6.min.css
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.44.23.147 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
server.leaguepublications.co.uk
Software
Apache /
Resource Hash
59439170e46863f8536b25d0ea81aca87c68435665f13f7d6a41110a9fa4a560

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 14:33:34 GMT
Content-Encoding
gzip
Last-Modified
Mon, 24 Jan 2022 17:44:17 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Cache-Control
public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
41039
Expires
Wed, 02 Feb 2022 16:33:34 GMT
social-logos.min.css
c0.wp.com/p/jetpack/10.5.1/_inc/social-logos/
12 KB
8 KB
Stylesheet
General
Full URL
https://c0.wp.com/p/jetpack/10.5.1/_inc/social-logos/social-logos.min.css
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
b958e0f47861dde13a175cc69494bdb54f08e2b5e78cecf6abd16470d2085257
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT lhr 1
date
Wed, 02 Feb 2022 14:33:34 GMT
content-encoding
br
last-modified
Tue, 30 Jun 2020 14:24:10 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Thu, 02 Feb 2023 14:33:34 GMT
jetpack.css
c0.wp.com/p/jetpack/10.5.1/css/
86 KB
16 KB
Stylesheet
General
Full URL
https://c0.wp.com/p/jetpack/10.5.1/css/jetpack.css
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
1021efafbf9b43acf446f436556222d910e0d86d09d796b6fb16101efedffa22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT lhr 1
date
Wed, 02 Feb 2022 14:33:34 GMT
content-encoding
br
last-modified
Tue, 04 Jan 2022 22:15:08 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Thu, 02 Feb 2023 14:33:34 GMT
jquery.min.js
c0.wp.com/c/5.8.3/wp-includes/js/jquery/
87 KB
30 KB
Script
General
Full URL
https://c0.wp.com/c/5.8.3/wp-includes/js/jquery/jquery.min.js
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT lhr 1
date
Wed, 02 Feb 2022 14:33:34 GMT
content-encoding
br
last-modified
Wed, 10 Mar 2021 15:07:24 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Thu, 02 Feb 2023 14:33:34 GMT
jquery-migrate.min.js
c0.wp.com/c/5.8.3/wp-includes/js/jquery/
11 KB
4 KB
Script
General
Full URL
https://c0.wp.com/c/5.8.3/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT lhr 1
date
Wed, 02 Feb 2022 14:33:34 GMT
content-encoding
br
last-modified
Wed, 18 Nov 2020 09:06:06 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Thu, 02 Feb 2023 14:33:34 GMT
wpo-minify-header-5dc5079a.min.js
www.totalrl.com/wp-content/cache/wpo-minify/1643046242/assets/
45 KB
12 KB
Script
General
Full URL
https://www.totalrl.com/wp-content/cache/wpo-minify/1643046242/assets/wpo-minify-header-5dc5079a.min.js
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.44.23.147 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
server.leaguepublications.co.uk
Software
Apache /
Resource Hash
3bee5b12e78da531b468ad518e1a8af67136d3f13cfc44466876d4551e399a21

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 14:33:34 GMT
Content-Encoding
gzip
Last-Modified
Mon, 24 Jan 2022 17:44:07 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Cache-Control
private
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
11598
Expires
Wed, 02 Feb 2022 16:33:34 GMT
s-202205.js
stats.wp.com/
9 KB
4 KB
Script
General
Full URL
https://stats.wp.com/s-202205.js
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
7faf2fee5a715e1668f517f67a4b21cddd539b978678ce1bfd48a597044079e1

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT lhr
date
Wed, 02 Feb 2022 14:33:34 GMT
content-encoding
br
server
nginx
etag
W/"6197c5cf-2494"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Mon, 30 Jan 2023 16:29:42 GMT
wpo-minify-header-4eea0e8c.min.js
www.totalrl.com/wp-content/cache/wpo-minify/1643046242/assets/
850 B
789 B
Script
General
Full URL
https://www.totalrl.com/wp-content/cache/wpo-minify/1643046242/assets/wpo-minify-header-4eea0e8c.min.js
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.44.23.147 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
server.leaguepublications.co.uk
Software
Apache /
Resource Hash
f70a3567a3625b1c6c58da5afae02b72aa417f99508d3a6365f5f69025cf0fc1

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 14:33:34 GMT
Content-Encoding
gzip
Last-Modified
Mon, 24 Jan 2022 17:44:17 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Cache-Control
private
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
412
Expires
Wed, 02 Feb 2022 16:33:34 GMT
js
www.googletagmanager.com/gtag/
90 KB
36 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-1347693-3
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f724cb79da22169a8630f7fe6965f5767a7d9dffdf392aaad7a5987536aa8314
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 14:33:34 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36173
x-xss-protection
0
last-modified
Wed, 02 Feb 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 02 Feb 2022 14:33:34 GMT
888a21-7200-4950-964c-28a7af0912d4.js
monu.delivery/site/8/d/
689 KB
198 KB
Script
General
Full URL
https://monu.delivery/site/8/d/888a21-7200-4950-964c-28a7af0912d4.js
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:333a:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
8aa75e7861483c23dfe59fd3653c337a7906b1cb024cc859ee3311d589e20f01

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 14:33:34 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ADPycdvPkRzPZN_idSu2-Fpra1W5jHSm6fLt8oUZ5AKkhKIHc1FrL0Fe4lrN_id6ltuBv3mz5XvS0Ry2DigB8e36VC3ZaDON6A
x-cache
MISS
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified
Tue, 01 Feb 2022 23:22:54 GMT
server
nginx
vary
Accept-Encoding
x-goog-hash
crc32c=jn73og==, md5=/Qpr7s+/JArg6Okr87Qeqw==
x-goog-generation
1643757774323448
via
1.1 google
cache-control
max-age=7200
x-goog-stored-content-length
705288
content-type
application/javascript
expires
Wed, 02 Feb 2022 16:33:34 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
148 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4705059117442027
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7b4ac435c6aa587f2d9eb67c66b897771a25024f73e3b34b00da30d67e034a7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.totalrl.com/
Origin
https://www.totalrl.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 14:33:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52797
x-xss-protection
0
server
cafe
etag
3416408569323022533
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 02 Feb 2022 14:33:34 GMT
cropped-trl-logo-red-trimmed.png
i0.wp.com/www.totalrl.com/wp-content/uploads/2020/06/
2 KB
3 KB
Image
General
Full URL
https://i0.wp.com/www.totalrl.com/wp-content/uploads/2020/06/cropped-trl-logo-red-trimmed.png?fit=387%2C99&ssl=1
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
77987f07909696d82ca5e6c6c88789a5380b5bad61eed6c9f3ea010f2e30863f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT lhr 8
date
Wed, 02 Feb 2022 14:33:34 GMT
x-content-type-options
nosniff
last-modified
Tue, 04 Jan 2022 17:01:29 GMT
server
nginx
etag
"dcc3f199c800dd86"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.totalrl.com/wp-content/uploads/2020/06/cropped-trl-logo-red-trimmed.png>; rel="canonical"
content-length
2416
expires
Fri, 05 Jan 2024 05:01:29 GMT
woocommerce-smallscreen.css
c0.wp.com/p/woocommerce/6.1.1/assets/css/
7 KB
1 KB
Stylesheet
General
Full URL
https://c0.wp.com/p/woocommerce/6.1.1/assets/css/woocommerce-smallscreen.css
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
a7a83e60e7e3b8cadeed69327ba498b4cd68605db6e408729fa1b946758e7501
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT lhr 1
date
Wed, 02 Feb 2022 14:33:34 GMT
content-encoding
br
last-modified
Tue, 16 Feb 2021 23:11:32 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Thu, 02 Feb 2023 14:33:34 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
148 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c5a7c2be9c96f773f8954c3cca18a2b4a4c837a018591588c6cd21d2dd29d104
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 14:33:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52526
x-xss-protection
0
server
cafe
etag
555047280600325776
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 02 Feb 2022 14:33:34 GMT
250x300_MONTH.png
www.totalrl.com/wp-content/uploads/2022/01/
10 KB
11 KB
Image
General
Full URL
https://www.totalrl.com/wp-content/uploads/2022/01/250x300_MONTH.png
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.44.23.147 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
server.leaguepublications.co.uk
Software
Apache /
Resource Hash
1737ea638bd3cd46c86b9f987a13ee5ea1f3d02a4bc4e054390a244b10fe2283

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 14:33:34 GMT
Last-Modified
Mon, 31 Jan 2022 13:08:50 GMT
Server
Apache
Vary
User-Agent
Content-Type
image/png
Cache-Control
public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
10536
Expires
Wed, 02 Feb 2022 16:33:34 GMT
player.php
fluid.4strokemedia.com/www/fluid/
4 KB
4 KB
Script
General
Full URL
https://fluid.4strokemedia.com/www/fluid/player.php
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.8.134 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-8-134.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
781170fbc19a7ee620e36f6dcba2460d86f57b3d6a9087e0de1bf72615bf3a02

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 14:33:34 GMT
cache-control
private, max-age=3600
server
Apache
expire
Wed, 02 Feb 2022 15:33:34 GMT
etag
e6404a5432b1988ea2e71ec092e8608a
content-length
4196
content-type
text/javascript;charset=UTF-8
photon.min.js
c0.wp.com/p/jetpack/10.5.1/_inc/build/photon/
685 B
371 B
Script
General
Full URL
https://c0.wp.com/p/jetpack/10.5.1/_inc/build/photon/photon.min.js
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
5cfd3418ebf7c95f8f7a9024ebfa383ff5a267a8568c9a2708c26733824bdf07
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT lhr 1
date
Wed, 02 Feb 2022 14:33:34 GMT
content-encoding
br
last-modified
Tue, 07 Dec 2021 16:56:47 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Thu, 02 Feb 2023 14:33:34 GMT
regenerator-runtime.min.js
c0.wp.com/c/5.8.3/wp-includes/js/dist/vendor/
6 KB
2 KB
Script
General
Full URL
https://c0.wp.com/c/5.8.3/wp-includes/js/dist/vendor/regenerator-runtime.min.js
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT lhr 1
date
Wed, 02 Feb 2022 14:33:34 GMT
content-encoding
br
last-modified
Wed, 23 Jun 2021 00:06:13 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Thu, 02 Feb 2023 14:33:34 GMT
wp-polyfill.min.js
c0.wp.com/c/5.8.3/wp-includes/js/dist/vendor/
16 KB
6 KB
Script
General
Full URL
https://c0.wp.com/c/5.8.3/wp-includes/js/dist/vendor/wp-polyfill.min.js
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT lhr 1
date
Wed, 02 Feb 2022 14:33:34 GMT
content-encoding
br
last-modified
Mon, 14 Jun 2021 23:18:11 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Thu, 02 Feb 2023 14:33:34 GMT
wpo-minify-footer-4678062c.min.js
www.totalrl.com/wp-content/cache/wpo-minify/1643046242/assets/
9 KB
4 KB
Script
General
Full URL
https://www.totalrl.com/wp-content/cache/wpo-minify/1643046242/assets/wpo-minify-footer-4678062c.min.js
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.44.23.147 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
server.leaguepublications.co.uk
Software
Apache /
Resource Hash
5118910d0000d3afddb130203e98ce5a84b29157d6aa791aebcc20282d0d05c7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 14:33:34 GMT
Content-Encoding
gzip
Last-Modified
Mon, 24 Jan 2022 17:44:07 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Cache-Control
private
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
3289
Expires
Wed, 02 Feb 2022 16:33:34 GMT
core.min.js
c0.wp.com/c/5.8.3/wp-includes/js/jquery/ui/
20 KB
6 KB
Script
General
Full URL
https://c0.wp.com/c/5.8.3/wp-includes/js/jquery/ui/core.min.js
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT lhr 1
date
Wed, 02 Feb 2022 14:33:34 GMT
content-encoding
br
last-modified
Thu, 18 Mar 2021 17:48:23 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Thu, 02 Feb 2023 14:33:34 GMT
datepicker.min.js
c0.wp.com/c/5.8.3/wp-includes/js/jquery/ui/
35 KB
10 KB
Script
General
Full URL
https://c0.wp.com/c/5.8.3/wp-includes/js/jquery/ui/datepicker.min.js
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
9fd95260ee110232e2e143adfb5c5f0df7ffee9d2513288ff4102d9e401c663c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT lhr 1
date
Wed, 02 Feb 2022 14:33:34 GMT
content-encoding
br
last-modified
Tue, 08 Jun 2021 17:15:15 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Thu, 02 Feb 2023 14:33:34 GMT
wpo-minify-footer-54410806.min.js
www.totalrl.com/wp-content/cache/wpo-minify/1643046242/assets/
37 KB
10 KB
Script
General
Full URL
https://www.totalrl.com/wp-content/cache/wpo-minify/1643046242/assets/wpo-minify-footer-54410806.min.js
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.44.23.147 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
server.leaguepublications.co.uk
Software
Apache /
Resource Hash
644001fbfe5648ddf2d075527b307fbe7de569575b4b0168957cced600849898

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 14:33:34 GMT
Content-Encoding
gzip
Last-Modified
Mon, 24 Jan 2022 17:44:07 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Cache-Control
private
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
10102
Expires
Wed, 02 Feb 2022 16:33:34 GMT
mouse.min.js
c0.wp.com/c/5.8.3/wp-includes/js/jquery/ui/
3 KB
1 KB
Script
General
Full URL
https://c0.wp.com/c/5.8.3/wp-includes/js/jquery/ui/mouse.min.js
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
93ffe8a780b4034c7b14ac0d57d752368b53eafc734d906c8cdf3d3642a9eb36
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT lhr 1
date
Wed, 02 Feb 2022 14:33:34 GMT
content-encoding
br
last-modified
Wed, 06 Jan 2021 15:29:24 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Thu, 02 Feb 2023 14:33:34 GMT
slider.min.js
c0.wp.com/c/5.8.3/wp-includes/js/jquery/ui/
10 KB
3 KB
Script
General
Full URL
https://c0.wp.com/c/5.8.3/wp-includes/js/jquery/ui/slider.min.js
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
97c8f279229e1db1fc340de3c4fbf154ee841b0d7015ed146f4bc9ea100906bd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT lhr 1
date
Wed, 02 Feb 2022 14:33:34 GMT
content-encoding
br
last-modified
Tue, 08 Jun 2021 17:15:15 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Thu, 02 Feb 2023 14:33:34 GMT
controlgroup.min.js
c0.wp.com/c/5.8.3/wp-includes/js/jquery/ui/
4 KB
1 KB
Script
General
Full URL
https://c0.wp.com/c/5.8.3/wp-includes/js/jquery/ui/controlgroup.min.js
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
a90b3a79a5605961b73075ac6be9f9624b3c74095d16fd216d4983453f0a480a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT lhr 1
date
Wed, 02 Feb 2022 14:33:34 GMT
content-encoding
br
last-modified
Wed, 20 Jan 2021 13:35:18 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Thu, 02 Feb 2023 14:33:34 GMT
checkboxradio.min.js
c0.wp.com/c/5.8.3/wp-includes/js/jquery/ui/
4 KB
1 KB
Script
General
Full URL
https://c0.wp.com/c/5.8.3/wp-includes/js/jquery/ui/checkboxradio.min.js
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
84f86d633f3e8caebf1946b617e3b7c410528b9b149c9d1d7093bd1b5923c3cb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT lhr 1
date
Wed, 02 Feb 2022 14:33:34 GMT
content-encoding
br
last-modified
Wed, 20 Jan 2021 13:35:18 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Thu, 02 Feb 2023 14:33:34 GMT
button.min.js
c0.wp.com/c/5.8.3/wp-includes/js/jquery/ui/
5 KB
2 KB
Script
General
Full URL
https://c0.wp.com/c/5.8.3/wp-includes/js/jquery/ui/button.min.js
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
92c9af7db31c2227c92c12fd8c2b7b51cb19c70bf99f90ce067533adf7b3bb75
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT lhr 1
date
Wed, 02 Feb 2022 14:33:34 GMT
content-encoding
br
last-modified
Wed, 06 Jan 2021 15:29:24 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Thu, 02 Feb 2023 14:33:34 GMT
wpo-minify-footer-6ca508fb.min.js
www.totalrl.com/wp-content/cache/wpo-minify/1643046242/assets/
2 KB
1 KB
Script
General
Full URL
https://www.totalrl.com/wp-content/cache/wpo-minify/1643046242/assets/wpo-minify-footer-6ca508fb.min.js
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.44.23.147 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
server.leaguepublications.co.uk
Software
Apache /
Resource Hash
64b2e009ad24e97899c8e5f8e886fb4bcfc9d6c3f8515d024c63c7beb0d7ddd1

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 14:33:34 GMT
Content-Encoding
gzip
Last-Modified
Mon, 24 Jan 2022 17:44:07 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Cache-Control
private
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
785
Expires
Wed, 02 Feb 2022 16:33:34 GMT
jquery.blockUI.min.js
c0.wp.com/p/woocommerce/6.1.1/assets/js/jquery-blockui/
9 KB
3 KB
Script
General
Full URL
https://c0.wp.com/p/woocommerce/6.1.1/assets/js/jquery-blockui/jquery.blockUI.min.js
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
ef22199864042b8ceeee3729f3254c140df7217364045737ca3aadf8434fb3da
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT lhr 1
date
Wed, 02 Feb 2022 14:33:34 GMT
content-encoding
br
last-modified
Tue, 23 Nov 2021 22:30:13 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Thu, 02 Feb 2023 14:33:34 GMT
add-to-cart.min.js
c0.wp.com/p/woocommerce/6.1.1/assets/js/frontend/
3 KB
1 KB
Script
General
Full URL
https://c0.wp.com/p/woocommerce/6.1.1/assets/js/frontend/add-to-cart.min.js
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
8634aa7a3ac0bc6d359b458c8922e9d3269f64c1355b329bfe215beb12773af8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT lhr 1
date
Wed, 02 Feb 2022 14:33:34 GMT
content-encoding
br
last-modified
Tue, 22 Sep 2020 21:16:49 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Thu, 02 Feb 2023 14:33:34 GMT
js.cookie.min.js
c0.wp.com/p/woocommerce/6.1.1/assets/js/js-cookie/
2 KB
955 B
Script
General
Full URL
https://c0.wp.com/p/woocommerce/6.1.1/assets/js/js-cookie/js.cookie.min.js
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
3b1384ff918d4b7f95f9ee5c8fc388203dedff7344d3d96598c9562162788612
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT lhr 1
date
Wed, 02 Feb 2022 14:33:34 GMT
content-encoding
br
last-modified
Tue, 19 Jan 2021 23:55:30 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Thu, 02 Feb 2023 14:33:34 GMT
woocommerce.min.js
c0.wp.com/p/woocommerce/6.1.1/assets/js/frontend/
2 KB
732 B
Script
General
Full URL
https://c0.wp.com/p/woocommerce/6.1.1/assets/js/frontend/woocommerce.min.js
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
a256fccecac3b32ab73c91d79a18747519a1a18023be05465c933b03523a82e8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT lhr 1
date
Wed, 02 Feb 2022 14:33:34 GMT
content-encoding
br
last-modified
Tue, 18 May 2021 17:00:20 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Thu, 02 Feb 2023 14:33:34 GMT
cart-fragments.min.js
c0.wp.com/p/woocommerce/6.1.1/assets/js/frontend/
3 KB
967 B
Script
General
Full URL
https://c0.wp.com/p/woocommerce/6.1.1/assets/js/frontend/cart-fragments.min.js
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
2d022db650d194d935faea46a40e5512235b43bc3f8b181e32ce6d3dd745f4e1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT lhr 1
date
Wed, 02 Feb 2022 14:33:34 GMT
content-encoding
br
last-modified
Tue, 23 Nov 2021 22:30:13 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Thu, 02 Feb 2023 14:33:34 GMT
wpo-minify-footer-51815050.min.js
www.totalrl.com/wp-content/cache/wpo-minify/1643046242/assets/
43 KB
12 KB
Script
General
Full URL
https://www.totalrl.com/wp-content/cache/wpo-minify/1643046242/assets/wpo-minify-footer-51815050.min.js
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.44.23.147 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
server.leaguepublications.co.uk
Software
Apache /
Resource Hash
6a673ab92aad948dbdf04e8a7b1c9f3219ad45f625ccc2e6fd7d6d44afbade72

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 14:33:34 GMT
Content-Encoding
gzip
Last-Modified
Mon, 24 Jan 2022 17:44:08 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Cache-Control
private
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
12396
Expires
Wed, 02 Feb 2022 16:33:34 GMT
api.js
www.google.com/recaptcha/
884 B
997 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?render=6Lfm3oIUAAAAAKkd1Pvuo7oga7904JqI2XssiyRU&ver=3.0
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9a7446a80db505537475425bc1367ef1457d15fb0ec16b75591c7496b47064ec
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 14:33:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
584
x-xss-protection
1; mode=block
expires
Wed, 02 Feb 2022 14:33:34 GMT
wpo-minify-footer-4d4506ba.min.js
www.totalrl.com/wp-content/cache/wpo-minify/1643046242/assets/
1000 B
886 B
Script
General
Full URL
https://www.totalrl.com/wp-content/cache/wpo-minify/1643046242/assets/wpo-minify-footer-4d4506ba.min.js
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.44.23.147 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
server.leaguepublications.co.uk
Software
Apache /
Resource Hash
65d08c006b0232c4523f008d6c33f0657f71529f2bd3922bf1047d63d1a3ea31

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 14:33:34 GMT
Content-Encoding
gzip
Last-Modified
Mon, 24 Jan 2022 17:44:07 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Cache-Control
private
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
510
Expires
Wed, 02 Feb 2022 16:33:34 GMT
/
js.stripe.com/v3/
275 KB
72 KB
Script
General
Full URL
https://js.stripe.com/v3/
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-50.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
25e428bb95c97c9eec042c92bb23dfb30e4c023f215e308cc51e5966011d1347
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
FRA60-P2
x-cache
Hit from cloudfront
date
Wed, 02 Feb 2022 14:33:35 GMT
via
1.1 6e8224d5f2990b031ca60a58f18ac908.cloudfront.net (CloudFront)
last-modified
Tue, 01 Feb 2022 22:49:08 GMT
server
Cloudfront
etag
W/"a4c2302a747679baec0b11047c48a6f7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
MSPMSGVr1PVu7MLSoK7eH6nPO5CgBCGuLgx-lT3my3DNuNkN8lqtEA==
wp-embed.min.js
c0.wp.com/c/5.8.3/wp-includes/js/
1 KB
696 B
Script
General
Full URL
https://c0.wp.com/c/5.8.3/wp-includes/js/wp-embed.min.js
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT lhr 1
date
Wed, 02 Feb 2022 14:33:34 GMT
content-encoding
br
last-modified
Wed, 06 Jan 2021 15:29:24 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Thu, 02 Feb 2023 14:33:34 GMT
e-202205.js
stats.wp.com/
9 KB
3 KB
Script
General
Full URL
https://stats.wp.com/e-202205.js
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT lhr
date
Wed, 02 Feb 2022 14:33:34 GMT
content-encoding
br
server
nginx
etag
W/"6197c5cf-3508"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Mon, 23 Jan 2023 00:12:08 GMT
core-en.js
cdn.iubenda.com/cookie_solution/iubenda_cs/1.36.1/
271 KB
56 KB
Script
General
Full URL
https://cdn.iubenda.com/cookie_solution/iubenda_cs/1.36.1/core-en.js
Requested by
Host: cdn.iubenda.com
URL: https://cdn.iubenda.com/cs/iubenda_cs.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.214.240 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-214-240.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f00f0db75a38bc7dc4d3f22d22dd27342a2be43763699d35423ea4a22f352b89

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 14:33:34 GMT
content-encoding
br
last-modified
Wed, 02 Feb 2022 08:51:41 GMT
etag
"61fa461d-df4c"
p3p
CP="DSP NOI COR", policyref="http://www.iubenda.com/w3c/p3p.xml"
access-control-allow-origin
*
cache-control
public, must-revalidate, proxy-revalidate, max-age=31536000
content-type
application/javascript
content-length
57164
expires
Thu, 02 Feb 2023 14:33:34 GMT
xdomain_cookie.min.js
monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/
5 KB
2 KB
Script
General
Full URL
https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.min.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/8/d/888a21-7200-4950-964c-28a7af0912d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:333a:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
7b0fb27181aa8c2244ab51f28e8b544248585a334184445b1da9b04f89a794ac

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 14:33:34 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdsBtobctW6e8xIwe9Rl7-fr26HwaUAptNZ7gE5X1Yxh2tjgXdRug3lwwUjav2rLvPTcRgoIG8DPpJOuTQJJcd0
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified
Tue, 25 Aug 2020 07:36:03 GMT
server
nginx
vary
Accept-Encoding
x-goog-hash
crc32c=PYpHKQ==, md5=thaqbm5dIRiPqROaEv/m/g==
x-goog-generation
1598340963244234
via
1.1 google
cache-control
max-age=31104000, public
x-goog-stored-content-length
4733
content-type
application/javascript
expires
Sat, 28 Jan 2023 14:33:34 GMT
ats.js
ats.rlcdn.com/
109 KB
38 KB
Script
General
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/8/d/888a21-7200-4950-964c-28a7af0912d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.3.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-3-117.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
72c5d10e99c6620a2561415895a84064b5b5616c2b1914602263886be4cdc229

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
28x_tDvW9kJ.rWgfbdZIcgxbFDdgh9p3
content-encoding
gzip
etag
W/"d7dfa2940a5d5ce3beedd8774c961dd7"
age
43335
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:6fbe2bf4-0d3f-4234-a84e-c584de5ecb5e
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
8c7650e47b7f894f6ae5a1fc4919cee6
last-modified
Thu, 16 Dec 2021 12:45:56 GMT
server
AmazonS3
date
Wed, 02 Feb 2022 02:31:21 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
ae589a6335869a8948d0172dfafea0c42638763d87ea89591504c580a5c4f6c7
via
1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-pop
FRA6-C1
content-type
application/x-javascript
x-amz-cf-id
eaARdq6PEvP23aCZT_NJf5Ix24iBY93j-UyXop5rDiZwtO1ftGVzoQ==
geo.json
ipwatch.monu.delivery/
216 B
550 B
XHR
General
Full URL
https://ipwatch.monu.delivery/geo.json
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/8/d/888a21-7200-4950-964c-28a7af0912d4.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e01:1::ac69:92e7 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
15398d9b9c6666d022c54cb40fa642de186febdeac77da72940e666dcb4974cd

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 14:33:34 GMT
server
nginx
content-type
application/json, application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, public, no-transform
connection
close
content-length
216
expires
Wed, 02 Feb 2022 15:33:34 GMT
ed8e63843f7bcbb535957aabf.js
chimpstatic.com/mcjs-connected/js/users/75b69976c993e636f33663164/
2 KB
1 KB
Script
General
Full URL
https://chimpstatic.com/mcjs-connected/js/users/75b69976c993e636f33663164/ed8e63843f7bcbb535957aabf.js
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.32.243.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-243-206.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
3a1c4663bf15e9613ec0f649930b0e55a3d6ea8c64386fed656da8dcb52e0f90

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

X-EdgeConnect-Origin-MEX-Latency
94
Date
Wed, 02 Feb 2022 14:33:34 GMT
Content-Encoding
gzip
x-amz-request-id
2M8W2X3GFY0SAX7R
X-EdgeConnect-MidMile-RTT
0
Connection
keep-alive
Content-Length
706
x-amz-id-2
uM0ZN1HAe6QM+SAyYaS0biUDTgMoUDC30aiICrx00yl91+nRq8DvPhyPrK+bTHEGxp/SpA2+gjo=
Last-Modified
Fri, 14 Aug 2020 20:10:49 GMT
Server
AmazonS3
ETag
"a4d2453631b90fbf16521048f1a8ab51"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=1318
Accept-Ranges
bytes
Expires
Wed, 02 Feb 2022 14:55:32 GMT
background.png
www.totalrl.com/wp-content/themes/bestwp-pro/assets/images/
5 KB
6 KB
Image
General
Full URL
https://www.totalrl.com/wp-content/themes/bestwp-pro/assets/images/background.png
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.44.23.147 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
server.leaguepublications.co.uk
Software
Apache /
Resource Hash
d3d758c3632f5ac1ef5b6cddf50941ca9b7997ffe48bef30229ebf8ee835cb50

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 14:33:34 GMT
Last-Modified
Sun, 03 Nov 2019 16:22:06 GMT
Server
Apache
Vary
User-Agent
Content-Type
image/png
Cache-Control
public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
5425
Expires
Wed, 02 Feb 2022 16:33:34 GMT
TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
fonts.gstatic.com/s/oswald/v40/
24 KB
24 KB
Font
General
Full URL
https://fonts.gstatic.com/s/oswald/v40/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display:400,400i,700,700i|Domine:400,700|Oswald:400,700|Patua+One
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c21b3dbf862e916d2689453d7f27dcc0539a0239bf323e5f2db397fca0e5d21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.totalrl.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 11:24:21 GMT
x-content-type-options
nosniff
age
11353
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24080
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:16:47 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 02 Feb 2023 11:24:21 GMT
fontawesome-webfont.woff2
www.totalrl.com/wp-content/themes/bestwp-pro/assets/fonts/
75 KB
76 KB
Font
General
Full URL
https://www.totalrl.com/wp-content/themes/bestwp-pro/assets/fonts/fontawesome-webfont.woff2
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.44.23.147 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
server.leaguepublications.co.uk
Software
Apache /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://www.totalrl.com/
Origin
https://www.totalrl.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 14:33:34 GMT
Last-Modified
Sun, 03 Nov 2019 16:22:06 GMT
Server
Apache
Vary
User-Agent
Content-Type
font/woff2
Cache-Control
max-age=7200
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
77160
Expires
Wed, 02 Feb 2022 16:33:34 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700,700i|Roboto+Condensed:400,400i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.totalrl.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:14:34 GMT
x-content-type-options
nosniff
age
51540
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 02 Feb 2023 00:14:34 GMT
truncated
/
42 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/gif
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v24/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotocondensed/v24/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700,700i|Roboto+Condensed:400,400i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.totalrl.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 19:30:30 GMT
x-content-type-options
nosniff
age
586984
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15660
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:19:40 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 26 Jan 2023 19:30:30 GMT
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v24/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotocondensed/v24/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700,700i|Roboto+Condensed:400,400i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.totalrl.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 19:30:30 GMT
x-content-type-options
nosniff
age
586984
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15700
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:13:59 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 26 Jan 2023 19:30:30 GMT
68225606.js
www.iubenda.com/cookie-solution/confs/js/
99 B
478 B
Script
General
Full URL
https://www.iubenda.com/cookie-solution/confs/js/68225606.js
Requested by
Host: cdn.iubenda.com
URL: https://cdn.iubenda.com/cookie_solution/iubenda_cs/1.36.1/core-en.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.214.240 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-214-240.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5e5463be7757c5cce8b12d7983f534156d7ede1e990423b575e99e835de375cc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=63072000
access-control-request-method
*
etag
"61f888bb-63"
content-encoding
gzip
content-length
97
last-modified
Tue, 01 Feb 2022 01:11:23 GMT
server
nginx
date
Wed, 02 Feb 2022 14:33:34 GMT
vary
Accept-Encoding
access-control-allow-methods
POST, PUT, DELETE, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
expires
Thu, 03 Feb 2022 14:33:34 GMT
xdomain_cookie.html
monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/ Frame 03A1
3 KB
1 KB
Document
General
Full URL
https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.html
Requested by
Host: monu.delivery
URL: https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:333a:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
2164ccda35ef9f1994988c3854e7941905fffa2b6edf0a2f32826ada9b4c3ed0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/

Response headers

server
nginx
date
Wed, 02 Feb 2022 14:33:34 GMT
content-type
text/html
vary
Accept-Encoding
x-guploader-uploadid
ADPycdsRqfr_Pw3x9utjv_c2SMtay8Sbcc60Anfc-22um0if6BVCJK_Od6WBr9IjllcWiJ1LzLNkzhwlN1EMDNvuWtA
expires
Sat, 28 Jan 2023 14:33:34 GMT
cache-control
max-age=31104000 public
last-modified
Tue, 25 Aug 2020 07:36:09 GMT
x-goog-generation
1598340969597109
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
3440
x-goog-hash
crc32c=84qDrg== md5=UK93eCDb5GkYdLDTqpa2gw==
x-goog-storage-class
STANDARD
x-cache
HIT
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
recaptcha__en.js
www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/
351 KB
139 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lfm3oIUAAAAAKkd1Pvuo7oga7904JqI2XssiyRU&ver=3.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db6e227c51b78203752bdc36a19b414161c5beae47cc0cdf2ff9f5c89f4f2526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.totalrl.com/
Origin
https://www.totalrl.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 14:04:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1767
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
141778
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 05:03:25 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 02 Feb 2023 14:04:07 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-1347693-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
3521
date
Wed, 02 Feb 2022 13:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 02 Feb 2022 15:34:54 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201250101/
287 KB
103 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201250101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4705059117442027&plah=www.totalrl.com&bust=31064677
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4705059117442027
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e0851812785e04cdea931d982997d5e290ed10b495d2a73a3d8bc277e3aeefc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 14:33:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
105702
x-xss-protection
0
server
cafe
etag
903418742624950192
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 02 Feb 2022 14:33:35 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220131/r20190131/ Frame 4625
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220131/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4705059117442027
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4612
x-xss-protection
0
date
Tue, 01 Feb 2022 19:07:27 GMT
expires
Tue, 15 Feb 2022 19:07:27 GMT
cache-control
public, max-age=1209600
age
69968
etag
18247940800414524076
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
geo.privacymanager.io/
28 B
592 B
Fetch
General
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-111.fra53.r.cloudfront.net
Software
/
Resource Hash
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 05:02:41 GMT
via
1.1 4c692717a0e85914a993c3aa5c8a2ef6.cloudfront.net (CloudFront), 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
age
34254
x-amzn-requestid
f6576e73-fb09-44c8-bf14-c12cfe3cd263
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-61fa1071-17bd4c0e73a9948e58ac9a6f;Sampled=0
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P3, FRA53-C1
x-amz-apigw-id
M5eBsGI5joEFWQA=
content-length
28
x-amz-cf-id
rtEPzmNK2vzhLtdzRXmTJAD0_toAiHzqZy_B36wj8ErMDgv4sSCTIg==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
services.js
js.gumgum.com/
100 KB
38 KB
Script
General
Full URL
https://js.gumgum.com/services.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/8/d/888a21-7200-4950-964c-28a7af0912d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.63.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-63-17.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4199d5560f45f0efcf4dd0a9930cd5c89053df05e1374ff00a377cb6582330d1

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 10:49:19 GMT
content-encoding
gzip
age
13457
x-cache
Hit from cloudfront
last-modified
Tue, 25 Jan 2022 15:58:25 GMT
x-amz-meta-access-control-allow-origin
*
x-amz-meta-timing-allow-origin
*
server
AmazonS3
etag
W/"d9a5cf12a6b5d9b308af301262a743a2"
vary
Accept-Encoding
x-amz-version-id
8eRyeko7YcDmgjM2ZcHtTAH0Ed_kVdai
via
1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-C1
content-type
application/javascript
x-amz-cf-id
FxB-rJNglkyIsYhmJic6Ja-clsWUN4yHzXLhb_WnENuvlTqyA2Xs_A==
config.js
confiant-integrations.global.ssl.fastly.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/
452 KB
75 KB
Script
General
Full URL
https://confiant-integrations.global.ssl.fastly.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/config.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/8/d/888a21-7200-4950-964c-28a7af0912d4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6790a4ef1fb009e201f25147784e51dcf143ed59198c482f980a76435bac724d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 14:33:35 GMT
Content-Encoding
gzip
Age
1871
X-Cache
HIT
Connection
keep-alive
Content-Length
76217
x-amz-id-2
8rI2l+s/t6Y79x2exab0pFumKX3pQSVF+y1oG+6oIKRu0/IyaHGWV/m5HVMz+0xjobryzin05JY=
X-Served-By
cache-hhn4043-HHN
Last-Modified
Wed, 02 Feb 2022 13:57:08 GMT
Server
AmazonS3
X-Timer
S1643812415.144149,VS0,VE0
ETag
"b77fa4cf9b05ad8ef3cb2095ede8bd6c"
x-amz-request-id
5SEMNQ3J765TNZWM
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
121
apstag.js
c.amazon-adsystem.com/aax2/
134 KB
36 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/8/d/888a21-7200-4950-964c-28a7af0912d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-173.fra56.r.cloudfront.net
Software
Server /
Resource Hash
c59ecf34c8e169eb2c385296530f952be5ced6af24abbe7f2d47b89e520be544

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
SKwQUYZY6s9wJPymt5_yhNbSVWOe2iBW
content-encoding
gzip
etag
8d3665a9b316600491247ca6d78c204c
age
240
x-cache
Hit from cloudfront
server
Server
x-amz-rid
0XQAJ9WS9TMM3T673M1G
date
Wed, 02 Feb 2022 14:29:34 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 7e513424eee237ee26467e8fd5656ec0.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
6LRw9KPjoF3RAWtgIytzWIKZaQR67YbFy5zK8IBcVY_Aj23SrxKpDA==
182762-63174106385307.js
js-sec.indexww.com/ht/p/
37 KB
13 KB
Script
General
Full URL
https://js-sec.indexww.com/ht/p/182762-63174106385307.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/8/d/888a21-7200-4950-964c-28a7af0912d4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
802a3b18272fce86b7ae5e349963873801db2a682c542ba2a78b673f295ff5e2

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 14:33:35 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Feb 2022 13:31:35 GMT
Server
Apache
ETag
"da3299-930a-5d709095c43b9"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=220
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
12788
Expires
Wed, 02 Feb 2022 14:37:15 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
80 KB
27 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/8/d/888a21-7200-4950-964c-28a7af0912d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
79e35db67a8a26848533c303f8d922ec20c2a38853b48422f81bf7a52c221c78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 14:33:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27313
x-xss-protection
0
server
sffe
etag
"1119 / 624 of 1000 / last-modified: 1643803743"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 02 Feb 2022 14:33:35 GMT
tag.min.js
get.s-onetag.com/e599ac32-ea3f-46fa-a00b-60b8e4861a70/
17 KB
6 KB
Script
General
Full URL
https://get.s-onetag.com/e599ac32-ea3f-46fa-a00b-60b8e4861a70/tag.min.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/8/d/888a21-7200-4950-964c-28a7af0912d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.63.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-63-82.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0c08815f5e74c5477b25c5303f3b512b5c04ccf403e41e319c29cb5243fce5f8

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
HGYL.siFb.HLK8NXg9tyIeM1N2pdl_47
content-encoding
gzip
last-modified
Thu, 23 Sep 2021 19:32:23 GMT
server
AmazonS3
age
82180
etag
W/"4c3e8f251a140b2e06634712ba322640"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Tue, 01 Feb 2022 15:44:20 GMT
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
mvNXjpOKu9jEuKmfg_YIWZkz6PUv6Clv8oHBWHxub7VpQZquzUExyw==
write
hits-i.iubenda.com/
0
400 B
XHR
General
Full URL
https://hits-i.iubenda.com/write?db=hits1
Requested by
Host: cdn.iubenda.com
URL: https://cdn.iubenda.com/cookie_solution/iubenda_cs/1.36.1/core-en.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.35.91.33 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Referer
https://www.totalrl.com/
Accept-Language
en-GB,en;q=0.9
Authorization
Basic aGl0czFfdTpoaXRzMV91cHdk
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 02 Feb 2022 14:33:35 GMT
server
nginx
x-influxdb-build
OSS
access-control-allow-methods
DELETE, GET, OPTIONS, POST, PUT
access-control-allow-origin
https://www.totalrl.com
access-control-expose-headers
Date, X-InfluxDB-Version, X-InfluxDB-Build
request-id
1a65b26a-8435-11ec-a63f-0242ac110002
access-control-allow-headers
Accept, Accept-Encoding, Authorization, Content-Length, Content-Type, X-CSRF-Token, X-HTTP-Method-Override
x-influxdb-version
1.8.2
x-request-id
1a65b26a-8435-11ec-a63f-0242ac110002
write
hits-i.iubenda.com/ Frame
0
0
Preflight
General
Full URL
https://hits-i.iubenda.com/write?db=hits1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.35.91.33 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
authorization
Origin
https://www.totalrl.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Wed, 02 Feb 2022 14:33:35 GMT
access-control-allow-origin
https://www.totalrl.com
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
*, authorization
access-control-max-age
1728000
access-control-allow-credentials
true
content-length
0
content-type
text/plain charset=UTF-8
g.gif
pixel.wp.com/
50 B
116 B
Image
General
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A10.5.1&blog=141979066&post=2802348&tz=0&srv=www.totalrl.com&host=www.totalrl.com&ref=&fcp=2690&rand=0.13044395990502688
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 02 Feb 2022 14:33:35 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
asyncspc.php
fluid.4strokemedia.com/www/delivery/
5 KB
6 KB
XHR
General
Full URL
https://fluid.4strokemedia.com/www/delivery/asyncspc.php?zones=16368&prefix=revive-0-&loc=https%3A%2F%2Fwww.totalrl.com%2F
Requested by
Host: fluid.4strokemedia.com
URL: https://fluid.4strokemedia.com/www/fluid/player.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.8.134 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-8-134.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
704a67731f561105ab48ee943933832b408a672cb507e77de9c821e0baaa4194

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 14:33:35 GMT
server
Apache
p3p
policyref="http://4strokemedia.com/privacy.html", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.totalrl.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json
content-length
5361
expires
0
m-outer-08a1fefa46cfc8cc94fc477ddcdb0555.html
js.stripe.com/v3/ Frame C3AD
240 B
960 B
Document
General
Full URL
https://js.stripe.com/v3/m-outer-08a1fefa46cfc8cc94fc477ddcdb0555.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-50.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
f1870f734a253734a07b0542733fbed3b28ae811a83967deed504d31274407f4
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/

Response headers

content-type
text/html; charset=utf-8
content-length
240
last-modified
Thu, 27 Jan 2022 19:43:21 GMT
accept-ranges
bytes
server
Cloudfront
access-control-allow-origin
*
x-content-type-options
nosniff
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-security-policy
default-src 'self'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
timing-allow-origin
*
date
Wed, 02 Feb 2022 14:33:25 GMT
cache-control
max-age=31536000
etag
"08a1fefa46cfc8cc94fc477ddcdb0555"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 6e8224d5f2990b031ca60a58f18ac908.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
hYo558VbozRx3ff-ZSmo9FCpRdujvxGajr0IhIbtT1P2exG-1DtZbw==
age
12
embed.js
downloads.mailchimp.com/js/signup-forms/popup/unique-methods/
128 KB
46 KB
Script
General
Full URL
https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Requested by
Host: chimpstatic.com
URL: https://chimpstatic.com/mcjs-connected/js/users/75b69976c993e636f33663164/ed8e63843f7bcbb535957aabf.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-56.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b960a89dca43490bf0005a6ed7ef8287405c4bd8b050fc4a4934580d8a5920c6

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 14:32:41 GMT
Content-Encoding
gzip
Last-Modified
Tue, 04 Jan 2022 17:01:32 GMT
Server
AmazonS3
Age
55
ETag
W/"7ab9fd3318ef228deb0ec630a29c7cbe"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 8d4901eb4989773bb579fc1597e54ea8.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
DUS51-P1
X-Amz-Cf-Id
E45kZdM05Mmx0hAAZ8bIUhMkyizONUM2esc0_DY84zb0SiaZ9IeluQ==
/
www.totalrl.com/
210 B
725 B
XHR
General
Full URL
https://www.totalrl.com/?wc-ajax=get_refreshed_fragments
Requested by
Host: c0.wp.com
URL: https://c0.wp.com/c/5.8.3/wp-includes/js/jquery/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.44.23.147 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
server.leaguepublications.co.uk
Software
Apache /
Resource Hash
3e799d21e1116a135fcd10c071506f34b99cf79d93b5548199e1376f88b62434
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://www.totalrl.com/
X-Requested-With
XMLHttpRequest
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Wed, 02 Feb 2022 14:33:35 GMT
X-Content-Type-Options
nosniff
Server
Apache
Transfer-Encoding
chunked
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.totalrl.com
Cache-Control
no-cache, must-revalidate, max-age=0, private, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Vary
User-Agent
Keep-Alive
timeout=5, max=96
Expires
Wed, 11 Jan 1984 05:00:00 GMT
P-03-Channel-4.jpg
i0.wp.com/www.totalrl.com/wp-content/uploads/2021/11/
22 KB
22 KB
Image
General
Full URL
https://i0.wp.com/www.totalrl.com/wp-content/uploads/2021/11/P-03-Channel-4.jpg?resize=480%2C360&ssl=1
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
cd1cc439833c31415662b922ecef8a99376743935f82358e4d922ff65fb1b203
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT lhr 1
date
Wed, 02 Feb 2022 14:33:35 GMT
x-content-type-options
nosniff
last-modified
Wed, 02 Feb 2022 13:02:08 GMT
server
nginx
etag
"68576cf84fc0f402"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.totalrl.com/wp-content/uploads/2021/11/P-03-Channel-4.jpg>; rel="canonical"
content-length
22728
expires
Sat, 03 Feb 2024 01:02:08 GMT
NRL-9s-PERTH_0015-2.jpg
i0.wp.com/www.totalrl.com/wp-content/uploads/2020/02/
40 KB
41 KB
Image
General
Full URL
https://i0.wp.com/www.totalrl.com/wp-content/uploads/2020/02/NRL-9s-PERTH_0015-2.jpg?resize=480%2C360&ssl=1
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
988564fda7d3c8275a4073e60777292849d718daaa2eb7f78f046392edea405c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT lhr 4
date
Wed, 02 Feb 2022 14:33:35 GMT
x-content-type-options
nosniff
last-modified
Wed, 02 Feb 2022 11:56:59 GMT
server
nginx
etag
"63ff9fc3354cb175"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.totalrl.com/wp-content/uploads/2020/02/NRL-9s-PERTH_0015-2.jpg>; rel="canonical"
content-length
41340
expires
Fri, 02 Feb 2024 23:56:59 GMT
Jon-Wilkin.jpg
i0.wp.com/www.totalrl.com/wp-content/uploads/2014/04/
15 KB
15 KB
Image
General
Full URL
https://i0.wp.com/www.totalrl.com/wp-content/uploads/2014/04/Jon-Wilkin.jpg?resize=480%2C330&ssl=1
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
34234d910031585619f02c11fbd88bea41cb621ec3368d2574b2d355a7ccb8b3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT lhr 4
date
Wed, 02 Feb 2022 14:33:35 GMT
x-content-type-options
nosniff
last-modified
Wed, 02 Feb 2022 09:26:55 GMT
server
nginx
etag
"65b6d332374efeaa"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.totalrl.com/wp-content/uploads/2014/04/Jon-Wilkin.jpg>; rel="canonical"
content-length
15358
expires
Fri, 02 Feb 2024 21:26:55 GMT
Duchess-of-Cambridge.jpg
i0.wp.com/www.totalrl.com/wp-content/uploads/2022/02/
13 KB
14 KB
Image
General
Full URL
https://i0.wp.com/www.totalrl.com/wp-content/uploads/2022/02/Duchess-of-Cambridge.jpg?resize=480%2C360&ssl=1
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
23e4199d0339edc7466e330c698039cf57f82808c44e524070d3dc7f64450d3c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT lhr 6
date
Wed, 02 Feb 2022 14:33:35 GMT
x-content-type-options
nosniff
last-modified
Wed, 02 Feb 2022 09:10:29 GMT
server
nginx
etag
"402967075b3bf7ca"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.totalrl.com/wp-content/uploads/2022/02/Duchess-of-Cambridge.jpg>; rel="canonical"
content-length
13796
expires
Fri, 02 Feb 2024 21:10:29 GMT
Gavin-Henson-West-Wales-Raiders.jpg
i0.wp.com/www.totalrl.com/wp-content/uploads/2021/03/
23 KB
23 KB
Image
General
Full URL
https://i0.wp.com/www.totalrl.com/wp-content/uploads/2021/03/Gavin-Henson-West-Wales-Raiders.jpg?resize=480%2C360&ssl=1
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
16f9118e12b1784ddb04e5bed28890974030a04131120c68eb0529f61019a5eb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT lhr 2
date
Wed, 02 Feb 2022 14:33:35 GMT
x-content-type-options
nosniff
last-modified
Tue, 01 Feb 2022 18:44:52 GMT
server
nginx
etag
"ac813dc9a7ef555f"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.totalrl.com/wp-content/uploads/2021/03/Gavin-Henson-West-Wales-Raiders.jpg>; rel="canonical"
content-length
23206
expires
Fri, 02 Feb 2024 06:44:52 GMT
Challenge-Cup-Tottenham-Hotspur.jpg
i0.wp.com/www.totalrl.com/wp-content/uploads/2021/08/
31 KB
31 KB
Image
General
Full URL
https://i0.wp.com/www.totalrl.com/wp-content/uploads/2021/08/Challenge-Cup-Tottenham-Hotspur.jpg?resize=480%2C360&ssl=1
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
529310c96a5376ec30d8138b4ba4331d82bb1c5488b3686c0256efa46c3e6326
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT lhr 5
date
Wed, 02 Feb 2022 14:33:35 GMT
x-content-type-options
nosniff
last-modified
Tue, 30 Nov 2021 12:01:55 GMT
server
nginx
etag
"0400f33e0f8a4b76"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.totalrl.com/wp-content/uploads/2021/08/Challenge-Cup-Tottenham-Hotspur.jpg>; rel="canonical"
content-length
31690
expires
Fri, 01 Dec 2023 00:01:55 GMT
Leigh-v-Featherstone.jpg
i0.wp.com/www.totalrl.com/wp-content/uploads/2022/01/
38 KB
38 KB
Image
General
Full URL
https://i0.wp.com/www.totalrl.com/wp-content/uploads/2022/01/Leigh-v-Featherstone.jpg?resize=480%2C360&ssl=1
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
482ce4e19d28b9c3691c2f60b1d6396c0970fb00edb1fb8fab8081fdfba02955
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT lhr 5
date
Wed, 02 Feb 2022 14:33:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 23 Jan 2022 18:01:56 GMT
server
nginx
etag
"2605687d4bb2901a"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.totalrl.com/wp-content/uploads/2022/01/Leigh-v-Featherstone.jpg>; rel="canonical"
content-length
38748
expires
Wed, 24 Jan 2024 06:01:56 GMT
ChisholmDane-CBRA-A14-PM-1.jpg
i0.wp.com/www.totalrl.com/wp-content/uploads/2021/10/
24 KB
24 KB
Image
General
Full URL
https://i0.wp.com/www.totalrl.com/wp-content/uploads/2021/10/ChisholmDane-CBRA-A14-PM-1.jpg?resize=480%2C360&ssl=1
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
e5e81127d4f59b668613ce602b56f5d10203543f7284760e94b7e61df5c5d5d5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT lhr 1
date
Wed, 02 Feb 2022 14:33:35 GMT
x-content-type-options
nosniff
last-modified
Fri, 28 Jan 2022 13:20:09 GMT
server
nginx
etag
"7cc14cd3e391c4b5"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.totalrl.com/wp-content/uploads/2021/10/ChisholmDane-CBRA-A14-PM-1.jpg>; rel="canonical"
content-length
24140
expires
Mon, 29 Jan 2024 01:20:09 GMT
Des-Drummond.jpg
i0.wp.com/www.totalrl.com/wp-content/uploads/2022/01/
21 KB
22 KB
Image
General
Full URL
https://i0.wp.com/www.totalrl.com/wp-content/uploads/2022/01/Des-Drummond.jpg?resize=468%2C360&ssl=1
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
2dc284b2ad91b4802c47ee82997c27c098fd5e5d0e7f0b7b5b5ed596c096feb0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT lhr 7
date
Wed, 02 Feb 2022 14:33:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 30 Jan 2022 20:48:19 GMT
server
nginx
etag
"6988c02f8e2d6d7a"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.totalrl.com/wp-content/uploads/2022/01/Des-Drummond.jpg>; rel="canonical"
content-length
21874
expires
Wed, 31 Jan 2024 08:48:19 GMT
generic-grassroots.gif
i0.wp.com/www.totalrl.com/wp-content/uploads/2017/06/
56 KB
56 KB
Image
General
Full URL
https://i0.wp.com/www.totalrl.com/wp-content/uploads/2017/06/generic-grassroots.gif?resize=400%2C200&ssl=1
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
bbb1ab9b4d39f294ce7fac524f8fe959eab8eef61411d41bb64fa77d34e95460
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT lhr 7
date
Wed, 02 Feb 2022 14:33:35 GMT
x-content-type-options
nosniff
last-modified
Fri, 08 Oct 2021 13:28:16 GMT
server
nginx
etag
"1f9d44f0e1ffb44a"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.totalrl.com/wp-content/uploads/2017/06/generic-grassroots.gif>; rel="canonical"
content-length
56854
expires
Mon, 09 Oct 2023 01:28:16 GMT
McDonnellJames-AWAK-A11-CH.jpg
i0.wp.com/www.totalrl.com/wp-content/uploads/2022/01/
37 KB
37 KB
Image
General
Full URL
https://i0.wp.com/www.totalrl.com/wp-content/uploads/2022/01/McDonnellJames-AWAK-A11-CH.jpg?resize=480%2C360&ssl=1
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
4533f2605eb87cb13c783758ea0b3f638f8a9706f1691b331c1a8c7d33a6bbf2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT lhr 4
date
Wed, 02 Feb 2022 14:33:35 GMT
x-content-type-options
nosniff
last-modified
Mon, 31 Jan 2022 17:13:48 GMT
server
nginx
etag
"91fdf1db316b6857"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.totalrl.com/wp-content/uploads/2022/01/McDonnellJames-AWAK-A11-CH.jpg>; rel="canonical"
content-length
38110
expires
Thu, 01 Feb 2024 05:13:48 GMT
FordJohnathon-ABAT-HSF-BR.jpg
i0.wp.com/www.totalrl.com/wp-content/uploads/2022/01/
35 KB
35 KB
Image
General
Full URL
https://i0.wp.com/www.totalrl.com/wp-content/uploads/2022/01/FordJohnathon-ABAT-HSF-BR.jpg?resize=480%2C360&ssl=1
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
a40b1a4606d56f0041dcd0c2261415d3970dee1fb5c37948e2993e696a0c9409
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT lhr 5
date
Wed, 02 Feb 2022 14:33:35 GMT
x-content-type-options
nosniff
last-modified
Mon, 31 Jan 2022 16:56:12 GMT
server
nginx
etag
"68b9831d9eb7a6cc"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.totalrl.com/wp-content/uploads/2022/01/FordJohnathon-ABAT-HSF-BR.jpg>; rel="canonical"
content-length
35918
expires
Thu, 01 Feb 2024 04:56:12 GMT
Jake-Connor-e1611584481769.jpg
i0.wp.com/www.totalrl.com/wp-content/uploads/2020/07/
17 KB
18 KB
Image
General
Full URL
https://i0.wp.com/www.totalrl.com/wp-content/uploads/2020/07/Jake-Connor-e1611584481769.jpg?zoom=2&resize=480%2C360&ssl=1
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
60ba711b322f168743b210335a096a38483703ccdb7e6be640fe59988d3cb721
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT lhr 7
date
Wed, 02 Feb 2022 14:33:35 GMT
x-content-type-options
nosniff
last-modified
Mon, 31 Jan 2022 15:18:01 GMT
server
nginx
etag
"e6b2fe5455df3594"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.totalrl.com/wp-content/uploads/2020/07/Jake-Connor-e1611584481769.jpg>; rel="canonical"
content-length
17766
expires
Thu, 01 Feb 2024 03:18:01 GMT
P-13-HamiltonChris257A-e1578856151267.jpg
i0.wp.com/www.totalrl.com/wp-content/uploads/2018/04/
16 KB
16 KB
Image
General
Full URL
https://i0.wp.com/www.totalrl.com/wp-content/uploads/2018/04/P-13-HamiltonChris257A-e1578856151267.jpg?zoom=2&resize=480%2C360&ssl=1
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
fe04893d1202c74bdec4137a3d8b54fb7305bb99dead994d317184154b8c4b34
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT lhr 1
date
Wed, 02 Feb 2022 14:33:35 GMT
x-content-type-options
nosniff
last-modified
Mon, 31 Jan 2022 13:53:00 GMT
server
nginx
etag
"aa02ccc2a64bcb71"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.totalrl.com/wp-content/uploads/2018/04/P-13-HamiltonChris257A-e1578856151267.jpg>; rel="canonical"
content-length
16238
expires
Thu, 01 Feb 2024 01:53:00 GMT
NRL-9s-PERTH_0015-2.jpg
i0.wp.com/www.totalrl.com/wp-content/uploads/2020/02/
53 KB
54 KB
Image
General
Full URL
https://i0.wp.com/www.totalrl.com/wp-content/uploads/2020/02/NRL-9s-PERTH_0015-2.jpg?resize=675%2C360&ssl=1
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
056243a8f69e5d7938632cd86d7921c162e669e189308b98007f3c16bee9d4f3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT lhr 4
date
Wed, 02 Feb 2022 14:33:35 GMT
x-content-type-options
nosniff
last-modified
Wed, 02 Feb 2022 11:55:50 GMT
server
nginx
etag
"891735a22d2c6f49"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.totalrl.com/wp-content/uploads/2020/02/NRL-9s-PERTH_0015-2.jpg>; rel="canonical"
content-length
54780
expires
Fri, 02 Feb 2024 23:55:50 GMT
Leigh-v-Featherstone.jpg
i0.wp.com/www.totalrl.com/wp-content/uploads/2022/01/
47 KB
47 KB
Image
General
Full URL
https://i0.wp.com/www.totalrl.com/wp-content/uploads/2022/01/Leigh-v-Featherstone.jpg?w=675&ssl=1
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
7fd79d8376974089c18364b6c540328404fbd2429be4ffd105ed6012d7fbead5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT lhr 5
date
Wed, 02 Feb 2022 14:33:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 23 Jan 2022 18:01:53 GMT
server
nginx
etag
"6fecb9b14acbb142"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.totalrl.com/wp-content/uploads/2022/01/Leigh-v-Featherstone.jpg>; rel="canonical"
content-length
48454
expires
Wed, 24 Jan 2024 06:01:53 GMT
ChisholmDane-CBRA-A14-PM-1.jpg
i0.wp.com/www.totalrl.com/wp-content/uploads/2021/10/
28 KB
28 KB
Image
General
Full URL
https://i0.wp.com/www.totalrl.com/wp-content/uploads/2021/10/ChisholmDane-CBRA-A14-PM-1.jpg?w=675&ssl=1
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
03b80524f00e75c11bde4a280e78918f1f936d6c1c7698fdfef9042a583a96fa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT lhr 1
date
Wed, 02 Feb 2022 14:33:35 GMT
x-content-type-options
nosniff
last-modified
Wed, 05 Jan 2022 13:51:21 GMT
server
nginx
etag
"4c37f18eab38a182"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.totalrl.com/wp-content/uploads/2021/10/ChisholmDane-CBRA-A14-PM-1.jpg>; rel="canonical"
content-length
28500
expires
Sat, 06 Jan 2024 01:51:21 GMT
rlle_310122-promo.png
i0.wp.com/www.totalrl.com/wp-content/uploads/2022/01/
265 KB
266 KB
Image
General
Full URL
https://i0.wp.com/www.totalrl.com/wp-content/uploads/2022/01/rlle_310122-promo.png?w=675&ssl=1
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
ec5896d0d69377b6bf32029102283961cf19735f37a4682946262d313d8b867b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT lhr 6
date
Wed, 02 Feb 2022 14:33:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 30 Jan 2022 21:10:09 GMT
server
nginx
etag
"d01cdfb86ce67eb2"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.totalrl.com/wp-content/uploads/2022/01/rlle_310122-promo.png>; rel="canonical"
content-length
271560
expires
Wed, 31 Jan 2024 09:10:09 GMT
two-tribes.png
i0.wp.com/www.totalrl.com/wp-content/uploads/2022/01/
94 KB
94 KB
Image
General
Full URL
https://i0.wp.com/www.totalrl.com/wp-content/uploads/2022/01/two-tribes.png?resize=300%2C300&ssl=1
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
599e6d8d4b07d96ac0b642a33f3a653920114016dd9de3fb609d8b7b978b3bac
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT lhr 4
date
Wed, 02 Feb 2022 14:33:35 GMT
x-content-type-options
nosniff
last-modified
Mon, 31 Jan 2022 16:52:44 GMT
server
nginx
etag
"e7862712940a0416"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.totalrl.com/wp-content/uploads/2022/01/two-tribes.png>; rel="canonical"
content-length
96066
expires
Thu, 01 Feb 2024 04:52:44 GMT
rlw469Guide-shop.png
i0.wp.com/www.totalrl.com/wp-content/uploads/2020/09/
135 KB
135 KB
Image
General
Full URL
https://i0.wp.com/www.totalrl.com/wp-content/uploads/2020/09/rlw469Guide-shop.png?resize=300%2C300&ssl=1
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
e6350c1dc3fbee7fd3ee6950481ed2d1530a7c50a41f8944c7350c365b3245d8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT lhr 5
date
Wed, 02 Feb 2022 14:33:35 GMT
x-content-type-options
nosniff
last-modified
Fri, 28 Jan 2022 11:12:32 GMT
server
nginx
etag
"e886ad0c3ce1f19d"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.totalrl.com/wp-content/uploads/2020/09/rlw469Guide-shop.png>; rel="canonical"
content-length
138338
expires
Sun, 28 Jan 2024 23:12:32 GMT
yearbook-2021-22-shop.png
i0.wp.com/www.totalrl.com/wp-content/uploads/2021/10/
93 KB
94 KB
Image
General
Full URL
https://i0.wp.com/www.totalrl.com/wp-content/uploads/2021/10/yearbook-2021-22-shop.png?resize=300%2C300&ssl=1
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
6379ca090b5fe6148eaa54587241829dd3e14cf2329c4ccaa13a38f373b15978
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT lhr 7
date
Wed, 02 Feb 2022 14:33:35 GMT
x-content-type-options
nosniff
last-modified
Thu, 11 Nov 2021 15:47:18 GMT
server
nginx
etag
"6889cb5e1276803f"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.totalrl.com/wp-content/uploads/2021/10/yearbook-2021-22-shop.png>; rel="canonical"
content-length
95698
expires
Sun, 12 Nov 2023 03:47:18 GMT
rlle_310122-shop.png
i0.wp.com/www.totalrl.com/wp-content/uploads/2020/09/
84 KB
84 KB
Image
General
Full URL
https://i0.wp.com/www.totalrl.com/wp-content/uploads/2020/09/rlle_310122-shop.png?resize=300%2C300&ssl=1
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
a9e15c941f9c7cee11888c71910cf171b12ef00ca0777e70e951c5ac8e17aacf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT lhr 3
date
Wed, 02 Feb 2022 14:33:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 30 Jan 2022 20:58:49 GMT
server
nginx
etag
"278a79c65cec357f"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.totalrl.com/wp-content/uploads/2020/09/rlle_310122-shop.png>; rel="canonical"
content-length
85682
expires
Wed, 31 Jan 2024 08:58:49 GMT
carousel.min.js
cdnb.4strokemedia.com/carousel/v4/ Frame EA80
130 KB
43 KB
Script
General
Full URL
https://cdnb.4strokemedia.com/carousel/v4/carousel.min.js
Requested by
Host: fluid.4strokemedia.com
URL: https://fluid.4strokemedia.com/www/fluid/player.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:b800:2:dc6c:1340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
307c668b5665de11bb3ec117d95716d89fa8a21ec605ecfa4df1a83d72d71260

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-meta-cb-modifiedtime
Mon, 24 Jan 2022 08:55:52 GMT
date
Tue, 01 Feb 2022 19:25:17 GMT
content-encoding
gzip
last-modified
Mon, 24 Jan 2022 08:59:14 GMT
server
AmazonS3
age
68899
etag
W/"2b89a19c687b748de48041405ce797fc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
xw50G.3Li41CCQ20A6kaeL_ClxMp..Fi
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
cache-control
max-age=259200
x-amz-cf-pop
FRA6-C1
content-type
application/javascript
x-amz-cf-id
PuNW1omhm6u4JIaEzqWGiUsaAi7Uj90E23IhMxY_Crn7sLTuFPLufA==
lg.php
fluid.4strokemedia.com/www/delivery/ Frame EA80
43 B
355 B
Image
General
Full URL
https://fluid.4strokemedia.com/www/delivery/lg.php?bannerid=21364&campaignid=696&zoneid=16368&loc=https%3A%2F%2Fwww.totalrl.com%2F&cb=a57c3cf754
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.8.134 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-8-134.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 14:33:35 GMT
server
Apache
p3p
policyref="http://4strokemedia.com/privacy.html", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0
csp-report
q.stripe.com/ Frame C3AD
0
356 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://js.stripe.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 02 Feb 2022 14:33:35 GMT
server
nginx
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
x-envoy-upstream-service-time
1
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length
0
mmt.gif
imps.monu.delivery/
37 B
497 B
Image
General
Full URL
https://imps.monu.delivery/mmt.gif?s=99f25e07-edd3-4de6-6af8-0d417416536e&a=p.l&u=8d888a21-7200-4950-964c-28a7af0912d4
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 14:05:29 GMT
age
1686
x-guploader-uploadid
ADPycdt5cv3dzMI1wk_S6gWHm9mBB7xR8SJB5JKc4_biV0rMvscc6vBSs9NrGA2MgjwtZENw9C8-JklVp8B1BNDvLfB7WrxxSA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
cache-control
public, max-age=3600
x-goog-stored-content-length
37
accept-ranges
bytes
content-type
image/gif
expires
Wed, 02 Feb 2022 15:05:29 GMT
m-outer-ebb7106827d6c64e55a93b6fe1303341.js
js.stripe.com/v3/fingerprinted/js/ Frame C3AD
1 KB
1 KB
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-ebb7106827d6c64e55a93b6fe1303341.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-08a1fefa46cfc8cc94fc477ddcdb0555.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-50.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
6b5402ff8932ed835d39a31b75c6bc737a80f6ddcd6269a1fa53556485ca3ad8
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://js.stripe.com/v3/m-outer-08a1fefa46cfc8cc94fc477ddcdb0555.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
17
x-cache
Hit from cloudfront
date
Wed, 02 Feb 2022 14:33:18 GMT
via
1.1 6e8224d5f2990b031ca60a58f18ac908.cloudfront.net (CloudFront)
last-modified
Thu, 27 Jan 2022 19:43:06 GMT
server
Cloudfront
etag
W/"5213886b88cd72e6d0aebc89868e5d13"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
x-amz-cf-pop
FRA60-P2
timing-allow-origin
*
x-amz-cf-id
7L4aGZBdJhnPpEcEhSq0_4Z9p0nUcqbn-KWXnduiIa-gMX8_rIZlow==
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1187097879&t=pageview&_s=1&dl=https%3A%2F%2Fwww.totalrl.com%2F&ul=en-us&de=UTF-8&dt=TotalRL.com%20%7C%20Rugby%20League%20Express%20%7C%20Rugby%20League%20World&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACUABBAAAAC~&jid=1679368351&gjid=864779810&cid=595393601.1643812415&tid=UA-1347693-3&_gid=1773688815.1643812415&_r=1&gtm=2ou1v0&did=dZTNiMT&gdid=dZTNiMT&z=1369266419
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.totalrl.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 14:33:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.totalrl.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
anchor
www.google.com/recaptcha/api2/ Frame 0350
40 KB
20 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfm3oIUAAAAAKkd1Pvuo7oga7904JqI2XssiyRU&co=aHR0cHM6Ly93d3cudG90YWxybC5jb206NDQz&hl=en&v=dPctOHA2ifhWm5WzFM_B5TjT&size=invisible&cb=mke76natqopm
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c4132727de13420afc7c53fb9143e9676b2691e70158d0fa316e81ae672f7560
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-uv/JPQ53r3epnYsDpC+igA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Wed, 02 Feb 2022 14:33:35 GMT
content-security-policy
script-src 'report-sample' 'nonce-uv/JPQ53r3epnYsDpC+igA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
20692
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
inner.html
m.stripe.network/ Frame 83B2
932 B
2 KB
Document
General
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-ebb7106827d6c64e55a93b6fe1303341.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.3.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-3-103.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
ed34a59f182c66e2b25c602f3c9b0f21435a8f475d5dbc9e6830ff4c7929f5cd
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://m.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; media-src 'none'; object-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://js.stripe.com/

Response headers

content-type
text/html; charset=utf-8
content-length
932
last-modified
Thu, 13 Jan 2022 18:40:12 GMT
accept-ranges
bytes
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
x-content-type-options
nosniff
content-security-policy-report-only
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-Qj6AdMOUjZkBBUTjGW/OORBoqx2Pohcq8Bg/ZvZzgYw=' 'report-sample'; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-security-policy
connect-src 'self' https://m.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; media-src 'none'; object-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
date
Wed, 02 Feb 2022 14:29:58 GMT
cache-control
max-age=300, public
etag
"f6254e6dd0cb06228801a1c8baf0939f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
hFmvevgfZbNpsQUApgrUElfKmcD5YXCVpOu7q7YT6C0ben8nDlTJRA==
age
218
cookie.js
partner.googleadservices.com/gampad/
215 B
416 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.totalrl.com&callback=_gfp_s_&client=ca-pub-4705059117442027
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201250101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4705059117442027&plah=www.totalrl.com&bust=31064677
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
bccee6e41dc6d1722c34a9572e62379ff4a6e64a76755c6afdf6f8624b8ba4e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 14:33:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
201
x-xss-protection
0
integrator.js
adservice.google.co.uk/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=www.totalrl.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201250101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4705059117442027&plah=www.totalrl.com&bust=31064677
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Feb 2022 14:33:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.totalrl.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201250101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4705059117442027&plah=www.totalrl.com&bust=31064677
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Feb 2022 14:33:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.totalrl.com%2F&tn=DIV&cls=grecaptcha-badge&ign=false&pw=1600&ph=1200&x=1575&y=1175
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 14:33:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.totalrl.com%2F&tn=DIV&id=iubenda-cs-banner&cls=iubenda-cs-default%20iubenda-cs-top%20iubenda-cs-slidein%20iubenda-cs-visible&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 14:33:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 5FA5
0
19 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4705059117442027&output=html&adk=708909399&adf=3265821210&lmt=1643812415&plat=1%3A16777216%2C2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.totalrl.com%2F&ea=0&flash=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643812414931&bpp=4&bdt=949&idt=317&shv=r20220131&mjsv=m202201250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2633743878419&frm=20&pv=2&ga_vid=595393601.1643812415&ga_sid=1643812415&ga_hid=1187097879&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C31064677&oid=2&pvsid=3287223837664&pem=958&tmod=1551199038&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=336
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201250101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4705059117442027&plah=www.totalrl.com&bust=31064677
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 02 Feb 2022 14:33:35 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 02 Feb 2022 14:33:35 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 0DAF
66 KB
21 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4705059117442027&output=html&h=280&slotname=2668966041&adk=1628465507&adf=10553288&pi=t.ma~as.2668966041&w=655&fwrn=4&fwrnh=100&lmt=1643812415&rafmt=1&psa=0&format=655x280&url=https%3A%2F%2Fwww.totalrl.com%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643812414935&bpp=11&bdt=953&idt=339&shv=r20220131&mjsv=m202201250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2633743878419&frm=20&pv=1&ga_vid=595393601.1643812415&ga_sid=1643812415&ga_hid=1187097879&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=186&ady=2165&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C31064677&oid=2&pvsid=3287223837664&pem=958&tmod=1551199038&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=4BWeu2OjFf&p=https%3A//www.totalrl.com&dtd=344
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201250101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4705059117442027&plah=www.totalrl.com&bust=31064677
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ef261bec3d934fc35da4e3521c205b481a6f6d2f4a6816ce5de3a1dec772cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 02 Feb 2022 14:33:35 GMT
server
cafe
content-length
21044
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 02 Feb 2022 14:33:35 GMT
cache-control
private
/
onetag-geo.s-onetag.com/
555 B
969 B
Fetch
General
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/e599ac32-ea3f-46fa-a00b-60b8e4861a70/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.3.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-3-46.fra6.r.cloudfront.net
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 14:33:35 GMT
via
1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront), 1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1, FRA6-C1
x-amzn-requestid
e19406c9-00dc-493f-b6d7-b5a0bd93ab05
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
M6xp_FRRCYcFXCQ=
content-length
555
x-amz-cf-id
iRmnRAaDNiHUm-WAaciZzIfiwNHpX8XcCKX26cwO4u-0lCYPZB6Mwg==
beacon.min.js
signal-beacon.s-onetag.com/
29 KB
10 KB
Script
General
Full URL
https://signal-beacon.s-onetag.com/beacon.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/e599ac32-ea3f-46fa-a00b-60b8e4861a70/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-76.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
958d46af4272fd75603fbcd0680896efbe73e2609987de68b0665500e607a6d5

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
FFoz53cfgEbfQogHib76iTyL1K5X37BJ
content-encoding
gzip
etag
W/"ea838863b2b3bf40d1353c99808a5464"
last-modified
Tue, 09 Nov 2021 13:26:48 GMT
server
AmazonS3
age
38288
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 960a66a5b9d832814160983d391e997c.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Wed, 02 Feb 2022 03:55:27 GMT
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
FXQcZ7vC_mL9VFX6TaL7wCYmAIMgst-Flcb16SsSmynNgaX8L5kvHg==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-173.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
eaU6ir6qmGswM2SGRmLi7PKhBcBrRdvn
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
21671
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Fri, 21 Jan 2022 02:54:57 GMT
server
AmazonS3
date
Wed, 02 Feb 2022 08:32:25 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
BJeo0T3tT9aS9IXb_vNY5_IKe_ujNL45Om5SaoTufrRC2mUg8CY9Tw==
collect
stats.g.doubleclick.net/j/
7 B
445 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-1347693-3&cid=595393601.1643812415&jid=1679368351&gjid=864779810&_gid=1773688815.1643812415&_u=YGBACUAABAAAAC~&z=538165231
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.totalrl.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 02 Feb 2022 14:33:35 GMT
content-type
text/plain
access-control-allow-origin
https://www.totalrl.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
rid
match.adsrvr.org/track/
109 B
544 B
XHR
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=182762
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/182762-63174106385307.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
d0a122415151778fa38fef8b6d30325d24c06e2605ca6ba372f762c7efb5134e

Request headers

Referer
https://www.totalrl.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 02 Feb 2022 14:33:35 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.totalrl.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Fri, 04 Mar 2022 14:33:35 GMT
identity
api.rlcdn.com/api/
44 B
328 B
XHR
General
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/182762-63174106385307.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.totalrl.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 02 Feb 2022 14:33:35 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.totalrl.com
access-control-allow-credentials
true
alt-svc
clear
content-length
44
services
g2.gumgum.com/zones/210063/
0
247 B
XHR
General
Full URL
https://g2.gumgum.com/zones/210063/services?dp=https%3A%2F%2Fwww.totalrl.com%2F&pu=https%3A%2F%2Fwww.totalrl.com%2F&ogu=https%3A%2F%2Fwww.totalrl.com%2F&rf=&r=3.87.5&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A2%2C%22ren%22%3A2%2C%22fc%22%3A0%2C%22ctx%22%3A%5B2%5D%2C%22jsv%22%3A%223.87.5%22%2C%22pbv%22%3A%220.0.0%22%7D&ns=10035&bf=41245213d5584585162dc90fb57f934056754690&ce=true&fs=false&dpr=1&sch=1200&scw=1600&lt=1643812415368&to=0&vpii=false&vph=1200&vpw=1600&productIds=1%2C5
Requested by
Host: js.gumgum.com
URL: https://js.gumgum.com/services.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.114.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-114-170.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://www.totalrl.com
date
Wed, 02 Feb 2022 14:33:35 GMT
access-control-allow-credentials
true
server
nginx
timing-allow-origin
*
etag
"0d41d8cd98f00b204e9800998ecf8427e"
form-settings
mc.us20.list-manage.com/subscribe/
17 KB
6 KB
Script
General
Full URL
https://mc.us20.list-manage.com/subscribe/form-settings?u=75b69976c993e636f33663164&id=db0ad2d822&u=75b69976c993e636f33663164&id=db0ad2d822&c=dojo_request_script_callbacks.dojo_request_script0
Requested by
Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.45.110.243 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-110-243.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
185b1dd98b9c0365cd9104daa666f88b44161ba1599605bcf8d7a4aeb4fbbbf5

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
172
date
Wed, 02 Feb 2022 14:33:35 GMT
content-encoding
gzip
referrer-policy
same-origin
server
openresty
x-edgeconnect-midmile-rtt
0
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
max-age=300
x-ua-compatible
IE=edge,chrome=1
content-length
4388
expires
Wed, 02 Feb 2022 14:38:35 GMT
wrap.js
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202201311507/
187 KB
60 KB
Script
General
Full URL
https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202201311507/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
873af853dede2eef6d739dd841fb21596d262ff33e68a965eb377e47ed8d4c7c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 14:33:35 GMT
Content-Encoding
gzip
Age
144
X-Cache
HIT
Connection
keep-alive
Content-Length
60844
x-amz-id-2
vBQA0xyF6JfcErbnfkiWx4wb2dA8T2TL0+ZtaUaGn4QCOgytdEmgTS2Dc6jUktfcpYcEpfx8I8w=
X-Served-By
cache-hhn4043-HHN
Last-Modified
Mon, 31 Jan 2022 20:08:36 GMT
Server
AmazonS3
X-Timer
S1643812415.428146,VS0,VE0
ETag
"d4a52cf643f8d535f6f826b1707f5291"
x-amz-request-id
ND6R3P1D9B6T0NAN
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
260
pubads_impl_2022012701.js
securepubads.g.doubleclick.net/gpt/
355 KB
120 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
97f59ccead873800701418302300e1c43fc7d41efe5aeb412d8279fefd5cd913
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 14:27:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
369
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122333
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 09:34:36 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 02 Feb 2023 14:27:26 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
137 B
126 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.totalrl.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
93ad8a23f602843f3f07ebd5ad27070d7e921a8628698962f440ae0c80d1a22c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Feb 2022 14:33:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
101
x-xss-protection
0
expires
Wed, 02 Feb 2022 14:33:35 GMT
config
c.amazon-adsystem.com/cdn/prod/
57 B
414 B
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.totalrl.com&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-173.fra56.r.cloudfront.net
Software
Server /
Resource Hash
8ea9df9aa296a2eac3fe1a8b6972fecea49c7295f723cf9c93356ff9301a09ec

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 10:18:52 GMT
via
1.1 7e513424eee237ee26467e8fd5656ec0.cloudfront.net (CloudFront)
server
Server
age
15283
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.totalrl.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-C1
content-length
57
x-amz-cf-id
5nkeALKR4I3JC1YsQmWrhtuYkKcd37UnDEjtLkej8YZzpIJoXFuQgA==
Mount-Pleasant.jpg
i0.wp.com/www.totalrl.com/wp-content/uploads/2022/01/
29 KB
29 KB
Image
General
Full URL
https://i0.wp.com/www.totalrl.com/wp-content/uploads/2022/01/Mount-Pleasant.jpg?resize=480%2C256&ssl=1
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
b01dcbec628f66da59ebc2e2e3c85af086c22acb8a6c02176607672dd47e6185
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT lhr 7
date
Wed, 02 Feb 2022 14:33:35 GMT
x-content-type-options
nosniff
last-modified
Mon, 31 Jan 2022 11:26:26 GMT
server
nginx
etag
"2fc298e4dd61f874"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.totalrl.com/wp-content/uploads/2022/01/Mount-Pleasant.jpg>; rel="canonical"
content-length
29334
expires
Wed, 31 Jan 2024 23:26:26 GMT
McDermott-scaled.jpg
i0.wp.com/www.totalrl.com/wp-content/uploads/2020/09/
11 KB
11 KB
Image
General
Full URL
https://i0.wp.com/www.totalrl.com/wp-content/uploads/2020/09/McDermott-scaled.jpg?resize=480%2C360&ssl=1
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
72a2230aa0b888893b2925b6864f5f76be860f4af47ca0dfbabf3cdb45d0ae5e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT lhr 5
date
Wed, 02 Feb 2022 14:33:35 GMT
x-content-type-options
nosniff
last-modified
Mon, 31 Jan 2022 10:28:24 GMT
server
nginx
etag
"c8a958778964bb5c"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.totalrl.com/wp-content/uploads/2020/09/McDermott-scaled.jpg>; rel="canonical"
content-length
11372
expires
Wed, 31 Jan 2024 22:28:24 GMT
csp-report
q.stripe.com/ Frame 83B2
0
131 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://m.stripe.network/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 02 Feb 2022 14:33:35 GMT
x-envoy-upstream-service-time
1
server
nginx
content-length
0
strict-transport-security
max-age=31556926; includeSubDomains; preload
csp-report
q.stripe.com/ Frame 83B2
0
130 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://m.stripe.network/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 02 Feb 2022 14:33:35 GMT
x-envoy-upstream-service-time
2
server
nginx
content-length
0
strict-transport-security
max-age=31556926; includeSubDomains; preload
LEAGUE-EXPRESS-e1580673862456.jpg
i0.wp.com/www.totalrl.com/wp-content/uploads/2018/12/
8 KB
8 KB
Image
General
Full URL
https://i0.wp.com/www.totalrl.com/wp-content/uploads/2018/12/LEAGUE-EXPRESS-e1580673862456.jpg?zoom=2&resize=480%2C360&ssl=1
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
ef4cc058c6834333c9eefe4308e7902df6612c918a142d76747c27c931d4230b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT lhr 8
date
Wed, 02 Feb 2022 14:33:35 GMT
x-content-type-options
nosniff
last-modified
Mon, 24 Jan 2022 08:00:17 GMT
server
nginx
etag
"560591034124c851"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.totalrl.com/wp-content/uploads/2018/12/LEAGUE-EXPRESS-e1580673862456.jpg>; rel="canonical"
content-length
8454
expires
Wed, 24 Jan 2024 20:00:17 GMT
rlle_310122-promo.png
i0.wp.com/www.totalrl.com/wp-content/uploads/2022/01/
202 KB
203 KB
Image
General
Full URL
https://i0.wp.com/www.totalrl.com/wp-content/uploads/2022/01/rlle_310122-promo.png?resize=480%2C360&ssl=1
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
cff480a1710938005570567721ab2b59be5fe1455c99fd641b9c661c4615223e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT lhr 6
date
Wed, 02 Feb 2022 14:33:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 30 Jan 2022 21:10:38 GMT
server
nginx
etag
"6b49eca8dd89df73"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.totalrl.com/wp-content/uploads/2022/01/rlle_310122-promo.png>; rel="canonical"
content-length
207156
expires
Wed, 31 Jan 2024 09:10:38 GMT
karousel.min.css
cdnb.4strokemedia.com/carousel/v4/css/
13 KB
3 KB
Stylesheet
General
Full URL
https://cdnb.4strokemedia.com/carousel/v4/css/karousel.min.css?v008
Requested by
Host: cdnb.4strokemedia.com
URL: https://cdnb.4strokemedia.com/carousel/v4/carousel.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:b800:2:dc6c:1340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
829f4e5622e3e804a8debb6737c587156dd009d67536f9e0646b3060de3e1466

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-meta-cb-modifiedtime
Mon, 20 Sep 2021 15:27:27 GMT
date
Fri, 28 Jan 2022 01:45:28 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 22:05:19 GMT
server
AmazonS3
age
478088
etag
W/"0261168732b78f96a8aadf2148010a07"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
mq4.I_dE47aF6iOm0N9dx5s4dwGEw0bk
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
FRA6-C1
content-type
text/css
x-amz-cf-id
rpdB_AlMUM7mlOWPqShaeIq6P4pVCjzxX_9vOQQstn-G2a1A9adMVw==
css
fonts.googleapis.com/
2 KB
537 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto
Requested by
Host: cdnb.4strokemedia.com
URL: https://cdnb.4strokemedia.com/carousel/v4/carousel.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 02 Feb 2022 14:17:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 02 Feb 2022 14:33:35 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 02 Feb 2022 14:33:35 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/
85 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: cdnb.4strokemedia.com
URL: https://cdnb.4strokemedia.com/carousel/v4/carousel.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 11:08:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12335
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30306
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 02 Feb 2023 11:08:00 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/
376 KB
125 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cdnb.4strokemedia.com
URL: https://cdnb.4strokemedia.com/carousel/v4/carousel.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b4a576181de48e65c16476d10dcb5de9730675835d885ae49ae1ae3a67ae950b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 14:33:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127061
x-xss-protection
0
expires
Wed, 02 Feb 2022 14:33:35 GMT
hls.min.js
cdnb.4strokemedia.com/carousel/v4/ Frame EA80
235 KB
236 KB
Script
General
Full URL
https://cdnb.4strokemedia.com/carousel/v4/hls.min.js?v01416
Requested by
Host: cdnb.4strokemedia.com
URL: https://cdnb.4strokemedia.com/carousel/v4/carousel.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:b800:2:dc6c:1340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b1d4335a4e40bb5670078aee0c19c5f3f45e4c0ae7b75d55efd0fb389fa4150f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-meta-cb-modifiedtime
Fri, 06 Nov 2020 08:08:30 GMT
date
Mon, 31 Jan 2022 13:52:27 GMT
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
last-modified
Fri, 06 Nov 2020 08:12:04 GMT
server
AmazonS3
age
175269
etag
"53f4d0ca611bca1997eb76191e1026ea"
x-cache
Hit from cloudfront
x-amz-version-id
lS3j9GA5AHBkhcg0DP7WP2C.DASAEh95
cache-control
max-age=259200
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
application/x-javascript
content-length
240505
x-amz-cf-id
w2fsBW_A-m24HPBlmTLtBtJ8AYAdxYyfancki3WwREO0_DwQ2OGDog==
sky-sport-logo75_uk.png
cdnb.4strokemedia.com/carousel/images/
4 KB
4 KB
Image
General
Full URL
https://cdnb.4strokemedia.com/carousel/images/sky-sport-logo75_uk.png
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:b800:2:dc6c:1340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
96a9c514268a3df54a5b17e2735ec920c5b151ade2bdf8ba9999423ce36111ca

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 21:57:21 GMT
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
last-modified
Sat, 26 Sep 2020 12:48:56 GMT
server
AmazonS3
age
59775
etag
"5c4ede4a28355730ba1937a861e4eade"
x-cache
Hit from cloudfront
x-amz-version-id
KJT1cXUbwkL8HeEuO7QlLEu9oa.y.5Za
cache-control
max-age=302400
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
image/png
content-length
4161
x-amz-cf-id
-j5-P-zbQgOFtYEaITlRnHPs4cyP2DzmRWy1cjCqwttBsa-1AuzCCQ==
styles__ltr.css
www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/ Frame 0350
51 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfm3oIUAAAAAKkd1Pvuo7oga7904JqI2XssiyRU&co=aHR0cHM6Ly93d3cudG90YWxybC5jb206NDQz&hl=en&v=dPctOHA2ifhWm5WzFM_B5TjT&size=invisible&cb=mke76natqopm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 12:58:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5723
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 05:03:25 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 02 Feb 2023 12:58:12 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/ Frame 0350
351 KB
139 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfm3oIUAAAAAKkd1Pvuo7oga7904JqI2XssiyRU&co=aHR0cHM6Ly93d3cudG90YWxybC5jb206NDQz&hl=en&v=dPctOHA2ifhWm5WzFM_B5TjT&size=invisible&cb=mke76natqopm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db6e227c51b78203752bdc36a19b414161c5beae47cc0cdf2ff9f5c89f4f2526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 14:04:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1768
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
141778
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 05:03:25 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 02 Feb 2023 14:04:07 GMT
out-4.5.41.js
m.stripe.network/ Frame 83B2
85 KB
14 KB
Script
General
Full URL
https://m.stripe.network/out-4.5.41.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.3.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-3-103.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
a2f6b81396ab1150effea054efbf1623212ea0419976389ce8f10e909d39e4c7
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
180
x-cache
Hit from cloudfront
date
Wed, 02 Feb 2022 14:30:36 GMT
last-modified
Thu, 13 Jan 2022 18:40:13 GMT
server
Cloudfront
etag
W/"2db385faf28cf5f9393cf01a0a1edfa2"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
via
1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
cache-control
max-age=300, public
x-amz-cf-pop
FRA6-C1
timing-allow-origin
*
x-amz-cf-id
-uXhJxiZ-awJHfM6VqtEsB0ugHdOUFVtdzt6wI9EKJWQ5tfIQ1OsfQ==
ga-audiences
www.google.com/ads/
42 B
63 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-1347693-3&cid=595393601.1643812415&jid=1679368351&_u=YGBACUAABAAAAC~&z=1926305218
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 14:33:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.uk/ads/
42 B
501 B
Image
General
Full URL
https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-1347693-3&cid=595393601.1643812415&jid=1679368351&_u=YGBACUAABAAAAC~&z=1926305218
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 14:33:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-geo.s-onetag.com/
555 B
959 B
Fetch
General
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.3.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-3-46.fra6.r.cloudfront.net
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 14:33:35 GMT
via
1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront), 1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1, FRA6-C1
x-amzn-requestid
e19406c9-00dc-493f-b6d7-b5a0bd93ab05
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
M6xp_FRRCYcFXCQ=
content-length
555
x-amz-cf-id
z3QoJEGbe4oUYAzCvYy-qr_l0UByeISHK6zNgPkPFmE7mYsRnCIf2g==
headerstats
as-sec.casalemedia.com/
0
429 B
XHR
General
Full URL
https://as-sec.casalemedia.com/headerstats?s=504384&u=https%3A%2F%2Fwww.totalrl.com%2F&v=3
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/182762-63174106385307.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.totalrl.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 14:33:35 GMT
X-AK-INITIAL-GEO
CC:[GB], RC:[EN], CN:[EU], CIP:[82.199.130.36], XFF:[]
Server
Apache
Access-Control-Allow-Origin
https://www.totalrl.com
X-CS-CLIENT-GEO
27
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-AK-CLIENT-GEO
27
Expires
Wed, 02 Feb 2022 14:33:35 GMT
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-openrtb-version
Origin
https://www.totalrl.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 02 Feb 2022 14:33:36 GMT
server
ATS/9.1.0.33
access-control-allow-origin
https://www.totalrl.com
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials
true
access-control-max-age
600
age
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-openrtb-version
Origin
https://www.totalrl.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 02 Feb 2022 14:33:36 GMT
server
ATS/9.1.0.33
access-control-allow-origin
https://www.totalrl.com
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials
true
access-control-max-age
600
age
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-openrtb-version
Origin
https://www.totalrl.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 02 Feb 2022 14:33:36 GMT
server
ATS/9.1.0.33
access-control-allow-origin
https://www.totalrl.com
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials
true
access-control-max-age
600
age
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-openrtb-version
Origin
https://www.totalrl.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 02 Feb 2022 14:33:36 GMT
server
ATS/9.1.0.33
access-control-allow-origin
https://www.totalrl.com
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials
true
access-control-max-age
600
age
0
trinity.json
apex.go.sonobi.com/
94 B
843 B
XHR
General
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%222cc3fcf28b399b%22%3A%224038e93c4d4c13bc38d7%7C728x90%7Cgpid%3D%2F20842576%2C21840057494%2FGGJ5DM%2FGGJ5DM-DDH.A%22%7D&ref=https%3A%2F%2Fwww.totalrl.com%2F&s=32dc3019-4944-410b-a820-fbac6ee3330f&pv=58de0fc2-cdff-4778-8e6b-5f4c5cce9bc8&vp=desktop&lib_name=prebid&lib_v=6.0.0&us=5&ius=0&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%228d888a21-7200-4950-964c-28a7af0912d4%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22pubcid%22%3A%223d62bc0f-ce77-4d12-a1aa-541b6a117a06%22%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%223d62bc0f-ce77-4d12-a1aa-541b6a117a06%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/8/d/888a21-7200-4950-964c-28a7af0912d4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
9674edcf0e628b3cd1ba61841d4a7bb2e3d36544c8fd28cee7738010e346bad0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.totalrl.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 14:33:36 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.totalrl.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
119
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/
10 KB
5 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/8/d/888a21-7200-4950-964c-28a7af0912d4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
d9e23a9a540db9949de27fb0e07192a0fb917126d089d6533db9b400d7e7cce7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.totalrl.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 02 Feb 2022 14:33:36 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
82.199.130.36; 82.199.130.36; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
bb6489f0-9635-4ccb-bc01-321392706812
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.totalrl.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ads.yieldmo.com/exchange/
0
225 B
XHR
General
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=6.0.0&p=%5B%7B%22placement_id%22%3A%22mmt-5a79f60f-04aa-4553-ac4c-3df77e3437cd%22%2C%22callback_id%22%3A%2268b44c57f39b76%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222706632985460809842%22%7D%5D&page_url=https%3A%2F%2Fwww.totalrl.com%2F&bust=1643812415845&pr=&scrd=1&dnt=false&description=&title=TotalRL.com%20%7C%20Rugby%20League%20Express%20%7C%20Rugby%20League%20World&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pubcid=3d62bc0f-ce77-4d12-a1aa-541b6a117a06&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%228d888a21-7200-4950-964c-28a7af0912d4%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%223d62bc0f-ce77-4d12-a1aa-541b6a117a06%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/8/d/888a21-7200-4950-964c-28a7af0912d4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.30.72 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-30-72.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.totalrl.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.totalrl.com
pragma
no-cache
date
Wed, 02 Feb 2022 14:33:36 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
v1
dmx.districtm.io/b/
0
35 B
XHR
General
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/8/d/888a21-7200-4950-964c-28a7af0912d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.totalrl.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 02 Feb 2022 14:33:35 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://www.totalrl.com
access-control-allow-credentials
true
cf-ray
6d7422afd8dd72a6-LHR
access-control-allow-headers
Content-Type, Origin
fastlane.json
fastlane.rubiconproject.com/a/api/
240 B
1 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23852&site_id=389792&zone_id=2276222&size_id=2&rp_schain=1.0,1!monumetric.com,8d888a21-7200-4950-964c-28a7af0912d4,1,,,&eid_pubcid.org=3d62bc0f-ce77-4d12-a1aa-541b6a117a06%5E1&rf=https%3A%2F%2Fwww.totalrl.com%2F&tk_flint=pbjs_lite_v6.0.0&x_source.tid=58d702da-8921-479e-af2c-823ca622e84c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4736649943398725
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/8/d/888a21-7200-4950-964c-28a7af0912d4.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
050a5e26de3c73200dd744c8da1fcbe56cb5251e39db924dfab959f246739cdd

Request headers

Referer
https://www.totalrl.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 14:33:36 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.totalrl.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
prebid.media.net/rtb/
1 KB
856 B
XHR
General
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/8/d/888a21-7200-4950-964c-28a7af0912d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
01d97466334b225c2342ecf317d69bc5d939999d191cbf8e0e1126f7d6865938

Request headers

Referer
https://www.totalrl.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 14:33:36 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.totalrl.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
/
hb.emxdgt.com/
0
159 B
XHR
General
Full URL
https://hb.emxdgt.com/?t=1100&ts=1643812415852&src=pbjs
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/8/d/888a21-7200-4950-964c-28a7af0912d4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.230.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-230-57.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.totalrl.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.totalrl.com
date
Wed, 02 Feb 2022 14:33:36 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
bid
ap.lijit.com/rtb/
94 B
745 B
XHR
General
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.0.0
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/8/d/888a21-7200-4950-964c-28a7af0912d4.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
4a489035ccd7750345914ef32cfca55b18dcdfe469f61fe87b37dde76ac0cbc5

Request headers

Referer
https://www.totalrl.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 02 Feb 2022 14:33:35 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.totalrl.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
98
translator
hbopenbid.pubmatic.com/
0
116 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/8/d/888a21-7200-4950-964c-28a7af0912d4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.237.133.116 Philadelphia, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.totalrl.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.totalrl.com
date
Wed, 02 Feb 2022 14:33:36 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
btlr.sharethrough.com/universal/
0
113 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/8/d/888a21-7200-4950-964c-28a7af0912d4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.41.182 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-41-182.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.totalrl.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.totalrl.com
date
Wed, 02 Feb 2022 14:33:36 GMT
access-control-allow-credentials
true
vary
Origin
prebid_display
display.bfmio.com/
138 B
578 B
XHR
General
Full URL
https://display.bfmio.com/prebid_display
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/8/d/888a21-7200-4950-964c-28a7af0912d4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.209.6.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-6-173.compute-1.amazonaws.com
Software
/
Resource Hash
8ad395fdfb5aac4360150a7ed80f98ade4af89fd20b021bd72304daf0c61913c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.totalrl.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Origin, Accept-Encoding, User-Agent
Content-Type
text/plain;charset=iso-8859-1
Access-Control-Allow-Origin
https://www.totalrl.com
Access-Control-Expose-Headers
location
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
147
v2
e.serverbid.com/api/
711 B
985 B
XHR
General
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/8/d/888a21-7200-4950-964c-28a7af0912d4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.209.129.254 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
83f0139d17ec56eea8e5834ed925a00110689b5b0cc7fec2fb13999222801a97

Request headers

Referer
https://www.totalrl.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.totalrl.com
date
Wed, 02 Feb 2022 14:33:35 GMT
access-control-allow-credentials
true
content-length
711
vary
Origin
content-type
application/json
imp
g2.gumgum.com/hbid/
2 KB
1 KB
XHR
General
Full URL
https://g2.gumgum.com/hbid/imp?pubcid=3d62bc0f-ce77-4d12-a1aa-541b6a117a06&maxw=728&maxh=90&si=210070&pi=3&bf=728x90&schain=1.0%2C1!monumetric.com%2C8d888a21-7200-4950-964c-28a7af0912d4%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.totalrl.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.0.0%22%7D&ogu=https%3A%2F%2Fwww.totalrl.com%2F&ns=10035&gpid=
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/8/d/888a21-7200-4950-964c-28a7af0912d4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.114.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-114-170.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c791e58ebf175ac1baaec6d910bcaabcda984f6b0f8fa0a266ab3618452fb885

Request headers

Referer
https://www.totalrl.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 14:33:35 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.totalrl.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
cygnus
htlb.casalemedia.com/
37 B
331 B
XHR
General
Full URL
https://htlb.casalemedia.com/cygnus?s=201336&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22279f68e8d627dcc%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.totalrl.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.0.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222848326355dea07%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22201336%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%228d888a21-7200-4950-964c-28a7af0912d4%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2206101a18-9575-4b84-81e1-349f513d71ac%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222022-02-02T14%3A33%3A35%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%7D
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/8/d/888a21-7200-4950-964c-28a7af0912d4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f4b4589b103abc2c0fe755e676cf1570cba3572199e289a3ce6bb9cb5922534a

Request headers

Referer
https://www.totalrl.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 14:33:36 GMT
x-ak-initial-geo
CC:[GB], RC:[EN], CN:[EU], CIP:[82.199.130.36], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.totalrl.com
x-cs-client-geo
27
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
27
expires
Wed, 02 Feb 2022 14:33:36 GMT
bidRequest
c2shb.pubgw.yahoo.com/
66 B
296 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/8/d/888a21-7200-4950-964c-28a7af0912d4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
996b03b26f92419006b6d5da48902ed4a4a08bb7df1c52942a939f72b89087e0

Request headers

Referer
https://www.totalrl.com/
x-openrtb-version
2.5
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 02 Feb 2022 14:33:36 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.totalrl.com
access-control-allow-credentials
true
content-length
66
c
prebid.a-mo.net/a/
0
205 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/8/d/888a21-7200-4950-964c-28a7af0912d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.totalrl.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.totalrl.com
date
Wed, 02 Feb 2022 14:33:36 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
68
vary
origin, Accept-Encoding
bid
c.amazon-adsystem.com/e/dtb/
23 B
492 B
XHR
General
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.totalrl.com%2F&pid=BRGBxS4YvWszw&cb=0&ws=1600x1200&v=7.72.0&t=1100&slots=%5B%7B%22sd%22%3A%22mmt-5a79f60f-04aa-4553-ac4c-3df77e3437cd%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F20842576%2C21840057494%2FGGJ5DM%2FGGJ5DM-DDH.A%22%7D%5D&schain=1.0%2C1!monumetric.com%2C8d888a21-7200-4950-964c-28a7af0912d4%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-173.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 14:33:35 GMT
via
1.1 7e513424eee237ee26467e8fd5656ec0.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-C1
x-amz-rid
HNM5ZTPD7Q1KJ9PXHT59
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.totalrl.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
9hYPJMlHN3cg34Y0MAOqv5pciff1AvzIzNxioy-4w0WtLtkzODA8EQ==
cygnus
htlb.casalemedia.com/
37 B
331 B
XHR
General
Full URL
https://htlb.casalemedia.com/cygnus?s=242369&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2234217f9f93f269f%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.totalrl.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.0.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2235d3a827a6f35f1%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A160%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22242369%22%2C%22sid%22%3A%22160x600%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22201337%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22242368%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%228d888a21-7200-4950-964c-28a7af0912d4%22%2C%22hp%22%3A1%2C%22rid%22%3A%228d7bd346-7efb-4326-b67e-571ccd824e1a%22%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2206101a18-9575-4b84-81e1-349f513d71ac%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222022-02-02T14%3A33%3A35%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%7D
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/8/d/888a21-7200-4950-964c-28a7af0912d4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
41279971398be468b2ff4a75328372c5e31cdb4b46dc5f7dc9637a279b6d73ea

Request headers

Referer
https://www.totalrl.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 14:33:36 GMT
x-ak-initial-geo
CC:[GB], RC:[EN], CN:[EU], CIP:[82.199.130.36], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.totalrl.com
x-cs-client-geo
27
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
27
expires
Wed, 02 Feb 2022 14:33:36 GMT
prebid
ib.adnxs.com/ut/v3/
14 KB
8 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/8/d/888a21-7200-4950-964c-28a7af0912d4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
3d35d5bb684e82531b15e8ee66f81f23e3b00ed653a2a3fbe39d0268621732ee
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.totalrl.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 02 Feb 2022 14:33:36 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
82.199.130.36; 82.199.130.36; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
6e7f6fe6-6cdc-4c88-a0d0-f439b44814ec
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.totalrl.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bidRequest
c2shb.pubgw.yahoo.com/
66 B
96 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/8/d/888a21-7200-4950-964c-28a7af0912d4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
05b937a293d74b75235d9c29829929d2e50c2f4fdf44b8691123feb81a0a76ff

Request headers

Referer
https://www.totalrl.com/
x-openrtb-version
2.5
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 02 Feb 2022 14:33:36 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.totalrl.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/
66 B
96 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/8/d/888a21-7200-4950-964c-28a7af0912d4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
1422f7f98e5d8add6f887b0b3d9e54fe7c4c0583a5570ae270a079b50ec11eb4

Request headers

Referer
https://www.totalrl.com/
x-openrtb-version
2.5
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 02 Feb 2022 14:33:36 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.totalrl.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/
66 B
96 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/8/d/888a21-7200-4950-964c-28a7af0912d4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
8f9cd9f9903fd0845eeb5e4757d74810cd184a10a63dbe796f39dea634334f1c

Request headers

Referer
https://www.totalrl.com/
x-openrtb-version
2.5
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 02 Feb 2022 14:33:36 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.totalrl.com
access-control-allow-credentials
true
content-length
66
v1
dmx.districtm.io/b/
0
284 B
XHR
General
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/8/d/888a21-7200-4950-964c-28a7af0912d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.totalrl.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 02 Feb 2022 14:33:35 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://www.totalrl.com
access-control-allow-credentials
true
cf-ray
6d7422afd8e072a6-LHR
access-control-allow-headers
Content-Type, Origin
bid
ap.lijit.com/rtb/
94 B
746 B
XHR
General
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.0.0
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/8/d/888a21-7200-4950-964c-28a7af0912d4.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
77185d2c75ce2cf2afc5886bbb6eacd05e42d84ea54438eed43450d499f78e02

Request headers

Referer
https://www.totalrl.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 02 Feb 2022 14:33:36 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.totalrl.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
prebid
ads.yieldmo.com/exchange/
0
224 B
XHR
General
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=6.0.0&p=%5B%7B%22placement_id%22%3A%22mmt-4d74b449-dda4-444b-9c3e-288fc8c603dd%22%2C%22callback_id%22%3A%225133df354c1dc2c%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B160%2C600%5D%2C%5B300%2C600%5D%5D%2C%22ym_placement_id%22%3A%222706632985460809842%22%7D%5D&page_url=https%3A%2F%2Fwww.totalrl.com%2F&bust=1643812415880&pr=&scrd=1&dnt=false&description=&title=TotalRL.com%20%7C%20Rugby%20League%20Express%20%7C%20Rugby%20League%20World&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pubcid=3d62bc0f-ce77-4d12-a1aa-541b6a117a06&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%228d888a21-7200-4950-964c-28a7af0912d4%22%2C%22hp%22%3A1%2C%22rid%22%3A%2276ed1f9f-a8b9-4101-aeee-f21d7de49140%22%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%223d62bc0f-ce77-4d12-a1aa-541b6a117a06%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/8/d/888a21-7200-4950-964c-28a7af0912d4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.30.72 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-30-72.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.totalrl.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.totalrl.com
pragma
no-cache
date
Wed, 02 Feb 2022 14:33:36 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
v2
e.serverbid.com/api/
711 B
985 B
XHR
General
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/8/d/888a21-7200-4950-964c-28a7af0912d4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.209.129.254 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
83f0139d17ec56eea8e5834ed925a00110689b5b0cc7fec2fb13999222801a97

Request headers

Referer
https://www.totalrl.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.totalrl.com
date
Wed, 02 Feb 2022 14:33:36 GMT
access-control-allow-credentials
true
content-length
711
vary
Origin
content-type
application/json
fastlane.json
fastlane.rubiconproject.com/a/api/
263 B
1 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23852&site_id=389792&zone_id=2276222&size_id=15&alt_size_ids=9%2C10&rp_schain=1.0,1!monumetric.com,8d888a21-7200-4950-964c-28a7af0912d4,1,76ed1f9f-a8b9-4101-aeee-f21d7de49140,,&eid_pubcid.org=3d62bc0f-ce77-4d12-a1aa-541b6a117a06%5E1&rf=https%3A%2F%2Fwww.totalrl.com%2F&tk_flint=pbjs_lite_v6.0.0&x_source.tid=32f6f371-784e-45ca-a6c6-2db24148bd95&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.23008025994920023
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/8/d/888a21-7200-4950-964c-28a7af0912d4.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
6a40709aedf2d236dab6c9738c855693654ef014a6e3a1e7f5bc8eec594f48df

Request headers

Referer
https://www.totalrl.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 14:33:36 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.totalrl.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
263
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
prebid.media.net/rtb/
1 KB
687 B
XHR
General
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/8/d/888a21-7200-4950-964c-28a7af0912d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
ad15af820c7cba3e2f41662837854c46385e59062069ed88429ee7e9a8d0c5c6

Request headers

Referer
https://www.totalrl.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 14:33:36 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.totalrl.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
imp
g2.gumgum.com/hbid/
2 KB
1 KB
XHR
General
Full URL
https://g2.gumgum.com/hbid/imp?pubcid=3d62bc0f-ce77-4d12-a1aa-541b6a117a06&maxw=300&maxh=600&si=210063&pi=3&bf=300x250%2C160x600%2C300x600&schain=1.0%2C1!monumetric.com%2C8d888a21-7200-4950-964c-28a7af0912d4%2C1%2C76ed1f9f-a8b9-4101-aeee-f21d7de49140%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.totalrl.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.0.0%22%7D&ogu=https%3A%2F%2Fwww.totalrl.com%2F&ns=10035&gpid=
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/8/d/888a21-7200-4950-964c-28a7af0912d4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.114.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-114-170.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
7be2c9bc6b9a05e71e1f8289428698cb3b9ccee7b01f0a32fe899aaa67e7c911

Request headers

Referer
https://www.totalrl.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 14:33:36 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.totalrl.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/
2 KB
1 KB
XHR
General
Full URL
https://g2.gumgum.com/hbid/imp?pubcid=3d62bc0f-ce77-4d12-a1aa-541b6a117a06&maxw=300&maxh=600&si=210065&pi=3&bf=300x250%2C160x600%2C300x600&schain=1.0%2C1!monumetric.com%2C8d888a21-7200-4950-964c-28a7af0912d4%2C1%2C76ed1f9f-a8b9-4101-aeee-f21d7de49140%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.totalrl.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.0.0%22%7D&ogu=https%3A%2F%2Fwww.totalrl.com%2F&ns=10035&gpid=
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/8/d/888a21-7200-4950-964c-28a7af0912d4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.114.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-114-170.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1e64111322063fbdbb59cce165f62cd71f550c35ddb3bb9810d7045e642a8903

Request headers

Referer
https://www.totalrl.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 14:33:36 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.totalrl.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/
2 KB
1 KB
XHR
General
Full URL
https://g2.gumgum.com/hbid/imp?pubcid=3d62bc0f-ce77-4d12-a1aa-541b6a117a06&maxw=300&maxh=600&si=210066&pi=3&bf=300x250%2C160x600%2C300x600&schain=1.0%2C1!monumetric.com%2C8d888a21-7200-4950-964c-28a7af0912d4%2C1%2C76ed1f9f-a8b9-4101-aeee-f21d7de49140%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.totalrl.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.0.0%22%7D&ogu=https%3A%2F%2Fwww.totalrl.com%2F&ns=10035&gpid=
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/8/d/888a21-7200-4950-964c-28a7af0912d4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.114.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-114-170.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5eedd64decfe4315f0866bcdf489510d0c41744f8c1145f42763c119133fd625

Request headers

Referer
https://www.totalrl.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 14:33:36 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.totalrl.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
trinity.json
apex.go.sonobi.com/
136 B
856 B
XHR
General
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2266021522e255162%22%3A%22177369c437c672237248%7C300x250%2C160x600%2C300x600%7Cgpid%3D%2F20842576%2C21840057494%2FGGJ5DM%2FGGJ5DM-DDS.B%22%2C%2267423615ed52995%22%3A%22dcc4cd9596e80d497120%7C300x250%2C160x600%2C300x600%7Cgpid%3D%2F20842576%2C21840057494%2FGGJ5DM%2FGGJ5DM-DDS.B%22%2C%22688510d18a678d%22%3A%22d23fc2fbe929165f22f9%7C300x250%2C160x600%2C300x600%7Cgpid%3D%2F20842576%2C21840057494%2FGGJ5DM%2FGGJ5DM-DDS.B%22%7D&ref=https%3A%2F%2Fwww.totalrl.com%2F&s=ee100262-e848-499c-b45f-2c5d4b58a1e8&pv=58de0fc2-cdff-4778-8e6b-5f4c5cce9bc8&vp=desktop&lib_name=prebid&lib_v=6.0.0&us=5&ius=0&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%228d888a21-7200-4950-964c-28a7af0912d4%22%2C%22hp%22%3A1%2C%22rid%22%3A%2276ed1f9f-a8b9-4101-aeee-f21d7de49140%22%7D%5D%7D&userid=%7B%22pubcid%22%3A%223d62bc0f-ce77-4d12-a1aa-541b6a117a06%22%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%223d62bc0f-ce77-4d12-a1aa-541b6a117a06%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/8/d/888a21-7200-4950-964c-28a7af0912d4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
44056a1e3bb806588d99206d952887b543acc53694d9739563317b07e141f97e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.totalrl.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 14:33:36 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.totalrl.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
132
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
v1
btlr.sharethrough.com/universal/
0
114 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/8/d/888a21-7200-4950-964c-28a7af0912d4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.41.182 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-41-182.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.totalrl.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.totalrl.com
date
Wed, 02 Feb 2022 14:33:36 GMT
access-control-allow-credentials
true
vary
Origin
translator
hbopenbid.pubmatic.com/
0
60 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/8/d/888a21-7200-4950-964c-28a7af0912d4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.237.133.116 Philadelphia, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.totalrl.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.totalrl.com
date
Wed, 02 Feb 2022 14:33:36 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
/
hb.emxdgt.com/
0
158 B
XHR
General
Full URL
https://hb.emxdgt.com/?t=1100&ts=1643812415887&src=pbjs
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/8/d/888a21-7200-4950-964c-28a7af0912d4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.230.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-230-57.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.totalrl.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.totalrl.com
date
Wed, 02 Feb 2022 14:33:36 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
c
prebid.a-mo.net/a/
0
348 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/8/d/888a21-7200-4950-964c-28a7af0912d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.totalrl.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.totalrl.com
date
Wed, 02 Feb 2022 14:33:36 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
60
vary
origin, Accept-Encoding
prebid_display
display.bfmio.com/
138 B
578 B
XHR
General
Full URL
https://display.bfmio.com/prebid_display
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/8/d/888a21-7200-4950-964c-28a7af0912d4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.209.6.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-6-173.compute-1.amazonaws.com
Software
/
Resource Hash
51442a5c648cc49796a01dac8824df5557ea1909154f93ef9fca95c55f0bb9b2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.totalrl.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Origin, Accept-Encoding, User-Agent
Content-Type
text/plain;charset=iso-8859-1
Access-Control-Allow-Origin
https://www.totalrl.com
Access-Control-Expose-Headers
location
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
147
bid
c.amazon-adsystem.com/e/dtb/
23 B
491 B
XHR
General
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.totalrl.com%2F&pid=BRGBxS4YvWszw&cb=1&ws=1600x1200&v=7.72.0&t=1100&slots=%5B%7B%22sd%22%3A%22mmt-4d74b449-dda4-444b-9c3e-288fc8c603dd%22%2C%22s%22%3A%5B%22300x250%22%2C%22160x600%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F20842576%2C21840057494%2FGGJ5DM%2FGGJ5DM-DDS.B%22%7D%5D&schain=1.0%2C1!monumetric.com%2C8d888a21-7200-4950-964c-28a7af0912d4%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-173.fra56.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 14:33:35 GMT
via
1.1 7e513424eee237ee26467e8fd5656ec0.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-C1
x-amz-rid
649E8EQDVXS8WZMQ8S40
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.totalrl.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
57MkwUOrTcWSCf3Fo_01Sjp2-Q9xRlmhfM729u0owC1gey_Z2Z2yUQ==
mmt.gif
imps.monu.delivery/
37 B
99 B
Image
General
Full URL
https://imps.monu.delivery/mmt.gif?s=99f25e07-edd3-4de6-6af8-0d417416536e&a=s.d&u=5a79f60f-04aa-4553-ac4c-3df77e3437cd
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 14:05:29 GMT
age
1686
x-guploader-uploadid
ADPycdt5cv3dzMI1wk_S6gWHm9mBB7xR8SJB5JKc4_biV0rMvscc6vBSs9NrGA2MgjwtZENw9C8-JklVp8B1BNDvLfB7WrxxSA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
cache-control
public, max-age=3600
x-goog-stored-content-length
37
accept-ranges
bytes
content-type
image/gif
expires
Wed, 02 Feb 2022 15:05:29 GMT
mmt.gif
imps.monu.delivery/
37 B
99 B
Image
General
Full URL
https://imps.monu.delivery/mmt.gif?s=99f25e07-edd3-4de6-6af8-0d417416536e&a=s.d&u=4d74b449-dda4-444b-9c3e-288fc8c603dd
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 14:05:29 GMT
age
1686
x-guploader-uploadid
ADPycdt5cv3dzMI1wk_S6gWHm9mBB7xR8SJB5JKc4_biV0rMvscc6vBSs9NrGA2MgjwtZENw9C8-JklVp8B1BNDvLfB7WrxxSA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
cache-control
public, max-age=3600
x-goog-stored-content-length
37
accept-ranges
bytes
content-type
image/gif
expires
Wed, 02 Feb 2022 15:05:29 GMT
6
m.stripe.com/ Frame 83B2
156 B
523 B
XHR
General
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.41.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.209.192.116 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-209-192-116.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
52f983ff863ed9c3b719cbf7db8eb07e28643d50578e06c68e37c92c5f16b263
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 02 Feb 2022 14:33:36 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
application/json;charset=utf-8
access-control-allow-origin
https://m.stripe.network
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 0350
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 03:05:30 GMT
x-content-type-options
nosniff
age
41285
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Wed, 09 Feb 2022 03:05:30 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0350
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfm3oIUAAAAAKkd1Pvuo7oga7904JqI2XssiyRU&co=aHR0cHM6Ly93d3cudG90YWxybC5jb206NDQz&hl=en&v=dPctOHA2ifhWm5WzFM_B5TjT&size=invisible&cb=mke76natqopm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 11:18:05 GMT
x-content-type-options
nosniff
age
98131
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 01 Feb 2023 11:18:05 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0350
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfm3oIUAAAAAKkd1Pvuo7oga7904JqI2XssiyRU&co=aHR0cHM6Ly93d3cudG90YWxybC5jb206NDQz&hl=en&v=dPctOHA2ifhWm5WzFM_B5TjT&size=invisible&cb=mke76natqopm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 18:59:48 GMT
x-content-type-options
nosniff
age
70428
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 01 Feb 2023 18:59:48 GMT
library.min.js
cdnb.4strokemedia.com/carousel/v4/
44 KB
44 KB
Script
General
Full URL
https://cdnb.4strokemedia.com/carousel/v4/library.min.js
Requested by
Host: cdnb.4strokemedia.com
URL: https://cdnb.4strokemedia.com/carousel/v4/carousel.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:b800:2:dc6c:1340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8300689d57b8b76acaf84fdbf3dffebc500b799b8e125852e02e08994a991bf1

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-meta-cb-modifiedtime
Thu, 10 Sep 2020 13:04:29 GMT
date
Sun, 30 Jan 2022 18:39:28 GMT
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
last-modified
Fri, 16 Oct 2020 18:54:18 GMT
server
AmazonS3
age
244449
etag
"09b2c443524bc308fd19195ad053382f"
x-cache
Hit from cloudfront
x-amz-version-id
OYSLCdFY_Q6C1I6iPGBSKLSBoEVG0VUq
cache-control
max-age=259200
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
application/x-javascript
content-length
44864
x-amz-cf-id
dmzaF1c1GwP2wL9M5JqtCbk3s7HaMa-3-yzX_qsyo2VOQBwyFsO_VQ==
webworker.js
www.google.com/recaptcha/api2/ Frame 0350
102 B
134 B
Other
General
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=dPctOHA2ifhWm5WzFM_B5TjT
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfm3oIUAAAAAKkd1Pvuo7oga7904JqI2XssiyRU&co=aHR0cHM6Ly93d3cudG90YWxybC5jb206NDQz&hl=en&v=dPctOHA2ifhWm5WzFM_B5TjT&size=invisible&cb=mke76natqopm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5d186172059c67e5f0f612c73126b60c8f009625df963609e52eacc13bff1716
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfm3oIUAAAAAKkd1Pvuo7oga7904JqI2XssiyRU&co=aHR0cHM6Ly93d3cudG90YWxybC5jb206NDQz&hl=en&v=dPctOHA2ifhWm5WzFM_B5TjT&size=invisible&cb=mke76natqopm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 14:33:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Wed, 02 Feb 2022 14:33:36 GMT
popup.js
downloads.mailchimp.com/js/signup-forms/popup/unique-methods/dad5257e8784c6cb4633ebbf068517135d2e0d05/
101 KB
31 KB
Script
General
Full URL
https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/dad5257e8784c6cb4633ebbf068517135d2e0d05/popup.js
Requested by
Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-56.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4e464107ba4301877e7131c0108649f811828efa1327da626809628228931058

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 14:32:48 GMT
Content-Encoding
gzip
Last-Modified
Tue, 04 Jan 2022 17:01:32 GMT
Server
AmazonS3
Age
53
ETag
W/"2f66b75795f5c98d51858a088397023a"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 8d4901eb4989773bb579fc1597e54ea8.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
DUS51-P1
X-Amz-Cf-Id
OLUE74Ec-nVmdC4ykdKUeOljPBpdNC43HbiBkTyvex5JxcMoVLADrQ==
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220131/r20110914/ Frame 0DAF
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220131/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4705059117442027&output=html&h=280&slotname=2668966041&adk=1628465507&adf=10553288&pi=t.ma~as.2668966041&w=655&fwrn=4&fwrnh=100&lmt=1643812415&rafmt=1&psa=0&format=655x280&url=https%3A%2F%2Fwww.totalrl.com%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643812414935&bpp=11&bdt=953&idt=339&shv=r20220131&mjsv=m202201250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2633743878419&frm=20&pv=1&ga_vid=595393601.1643812415&ga_sid=1643812415&ga_hid=1187097879&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=186&ady=2165&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C31064677&oid=2&pvsid=3287223837664&pem=958&tmod=1551199038&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=4BWeu2OjFf&p=https%3A//www.totalrl.com&dtd=344
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9d9c224b9a0613f2b32232c1692facdba66da6722645c311854999087539186d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 14:30:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
163
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7717
x-xss-protection
0
server
cafe
etag
3424151191822960849
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Feb 2022 14:30:53 GMT
css
fonts.googleapis.com/ Frame 0DAF
8 KB
714 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4705059117442027&output=html&h=280&slotname=2668966041&adk=1628465507&adf=10553288&pi=t.ma~as.2668966041&w=655&fwrn=4&fwrnh=100&lmt=1643812415&rafmt=1&psa=0&format=655x280&url=https%3A%2F%2Fwww.totalrl.com%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643812414935&bpp=11&bdt=953&idt=339&shv=r20220131&mjsv=m202201250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2633743878419&frm=20&pv=1&ga_vid=595393601.1643812415&ga_sid=1643812415&ga_hid=1187097879&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=186&ady=2165&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C31064677&oid=2&pvsid=3287223837664&pem=958&tmod=1551199038&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=4BWeu2OjFf&p=https%3A//www.totalrl.com&dtd=344
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 02 Feb 2022 14:17:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 02 Feb 2022 14:33:36 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 02 Feb 2022 14:33:36 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/ Frame 0DAF
14 KB
3 KB
Stylesheet
General
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4705059117442027&output=html&h=280&slotname=2668966041&adk=1628465507&adf=10553288&pi=t.ma~as.2668966041&w=655&fwrn=4&fwrnh=100&lmt=1643812415&rafmt=1&psa=0&format=655x280&url=https%3A%2F%2Fwww.totalrl.com%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643812414935&bpp=11&bdt=953&idt=339&shv=r20220131&mjsv=m202201250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2633743878419&frm=20&pv=1&ga_vid=595393601.1643812415&ga_sid=1643812415&ga_hid=1187097879&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=186&ady=2165&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C31064677&oid=2&pvsid=3287223837664&pem=958&tmod=1551199038&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=4BWeu2OjFf&p=https%3A//www.totalrl.com&dtd=344
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 29 Jan 2022 18:05:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
332875
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2798
x-xss-protection
0
last-modified
Wed, 03 Nov 2021 10:36:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 Jan 2023 18:05:41 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/ Frame 0DAF
355 KB
123 KB
Script
General
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4705059117442027&output=html&h=280&slotname=2668966041&adk=1628465507&adf=10553288&pi=t.ma~as.2668966041&w=655&fwrn=4&fwrnh=100&lmt=1643812415&rafmt=1&psa=0&format=655x280&url=https%3A%2F%2Fwww.totalrl.com%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643812414935&bpp=11&bdt=953&idt=339&shv=r20220131&mjsv=m202201250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2633743878419&frm=20&pv=1&ga_vid=595393601.1643812415&ga_sid=1643812415&ga_hid=1187097879&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=186&ady=2165&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C31064677&oid=2&pvsid=3287223837664&pem=958&tmod=1551199038&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=4BWeu2OjFf&p=https%3A//www.totalrl.com&dtd=344
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
425d7478422a02b8592686dd947b18cae0ca66ab39dc437067219356fb7a0a61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 29 Jan 2022 18:05:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
332875
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125995
x-xss-protection
0
last-modified
Wed, 03 Nov 2021 10:36:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 Jan 2023 18:05:41 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/ Frame 0DAF
14 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4705059117442027&output=html&h=280&slotname=2668966041&adk=1628465507&adf=10553288&pi=t.ma~as.2668966041&w=655&fwrn=4&fwrnh=100&lmt=1643812415&rafmt=1&psa=0&format=655x280&url=https%3A%2F%2Fwww.totalrl.com%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643812414935&bpp=11&bdt=953&idt=339&shv=r20220131&mjsv=m202201250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2633743878419&frm=20&pv=1&ga_vid=595393601.1643812415&ga_sid=1643812415&ga_hid=1187097879&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=186&ady=2165&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C31064677&oid=2&pvsid=3287223837664&pem=958&tmod=1551199038&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=4BWeu2OjFf&p=https%3A//www.totalrl.com&dtd=344
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fde98a3e06f299a73b0a3eb6c095649b9c3f9c342596091936a4675fd6980a1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 14:32:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
48
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6195
x-xss-protection
0
server
cafe
etag
17106829078744545694
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Feb 2022 14:32:48 GMT
mmt.gif
imps.monu.delivery/
37 B
103 B
Image
General
Full URL
https://imps.monu.delivery/mmt.gif?s=99f25e07-edd3-4de6-6af8-0d417416536e&a=b.r&u=4d74b449-dda4-444b-9c3e-288fc8c603dd&d=%7B%22utm%22%3A%7B%7D%7D
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 14:05:29 GMT
age
1687
x-guploader-uploadid
ADPycdt5cv3dzMI1wk_S6gWHm9mBB7xR8SJB5JKc4_biV0rMvscc6vBSs9NrGA2MgjwtZENw9C8-JklVp8B1BNDvLfB7WrxxSA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
cache-control
public, max-age=3600
x-goog-stored-content-length
37
accept-ranges
bytes
content-type
image/gif
expires
Wed, 02 Feb 2022 15:05:29 GMT
mmt.gif
imps.monu.delivery/
37 B
99 B
Image
General
Full URL
https://imps.monu.delivery/mmt.gif?s=99f25e07-edd3-4de6-6af8-0d417416536e&a=b.r&u=5a79f60f-04aa-4553-ac4c-3df77e3437cd&d=%7B%22utm%22%3A%7B%7D%7D
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 14:05:29 GMT
age
1687
x-guploader-uploadid
ADPycdt5cv3dzMI1wk_S6gWHm9mBB7xR8SJB5JKc4_biV0rMvscc6vBSs9NrGA2MgjwtZENw9C8-JklVp8B1BNDvLfB7WrxxSA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
cache-control
public, max-age=3600
x-goog-stored-content-length
37
accept-ranges
bytes
content-type
image/gif
expires
Wed, 02 Feb 2022 15:05:29 GMT
rugby_league.json
feed.4strokemedia.com/uk/
34 KB
6 KB
XHR
General
Full URL
https://feed.4strokemedia.com/uk/rugby_league.json
Requested by
Host: cdnb.4strokemedia.com
URL: https://cdnb.4strokemedia.com/carousel/v4/carousel.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:600:17:d591:65c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
25dae738788b47297f6388eb8194ee177eb760891b4883e55c9092d2721605bb

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
vary
Origin
last-modified
Wed, 02 Feb 2022 12:45:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
etag
W/"e4677039a6c764830176262438b8507d"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
date
Wed, 02 Feb 2022 14:33:37 GMT
x-cache
RefreshHit from cloudfront
x-amz-cf-id
bFT6jx2oROKIlg35ynOiUbXO2odvhy8FZzPigst0PSXxrxOnshlyIA==
via
1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
16368.json
feed.4strokemedia.com/events/ Frame EA80
2 B
420 B
XHR
General
Full URL
https://feed.4strokemedia.com/events/16368.json?ac=158344
Requested by
Host: cdnb.4strokemedia.com
URL: https://cdnb.4strokemedia.com/carousel/v4/carousel.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:600:17:d591:65c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 14:33:37 GMT
via
1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
vary
Origin
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
content-length
2
last-modified
Mon, 02 Aug 2021 14:53:07 GMT
server
AmazonS3
etag
"d751713988987e9331980363e24189ce"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
null
access-control-allow-origin
*
accept-ranges
bytes
content-type
application/json
x-amz-cf-id
NEoQToUe-UwUIxxalmMAEgI1_KrlQsmKsGjoU6DZtUfKR76lJiYFaQ==
reload
www.google.com/recaptcha/api2/ Frame 0350
30 KB
17 KB
XHR
General
Full URL
https://www.google.com/recaptcha/api2/reload?k=6Lfm3oIUAAAAAKkd1Pvuo7oga7904JqI2XssiyRU
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
62b5d97a832e22409282da8a94594b8efb69724db13f7ade304727337785f0dc
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfm3oIUAAAAAKkd1Pvuo7oga7904JqI2XssiyRU&co=aHR0cHM6Ly93d3cudG90YWxybC5jb206NDQz&hl=en&v=dPctOHA2ifhWm5WzFM_B5TjT&size=invisible&cb=mke76natqopm
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Wed, 02 Feb 2022 14:33:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16969
x-xss-protection
1; mode=block
expires
Wed, 02 Feb 2022 14:33:36 GMT
common.css
downloads.mailchimp.com/css/signup-forms/popup/dad5257e8784c6cb4633ebbf068517135d2e0d05/ Frame B45D
9 KB
3 KB
Stylesheet
General
Full URL
https://downloads.mailchimp.com/css/signup-forms/popup/dad5257e8784c6cb4633ebbf068517135d2e0d05/common.css
Requested by
Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/dad5257e8784c6cb4633ebbf068517135d2e0d05/popup.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-56.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4c69c701fd3700fca10f8e6180c9f60f9af13c943ee7f1513f4b7709d8b75d72

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 14:32:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 04 Jan 2022 17:01:32 GMT
Server
AmazonS3
Age
50
ETag
W/"82e72d627b04e1654282023cca1d1e69"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/css
Via
1.1 8d4901eb4989773bb579fc1597e54ea8.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
DUS51-P1
X-Amz-Cf-Id
MGX-m72SIufE9c5qwOrfD2TZ07Hn-NedumyPb5fHG_XqlmQhPKqq_A==
banner.css
downloads.mailchimp.com/css/signup-forms/popup/dad5257e8784c6cb4633ebbf068517135d2e0d05/ Frame B45D
1005 B
937 B
Stylesheet
General
Full URL
https://downloads.mailchimp.com/css/signup-forms/popup/dad5257e8784c6cb4633ebbf068517135d2e0d05/banner.css
Requested by
Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/dad5257e8784c6cb4633ebbf068517135d2e0d05/popup.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-56.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bece213397fe5f546674ee29dd3f69ec2f2cc0e480e67f09dcc4c25c0d12a3d7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 14:33:36 GMT
Content-Encoding
gzip
Last-Modified
Tue, 04 Jan 2022 17:01:33 GMT
Server
AmazonS3
Age
3
ETag
W/"78d1bdd981816cfbeb6954a85f9efa58"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/css
Via
1.1 8d4901eb4989773bb579fc1597e54ea8.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
DUS51-P1
X-Amz-Cf-Id
fl8GSsmhtUmwkUwjisBh2wdcptrHqwkgEi58_bD4LQMt-J5whVdvew==
common.css
downloads.mailchimp.com/css/signup-forms/popup/dad5257e8784c6cb4633ebbf068517135d2e0d05/ Frame EB99
9 KB
3 KB
Stylesheet
General
Full URL
https://downloads.mailchimp.com/css/signup-forms/popup/dad5257e8784c6cb4633ebbf068517135d2e0d05/common.css
Requested by
Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/dad5257e8784c6cb4633ebbf068517135d2e0d05/popup.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-56.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4c69c701fd3700fca10f8e6180c9f60f9af13c943ee7f1513f4b7709d8b75d72

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 14:32:46 GMT
Content-Encoding
gzip
Last-Modified
Tue, 04 Jan 2022 17:01:32 GMT
Server
AmazonS3
Age
50
ETag
W/"82e72d627b04e1654282023cca1d1e69"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/css
Via
1.1 5b9a6276a0cfe21df57da85d975de2dc.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
DUS51-P1
X-Amz-Cf-Id
xaUNme4d4WTuVlZNmIFcrRDpbMyoOn_pN4Xsb7K1xSKn9V78YtjtTA==
layout-1.css
downloads.mailchimp.com/css/signup-forms/popup/dad5257e8784c6cb4633ebbf068517135d2e0d05/ Frame EB99
804 B
1 KB
Stylesheet
General
Full URL
https://downloads.mailchimp.com/css/signup-forms/popup/dad5257e8784c6cb4633ebbf068517135d2e0d05/layout-1.css
Requested by
Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/dad5257e8784c6cb4633ebbf068517135d2e0d05/popup.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-56.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
60defd0229880a6f78696fcf8e687f94e43fc8bb5ff66028e23e546d0345d2f1

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 14:32:52 GMT
Via
1.1 8d4901eb4989773bb579fc1597e54ea8.cloudfront.net (CloudFront)
Last-Modified
Tue, 04 Jan 2022 17:01:32 GMT
Server
AmazonS3
Age
45
ETag
"33e182d2957d66f0239c291b39120c17"
X-Cache
Hit from cloudfront
Content-Type
text/css
Connection
keep-alive
X-Amz-Cf-Pop
DUS51-P1
Accept-Ranges
bytes
Content-Length
804
X-Amz-Cf-Id
e-hX0m8NA6PKslu12GSv7VVDeSNWb7GUehEioi73-jNAMTb1CK9omA==
modal.css
downloads.mailchimp.com/css/signup-forms/popup/dad5257e8784c6cb4633ebbf068517135d2e0d05/
3 KB
1 KB
Stylesheet
General
Full URL
https://downloads.mailchimp.com/css/signup-forms/popup/dad5257e8784c6cb4633ebbf068517135d2e0d05/modal.css
Requested by
Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/dad5257e8784c6cb4633ebbf068517135d2e0d05/popup.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-56.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b99dd13d1c454a056a1e66c4b88f716fd2fbf200c51c14143df0fd9af5f60dbc

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 14:33:10 GMT
Content-Encoding
gzip
Last-Modified
Tue, 04 Jan 2022 17:01:32 GMT
Server
AmazonS3
Age
27
ETag
W/"aa6f4416185bd7f299dd89e11dac117f"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/css
Via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
DUS51-P1
X-Amz-Cf-Id
2mrJmVhgk50x9Fax_ek0ETs0lYCdUYbiLl0snperx5LjVuLC6ygl1Q==
mailchimp-gdpr.svg
cdn-images.mailchimp.com/icons/ Frame EB99
1 KB
1 KB
Image
General
Full URL
https://cdn-images.mailchimp.com/icons/mailchimp-gdpr.svg
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.64.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-64-91.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
33c02a8215e3a0d77a0346beb053c756387bdad894b1055340ce6627a6428f3c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 04:14:40 GMT
Content-Encoding
gzip
Age
37148
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Wed, 25 Apr 2018 21:26:45 GMT
Server
AmazonS3
ETag
W/"59a8ccc2056b4656cdc1e99c50b9d0db"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Via
1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
x-amz-meta-s3fox-filesize
1530
x-amz-meta-s3fox-modifiedtime
1524676315000
X-Amz-Cf-Pop
FRA56-C1
X-Amz-Cf-Id
bMzF7FXWHxaBKfi3kdLLtOnXISPwsEyrfEq8PUeu3HjHJebWf6Iy5w==
csi
csi.gstatic.com/ Frame 0DAF
0
327 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~kz5ngy28&c=6168721154837&slotId=3084360577418.5&qqid=COnN4rie4fUCFcoJ4Aodl7gP4A&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2800:3f0:4001:803::2003 São Paulo, Brazil, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 14:33:37 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 0DAF
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 20:07:55 GMT
x-content-type-options
nosniff
age
66341
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 01 Feb 2023 20:07:55 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 0DAF
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 18:59:49 GMT
x-content-type-options
nosniff
age
70427
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 01 Feb 2023 18:59:49 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0DAF
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=C9hkdP5b6YamyF8qTgAeX8b6ADur3ybJnj_3usrsP_9GivcABEAEg1fDWBWC7BqAB0M3goijIAQWpAvGEI2-P-rI-qAMByAObBKoE9gFP0Dj7OlPPIxbm5B7H9o8CM9ToJ_Ct86czS1O0JF36XkNdQQOsXXKdGMx4PIIqCIuw9OyOOhckXnXS9XGuJ40THMz-tox2hYUl7JDZCHtpSjbwhAQKnwCTJ38NZu3NhygJFnI00tF-S5sCL0m0Fn4O4xbDfxBKfcxpUT-6Adfn0J8OEpH3VLoZNL_dTacaFiIKIJCmwEmSKqGESDqS8oZrbvd757eX8iAxMsT6vqNoW7kwAINy_ARJwCofnVTCSD5-7r5UMPj_FyRfFjLhYfrVQ5_nEU1KvFD5OwmoiA288RKpso4WYmABN8hwWqaSpYGd9iE_bVvABJD-gP7rA-AEA5AGAaAGToAH0IWxggOoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB-ACgGYCwHICwGADAGwE6i0jA7IE864_94D0BMA2BMKiBQC2BQB0BUBgBcB&eventType=clickstring&clientTime=1643812416375&ai=C9hkdP5b6YamyF8qTgAeX8b6ADur3ybJnj_3usrsP_9GivcABEAEg1fDWBWC7BqAB0M3goijIAQWpAvGEI2-P-rI-qAMByAObBKoE9gFP0Dj7OlPPIxbm5B7H9o8CM9ToJ_Ct86czS1O0JF36XkNdQQOsXXKdGMx4PIIqCIuw9OyOOhckXnXS9XGuJ40THMz-tox2hYUl7JDZCHtpSjbwhAQKnwCTJ38NZu3NhygJFnI00tF-S5sCL0m0Fn4O4xbDfxBKfcxpUT-6Adfn0J8OEpH3VLoZNL_dTacaFiIKIJCmwEmSKqGESDqS8oZrbvd757eX8iAxMsT6vqNoW7kwAINy_ARJwCofnVTCSD5-7r5UMPj_FyRfFjLhYfrVQ5_nEU1KvFD5OwmoiA288RKpso4WYmABN8hwWqaSpYGd9iE_bVvABJD-gP7rA-AEA5AGAaAGToAH0IWxggOoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB-ACgGYCwHICwGADAGwE6i0jA7IE864_94D0BMA2BMKiBQC2BQB0BUBgBcB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4705059117442027&output=html&h=280&slotname=2668966041&adk=1628465507&adf=10553288&pi=t.ma~as.2668966041&w=655&fwrn=4&fwrnh=100&lmt=1643812415&rafmt=1&psa=0&format=655x280&url=https%3A%2F%2Fwww.totalrl.com%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643812414935&bpp=11&bdt=953&idt=339&shv=r20220131&mjsv=m202201250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2633743878419&frm=20&pv=1&ga_vid=595393601.1643812415&ga_sid=1643812415&ga_hid=1187097879&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=186&ady=2165&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C31064677&oid=2&pvsid=3287223837664&pem=958&tmod=1551199038&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=4BWeu2OjFf&p=https%3A//www.totalrl.com&dtd=344
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 14:33:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 0DAF
29 KB
16 KB
XHR
General
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CRUS-4jYpsyPTZOFoAE1q1emK8H0Gflv6GJcrLi52RhlIhsa87T8Dgk2Jv5xbNFUHqepNyHwQ_umbEFhwRhX5sgK8LWw&dbm_d=AKAmf-Bi8iLpykvqEVE1ATJGZdYFg_cXJcl0RTaRDtmvOdkZcuyele5iibnacYTFsnQ1Py_IW7bvwsTEnmfXf1Dy4pLtwGcuZJJY_4TqvXZ2rjOiH2EhycahCGE1YJZZrg6o19XU0nJM7Cn5dhRbyfZbk-VLM4EsCa6P_fBk2K3X2rPA9NiyHqwl9nPZQmF8pYA4tcJof-y2ApU65NnD970uFh68m7yF5vbBmaQGZNfLQgSuEf8-GquWexk5MajOmHeQ5Xuoan2e1QvQvaJMpEllJvP1-sGf6l03i4I5_7LkkbmfTFiuJLimHYkdN-ys3uRslFjYKAhNi0BGD9_hSafsmBtKz10G1SSPodlo8helGE6uURGifTH_WeYfA6RXE-IYcv0oL66Fr2OhhR3SgLz7gfsFDnAYHLswOmq_bHWepJNVdnvgZfzfaQq0jPofN9l7K-gK5v1MPseSOXTFlmR1Uugdi9Mm6Tjd2OmPzSvJsujnRX2dLvybFdvOpUI-5VkVBB-9I2ngLI0u_mqrkx07VeEz4C-hzqPPvVdH94KrM0Rik2lgfxreFbZnur9XaahNj-GxpbPnGtk7f2Z8ZJOgOnye5Zom6z4mrISE8_vfhuVBb7RddAsbn2RjjaCsXuQvzfx2jAeUE9o_kBuWHzPPLiTjXMAERgy9PAgw9Q_iwQoW0PpBn8C4UwuhEBc6O8sJqsQHmruLW5BhlK5u3SdZLeOhuLwmDFJoPdZL0ttmOToWaQsNLSpyaKsGXQWnNTG88PYQngvZEmdaA33-WXXhjoOMJEkQKmyoGTNy1LGNI4EBLLag6QNM3uHgzbdMF1v2f2-T7XbLsTl87k28qVSXuObUkNtVHlmqoyRHB2IEkjhTh_sy_eL9TGqn_rKyn0_3Xv-ehFVepvayPdyj1XYu3vssnagoiRBhULg7rxqwzJ9VcAJ728W8OGQ9EzczvmrWJVdhAgEYITFy-x2KG5VaX9vCzAw90mRPc9Mox7bBKXuBAh6_e-JX5SBQZFbPDltI31F3lkmvdVF0TFTACPluiO3MeH0b_GGg5_kkzc5BBbK_2SNXNXfdHfSR7sq-e_x6Aq8o2JmYQImKmZp3rtref-IRkE5P6yvdOaIfethicBaxPE70hSyBj8KUy7ppRCpjBnvTDsl46PtrKOpMRDuqkRORWDE0pu_9pst6f3a8Wbt8sobvPJHfQiq6w_T7IclAxrrUGUkwUOz6a0FkESTDuf0A4FZmhQSUucQuZ_e3E5NV8-HMsRfHnnKJKTgMG_L17FLFrpPPAaem9lqM8yIj6thWvLM0u7B0e8n3EgC9xOo3GGfF7Ky-97Zj13sUDUabTVXtXdljGYUE3a46J1u9Cb27S4zC47lY5G_aogDIgvEmOFHhrhfCe1wm2yaXLTkeKf7SGUB2p_7Ve9MyyRz-LqAMTX-2QD7p7IlxAX_6hOjhBzoJTB9qDuQoJ3aS4-0fKBKsQN2skp2Z7SKycy3nhd-Pv9eZuuqsi0lzGIzwTkahwpOwsklzQFS-zCC-JM6mxRRwQ-ExiJQSTcp_vnFOz1BDZLoImChiX7TWQJIrP3UDDj_tV11osHWDQPDT01ZqcBqzP_cE1j4b-7FjiwsXDX9odiaH63US5p721j58g1DDIvWfCGCNFooIdLEYGfi13XeUYGVtoudGmmecSXqWrqKU-QzichmJHYSjKOyOs_8_JECkOIWIFa5wjeTYbxbjge_i_UnLuZ8z73xaFAREfPwuP21V7SSB2DlYJtdhrSthdvoDWlOcY6GK4eHdSeZQoiW7w6JFXuE2f-200Jias9A8NtND8fhJIVcj1g_NmiKBYEBYrKR-fCa5EHCZ_f-9zbm5pmeNg2BAYyV4ty5hiILpya6QgVNRIT1L8DlAOKzJIdeCE8R5paBzPXy2kejE1Dqtf1nIgkFQ3L-doGxKug2rFV9NHbYxlf5F4SxJdpTlSisLqZMHaD30SK2sGQc57b4_69AOD0d-6ne6juKrHo4crS2BQ0YTeYJCtTj5RivOt2yl2iRRoNL1Os_5nfsZ3UHSH5CaDgTBILwgm79OrNqYgez62aHhQPYeuwdZ7tv050nSth1Wbi2jJRXx7--dcTE0I7BwD5exklx0-8aGTSY4NVgipo-9VEQkMSMSkh2g9d5Es0OcMjv8j6FaaDihnUmosOMKcVFKdlB2egOT-rsO1ra0R33ZNKtMqDuUtO8LvhtXINy1GWTTY2gyio2LO_Be1wGQnaH5aurfCcLq6tvi9Gl0g9p68DLDXYCu6QEEGi70GRnLm50c3blZuvlMvNtsr-lX71NKsy7bTHnYtaLwcxr9D4jU0VT_IF87Orztn0M9SaFlFs-S9tXul5Xubj0sGfA0rKQWlIWpjcgRbW2B1bKjrokH6wN8Vdm2tjOQtUQ4228qsFCBfBaO1svOlv5O-SGTXICieCosNaLc1fssNXyTE4LCQJHhsxyuLOKq4ob3KpIssG2jJ1jazNCGNAvcx89sWpBUA8hBxXkXONhi9CQdizh3nSX4tZUKOhSDoU0YejUHmiz1rYzqeCIQJ0yL79JveRwmP111fhbGapLg5Jizq17l7xbjmVG01GWnEgu9oypFVWzzitNMgQGW5QYzF46VBgLqwkF6BSIg4Ij89_vapCoAqZmIaOsnWmdbCix-QsQG7Oja9qvyvNnsxltAU69unuL9OHyMw6PTzcoeioOWl1STJYrqFTB7Z5q-2uiJWB5X2dqIsL2x7rXX2X8EH64Qr0Moryb1-pxlggRX2aVtTZgjRwcsCZNvaVKnthv1BzPRh29-Hwvo79_emiyVzfmU5ktrtOeKP5Yxg6YwdKnOSTcomoabjmKreRA6uU80i851Q2pHNiQbjTPTmPH-b6tw5gWnKWPD1cp4LfFyZx0wGu7Vv4ByTPjm2ZKRys2HW1AQ52lFbBMxZ7DWoOxC2xST&cid=CAASBORogKs&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.13.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
we-in-f155.1e100.net
Software
cafe /
Resource Hash
1d812d5ab22d2bd6302ad49b3937c7fe5d6ef1ef70c58ccc38369b2d2dd70817
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 14:33:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15167
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 0DAF
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CsLT3P5b6YamyF8qTgAeX8b6ADur3ybJnj_3usrsP_9GivcABEAEg1fDWBWC7BqAB0M3goijIAQWpAvGEI2-P-rI-qAMBqgTzAU_QOPs6U88jFubkHsf2jwIz1Ogn8K3zpzNLU7QkXfpeQ11BA6xdcp0YzHg8gioIi7D07I46FyReddL1ca4njRMczP62jHaFhSXskNkIe2lKNvCEBAqfAJMnfw1m7c2HKAkWcjTS0X5LmwIvSbQWfg7jFsN_EEp9zGlRP7oB1-fQnw4SkfdUuhk0v91NpxoWIgogkKbASZIqoYRIOpLyhmtu93vnt5fyIDEyxPq-o2hbuTAAg3L8BEnAch4HoVHaeOxdIvJZS1l77r4m-QBRe2g6HnJ_UkAfWtAjvTctdD1u37yclqKwmTH8C_RPiooUKCOfksAEkP6A_usD4AQDiAW17vGtOpIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGToAH0IWxggOoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHChDKmgYYgdf6vwHSCAkIgOGAEBABGB-ACgHICwGwE6i0jA7IE864_94D0BMA2BMKiBQC2BQB0BUBgBcBshccChoIABIUcHViLTQ3MDUwNTkxMTc0NDIwMjcYAA&sigh=qYKbTPhwe-I&uach_m=[UACH]&cid=CAQSGwCNIrLMnQCCyABxl6Q_Ht5o9fjl4HH5wuTdxg&vt=10
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4705059117442027&output=html&h=280&slotname=2668966041&adk=1628465507&adf=10553288&pi=t.ma~as.2668966041&w=655&fwrn=4&fwrnh=100&lmt=1643812415&rafmt=1&psa=0&format=655x280&url=https%3A%2F%2Fwww.totalrl.com%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643812414935&bpp=11&bdt=953&idt=339&shv=r20220131&mjsv=m202201250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2633743878419&frm=20&pv=1&ga_vid=595393601.1643812415&ga_sid=1643812415&ga_hid=1187097879&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=186&ady=2165&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C31064677&oid=2&pvsid=3287223837664&pem=958&tmod=1551199038&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=4BWeu2OjFf&p=https%3A//www.totalrl.com&dtd=344
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4705059117442027&output=html&h=280&slotname=2668966041&adk=1628465507&adf=10553288&pi=t.ma~as.2668966041&w=655&fwrn=4&fwrnh=100&lmt=1643812415&rafmt=1&psa=0&format=655x280&url=https%3A%2F%2Fwww.totalrl.com%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643812414935&bpp=11&bdt=953&idt=339&shv=r20220131&mjsv=m202201250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2633743878419&frm=20&pv=1&ga_vid=595393601.1643812415&ga_sid=1643812415&ga_hid=1187097879&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=186&ady=2165&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C31064677&oid=2&pvsid=3287223837664&pem=958&tmod=1551199038&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=4BWeu2OjFf&p=https%3A//www.totalrl.com&dtd=344
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 02 Feb 2022 14:33:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 02 Feb 2022 14:33:36 GMT
truncated
/ Frame 0DAF
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
62495c692e079e02b02fdcd0c7d841f93e0afb9796819becc8f25006b2a26fee

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/getconfig/
13 KB
10 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220131&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201250101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4705059117442027&plah=www.totalrl.com&bust=31064677
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e8d43f268042bacb6a37bf1a0213a35330020444c8983a796699b27a4fc707a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Feb 2022 14:33:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9886
x-xss-protection
0
adobe2.htm
cdnb.4strokemedia.com/ Frame CB85
164 B
587 B
Document
General
Full URL
https://cdnb.4strokemedia.com/adobe2.htm
Requested by
Host: cdnb.4strokemedia.com
URL: https://cdnb.4strokemedia.com/carousel/v4/carousel.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:b800:2:dc6c:1340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
55cdc8b7f3c5ebebefb2b7149eecd38cadb28e5534411e226c168d5abc0463fe

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/

Response headers

content-type
text/html
content-length
164
date
Sat, 29 Jan 2022 05:14:54 GMT
last-modified
Tue, 06 Apr 2021 06:32:25 GMT
etag
"012250d0e729b9e1711172c8f0bc9527"
cache-control
max-age=604800
x-amz-meta-cb-modifiedtime
Tue, 06 Apr 2021 06:30:31 GMT
x-amz-version-id
Y9ZQJGhk7EYEXdtOJ4NM1r4ChJaVdA95
accept-ranges
bytes
server
AmazonS3
x-cache
Hit from cloudfront
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
-JH2GTOUtiSgEi-csomIFhKULWq7fr1aJAzXs7Rb60p6B1yTDKZXyQ==
age
379123
9f7fe00c-8eb1-44b0-9e76-4fc6ff2b7943
api.condatis.sky/auth/video/manifest/brightcove-sport-gb/ Frame
0
0
Preflight
General
Full URL
https://api.condatis.sky/auth/video/manifest/brightcove-sport-gb/9f7fe00c-8eb1-44b0-9e76-4fc6ff2b7943?v=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.232.95 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-232-95.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,x-skygdp-platform,x-skygdp-proposition,x-skygdp-territory
Origin
https://www.totalrl.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

mime-version
1.0
content-length
0
access-control-allow-origin
*
vary
Origin
access-control-allow-methods
POST, OPTIONS, GET, HEAD
access-control-allow-headers
Authorization, X-SkyGDP-Territory, X-SkyGDP-Proposition, X-SkyGDP-Platform, Accept, Content-Type
access-control-max-age
86400
cache-control
max-age=0
expires
Wed, 02 Feb 2022 14:33:36 GMT
date
Wed, 02 Feb 2022 14:33:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
route.js
js.tncid.app/
1 KB
1 KB
Script
General
Full URL
https://js.tncid.app/route.js
Requested by
Host: cdnb.4strokemedia.com
URL: https://cdnb.4strokemedia.com/carousel/v4/carousel.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.250.22 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
22.250.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
7f5f0cf63c303075558f8fd8b499567de412984b938c3e26886ef1d8a74e6677

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 13:37:15 GMT
content-encoding
gzip
age
3381
x-guploader-uploadid
ADPycdtvf5Z1Q0hnW5plR5z6oodfgzGRBOy9Q2R0UnM8MqHESSoRwDFfsFmmjErD6ATTgmY2RbXb3WtSzegXw5DYZdMh5GxXyA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
671
last-modified
Wed, 26 May 2021 10:25:29 GMT
server
UploadServer
etag
"9fb09a6fb42d0507b5669eb6c717c2de"
vary
Accept-Encoding
x-goog-hash
crc32c=ascs1g==, md5=n7Cab7QtBQe1Zp62xxfC3g==
x-goog-generation
1622024729763029
access-control-allow-origin
*
cache-control
public,max-age=3600
x-goog-stored-content-length
671
accept-ranges
bytes
content-type
application/javascript
9f7fe00c-8eb1-44b0-9e76-4fc6ff2b7943
api.condatis.sky/auth/video/manifest/brightcove-sport-gb/
701 B
746 B
XHR
General
Full URL
https://api.condatis.sky/auth/video/manifest/brightcove-sport-gb/9f7fe00c-8eb1-44b0-9e76-4fc6ff2b7943?v=1
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.232.95 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-232-95.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e23ad9ec3cb81502280a4d2fcc39b0d2a1186d49a97585568d94a1db3eaacc09
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Authorization
07d206394b694208b4cfefd514ae837e
Accept
*/*
Referer
https://www.totalrl.com/
X-SkyGDP-Territory
GB
X-SkyGDP-Proposition
fluid
X-SkyGDP-Platform
web

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
date
Wed, 02 Feb 2022 14:33:36 GMT
vary
Accept-Encoding, Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
content-length
582
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.totalrl.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 18:59:49 GMT
x-content-type-options
nosniff
age
70427
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 01 Feb 2023 18:59:49 GMT
image.jpg
cf-images.eu-west-1.prod.boltdns.net/v1/static/6057984924001/b0248a43-fb74-40da-8949-21fd14ad8f94/992cf276-f561-44ca-9e64-a7a0e6b449d8/1280x720/match/
127 KB
127 KB
Image
General
Full URL
https://cf-images.eu-west-1.prod.boltdns.net/v1/static/6057984924001/b0248a43-fb74-40da-8949-21fd14ad8f94/992cf276-f561-44ca-9e64-a7a0e6b449d8/1280x720/match/image.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-181.fra6.r.cloudfront.net
Software
/ BC
Resource Hash
47fbef673e3fd16d2e384649afc460941b3eaa1597be32607da3a794a088bbd8

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 10:45:27 GMT
Via
1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Fri, 01 Jan 2016 00:00:00 GMT
Age
13689
X-Powered-From
gantry
X-Powered-By
BC
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
X-Amz-Cf-Pop
FRA6-C1
X-Amz-Cf-Id
BQQ6FVkOm6CuU0ezYsypI8j93fbFDdLCcJhdHU-3PvtB3W8AwdrlJg==
Expires
Thu, 02 Feb 2023 10:45:27 GMT
image.jpg
cf-images.eu-west-1.prod.boltdns.net/v1/static/6057984924001/15ab3f6c-3cf4-4b7f-b68e-15cbe7824801/852b2575-ed7b-4881-b7e1-957fdaf8ce9e/1280x720/match/
85 KB
86 KB
Image
General
Full URL
https://cf-images.eu-west-1.prod.boltdns.net/v1/static/6057984924001/15ab3f6c-3cf4-4b7f-b68e-15cbe7824801/852b2575-ed7b-4881-b7e1-957fdaf8ce9e/1280x720/match/image.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-181.fra6.r.cloudfront.net
Software
/ BC
Resource Hash
13668d79bf9f6614b49314dc9e688a6b33ab26faf6fcb394660018d97b66cd22

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 10:15:36 GMT
Via
1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Fri, 01 Jan 2016 00:00:00 GMT
Age
15480
X-Powered-From
gantry
X-Powered-By
BC
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
X-Amz-Cf-Pop
FRA6-C1
X-Amz-Cf-Id
MlSNkKG9sElhl21dohHJDeBPx8IMrGeUqNK1u487Yq0I5PIc0prHxA==
Expires
Thu, 02 Feb 2023 10:15:36 GMT
integrator.js
adservice.google.co.uk/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=www.totalrl.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Feb 2022 14:33:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.totalrl.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Feb 2022 14:33:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
28 KB
12 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3287223837664&correlator=3508733317807580&output=ldjh&impl=fifs&eid=31064622%2C31064628%2C31064658%2C31064667%2C31064672&vrg=2022012701&ptt=17&sc=1&sfv=1-0-38&ecs=20220202&iu_parts=20842576%3A21840057494%2CGGJ5DM%2CGGJ5DM-DDH.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&prev_scp=pos%3D1%26monu%3D728x90_A1%26yieldmo_eb%3Dapproved%26openx_eb%3Dnot_approved%26medianet_eb%3Dapproved%26ix_eb%3Dapproved%26rhythmone_eb%3Dnot_approved%26sovrn_eb%3Dapproved%26pubmatic_eb%3Dapproved%26sharethrough_eb%3Dapproved%26tynt_pillar%3Dfalse%26amznbid%3D2%26amznp%3D2%26auction_id%3Dedc334ea-ae6f-415a-a7f9-71e6e0e41cd4%26monu_df%3D0.00%26safeframe%3Dtrue%26hb_size%3D728x90%26hb_adid%3D83ca08ec69b36a4%26hb_bidder%3DappnexusAst%26hard_adx_floor%3D0.15%26big4%3Dfalse&eri=1&cust_params=referrer%3Ddirect&cookie=ID%3De8291dbb01f33a34-228ced4532cd0083%3AT%3D1643812415%3ART%3D1643812415%3AS%3DALNI_MZdGKzoAEaL-Q509c1BXQJGwmARng&bc=31&abxe=1&dt=1643812416587&lmt=1643812416&dlt=1643812413982&idt=1848&frm=20&biw=1600&bih=1200&oid=2&adxs=706&adys=111&adks=1263673500&ucis=1&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.totalrl.com%2F&vis=1&scr_x=0&scr_y=0&psz=748x110&msz=748x110&ga_vid=595393601.1643812415&ga_sid=1643812415&ga_hid=1187097879&ga_fc=true&fws=4&ohw=1250&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
af75ac04b971d7d163851cc11bee12191c2b58f59bc29a18334db29f55d13fba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 14:33:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12390
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.totalrl.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame ED81
6 KB
4 KB
Document
General
Full URL
https://c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Wed, 02 Feb 2022 14:33:36 GMT
expires
Thu, 02 Feb 2023 14:33:36 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ads
securepubads.g.doubleclick.net/gampad/
415 B
249 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3287223837664&correlator=1443627574665823&output=ldjh&impl=fifs&eid=31064622%2C31064628%2C31064658%2C31064667%2C31064672&vrg=2022012701&ptt=17&sc=1&sfv=1-0-38&ecs=20220202&iu_parts=20842576%3A21840057494%2CGGJ5DM%2CGGJ5DM-DDS.B&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C160x600%7C300x600&prev_scp=pos%3D2%26monu%3D300x250-160x600-300x600_A2%26yieldmo_eb%3Dapproved%26openx_eb%3Dnot_approved%26medianet_eb%3Dapproved%26ix_eb%3Dapproved%26rhythmone_eb%3Dnot_approved%26sovrn_eb%3Dapproved%26pubmatic_eb%3Dapproved%26sharethrough_eb%3Dapproved%26tynt_pillar%3Dfalse%26amznbid%3D2%26amznp%3D2%26auction_id%3Da92358f3-e3ae-4b58-8288-324a2a0167f5%26monu_df%3D0.09%26safeframe%3Dtrue%26hb_size%3D300x600%26hb_adid%3D8297b9c41c27da2%26hb_bidder%3DappnexusAst%26hard_adx_floor%3D0.15%26big4%3Dfalse&eri=1&cust_params=referrer%3Ddirect&cookie=ID%3De8291dbb01f33a34-228ced4532cd0083%3AT%3D1643812415%3ART%3D1643812415%3AS%3DALNI_MZdGKzoAEaL-Q509c1BXQJGwmARng&bc=31&abxe=1&dt=1643812416616&lmt=1643812416&dlt=1643812413982&idt=1848&frm=20&biw=1600&bih=1200&oid=2&adxs=1125&adys=2066&adks=1119568665&ucis=2&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.totalrl.com%2F&vis=1&scr_x=0&scr_y=0&psz=320x620&msz=320x620&ga_vid=595393601.1643812415&ga_sid=1643812415&ga_hid=1187097879&ga_fc=true&fws=4&ohw=320&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
055a8cb2584977312a704f1a717b7b50407df4301e8f4823645672f1897a3c5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 14:33:36 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
220
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.totalrl.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
image.jpg
cf-images.eu-west-1.prod.boltdns.net/v1/static/6057984924001/1a8a6ac3-5bb1-4925-819f-bde49ce1bbb5/ec28d836-29e8-44c8-bf7c-2de986b07cc6/1280x720/match/
49 KB
50 KB
Image
General
Full URL
https://cf-images.eu-west-1.prod.boltdns.net/v1/static/6057984924001/1a8a6ac3-5bb1-4925-819f-bde49ce1bbb5/ec28d836-29e8-44c8-bf7c-2de986b07cc6/1280x720/match/image.jpg
Requested by
Host: cdnb.4strokemedia.com
URL: https://cdnb.4strokemedia.com/carousel/v4/library.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-181.fra6.r.cloudfront.net
Software
/ BC
Resource Hash
b193cc79e9e873f16a4d5cd5283537232f80bcaad0b009a1db887a74ed0f3e54

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 21 Jan 2022 09:30:58 GMT
Via
1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Fri, 01 Jan 2016 00:00:00 GMT
Age
1054958
X-Powered-From
gantry
X-Powered-By
BC
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
X-Amz-Cf-Pop
FRA6-C1
Content-Length
50475
X-Amz-Cf-Id
vvffwAReviRIqsYeduY_cpsqbdHJqsb-KGbIhVZcDMgGX0kjlgoaRA==
Expires
Sat, 21 Jan 2023 09:30:58 GMT
image.jpg
cf-images.eu-west-1.prod.boltdns.net/v1/static/6057984924001/4fb5cdb1-c580-4cd3-8df1-2485acdba87e/5324328d-4f2e-481c-9f07-36cd37b65f83/1280x720/match/
51 KB
51 KB
Image
General
Full URL
https://cf-images.eu-west-1.prod.boltdns.net/v1/static/6057984924001/4fb5cdb1-c580-4cd3-8df1-2485acdba87e/5324328d-4f2e-481c-9f07-36cd37b65f83/1280x720/match/image.jpg
Requested by
Host: cdnb.4strokemedia.com
URL: https://cdnb.4strokemedia.com/carousel/v4/library.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-181.fra6.r.cloudfront.net
Software
/ BC
Resource Hash
6db6d954f7c47051109e6907a1dc482b0ba4d05208da0aa306ea6c6049d01fbc

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 08:49:40 GMT
Via
1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Fri, 01 Jan 2016 00:00:00 GMT
Age
1230236
X-Powered-From
gantry
X-Powered-By
BC
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
X-Amz-Cf-Pop
FRA6-C1
Content-Length
52051
X-Amz-Cf-Id
1KdXhQEHWj8XGDIMh-jqcf-touGG5H_m-GLkpmUTmron9AOk3dyFJg==
Expires
Thu, 19 Jan 2023 08:49:40 GMT
image.jpg
cf-images.eu-west-1.prod.boltdns.net/v1/static/6057984924001/97e30c18-c54d-4bf1-b8c0-9eb165539ed9/72b8963a-b5fd-4cec-900c-d56ab41cc4b4/1280x720/match/
77 KB
77 KB
Image
General
Full URL
https://cf-images.eu-west-1.prod.boltdns.net/v1/static/6057984924001/97e30c18-c54d-4bf1-b8c0-9eb165539ed9/72b8963a-b5fd-4cec-900c-d56ab41cc4b4/1280x720/match/image.jpg
Requested by
Host: cdnb.4strokemedia.com
URL: https://cdnb.4strokemedia.com/carousel/v4/library.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-181.fra6.r.cloudfront.net
Software
/ BC
Resource Hash
b34133b372ccddbbf34c56c984827a87d49aeb216031ab6ad14fb78c0a98627b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 12 Jan 2022 16:50:58 GMT
Via
1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Fri, 01 Jan 2016 00:00:00 GMT
Age
1806158
X-Powered-From
gantry
X-Powered-By
BC
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
X-Amz-Cf-Pop
FRA6-C1
X-Amz-Cf-Id
wqt0KMHrZ6ioidPRhZdZnQ8128s1Zv9JdVbSKbV1WPm0xATvroAy5w==
Expires
Thu, 12 Jan 2023 16:50:58 GMT
image.jpg
cf-images.eu-west-1.prod.boltdns.net/v1/static/6057984924001/7ad9be4d-854e-4b6c-8c27-03341aad7627/3347ee06-3139-4a27-b96d-4773d528870e/1280x720/match/
121 KB
122 KB
Image
General
Full URL
https://cf-images.eu-west-1.prod.boltdns.net/v1/static/6057984924001/7ad9be4d-854e-4b6c-8c27-03341aad7627/3347ee06-3139-4a27-b96d-4773d528870e/1280x720/match/image.jpg
Requested by
Host: cdnb.4strokemedia.com
URL: https://cdnb.4strokemedia.com/carousel/v4/library.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-181.fra6.r.cloudfront.net
Software
/ BC
Resource Hash
b4e67ffe378514e703d29eaa6c79f5feb6b5e0c084a83bdb25a74840a538afc9

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 23 Nov 2021 16:00:43 GMT
Via
1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Fri, 01 Jan 2016 00:00:00 GMT
Age
6129173
X-Powered-From
gantry
X-Powered-By
BC
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
X-Amz-Cf-Pop
FRA6-C1
X-Amz-Cf-Id
FwocwmFOnTVLp2bVqt_Z0TTrGC7yyR7y-Ulc00T-BG7qWGMNMbPCeQ==
Expires
Wed, 23 Nov 2022 16:00:43 GMT
image.jpg
cf-images.eu-west-1.prod.boltdns.net/v1/static/6057984924001/80c42ca7-a8fe-40bf-980f-75147bcf6fb4/7ed2c9b4-7c7b-478f-b3e6-004fdfa22d16/1280x720/match/
54 KB
54 KB
Image
General
Full URL
https://cf-images.eu-west-1.prod.boltdns.net/v1/static/6057984924001/80c42ca7-a8fe-40bf-980f-75147bcf6fb4/7ed2c9b4-7c7b-478f-b3e6-004fdfa22d16/1280x720/match/image.jpg
Requested by
Host: cdnb.4strokemedia.com
URL: https://cdnb.4strokemedia.com/carousel/v4/library.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-181.fra6.r.cloudfront.net
Software
/ BC
Resource Hash
4a504c3c24ec66f0c890c1636f51e2fe8898121a9579ec6f8ef43be3637b0279

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 24 Nov 2021 07:32:47 GMT
Via
1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Fri, 01 Jan 2016 00:00:00 GMT
Age
6073249
X-Powered-From
gantry
X-Powered-By
BC
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
X-Amz-Cf-Pop
FRA6-C1
Content-Length
54978
X-Amz-Cf-Id
QvTjn6PPeqFQJgRiTtPua4bNTLVP4QPYgEYvaQaQ7FDxzGtVktJEdA==
Expires
Thu, 24 Nov 2022 07:32:47 GMT
image.jpg
cf-images.eu-west-1.prod.boltdns.net/v1/static/6057984924001/a41975c0-5e64-43e2-a67e-2873b9158db3/25529876-1203-47c7-86be-8b415690c90a/1280x720/match/
66 KB
67 KB
Image
General
Full URL
https://cf-images.eu-west-1.prod.boltdns.net/v1/static/6057984924001/a41975c0-5e64-43e2-a67e-2873b9158db3/25529876-1203-47c7-86be-8b415690c90a/1280x720/match/image.jpg
Requested by
Host: cdnb.4strokemedia.com
URL: https://cdnb.4strokemedia.com/carousel/v4/library.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-181.fra6.r.cloudfront.net
Software
/ BC
Resource Hash
542da17e42805eb985c077f0d034703ba313b23d666b9a80863a56b2274f34aa

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 16 Nov 2021 19:37:45 GMT
Via
1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Fri, 01 Jan 2016 00:00:00 GMT
Age
6720950
X-Powered-From
gantry
X-Powered-By
BC
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
X-Amz-Cf-Pop
FRA6-C1
Content-Length
68082
X-Amz-Cf-Id
ip6l56Jk-ft1M_RI7I-r5uP9OskC-LFMwkTlG51R3U5YL03Nz5FIVw==
Expires
Wed, 16 Nov 2022 19:37:45 GMT
image.jpg
cf-images.eu-west-1.prod.boltdns.net/v1/static/6057984924001/333d0037-7f7c-47e7-af6d-aa234b26e7d5/b31a6ac8-b95d-464c-98fb-4a6b1da11443/1280x720/match/
46 KB
46 KB
Image
General
Full URL
https://cf-images.eu-west-1.prod.boltdns.net/v1/static/6057984924001/333d0037-7f7c-47e7-af6d-aa234b26e7d5/b31a6ac8-b95d-464c-98fb-4a6b1da11443/1280x720/match/image.jpg
Requested by
Host: cdnb.4strokemedia.com
URL: https://cdnb.4strokemedia.com/carousel/v4/library.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-181.fra6.r.cloudfront.net
Software
/ BC
Resource Hash
0219b6f237ec7186b860484267d55d4587087a7ea6a5b97fab426d703316e0ef

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 16 Nov 2021 19:37:46 GMT
Via
1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Fri, 01 Jan 2016 00:00:00 GMT
Age
6720950
X-Powered-From
gantry
X-Powered-By
BC
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
X-Amz-Cf-Pop
FRA6-C1
Content-Length
46834
X-Amz-Cf-Id
hEN7zHo1oDCCq5juXzrIsKbrsNsoPRqkfkLlunx8eyUiQcF7pRuh8w==
Expires
Wed, 16 Nov 2022 19:37:46 GMT
image.jpg
cf-images.eu-west-1.prod.boltdns.net/v1/static/6057984924001/7492ca3a-2357-4625-9f90-c84fee8eb818/f10411b3-d54e-4676-a2b9-3039dd4d9cc9/1280x720/match/
85 KB
86 KB
Image
General
Full URL
https://cf-images.eu-west-1.prod.boltdns.net/v1/static/6057984924001/7492ca3a-2357-4625-9f90-c84fee8eb818/f10411b3-d54e-4676-a2b9-3039dd4d9cc9/1280x720/match/image.jpg
Requested by
Host: cdnb.4strokemedia.com
URL: https://cdnb.4strokemedia.com/carousel/v4/library.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-181.fra6.r.cloudfront.net
Software
/ BC
Resource Hash
a1faba847198a727bc13e12d8d1d89f6e83b48322bb19bf53d1bb07823d52d57

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 16 Nov 2021 19:37:46 GMT
Via
1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Fri, 01 Jan 2016 00:00:00 GMT
Age
6720950
X-Powered-From
gantry
X-Powered-By
BC
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
X-Amz-Cf-Pop
FRA6-C1
X-Amz-Cf-Id
uG4EmG1e1K2E8DBVJAu-HrN126RB89g8-RHN33gHUznVFlFvV0WiUg==
Expires
Wed, 16 Nov 2022 19:37:46 GMT
image.jpg
cf-images.eu-west-1.prod.boltdns.net/v1/static/6057984924001/a823ab7c-b8e4-40d1-a95a-5c9372f1603f/c8a6db6e-46b8-4783-872c-bb4ecbfa361f/1280x720/match/
86 KB
87 KB
Image
General
Full URL
https://cf-images.eu-west-1.prod.boltdns.net/v1/static/6057984924001/a823ab7c-b8e4-40d1-a95a-5c9372f1603f/c8a6db6e-46b8-4783-872c-bb4ecbfa361f/1280x720/match/image.jpg
Requested by
Host: cdnb.4strokemedia.com
URL: https://cdnb.4strokemedia.com/carousel/v4/library.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-181.fra6.r.cloudfront.net
Software
/ BC
Resource Hash
8bf959d961f4a2f7bee689959d7e02a58c70dfbf9f8c51c50ae5b75f270e6469

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sat, 08 Jan 2022 08:50:34 GMT
Via
1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Fri, 01 Jan 2016 00:00:00 GMT
Age
2180582
X-Powered-From
gantry
X-Powered-By
BC
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
X-Amz-Cf-Pop
FRA6-C1
X-Amz-Cf-Id
2IpK4bV24IC2LONaDlu8H9OoF-cK1-FRQVdXHFF2Cy-8Z4rNaWSXPA==
Expires
Sun, 08 Jan 2023 08:50:34 GMT
image.jpg
cf-images.eu-west-1.prod.boltdns.net/v1/static/6057984924001/11ec56db-bbb5-4fcf-8997-0972d167ef53/cf991277-a032-4abc-bd17-5ae22fac7270/1280x720/match/
120 KB
120 KB
Image
General
Full URL
https://cf-images.eu-west-1.prod.boltdns.net/v1/static/6057984924001/11ec56db-bbb5-4fcf-8997-0972d167ef53/cf991277-a032-4abc-bd17-5ae22fac7270/1280x720/match/image.jpg
Requested by
Host: cdnb.4strokemedia.com
URL: https://cdnb.4strokemedia.com/carousel/v4/library.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-181.fra6.r.cloudfront.net
Software
/ BC
Resource Hash
9dfb5766eb50b6a0179c1f080b8630f1d17e919b5cfb7cbc37f7640b442343f6

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 27 Oct 2021 12:47:25 GMT
Via
1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Fri, 01 Jan 2016 00:00:00 GMT
Age
8473571
X-Powered-From
gantry
X-Powered-By
BC
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
X-Amz-Cf-Pop
FRA6-C1
X-Amz-Cf-Id
NZa8whyylF0icoBsQUP_gVouXbFxsbiO1UYGDz9SrmLwFVu70ppNVw==
Expires
Thu, 27 Oct 2022 12:47:25 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201250101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4705059117442027&plah=www.totalrl.com&bust=31064677
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 14:33:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 02 Feb 2022 14:33:36 GMT
bridge3.496.0_en.html
imasdk.googleapis.com/js/core/ Frame 24FC
601 KB
195 KB
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b67fad811e7e9b06f1bb367ae9204cbdd235b7de4d8b7131a4d4cb212ce6b298
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
199641
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 31 Jan 2022 11:36:18 GMT
expires
Tue, 31 Jan 2023 11:36:18 GMT
cache-control
public, max-age=31536000
last-modified
Fri, 28 Jan 2022 21:03:56 GMT
content-type
text/html
age
183438
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/
44 KB
17 KB
Script
General
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 14:33:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 02 Feb 2022 14:33:36 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 0DAF
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 13:03:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
91809
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Feb 2023 13:03:27 GMT
file.mp4
r2---sn-h0jeln7l.c.2mdn.net/videoplayback/id/02e0aeb5f1637a1f/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3786858446/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m... Frame 0DAF
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/02e0aeb5f1637a1f/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3786858446/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/sig...
  • https://r2---sn-h0jeln7l.c.2mdn.net/videoplayback/id/02e0aeb5f1637a1f/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3786858446/sparams/acao,ctier,expire,id,ip,ipbits,i...
0
0
Fetch
General
Full URL
https://r2---sn-h0jeln7l.c.2mdn.net/videoplayback/id/02e0aeb5f1637a1f/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3786858446/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/6A65921466D7EF8A3A5060A4CEE4F4087EA9EE40.4723F1C0CB853E409DB38527C3B6010D77B75D10/key/cms1/cms_redirect/yes/mh/EH/mip/2a01:4a0:2c::10/mm/42/mn/sn-h0jeln7l/ms/onc/mt/1643812161/mv/u/mvi/2/pl/48/file/file.mp4
Protocol
HTTP/1.1
Server
2a00:1450:4016:1::7 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 14:33:37 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
2156719
Last-Modified
Mon, 17 Jan 2022 09:07:20 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Wed, 02 Feb 2022 14:33:37 GMT

Redirect headers

date
Wed, 02 Feb 2022 14:33:36 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
647
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
location
https://r2---sn-h0jeln7l.c.2mdn.net/videoplayback/id/02e0aeb5f1637a1f/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3786858446/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/6A65921466D7EF8A3A5060A4CEE4F4087EA9EE40.4723F1C0CB853E409DB38527C3B6010D77B75D10/key/cms1/cms_redirect/yes/mh/EH/mip/2a01:4a0:2c::10/mm/42/mn/sn-h0jeln7l/ms/onc/mt/1643812161/mv/u/mvi/2/pl/48/file/file.mp4
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://googleads.g.doubleclick.net
expires
Fri, 01 Jan 1990 00:00:00 GMT
launch-0bbb5b9336c2.min.js
assets.adobedtm.com/27331c16692c/b700d860f0cb/ Frame CB85
133 KB
41 KB
Script
General
Full URL
https://assets.adobedtm.com/27331c16692c/b700d860f0cb/launch-0bbb5b9336c2.min.js
Requested by
Host: cdnb.4strokemedia.com
URL: https://cdnb.4strokemedia.com/adobe2.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
7a9cfa79825fae09ce91485b8e0350306038bd7b78afd48a054d1b6c1fa7bbff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://cdnb.4strokemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 14:33:36 GMT
content-encoding
gzip
last-modified
Tue, 22 Jun 2021 14:06:57 GMT
server
AkamaiNetStorage
etag
"81d4cabfb1ce19ea158698072de1cd13:1624370817.023536"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://cdnb.4strokemedia.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
41166
expires
Wed, 02 Feb 2022 15:33:36 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame D37B
37 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 14:08:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1521
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 02 Feb 2022 15:08:15 GMT
tnc.min.js
js.tncid.app/
73 KB
24 KB
Script
General
Full URL
https://js.tncid.app/tnc.min.js
Requested by
Host: js.tncid.app
URL: https://js.tncid.app/route.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.250.22 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
22.250.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
0b6e6e96c63e723030507c4f23696b166fbac858c64267e63f1130b55a50b62b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 14:30:38 GMT
content-encoding
gzip
age
178
x-guploader-uploadid
ADPycds5VrAs-Ca89_5LVDT0-tuWWXnuDnnHTN4c8kgPIHmAgIdVCmSLUCffhgpq97ft1pOfjxHad607X2Kt8TH88XkNKVxOhQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
24503
last-modified
Tue, 01 Feb 2022 10:46:04 GMT
server
UploadServer
etag
"265dcd1665d78af04a117492c4f0d893"
vary
Accept-Encoding
x-goog-hash
crc32c=UkfYyQ==, md5=Jl3NFmXXivBKEXSSxPDYkw==
x-goog-generation
1643712364462554
access-control-allow-origin
*
cache-control
public,max-age=3600
x-goog-stored-content-length
24503
accept-ranges
bytes
content-type
application/javascript
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame D39F
23 KB
9 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8727
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Tue, 01 Feb 2022 13:03:27 GMT
expires
Wed, 01 Feb 2023 13:03:27 GMT
cache-control
public, max-age=31536000
age
91809
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
tp_scripts.json
js.tncid.app/78b8a63f-adb5-4221-b3d7-fbf255fde0d0/
128 B
345 B
Fetch
General
Full URL
https://js.tncid.app/78b8a63f-adb5-4221-b3d7-fbf255fde0d0/tp_scripts.json
Requested by
Host: js.tncid.app
URL: https://js.tncid.app/tnc.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.250.22 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
22.250.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
ac24c37aa66aaae9ae2823f9e3600acc7e64a90500b941953ec7cf41d27b0b0a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 13:36:17 GMT
content-encoding
gzip
age
3439
x-guploader-uploadid
ADPycdsFNsge4lPw_E8vTNzYVZYAH6y2fwlVRDmeBfgWckp_q8RgdYgY1THedcfTaoN1D7QN_PUtGWMcDOrCtqf3uLEktE5w0A
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
89
last-modified
Wed, 14 Jul 2021 14:01:56 GMT
server
UploadServer
etag
"d1f1b02c898d4ea16dd9e7e8d633b221"
vary
Accept-Encoding
x-goog-hash
crc32c=DLFCkw==, md5=0fGwLImNTqFt2efo1jOyIQ==
x-goog-generation
1626271315986176
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=3600
x-goog-stored-content-length
89
accept-ranges
bytes
content-type
application/json
callback.js
js.tncid.app/78b8a63f-adb5-4221-b3d7-fbf255fde0d0/
1 KB
881 B
Fetch
General
Full URL
https://js.tncid.app/78b8a63f-adb5-4221-b3d7-fbf255fde0d0/callback.js
Requested by
Host: js.tncid.app
URL: https://js.tncid.app/tnc.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.250.22 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
22.250.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
ac138862a6a69be41b3982b059b15218f428f00dcedd7336662167abee0404cf

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 14:09:41 GMT
content-encoding
gzip
age
1435
x-guploader-uploadid
ADPycduWMnfOLFd2qkCkfhQ5utOp2AydgSRQZ3ijuTOViwliz_x5C5ZuENVo7gJwbBAVmwgkV5ioDZknVe6w0F0rnA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
612
last-modified
Tue, 25 Jan 2022 15:19:44 GMT
server
UploadServer
etag
"0f20b8d92d113d98fc99a9589bf4fb66"
vary
Accept-Encoding
x-goog-hash
crc32c=Kf8XRg==, md5=DyC42S0RPZj8malYm/T7Zg==
x-goog-generation
1643123983977424
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=3600
x-goog-stored-content-length
612
accept-ranges
bytes
content-type
application/javascript
options.json
js.tncid.app/78b8a63f-adb5-4221-b3d7-fbf255fde0d0/
29 B
598 B
Fetch
General
Full URL
https://js.tncid.app/78b8a63f-adb5-4221-b3d7-fbf255fde0d0/options.json
Requested by
Host: js.tncid.app
URL: https://js.tncid.app/tnc.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.250.22 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
22.250.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
396b2258a1c9d4d10ebf7adc61ed3994b7e91bd2ddac80c70cbe59faf57e62cd

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 14:17:14 GMT
content-encoding
gzip
age
982
x-guploader-uploadid
ADPycdvXvzgcaKQsFBTrvLSXPYASgOXn37FYYxxVlen2C7S_xhXWVyFHAYv13N4U_Or0sGkyL_NWJSn8zQwWYxZRONKLK1XBOA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
45
last-modified
Fri, 21 May 2021 15:46:32 GMT
server
UploadServer
etag
"10dfec541f1989d8e35bfbce94574e6f"
vary
Accept-Encoding
x-goog-hash
crc32c=xa1KDQ==, md5=EN/sVB8ZidjjW/vOlFdObw==
x-goog-generation
1621611992864208
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=3600
x-goog-stored-content-length
45
accept-ranges
bytes
content-type
application/json
cacheid.html
js.tncid.app/ Frame 7EE3
5 KB
6 KB
Document
General
Full URL
https://js.tncid.app/cacheid.html
Requested by
Host: js.tncid.app
URL: https://js.tncid.app/tnc.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.250.22 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
22.250.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
90010d290a9685edd670686392de1c4dcc585d2269650ab5cd95d3bfcd01274f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/

Response headers

x-guploader-uploadid
ADPycduN8uWfnu-D4uXa9f3idsS9rh5nq7G740luA-w69Y2X2XOvufvW_P6Cuz-DLN5quhVZzyDWuHoGqql2U6QLWN-MK_0cXQ
x-goog-generation
1642084896048279
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
5512
x-goog-hash
crc32c=2lbqmg== md5=fn2VT7+90egeMGbSxMAiTw==
x-goog-storage-class
STANDARD
accept-ranges
bytes
content-length
5512
access-control-allow-origin
*
server
UploadServer
date
Wed, 02 Feb 2022 13:51:48 GMT
age
2508
last-modified
Thu, 13 Jan 2022 14:41:36 GMT
etag
"7e7d954fbfbdd1e81e3066d2c4c0224f"
content-type
text/html
cache-control
public,max-age=3600
alt-svc
clear
master.m3u8
playback.brightcovecdn.com/playback/v1/accounts/6057984924001/videos/ref:9f7fe00c-8eb1-44b0-9e76-4fc6ff2b7943/ Frame EA80
7 KB
7 KB
XHR
General
Full URL
https://playback.brightcovecdn.com/playback/v1/accounts/6057984924001/videos/ref:9f7fe00c-8eb1-44b0-9e76-4fc6ff2b7943/master.m3u8?bcov_auth=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJhY2NpZCI6IjYwNTc5ODQ5MjQwMDEiLCJpYXQiOjE2NDM3ODEyMTYsImV4cCI6MTY0Mzg2NzYxNiwicGtpZCI6IjFmYjc4Yzg0LTE4YTYtNDRmOC05NjExLWM5MzNmMzM1Nzk0MCJ9.om07lc6x-nohISrERJ2WzYl9Ei1zDnwNQiVG8BU8-90Vr4rb90If4xdDRAepIII8QA4_s2HtXwg2epdG9MagZzHebiH2PLbKS3PJ1DYwa45TY5-VWrv9B9ZQFBDeJuX5DAWdV2laMJJoNvx72_ZWaITImt7Nfvhzjpf-7ODsoXGkAVk7cBg3w2TFm0ecLOBi08I2CUaUTBA4Ntnfbkvg6yRo0A45D64wYPFry7krtiFAqexYjymAiUBmJA9KGDWlbuRPO5xtZPrVP5lE7qmrQDFtBHSK4aLsZNhSmhtVxiS834ckEa6O9mkuwEIrW5UxjL0Xz4a2ckxIxEHVb_Zmmg&fileFormat=.m3u8
Requested by
Host: cdnb.4strokemedia.com
URL: https://cdnb.4strokemedia.com/carousel/v4/hls.min.js?v01416
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::539 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
19f5176ec241cffb3e67c18d3958ddba74a5d7e730b5bb56d62e636d756f205b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 14:33:37 GMT
via
1.1 varnish
bcov-request-id
06a64f24-23ab-4289-a369-69e38ba79e12
fastly-restarts
1
age
0
x-cache
MISS
powered-by
BC
content-length
6864
x-served-by
cache-icn1450059-ICN
bcov-instance
unknown
x-timer
S1643812418.636009,VS0,VE139
vary
X-Bolt-Device-Group, X-Bolt-Request-Continent, X-Bolt-Request-Country
access-control-allow-methods
HEAD,GET,OPTIONS
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
cache-control
max-age=0, no-cache, no-store
powered-from
ap-northeast-1a
bcov-debug-cache-stats
unknown
accept-ranges
bytes
access-control-allow-headers
content-type,accept,accept-language,content-language,bcov-policy,soapaction
x-amz-cf-id
unknown
x-cache-hits
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 488F
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 02 Feb 2022 14:18:33 GMT
expires
Thu, 02 Feb 2023 14:18:33 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
903
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 8DEF
783 B
535 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ee60625ba8a2fd9490a733f6b2098cddbbb0b7a97928735205e89130bd3e5b3f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-vDmlyFO8SSZPNk5aGbHALA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Wed, 02 Feb 2022 14:33:36 GMT
date
Wed, 02 Feb 2022 14:33:36 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-vDmlyFO8SSZPNk5aGbHALA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ads
pubads.g.doubleclick.net/gampad/ Frame 24FC
23 KB
5 KB
XHR
General
Full URL
https://pubads.g.doubleclick.net/gampad/ads?sz=640x480&ad_rule=0&iu=%2F20346936%2C21840057494%2Ffluid%2Fperformance%2Ftotalrl%2Ftotalrl.com%2Fcarousel_16368&cust_params=tS%3DRugby%20League%26tSS%3DOther%20sports%26pv%3Dv220124%26dom%3Dwww.totalrl.com&gdfp_req=1&env=vp&output=xml_vast4&unviewed_position_start=1&url=https%3A%2F%2Fwww.totalrl.com%2F&description_url=https%3A%2F%2Fwww.totalrl.com%2F&correlator=2974876612781615&cmsid=2539756&vid=9f7fe00c-8eb1-44b0-9e76-4fc6ff2b7943&sdkv=h.3.496.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=1151059073&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.496.0&sid=C3BC6B45-E6D6-4FEC-B907-3586D786F40D&nel=0&eid=44737475%2C44752052&top=https%3A%2F%2Fwww.totalrl.com%2F&loc=https%3A%2F%2Fwww.totalrl.com%2F&dt=1643812416969&cookie=ID%3De8291dbb01f33a34-228ced4532cd0083%3AT%3D1643812415%3ART%3D1643812415%3AS%3DALNI_MZdGKzoAEaL-Q509c1BXQJGwmARng&scor=4334701829540984&ged=ve4_td3_er1089.1115.1245.1415_vi0.0.1200.1600_vp71_eb23144
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
1f6bae641f15dc47614f681338bcdb83c4de10b413d593ff93e53ea89e8978e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 14:33:37 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4376
x-xss-protection
0
google-lineitem-id
5884753623
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138378465351
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
Ol8DAVooj0Rm15QbcMm2xe-FwsEsVu5ZVwbhFimW5pI.js
pagead2.googlesyndication.com/bg/ Frame D39F
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Ol8DAVooj0Rm15QbcMm2xe-FwsEsVu5ZVwbhFimW5pI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3a5f03015a288f4466d7941b70c9b6c5ef85c2c12c56ee595706e1162996e692
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 12:53:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
5986
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13749
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 02 Feb 2023 12:53:51 GMT
tp_scripts.json
js.tncid.app/78b8a63f-adb5-4221-b3d7-fbf255fde0d0/
128 B
158 B
Fetch
General
Full URL
https://js.tncid.app/78b8a63f-adb5-4221-b3d7-fbf255fde0d0/tp_scripts.json
Requested by
Host: js.tncid.app
URL: https://js.tncid.app/tnc.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.250.22 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
22.250.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
ac24c37aa66aaae9ae2823f9e3600acc7e64a90500b941953ec7cf41d27b0b0a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 13:36:17 GMT
content-encoding
gzip
age
3440
x-guploader-uploadid
ADPycdsFNsge4lPw_E8vTNzYVZYAH6y2fwlVRDmeBfgWckp_q8RgdYgY1THedcfTaoN1D7QN_PUtGWMcDOrCtqf3uLEktE5w0A
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
89
last-modified
Wed, 14 Jul 2021 14:01:56 GMT
server
UploadServer
etag
"d1f1b02c898d4ea16dd9e7e8d633b221"
vary
Accept-Encoding
x-goog-hash
crc32c=DLFCkw==, md5=0fGwLImNTqFt2efo1jOyIQ==
x-goog-generation
1626271315986176
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=3600
x-goog-stored-content-length
89
accept-ranges
bytes
content-type
application/json
01_adform.js
js.tncid.app/
2 KB
1 KB
Script
General
Full URL
https://js.tncid.app/01_adform.js
Requested by
Host: js.tncid.app
URL: https://js.tncid.app/tnc.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.250.22 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
22.250.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
ef5cb5659851cb365a92732c1140de8ec3c208ce097dcb641fef73c996959f32

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 14:32:50 GMT
content-encoding
gzip
age
47
x-guploader-uploadid
ADPycduKU3pXvCV9mmhqOw6GqIekpvm1ZasGGZEx9QzJfLqJ3tYcjEkIDqPrs1gVnvw6xy8laqBYxhFpTPfjVDh2qPpTzkekAw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
793
last-modified
Fri, 10 Sep 2021 13:10:41 GMT
server
UploadServer
etag
"f8e84ebff52e2e617657d7e8695b73c8"
vary
Accept-Encoding
x-goog-hash
crc32c=/eANaA==, md5=+OhOv/UuLmF2V9foaVtzyA==
x-goog-generation
1631279441780045
access-control-allow-origin
*
cache-control
public,max-age=3600
x-goog-stored-content-length
793
accept-ranges
bytes
content-type
application/javascript
05_liveramp.js
js.tncid.app/
2 KB
926 B
Script
General
Full URL
https://js.tncid.app/05_liveramp.js
Requested by
Host: js.tncid.app
URL: https://js.tncid.app/tnc.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.250.22 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
22.250.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
5e7c700786c63938365fc5981756851eca661a1a953d6f11177262a4a8dab691

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 14:10:53 GMT
content-encoding
gzip
age
1364
x-guploader-uploadid
ADPycdu1fFClvwj4l-barwGHXDI-3oFjQrILly6cdZLp7vul4DUNjDTArZbDDvnYGFHAjbRe2IDR2S8iTws2fN0G4ST0k9AAaA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
666
last-modified
Fri, 10 Sep 2021 13:10:41 GMT
server
UploadServer
etag
"79791963fc5a92426ece9ebb69bfe481"
vary
Accept-Encoding
x-goog-hash
crc32c=KwOabQ==, md5=eXkZY/xakkJuzp67ab/kgQ==
x-goog-generation
1631279441800378
access-control-allow-origin
*
cache-control
public,max-age=3600
x-goog-stored-content-length
666
accept-ranges
bytes
content-type
application/javascript
rd
dpm.demdex.net/id/ Frame CB85
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=1A124673527853290A490D45%40AdobeOrg&d_nsid=0&ts=1643812417105
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=1A124673527853290A490D45%40AdobeOrg&d_nsid=0&ts=1643812417105
364 B
1 KB
XHR
General
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=1A124673527853290A490D45%40AdobeOrg&d_nsid=0&ts=1643812417105
Requested by
Host: cdnb.4strokemedia.com
URL: https://cdnb.4strokemedia.com/adobe2.htm
Protocol
HTTP/1.1
Server
52.211.244.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-244-253.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
1b8df1f23a285394b8e49fd7fb675fff923f973ca54874248e1b6d8ebb7b4fe7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://cdnb.4strokemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v027-0b8f90721.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
7pitazb6S7Q=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://cdnb.4strokemedia.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
305
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v027-095f9da51.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Origin
https://cdnb.4strokemedia.com
X-TID
LH+yA1y+T24=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=1A124673527853290A490D45%40AdobeOrg&d_nsid=0&ts=1643812417105
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ Frame CB85
33 KB
12 KB
Script
General
Full URL
https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/27331c16692c/b700d860f0cb/launch-0bbb5b9336c2.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://cdnb.4strokemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 14:33:37 GMT
content-encoding
gzip
last-modified
Wed, 12 Aug 2020 22:09:52 GMT
server
AkamaiNetStorage
etag
"f259ee6445c19c2ce3c64a1b117a4f35:1597270192.577101"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://cdnb.4strokemedia.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
12184
expires
Wed, 02 Feb 2022 15:33:37 GMT
trackpoint-async.js
s2.adform.net/banners/scripts/st/ Frame CB85
Redirect Chain
  • https://track.adform.net/serving/scripts/trackpoint/async/
  • https://s2.adform.net/banners/scripts/st/trackpoint-async.js
81 KB
29 KB
Script
General
Full URL
https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by
Host: cdnb.4strokemedia.com
URL: https://cdnb.4strokemedia.com/adobe2.htm
Protocol
H2
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
ee94251fea8b03da5d0dc6f8489a529c1a2d2a031d874b0ec61866784e3c73c3

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://cdnb.4strokemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 14:33:37 GMT
content-encoding
gzip
last-modified
Wed, 26 Jan 2022 14:10:54 GMT
server
nginx
etag
W/"61f1566e-14282"
x-cache-status
HIT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript

Redirect headers

location
https://s2.adform.net/banners/scripts/st/trackpoint-async.js
date
Wed, 02 Feb 2022 14:33:37 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/html
container.html
c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3A16
6 KB
3 KB
Document
General
Full URL
https://c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202201311507/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 02 Feb 2022 14:33:36 GMT
expires
Thu, 02 Feb 2023 14:33:36 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/pagead/ Frame 8DEF
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220131&jk=3287223837664&rc=05APj96hT-zk-6ldXtCON3HnQ4yeZ-izL5jv6GLfjFs9PRBwgWq_CmxhimvN_riY3qSYNXiHwoqURSGj3bhsGoYNiEq9rNEiMlS82OnAGy9IP0npa9-hrICiDmXsAqm--HLBuzLJbjZx2GDpj_UJgwU_qsQ058d9qX_W3eEM0wdFyXjNU9-S1JOf3pcuDz5Uxa6SW2-t6hx30ITigKKbjGjHDrtulgQ6eFBnrdsA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

K3QqjkDtpTyrF38W5JrZ5ol4_5B02gVdFCmanKaTR4c.js
pagead2.googlesyndication.com/bg/ Frame 488F
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/K3QqjkDtpTyrF38W5JrZ5ol4_5B02gVdFCmanKaTR4c.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b742a8e40eda53cab177f16e49ad9e68978ff9074da055d14299a9ca6934787
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:22:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
22282
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13776
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 02 Feb 2023 08:22:15 GMT
file.mp4
r2---sn-h0jeln7l.c.2mdn.net/videoplayback/id/02e0aeb5f1637a1f/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3786858446/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m... Frame 0DAF
2 MB
2 MB
Media
General
Full URL
https://r2---sn-h0jeln7l.c.2mdn.net/videoplayback/id/02e0aeb5f1637a1f/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3786858446/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/6A65921466D7EF8A3A5060A4CEE4F4087EA9EE40.4723F1C0CB853E409DB38527C3B6010D77B75D10/key/cms1/cms_redirect/yes/mh/EH/mip/2a01:4a0:2c::10/mm/42/mn/sn-h0jeln7l/ms/onc/mt/1643812161/mv/u/mvi/2/pl/48/file/file.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4016:1::7 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
99d92eaf7d593c51fe87df4cccaf87125a40d2fce3379437ee8c599620a719a5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 02 Feb 2022 14:33:37 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-2156718/2156719
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
2156719
expires
Wed, 02 Feb 2022 14:33:37 GMT
last-modified
Mon, 17 Jan 2022 09:07:20 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://googleads.g.doubleclick.net
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://googleads.g.doubleclick.net
client-protocol
quic
pixel
googleads.g.doubleclick.net/xbbe/ Frame AC77
624 B
297 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjepwIQtJmtAhj-j7p4MAE&v=APEucNXdZFxncfbLn2k7Gz-XV5IGN14Mr7JoYIkxDwdUAY8cWta6RVZmXSV0s3HWMuNF-bG2juLgdaFE-dW8pWoWf1EzXxaqT1qjlkWILsVT2DupGkr9fbkIBLTUKPSwGcJgaO24HTGfGk1dWTQ9UG4uAkeCedFvRRK2HI7SRZZRHVTKNY0BiTQ
Requested by
Host: c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com
URL: https://c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 02 Feb 2022 14:33:37 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 3A16
13 KB
10 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AWNW7lTzVjezbGwJMDjWFgHE3t-Y30uvBFl_My1jRS0Mfsv1pR_9ktl2JXge7y3NSAW2_p8IuXn7wRfLeKXIgIGb_KSX3-S5Ca7t0W-qwPvwnQikZZ-5qx95x0BBLgPAmXfwTtR7L8wezGFLHsNTCyH4m1QQ&dbm_d=AKAmf-D-yT-sZtpUiEu0zQdlGd9rknVLcwXOhhJfTaK15dFvAACHEIumSvq9ItYp2XChUZGF9KLBDyNFDGnj05yTV6ny-fwLT1ThiCwG-TrZ7IzEuKWItjwFzssBKRXUL4oIBNhAx2_jcC_CJQO3oIwKvbnlVWBPqgxXzD7PC4j23TsNpvwmK_gf-tyPhQTZCzvamGUeonxqR3sGqwykyJkRxhJUlmUpiTx_1XW9GSaQJe9hiBge2s8BM5iBTPY60leHGdRrWSN6MHU4zarfBUg5jqaYiHgjeNtsdTQ8e-10Tv_HfRpKRtpiLU3X-829FSRFveXygvLs6DGSqP7A3NGATrqRe5vSIO_VxsJ68EpQNc0Mi4F5VyAoMOcnXHXJSdsMqh5_POHSyxjU2hzGzAD-fHHwROdVgdK7hAa8YBKGaEJjZYnx3ZAOfIcjPFE54jaDej5cRb4RDO8sKOgZYrTDxMBlh1azrfN2t6GrtoXtmIpfkygG6s-BT6yyJeNOdbDGGFP0QXjYqDheNLGg96el8nw8P-wEYoKoXVgIxz_wSi6p5bbNHISVF5trBQDDipbdcq99fom7gvfpfupRbcNLAJwRTBbr85NT-0RM60KjynystvM56yjphfZpDE-GOX8CcXtwfbgwmSFsMRV64pBvXrooR6hLZYuBWt7QM-Np2yMuxklWm6VYA0IIgwBY3h-ecHUPVDRAYZ80JeModanWWw4cABMDq2pDG25LcoHDKczvfRi0u4QbDA19g0_TI8D1TkW-qEOkXA5t9RG4lq3JQUlz0Od6VpmXKtMs14Q0reRC_Af6utUisOjxKd_cuKCtx5QruojNpiHuroSHVXjbnc5i7vw7kG-C24JJTSnGAhr9ji1IWHxUU3ISaOmCroMPf_tFFhJsD6jdF3rl6tkL8FSyRAwY1dd2H5qVVnLeHr6Edo-S1brLOHdpB7f1w7zOnCbjh5wBeTfhT23lRT2YmIahrNPq0nS_9ks47pU-R4biDMt2HADbZxfJUA-GHWLTEQNof0hx8R3ecvnUFP-TOV1Do1gltO2v28br43fRex0FfHGssaPs1UbVNI-1EN6W0PVIdta2M20hioQt1S_iinVkrMR1ggQZOyaj0lB5bxOZYDHJ8IITGw-UZZzaLIKD46F-uvbI5LxsebeT7YXUX856Zv1bH0fvYas_najIoDr40FxUakGgc42xN-SvzYexouFzb-LvZzVa5IKCn3cTrydTeaaUFeYBtgf-pQvrfmgGPdip4t1IMWDS7Hx037pvcj6zTBZm7MFYoSPe5zuQO9T_9B8F4Z2dXNt553hPkzmPw22Gtcv04W8dOekqXwjItlM0inYzmePdfjR-lBEWidcSwEF4DS0kEccLyRbKtz6yJnMmjpuEV-i_FOELdyVziVSwzFGdQrGIy8T1zPOJIPDR4LpF8SnNM1h6e19ZtfAJAtin_xzO-wSMsmfPbHm-75X_mVTy2F7Z9mig6VHIkedAUfCM4BRN9xy2iZXAIj54s5Fm3jr-SnQ4jzuHqL-CgqWP0qvlgoQKZqSrNoLBYL4nqfIiLoljaEOCbgz3cOztRLd_mGgzoACaddleJ9howwuVxBRDhoZHcghBZTD9wMNkW7yM20tGcWkxQPsdIT3TI187i7Zr5p01Hw4DwYx5nuQrZZ_28SScKNvdoT3j0bgvT-bHBQMKYb9TG-Sg1_DaMs9qs4RyyGWUOi-Ifu7KQ6OMIPmv8ZIvbXjJ-uo7zubxZgQjKF2ZCmjcwhlzmJuyCUwy-Zk-me5MRb5pnfS9kMJPj1GQc8iK8qU84fMfZB7bCyH5CI9mmzCwQ0TF6ji5G4UhGwdQZZFTGar01Y4Ihprle_dgdnAzWH_sNRhj37i0PW9kUstnt2WBl67s4w5H1mWLKdV6MxYdGw0NeOkT6VTDE9MI1N5EkiD5-HnlvIkM0LrhIVBNkDVl_UyL2lfVo30pLhWGoxU706aiPKChTPf8gokwFlAHmW8sTk0p4dE6bc40DOIi3GJXdmcF4KEt2lZZw-w5ve5PF5vvDroVxOvQH12hdJUln-cEUJAz1WNVCbmTdIrV4CrtqMi9z4dfGeKp4hTSxczvpf-QqpkM-OTgd28ZnZT4gZquzZbKh_nAJwK4YCOfCC0XHinxz_ZQrZqlkXyKdj4lIog7k63Ql1kAZbk-1ZLUqID2hK5YRbWldhXP7cSU-UXynEo9MJzqZRktlVld-MdZkeox28eULwKc5ZgbxAiYqEmRnLU2Nj-uiJTZ5iCMpf65eBtEvxwpy8ah5ddrgK5bePzaYAIhCjJ5WIotY5zZiY1yPBt8E5KVYqcBSOlgpbGfShPyLYzBvIWxVqPz9URtwk2oxyJxthWejCjm8rQvyhH3uOa3C1ShdUzhU8jdPszziu-vc3lGNb8bl64Aung7eorwuM5cFm5wze2WAezxd67_jJ0IVcmGq914Frh1-DuV3LFTPSQoXHiscTL6D7DbYFNRWvR__Ayc_8XhxHczSYghwzp8RNolbBaZZyLiYJrIPLuQXWQc8SbR2SNN71TNfBnF6iybUNA7jsJ0jA4KCg5Nhkoz2mzLcGsEJlxeizOQlA3sPcG0cpy7HsoWZqyt3gJAP34HE6en1UcrcRj-2i4sler5IInPWHE0fxzlChtBfwZAsWZ0qYsAGG-fju877HiurqInutiVky9E21QVOJzj_h8oEyE_OTIUCjFvnGVbqjUTBFyYNqI49SE&cid=CAASEuRob0FHamGDphZK5IOTpIH6BA&rfl=1%2Chttps%253A%252F%252Fwww.totalrl.com%252F%240
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0f5448c4ca19c1af049dc5d9f4e44cfe0b3210c3bf0f4b4db12b51a6297e6eba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 14:33:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9951
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3A16
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DpnyI5TvF9cRbDISaD-awBPqf0qUNtjZuVlYe3EXVGjLGhGEEzVf6tLwBLAXazjgiUevRhom9DQImXKgrmquHP7hbRhdZIlxERI1lOBgMXF_WwjIQ
Requested by
Host: c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com
URL: https://c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 14:33:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/ Frame 3A16
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/window_focus_fy2019.js
Requested by
Host: c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com
URL: https://c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 14:31:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
105
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Feb 2022 14:31:52 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/ Frame 3A16
14 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com
URL: https://c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fde98a3e06f299a73b0a3eb6c095649b9c3f9c342596091936a4675fd6980a1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 14:31:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
147
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6195
x-xss-protection
0
server
cafe
etag
17106829078744545694
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Feb 2022 14:31:10 GMT
l
www.google.com/ads/measurement/ Frame 3A16
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSEc6ilzX3iDDoSlvLM-yojQWnjwD_oS71NUC3RHLCc3_NRQtgSA0wCO_q5B_QdEdyh1eZ_Qc-Q2xO2dybpHymrMlx6FA
Requested by
Host: c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com
URL: https://c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3A16
123 KB
38 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com
URL: https://c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
029e397f5091f72db15257548e07a6f9008457e90acb7cd22efbdb8264b2a592
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 14:33:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38373
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643632328463892"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 02 Feb 2022 14:33:37 GMT
pixel
protected-by.clarium.io/ Frame 3A16
68 B
345 B
Image
General
Full URL
https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzIzNjcyNTUwMTA6NzI4eDkw&v=5&s=v31fqtdlrpi&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2LDIxODQwMDU3NDk0L0dHSjVETS9HR0o1RE0tRERILkEiLCJ5IjoxMjE3NTksImNvIjowLCJzIjoibW10LTVhNzlmNjBmLTA0YWEtNDU1My1hYzRjLTNkZjc3ZTM0MzdjZCJ9fQ%3D%3D&sb=undefined&cb=7539164&h=www.totalrl.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6SXpOamN5TlRVd01UQTZOekk0ZURrdyIsIndkIjp7Im8iOjIzNjcyNTUwMTAsInciOiI3MjgiLCJoIjoiOTAifSwid3IiOjJ9
Requested by
Host: c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com
URL: https://c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.247.85 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-247-85.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 14:33:37 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
csi
csi.gstatic.com/ Frame 24FC
0
54 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kz5ngyfw&c=2633743878419&slotId=1316871939209.5&qqid=COfixrme4fUCFZD6dwodhNUGsA&gqid=QZb6Yetf2a7eA_XstOgO&fb=ima_html5-lima&sdkv=h.3.496.0&mrd=8&aab=1&itv=1&eee=missing-element&bi=missing-id&vmfc=11&vhc=0&ghmsh_eids=44737475%2C44752052
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2800:3f0:4001:803::2003 São Paulo, Brazil, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 14:33:37 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 24FC
0
23 B
Image
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsspwngNpAMud4YPqZNrKZb8JcoePUbQmkOaNc7Vi8gnh67RLfskHve6MG9qSoF541-txIH7NjnNUUf4vIs9OVbxND8fj1ebR5t2ptx73P6KsFW9jd3O0Aiw2Mu5BaXBf-Ynya0IVxd34sgo3oh_rELAhM9PgWLrd0roQ8be_j7QNfz5fSKGe3iopOpZ1XiWaXKXA-2y9rm1eiJbRd2wnKCycIReXQKdOdMo0sMMftit65yPqaoip2aK9dZh8VRGYLJcEcSc8v-lrdA8z_9_T0LwuU-HlD-Deogh4zUmZWsDl0eBXab3u1ncxZp4YI7uZBfFP8YbX2WZcoQzzXMPcH6y-xpjwqOncPMoPR5TE3UOPcU01poyISY6&sig=Cg0ArKJSzA4su4of_FQTEAE&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&sdkv=h.3.496.0&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU4ODQ3NTM2MjMyDDEzODM3ODQ2NTM1MUCjA1IoCNAFEBIlAACgQSgBOgtLdUUxSGdpRlZoVUILZ29vZ2xldmlkZW9QABgB&adurl=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Feb 2022 14:33:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
csi
csi.gstatic.com/
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=1~kz5ngxsi&c=2633743878419&slotId=1316871939209.5&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2800:3f0:4001:803::2003 São Paulo, Brazil, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.totalrl.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 14:33:37 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 3A16
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 14:07:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1540
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 02 Feb 2023 14:07:57 GMT
rum
dsum-sec.casalemedia.com/ Frame AC77
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECrOu4Tb_qjeGjJ16Re_ys8&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECrOu4Tb_qjeGjJ16Re_ys8&google_cver=1&C=1
43 B
1013 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECrOu4Tb_qjeGjJ16Re_ys8&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjepwIQtJmtAhj-j7p4MAE&v=APEucNXdZFxncfbLn2k7Gz-XV5IGN14Mr7JoYIkxDwdUAY8cWta6RVZmXSV0s3HWMuNF-bG2juLgdaFE-dW8pWoWf1EzXxaqT1qjlkWILsVT2DupGkr9fbkIBLTUKPSwGcJgaO24HTGfGk1dWTQ9UG4uAkeCedFvRRK2HI7SRZZRHVTKNY0BiTQ
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 14:33:38 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 02 Feb 2022 14:33:38 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 14:33:37 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECrOu4Tb_qjeGjJ16Re_ys8&google_cver=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
308
Expires
Wed, 02 Feb 2022 14:33:37 GMT
rum
dsum-sec.casalemedia.com/ Frame AC77
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YfqWQYRUodm3ZrwEjRCWFwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECrOu4Tb_qjeGjJ16Re_ys8&google_cver=1
43 B
893 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECrOu4Tb_qjeGjJ16Re_ys8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjepwIQtJmtAhj-j7p4MAE&v=APEucNXdZFxncfbLn2k7Gz-XV5IGN14Mr7JoYIkxDwdUAY8cWta6RVZmXSV0s3HWMuNF-bG2juLgdaFE-dW8pWoWf1EzXxaqT1qjlkWILsVT2DupGkr9fbkIBLTUKPSwGcJgaO24HTGfGk1dWTQ9UG4uAkeCedFvRRK2HI7SRZZRHVTKNY0BiTQ
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 14:33:38 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 02 Feb 2022 14:33:38 GMT

Redirect headers

pragma
no-cache
date
Wed, 02 Feb 2022 14:33:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECrOu4Tb_qjeGjJ16Re_ys8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame AC77
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGJPp1Cm_wJIoRhg2ZkAfoI&google_cver=1
43 B
1004 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEGJPp1Cm_wJIoRhg2ZkAfoI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjepwIQtJmtAhj-j7p4MAE&v=APEucNXdZFxncfbLn2k7Gz-XV5IGN14Mr7JoYIkxDwdUAY8cWta6RVZmXSV0s3HWMuNF-bG2juLgdaFE-dW8pWoWf1EzXxaqT1qjlkWILsVT2DupGkr9fbkIBLTUKPSwGcJgaO24HTGfGk1dWTQ9UG4uAkeCedFvRRK2HI7SRZZRHVTKNY0BiTQ
Protocol
HTTP/1.1
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 14:33:37 GMT
X-Proxy-Origin
82.199.130.36; 82.199.130.36; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
853c2e9b-cc68-425b-8c97-1c026f8057ee
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 02 Feb 2022 14:33:37 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEGJPp1Cm_wJIoRhg2ZkAfoI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AC77
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzA2ODkxOTEyMTYzMDQ1MTE3OA%3D%3D
170 B
502 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzA2ODkxOTEyMTYzMDQ1MTE3OA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjepwIQtJmtAhj-j7p4MAE&v=APEucNXdZFxncfbLn2k7Gz-XV5IGN14Mr7JoYIkxDwdUAY8cWta6RVZmXSV0s3HWMuNF-bG2juLgdaFE-dW8pWoWf1EzXxaqT1qjlkWILsVT2DupGkr9fbkIBLTUKPSwGcJgaO24HTGfGk1dWTQ9UG4uAkeCedFvRRK2HI7SRZZRHVTKNY0BiTQ
Protocol
H2
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 14:33:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 14:33:37 GMT
X-Proxy-Origin
82.199.130.36; 82.199.130.36; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
71939186-d405-43af-be61-c2bb284fa7e8
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzA2ODkxOTEyMTYzMDQ1MTE3OA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
file.webm
r4---sn-h0jelnes.gvt1.com/videoplayback/id/e614b1d5bd2cf9d0/itag/44/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1643834017/sparams/acao,ctier,...
Redirect Chain
  • https://redirector.gvt1.com/videoplayback/id/e614b1d5bd2cf9d0/itag/44/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1643834017/sparams/ip,ipbits...
  • https://r4---sn-h0jelnes.gvt1.com/videoplayback/id/e614b1d5bd2cf9d0/itag/44/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1643834017/sparams/aca...
34 KB
0
Media
General
Full URL
https://r4---sn-h0jelnes.gvt1.com/videoplayback/id/e614b1d5bd2cf9d0/itag/44/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1643834017/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,requiressl,source/signature/3CD7011036201A15EA27821445A9F048ED55875D.3962C977F9E5742DAB0EAB31CD09AA4D43420D7E/key/cms1/cms_redirect/yes/mh/_z/mip/2a01:4a0:2c::10/mm/28/mn/sn-h0jelnes/ms/nvh/mt/1643811671/mv/u/mvi/4/pl/48/file/file.webm
Protocol
H3
Server
2a00:1450:4016:7::9 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 14:33:38 GMT
x-content-type-options
nosniff
last-modified
Wed, 19 Jan 2022 14:32:14 GMT
server
gvs 1.0
vary
Origin
content-type
video/webm
Content-Range
bytes 0-2899214/2899215
client-protocol
quic
cache-control
private, max-age=21299
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
2899215
expires
Wed, 02 Feb 2022 14:33:38 GMT

Redirect headers

pragma
no-cache
date
Wed, 02 Feb 2022 14:33:37 GMT
x-content-type-options
nosniff
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://r4---sn-h0jelnes.gvt1.com/videoplayback/id/e614b1d5bd2cf9d0/itag/44/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1643834017/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,requiressl,source/signature/3CD7011036201A15EA27821445A9F048ED55875D.3962C977F9E5742DAB0EAB31CD09AA4D43420D7E/key/cms1/cms_redirect/yes/mh/_z/mip/2a01:4a0:2c::10/mm/28/mn/sn-h0jelnes/ms/nvh/mt/1643811671/mv/u/mvi/4/pl/48/file/file.webm
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
693
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bsi.js
z.moatads.com/pbb847483933/ Frame 3A16
44 KB
20 KB
Script
General
Full URL
https://z.moatads.com/pbb847483933/bsi.js
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
65f16db16de18a47fbd856c4157d1ddeb2be3e294e00150b01159e08b33a5849

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 14:33:37 GMT
content-encoding
gzip
last-modified
Thu, 09 Sep 2021 15:30:31 GMT
server
AmazonS3
x-amz-request-id
E2MDXEXN9QPGRS7Y
etag
"1d690f9ccf4ca7da7291be8123505e46"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=52116
accept-ranges
bytes
content-length
20589
x-amz-id-2
9fpHQhzWQcEp9+Be5J202jRHQ1xpwwMJTKbVOD0UyT/rj5sjPU6KSZKQGjrZrA0j8UVZpNKbroA=
dest5.html
skyit.demdex.net/ Frame F7EA
7 KB
3 KB
Document
General
Full URL
https://skyit.demdex.net/dest5.html?d_nsid=0
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/27331c16692c/b700d860f0cb/launch-0bbb5b9336c2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.101.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-101-202.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://cdnb.4strokemedia.com/

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
Content-Type
text/html;charset=UTF-8
date
Wed, 2 Feb 2022 14:33:37 GMT
DCS
dcs-prod-irl1-2-v027-0f000680c.edge-irl1.demdex.com UNKNOWN
Expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Wed, 19 Jan 2022 14:02:08 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
vary
accept-encoding
X-TID
F4tXtm+mSlI=
Content-Length
2791
Connection
keep-alive
id
smetrics.sky.it/ Frame CB85
48 B
514 B
XHR
General
Full URL
https://smetrics.sky.it/id?d_visid_ver=5.2.0&d_fieldgroup=A&mcorgid=1A124673527853290A490D45%40AdobeOrg&mid=13549180551071825570864908283195552139&ts=1643812417565
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/27331c16692c/b700d860f0cb/launch-0bbb5b9336c2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
5e1f4bf959be40d3ceeec669ecc7ff0fdc02a1a5d0c25268d3c6cbb06dddd555
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdnb.4strokemedia.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 02 Feb 2022 14:33:37 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-cdfbd77b-9wg6r
vary
Origin
x-c
main-1585.I7afc85.M0-540
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://cdnb.4strokemedia.com
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript;charset=utf-8
content-length
48
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=YfqWQQAAAKIJ1gP0
dpm.demdex.net/ Frame CB85
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=21736693000665342020065033899279355244
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YfqWQQAAAKIJ1gP0
42 B
943 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YfqWQQAAAKIJ1gP0
Requested by
Host: cdnb.4strokemedia.com
URL: https://cdnb.4strokemedia.com/adobe2.htm
Protocol
HTTP/1.1
Server
52.211.244.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-244-253.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://cdnb.4strokemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v027-06109432e.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
fJArNmIvT1Q=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YfqWQQAAAKIJ1gP0
Date
Wed, 02 Feb 2022 14:33:37 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
csi
csi.gstatic.com/
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=2~kz5ngyx2&c=2633743878419&slotId=1316871939209.5&met.4=hvd_lc.kz5ngyx2~hvd_src.kz5ngyx2
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2800:3f0:4001:803::2003 São Paulo, Brazil, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.totalrl.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 14:33:37 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 0DAF
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~kz5ngy2h&c=6168721154837&slotId=3084360577418.5&qqid=COnN4rie4fUCFcoJ4Aodl7gP4A&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=951&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vmfc=16&vhc=0&msm=1&aits=17%2C36%2C18%2C22%2C59%2C342%2C343%2C344%2C345%2C346%2C347%2C692%2C43%2C44%2C45%2C0&webm=3&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fwebm&hvmf=false&vms=1&bit=343&vsrc=doubleclick_dmm&ape=1&ple=1&umsem=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2800:3f0:4001:803::2003 São Paulo, Brazil, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 14:33:37 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D39F
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=B6oH-QJb6YdWWI46L9fgPir2SkA8AAAAAOAHgBAI&bg=!QEOlQwfNAAYZkRhwGZE7ACkAdvg8WqoYIedHIF1PM2nGpmLSYORi7o_Yl5geOM3-V4QwY_SY1m9dhQIAAAFxUgAAAAZoAQcKAB6dh4h0CbWYtJ9OaJhIihTSHrh7fk7cHFAY4-tG6AuZAvCy6RneRMkIZkyrDBonklASBc5Lj7dWS8J1zIcnHxn5tT6A4foLjohS8wsvqjOEZeWZG360X37DUMxCGFe7Um9D8gEVuXkol7VeUDtdtmaLUnoP0zXQeT3znPQtaY9RSX3dboo7K-9ovwCv11Oiqpc6yFT6qmX1fXDq_IC1WKvGmE7ygehzgg900l--H9aBq6HayL3-VT8YJrVSj8kLeb0FVcKOteUvemUQfshKyu9ZmCPorRpss_lAffWLHwe_SEMexl9CwYIRCI7TxR-QMT1uARFgQJKjYqjueIVPcOXjCRdZzA8CD39cc-lAPkk69ofC_MDz1sstsIiW_o1sYZzjn2qUaLKl7EmxPumIBhuoxJOMGNvx9qreXTISmnUHSkVEg1gprZ-9gdTdfDpvcmOBewLwdS-FzSZ2Qvn0_eM6ZQwW97YN82b_Nr5Mgz_73idI77OidbVGELHXHBbcjd6MfSFESit9ALOFIpvyRHoobQT1Sd-NgpHSxqA_BsCFSo6ZuyMtKN1OsXzep44bd8e8O9OgPLN7jvyBFCmYX6ZJ3u7HpgIrOdvwfY9hh7837V0OZrnrCov8UpC57VX-DSq_nN65FwZsOhkBmPfgNH2KT7mtP5_P_-gCNDjqUHV_826sDBNxvszJVQSFlX7OXHgSAUoQEzeYzDhkMymqast9zj11KWzPsM6_pW6NN3ewIdBN5UYmWVuwhleLetHxCRxZgESKSZ0DJObRRkr-41ZllJyS_y1uBdF3JIobT4dc92ZXWj5nbUYFgBhk4bfkfU6IHiC_NkQsbeE7_zpDgZOOeyDmX88KoHu3y-dsEA0TWXfi3Z88ChghYQD_YjrVb70OQ5yfAolnfl_TOVua39pQHOtliuW1FZ2AWRuxFlYCezMgJoIVzq4fBSwMVFD-F68QYydrOSSPO5jqqY5eHBdpDtGeq2RvGlV1i5GY61ouB_EFS3X73at8OjPJWPxOe1Ij-kdTjCjA1d0J9aJGkYXeOQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 14:33:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 15AD
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: www.totalrl.com
URL: https://www.totalrl.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 02 Feb 2022 14:07:57 GMT
expires
Thu, 02 Feb 2023 14:07:57 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
1540
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
generate_204
tpc.googlesyndication.com/ Frame 488F
0
0

gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220131&jk=3287223837664&bg=!X1ylXBjNAAYZkRhwGZE7ACkAdvg8WpcnoSip3AxoywagjOcuHVC-hTEpXuxYuSfni8Mr3W6uJgkcqQIAAAEQUgAAAARoAQeZAuFNaOS8m1rwmPJNZWz4oQVab3VZzC5UjfsVHx9S1fPSdK3ZNyW110ax9G2Cc53Ab309UjLX8RTz2EzikFdVvLY7UFIOhMSFHXUMS_pPV1dvNwU2hfVfxZXPd9oWy6b-Bvy-kg-ake5u2NIFaxOcYgBAxtrL8GxKLuFjGTwSOFur4lWE4uc4nxpfNoSWiP-nhyg_1QUoKxmxZLFRxtRERTItZrYgJqiiJ9sIWJEP8zMYHhcZhQM3Mfbykanu4AYJEFDpRYtWICBAeTaP4rISPVqC_w3U2eMX7wbf4TESPSN8uzBqVsFCrXM0UnWLQomcrvExx9s1bc5hFH1_Sb-rTIdcdwPrghE5bwJvQ8wDQgyxnJVX6Byx_UugvBIQdSbYtRyTQD-nGV26kykFXgwytsjbz-xZv-NpG4sybIncPup_q2Wdp8Y8eD6yf9UEkn_rUfznPgsxbI8hQfUBC_5R_Nr4mGMmipX8LFyqRZZ4Xj20jJNkM--APsVzg29NWCj03tmzIMR00acihob65dNo4NtrJbTcOwLocN_4B_mRAdpFQZxZ5s4bPvO6VMr3dyxbL9hAM96NnVC5eb9Dy2w0SYvoZRrdvwdVBcMF8FVO53TaiBBFkUIPXP0OqcE23EWcjc4WawGgngbwRid9EM56R6r_GSmqjhc39FD6bNBY8osQTRcxUY5K7nURBcGo3kxI4mFxSwuGO5H2YQV2WZ8c4kaC5_WsyeAhcyuda37snoiTxP3KtPjH5Bo7hopb27JpugEY0_comjmwta5n0o1avGw8c-jV7GaM3C1p0wLNRB9cWo6hReO9Y4Gp220Rwg4b3VwRRpHS6QdW6QyarZRn-ezcUlbhIWZBeUnS2HTeqETDFi65WLD-sVbun37gaN7inPI2bkVdL0rsvmIkDEmPL2c08kQrV98sAm9A-aGHsJU8jenx8VOx2ConMH3Sq4j8sB5de_mJ1anxJxBfnDh3V_gj_Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 14:33:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
K3QqjkDtpTyrF38W5JrZ5ol4_5B02gVdFCmanKaTR4c.js
pagead2.googlesyndication.com/bg/ Frame 15AD
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/K3QqjkDtpTyrF38W5JrZ5ol4_5B02gVdFCmanKaTR4c.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b742a8e40eda53cab177f16e49ad9e68978ff9074da055d14299a9ca6934787
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 08:22:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
22282
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13776
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 02 Feb 2023 08:22:15 GMT
a.js
mb.moatads.com/ Frame 3A16
315 B
490 B
Script
General
Full URL
https://mb.moatads.com/a.js?callback=MoatHandleJsonpResponse_30120629&url=https%3A%2F%2Fwww.totalrl.com%2F&id=0&pcode=tuiukftdisplaybs288007166418&level1=24411788&level2=5549275&level3=277843234&level4=252610558&tv=503c7d4-clean&ol=1456765835&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-ifQexRkFGpG4fz6GF1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&sc=1&os=1-dA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/pbb847483933/bsi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.115.229 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-115-229.eu-west-2.compute.amazonaws.com
Software
TornadoServer/5.1.1 /
Resource Hash
b750d11b7b319a0240584cee576adec9eb21abae2dedd7e1e1d1a7e65bd19a42

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 14:33:38 GMT
cache-control
max-age=900
server
TornadoServer/5.1.1
timing-allow-origin
*
etag
"553370ff927f3324e8b618edb4b875a1836c2bee"
content-length
315
content-type
text/html; charset=UTF-8
pixel.gif
px.moatads.com/ Frame 3A16
43 B
260 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=0&i=PBB_HC&d=tuiukftdisplaybs288007166418%3A24411788%3A5549275%3A277843234&gw=tuiukftdisplaybs288007166418&bq=0&de=63320216&t=1643812417849&ac=1&ar=0d6bd0b-clean&oi=4&na=1324578556&cs=0
Requested by
Host: c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com
URL: https://c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 14:33:37 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 02 Feb 2022 14:33:37 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 36C4
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com
URL: https://c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Wed, 02 Feb 2022 13:26:12 GMT
expires
Thu, 03 Feb 2022 13:26:12 GMT
cache-control
public, max-age=86400
age
4045
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 3A16
210 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2badc7d78c63a9353041f10f807602152bde5d497ec1ffe7dd612ad63fa1bd8

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
rendition.m3u8
manifest.prod.boltdns.net/manifest/v1/hls/v5/clear/6057984924001/b0248a43-fb74-40da-8949-21fd14ad8f94/1c1e2675-fe97-443c-929f-985f5e75b078/6s/ Frame EA80
4 KB
4 KB
XHR
General
Full URL
https://manifest.prod.boltdns.net/manifest/v1/hls/v5/clear/6057984924001/b0248a43-fb74-40da-8949-21fd14ad8f94/1c1e2675-fe97-443c-929f-985f5e75b078/6s/rendition.m3u8?fastly_token=NjFmYWVlYzZfOTk2ODhiZjBlN2NhNDMyMDY1ZTE3NTgyZGU3YzI0ZGM0MjBjNTVjYTdjZjFhNTM3MGQ0YWVkZTY4YWRlYWNmMw%3D%3D
Requested by
Host: cdnb.4strokemedia.com
URL: https://cdnb.4strokemedia.com/carousel/v4/hls.min.js?v01416
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::539 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ BC
Resource Hash
b7acd9fe5bcfb5cf54a4917be380d8050b5ce5c52cd6c61b0315bf5b2ad5a758

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 14:33:38 GMT
via
1.1 varnish
age
0
x-powered-by
BC
x-cache
MISS
content-length
4013
x-served-by
cache-icn1450059-ICN
x-device-group
desktop-chrome
x-timer
S1643812418.124144,VS0,VE398
x-powered-from
gantry
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Server,Range,Content-Length,Content-Range
cache-control
s-maxage=10800, max-age=10800
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits
0
rendition.m3u8
manifest.prod.boltdns.net/manifest/v1/hls/v5/clear/6057984924001/b0248a43-fb74-40da-8949-21fd14ad8f94/85c0ba97-a5b1-4a89-8d05-25d601a4e6c2/6s/ Frame EA80
4 KB
4 KB
XHR
General
Full URL
https://manifest.prod.boltdns.net/manifest/v1/hls/v5/clear/6057984924001/b0248a43-fb74-40da-8949-21fd14ad8f94/85c0ba97-a5b1-4a89-8d05-25d601a4e6c2/6s/rendition.m3u8?fastly_token=NjFmYWVlYzZfZTE0OTkzMTkxNjEyYzliZTY5NzE3YzAwNDNjNzE3NTJiNTJhYTRiOTE3Mzc4N2FiZmM1MDJiYWQxYTYxNjQ4OA%3D%3D
Requested by
Host: cdnb.4strokemedia.com
URL: https://cdnb.4strokemedia.com/carousel/v4/hls.min.js?v01416
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::539 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ BC
Resource Hash
956783dc8aef72febb6ea0b7369c0d564d578afcbe4f4b9eb7876a1d7a360e3e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 14:33:38 GMT
via
1.1 varnish
age
0
x-powered-by
BC
x-cache
MISS
content-length
4183
x-served-by
cache-icn1450059-ICN
x-device-group
desktop-chrome
x-timer
S1643812418.124408,VS0,VE280
x-powered-from
gantry
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Server,Range,Content-Length,Content-Range
cache-control
s-maxage=10800, max-age=10800
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits
0
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 36C4
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEMqE180UHbKtcUswxmtdVoA&google_cver=1&google_push=AYg5qPKJ0HLb4c5_YG5EGKRMgwXWqr2YKVfjHkWeT3aYWuW4QRMkvtAwX6SfwqirK4nnF02zjER-9a7mwS94R7CuNqj156CowGg
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzE3MzQwOTQ1NTM2MTM2OTA4OA==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJoqAuPE2sVQO8T0DyDrUQc&google_cver=1
43 B
398 B
Image
General
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJoqAuPE2sVQO8T0DyDrUQc&google_cver=1
Requested by
Host: c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com
URL: https://c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 14:33:38 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Wed, 02 Feb 2022 14:33:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJoqAuPE2sVQO8T0DyDrUQc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 36C4
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJ_khhgP78f0VQnoQXKJGLs&google_cver=1&google_push=AYg5qPLcuCyupu4d5AwmSnCCNa404Fk9veJR98FVJogynyMsOPiOcy21-gYXnMnX21PRd4-WrEwjuWIdWgCFQnvLojSt...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEJ_khhgP78f0VQnoQXKJGLs&google_cver=1&google_push=AYg5qPLcuCyupu4d5AwmSnCCNa404Fk9veJR98FVJogynyMsOPiOcy21-gYXnMnX21PRd4-WrEwjuWIdWgCFQn...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPLcuCyupu4d5AwmSnCCNa404Fk9veJR98FVJogynyMsOPiOcy21-gYXnMnX21PRd4-WrEwjuWIdWgCFQnvLojStUzq-6Q&google_hm=tbzUJioLQEiF2Ak_Rjt2OQ==
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPLcuCyupu4d5AwmSnCCNa404Fk9veJR98FVJogynyMsOPiOcy21-gYXnMnX21PRd4-WrEwjuWIdWgCFQnvLojStUzq-6Q&google_hm=tbzUJioLQEiF2Ak_Rjt2OQ==
Requested by
Host: c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com
URL: https://c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 14:33:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPLcuCyupu4d5AwmSnCCNa404Fk9veJR98FVJogynyMsOPiOcy21-gYXnMnX21PRd4-WrEwjuWIdWgCFQnvLojStUzq-6Q&google_hm=tbzUJioLQEiF2Ak_Rjt2OQ==
Date
Wed, 02 Feb 2022 14:33:38 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
dot.gif
s0.2mdn.net/ Frame 36C4
43 B
65 B
Image
General
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEN_HCESxoSH0k5Za_f6RjbA&google_cver=1&google_push=AYg5qPIgjuSHRe2UbqRj56S35ZNeFMEY0mHpv6vEQVt17rMZOxFr8nigoRSNdsqwGoAH3JQieCdM1UbmCzGvAgauJAZt7qvcWg
Requested by
Host: c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com
URL: https://c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 14:33:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 03 Feb 2022 14:33:38 GMT
pixel
cm.g.doubleclick.net/ Frame 36C4
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=XQWfrO8qQ9eWopRub3HoYA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=XQWfrO8qQ9eWopRub3HoYA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKuc7H-qQu-MXJ-wYXW3THjOnm5Mpqnu_bgq1u16LdcMiYbU9TOtxux4DJjqszD9CFis-pqOi230-bZ9J_8QQUI50FxMdA
Requested by
Host: c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com
URL: https://c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 14:33:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=XQWfrO8qQ9eWopRub3HoYA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKuc7H-qQu-MXJ-wYXW3THjOnm5Mpqnu_bgq1u16LdcMiYbU9TOtxux4DJjqszD9CFis-pqOi230-bZ9J_8QQUI50FxMdA
date
Wed, 02 Feb 2022 14:33:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 36C4
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEMLoRs4JWU4ojxu1fzF47Yk&google_cver=1&google_push=AYg5qPJUShcpGd6EMX_RNBnQLvGL5JYabbRhTzGEfkCosywXQqytjbtaaqBoZRUCEmwzxtLg1JdYZtFuXxsIWh62e_j602...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEMLoRs4JWU4ojxu1fzF47Yk&google_cver=1&google_push=AYg5qPJUShcpGd6EMX_RNBnQLvGL5JYabbRhTzGEfkCosywXQqytjbtaaqBoZRUCEmwzxtLg1JdYZtFuXxsIWh62...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=8P6qEasKRGG-WLPVqqds2Q&google_push=AYg5qPJUShcpGd6EMX_RNBnQLvGL5JYabbRhTzGEfkCosywXQqytjbtaaqBoZRUCEmwzxtLg1JdYZtFuXxsIWh6...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=8P6qEasKRGG-WLPVqqds2Q&google_push=AYg5qPJUShcpGd6EMX_RNBnQLvGL5JYabbRhTzGEfkCosywXQqytjbtaaqBoZRUCEmwzxtLg1JdYZtFuXxsIWh6...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=8P6qEasKRGG-WLPVqqds2Q&google_push=AYg5qPJUShcpGd6EMX_RNBnQLvGL5JYabbRhTzGEfkCosywXQqytjbtaaqBoZRUCEmwzxtLg1JdYZtFuXxsIWh6...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=8P6qEasKRGG-WLPVqqds2Q&google_push=AYg5qPJUShcpGd6EMX_RNBnQLvGL5JYabbRhTzGEfkCosywXQqytjbtaaqBoZRUCEmwzxtLg1JdYZtFuXxsIWh6...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=8P6qEasKRGG-WLPVqqds2Q&google_push=AYg5qPJUShcpGd6EMX_RNBnQLvGL5JYabbRhTzGEfkCosywXQqytjbtaaqBoZRUCEmwzxtLg1JdYZtFuXxsIWh6...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=8P6qEasKRGG-WLPVqqds2Q&google_push=AYg5qPJUShcpGd6EMX_RNBnQLvGL5JYabbRhTzGEfkCosywXQqytjbtaaqBoZRUCEmwzxtLg1JdYZtFuXxsIWh6...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=8P6qEasKRGG-WLPVqqds2Q&google_push=AYg5qPJUShcpGd6EMX_RNBnQLvGL5JYabbRhTzGEfkCosywXQqytjbtaaqBoZRUCEmwzxtLg1JdYZtFuXxsIWh6...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=8P6qEasKRGG-WLPVqqds2Q&google_push=AYg5qPJUShcpGd6EMX_RNBnQLvGL5JYabbRhTzGEfkCosywXQqytjbtaaqBoZRUCEmwzxtLg1JdYZtFuXxsIWh6...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=8P6qEasKRGG-WLPVqqds2Q&google_push=AYg5qPJUShcpGd6EMX_RNBnQLvGL5JYabbRhTzGEfkCosywXQqytjbtaaqBoZRUCEmwzxtLg1JdYZtFuXxsIWh6...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=8P6qEasKRGG-WLPVqqds2Q&google_push=AYg5qPJUShcpGd6EMX_RNBnQLvGL5JYabbRhTzGEfkCosywXQqytjbtaaqBoZRUCEmwzxtLg1JdYZtFuXxsIWh6...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=8P6qEasKRGG-WLPVqqds2Q&google_push=AYg5qPJUShcpGd6EMX_RNBnQLvGL5JYabbRhTzGEfkCosywXQqytjbtaaqBoZRUCEmwzxtLg1JdYZtFuXxsIWh6...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=8P6qEasKRGG-WLPVqqds2Q&google_push=AYg5qPJUShcpGd6EMX_RNBnQLvGL5JYabbRhTzGEfkCosywXQqytjbtaaqBoZRUCEmwzxtLg1JdYZtFuXxsIWh6...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=8P6qEasKRGG-WLPVqqds2Q&google_push=AYg5qPJUShcpGd6EMX_RNBnQLvGL5JYabbRhTzGEfkCosywXQqytjbtaaqBoZRUCEmwzxtLg1JdYZtFuXxsIWh6...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=8P6qEasKRGG-WLPVqqds2Q&google_push=AYg5qPJUShcpGd6EMX_RNBnQLvGL5JYabbRhTzGEfkCosywXQqytjbtaaqBoZRUCEmwzxtLg1JdYZtFuXxsIWh6...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=8P6qEasKRGG-WLPVqqds2Q&google_push=AYg5qPJUShcpGd6EMX_RNBnQLvGL5JYabbRhTzGEfkCosywXQqytjbtaaqBoZRUCEmwzxtLg1JdYZtFuXxsIWh6...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=8P6qEasKRGG-WLPVqqds2Q&google_push=AYg5qPJUShcpGd6EMX_RNBnQLvGL5JYabbRhTzGEfkCosywXQqytjbtaaqBoZRUCEmwzxtLg1JdYZtFuXxsIWh6...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=8P6qEasKRGG-WLPVqqds2Q&google_push=AYg5qPJUShcpGd6EMX_RNBnQLvGL5JYabbRhTzGEfkCosywXQqytjbtaaqBoZRUCEmwzxtLg1JdYZtFuXxsIWh6...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=8P6qEasKRGG-WLPVqqds2Q&google_push=AYg5qPJUShcpGd6EMX_RNBnQLvGL5JYabbRhTzGEfkCosywXQqytjbtaaqBoZRUCEmwzxtLg1JdYZtFuXxsIWh6...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=8P6qEasKRGG-WLPVqqds2Q&google_push=AYg5qPJUShcpGd6EMX_RNBnQLvGL5JYabbRhTzGEfkCosywXQqytjbtaaqBoZRUCEmwzxtLg1JdYZtFuXxsIWh6...
0
0

pixel
cm.g.doubleclick.net/ Frame 36C4
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEMa5r1BmL4-n5BSPHGZApdE&google_cver=1&google_push=AYg5qPKjN0thI6_A17JW1PRk1IZHcYJr1CbTy3YSd9qmSgfbJz4IiuwkG0MEMsALCIkJkeSzR6WJQMEfo-xg3wW03YmLKwfeyN0
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPKjN0thI6_A17JW1PRk1IZHcYJr1CbTy3YSd9qmSgfbJz4IiuwkG0MEMsALCIkJkeSzR6WJQMEfo-xg3wW03YmLKwfeyN0&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTY4MDYzMjI1OTQ2MTY0MDg4NjY1NA%3D%3D&google_push=AYg5qPKjN0thI6_A17JW1PRk1IZHcYJr1CbTy3YSd9qmSgfbJz4Iiuwk...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTY4MDYzMjI1OTQ2MTY0MDg4NjY1NA%3D%3D&google_push=AYg5qPKjN0thI6_A17JW1PRk1IZHcYJr1CbTy3YSd9qmSgfbJz4IiuwkG0MEMsALCIkJkeSzR6WJQMEfo-xg3wW03YmLKwfeyN0
Requested by
Host: c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com
URL: https://c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 14:33:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTY4MDYzMjI1OTQ2MTY0MDg4NjY1NA%3D%3D&google_push=AYg5qPKjN0thI6_A17JW1PRk1IZHcYJr1CbTy3YSd9qmSgfbJz4IiuwkG0MEMsALCIkJkeSzR6WJQMEfo-xg3wW03YmLKwfeyN0
date
Wed, 02 Feb 2022 14:33:38 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
onetag-sys.com/sync/i,19/ Frame 36C4
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESENj6IbkS_do1p9GIqU6y23U&google_cver=1&google_push=AYg5qPIiG_m09tNwg0f1kgHro6QpEaSiH-Ct2QKeoCL82KEtE53sAjGz_XAJLK1rhGFTGVaMPuvmHXbLw6c...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AYg5qPIiG_m09tNwg0f1kgHro6QpEaSiH-Ct2QKeoCL82KEtE53sAjGz_XAJLK1rhGFTGVaMPuvmHXbLw6c524vaSZ7SZmf7ByOF
  • https://onetag-sys.com/sync/i,19/?google_error=5
0
148 B
Image
General
Full URL
https://onetag-sys.com/sync/i,19/?google_error=5
Requested by
Host: c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com
URL: https://c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-cache, no-transform
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 02 Feb 2022 14:33:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/sync/i,19/?google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
245
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 36C4
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KNoha_pyI46nyya1F2fq0EhFoH6f6qncCoM0jctizsuRoHb21T0krBADE7Mwu5ZdflioH31g
Requested by
Host: c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com
URL: https://c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 14:33:38 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
csi
csi.gstatic.com/ Frame 24FC
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~kz5ngyvx&c=2633743878419&slotId=1316871939209.5&qqid=COfixrme4fUCFZD6dwodhNUGsA&gqid=QZb6Yetf2a7eA_XstOgO&fb=ima_html5-lima&sdkv=h.3.496.0&mrd=8&aab=1&itv=1&gpm_i=11&gpm_c=10&gpm_a=9&smb=1000&br=720&mt=video%2Fwebm&vs=854x480&webm=4&vp9=0&vamt=video%2Fwebm%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Capplication%2Fdash%2Bxml%2Cvideo%2Fwebm%2Cvideo%2Fmp4%2Capplication%2Fx-mpegurl%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fwebm&hvmf=false&vms=1&bit=44&vsrc=dclk_video_ads
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2800:3f0:4001:803::2003 São Paulo, Brazil, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 14:33:38 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 15AD
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BYi_PQZb6YZyBF7yZrATfrp3ADQAAAAA4AeAEAg&bg=!8fKl8rbNAAYZkRhwGZE7ACkAdvg8Wqs4w1OqT1mTU9bDWYtuYeKhKvFAV9gaIlkHGjyZzXaXnaU5QwIAAADXUgAAAARoAQeZAvISTktQtQEJlY0dtmuIgAq5pkChW64NO5rwgXS7AqauzyT_ahHg_L6K-arnJrpvfbmKA3wjanRt1RuXUu8DB4ZrFsKI3DGBM0JTyRzl7hSVWA4rc4ftt9kL5Z6xVXkDw4uJ5NkCTj3z2XuTfuq26viGDtgDZcgr8PpDMShCNcjLKPyVs0ZDo-XR6rM3pSFCu2_-SDFmIrKkvYGonZWKNJ1wrOGOjuRf84Is47DSTMZKHbhcmf02OMbSbfrHOC45XkXLyrW_kQ_r_blb7uf8_DiOmn-2mETSkpg-9U4UDsVprRMg16JyTtf_YONTqJD1zM8BLookXJNJ2mmtN7CogTNnWrbAlNYwMPVXucPHMU52U5G_4bohAQ1mpGym32osX_CvR0KYk4fe65FvBJFZYFVyLfTWap0I_y0q5WkEN44dUPsYj9b22suM84SkDzZ50GJgVjSZAKHmntmGvUSkm1VnuVM7eZFUbCpUgzcTDPRq8nnyJtepey9QsDRCG1yJpK8RMiuyNpzvu1BdWpg9dG5JAJOgUaVmu8N6bf-y5f5c2dG0a30XhHeQaGT84bk4XlGIgsX8pwh57ulsBfbP3LrTudXFNANVQ1ia1AeiInPWQmxuYGxJfckqoxsWvXlV7W4YXTq5eCMF1ysKGbmsJNeGBpExIjlq-t0FoYhKk5iGDwvGjud2TvdSpvyEiZd22EyZ0UCHxeAUc7c-7ZD_w4PlmEHUbtfZhR2k8db7fM8Gpf0c6DL9592FlaRsw5FpvogqdcUVHX0XcnM_VeTE8e6kxq0XOHeKWhdmbNXrKRJwTI-CFdTDPIfG6k4dsPIox3iLu7z4K5qlexem6QoaO4GXAK9uXa9t-n_zo9r_5JO9OC2MB6Ylq6ddwoGvmF5oeX_H1bsVb7jeN2HY4k6RTFk0zW6lD2ct1NT13SiwdVsR_i5JOyBRE0jWQC34bWZjRLY0x5wzyTHc2UquXPSQ1V2CCaEnWnyg_iUgWlf_BAwAlNiY
Requested by
Host: c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com
URL: https://c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 14:33:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad.js
z.moatads.com/fallback/ Frame 996C
200 B
465 B
Script
General
Full URL
https://z.moatads.com/fallback/ad.js
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/pbb847483933/bsi.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a917f4179203230547c3fcb75808e5360c61fd052e072a851863f574cdcbd7b1

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 14:33:38 GMT
last-modified
Mon, 11 Feb 2019 21:49:15 GMT
server
AmazonS3
x-amz-request-id
8FAB8DB9E5929BC2
etag
"91b3c96c3750422ec5dd1d7c37bc9c00"
content-type
application/x-javascript
cache-control
max-age=63325
accept-ranges
bytes
content-length
200
x-amz-id-2
x/W1uaB3kPSlKurYiyXCZ9l5MmK+gIbwab+TrfNusE3WZ+itPUfURX7fPk7r7CuulEGg7jtKnZY=
moatad.js
z.moatads.com/tuiukftdisplaybs288007166418/ Frame 3A16
303 KB
103 KB
Script
General
Full URL
https://z.moatads.com/tuiukftdisplaybs288007166418/moatad.js
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/pbb847483933/bsi.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
aeb31b9c4d7e3a7c32d9af15009f8ab3996e954ea20f60d57564c346b4464098

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 14:33:38 GMT
content-encoding
gzip
last-modified
Wed, 19 Jan 2022 15:45:45 GMT
server
AmazonS3
x-amz-request-id
TP4YVQY4SRBCRBHX
etag
"beaf5a7b448bd71c5a0fbe24b2c44110"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=40729
accept-ranges
bytes
content-length
105000
x-amz-id-2
olFbaPDNyGHCe8IMXm93DTSkyqFOfuVlo1A5b7s/u+qNRPzYoDQzeJUkKlR8cuDiWHNOZnd9J80=
file.webm
r4---sn-h0jelnes.gvt1.com/videoplayback/id/e614b1d5bd2cf9d0/itag/44/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1643834017/sparams/acao,ctier,...
15 KB
15 KB
Media
General
Full URL
https://r4---sn-h0jelnes.gvt1.com/videoplayback/id/e614b1d5bd2cf9d0/itag/44/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1643834017/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,requiressl,source/signature/3CD7011036201A15EA27821445A9F048ED55875D.3962C977F9E5742DAB0EAB31CD09AA4D43420D7E/key/cms1/cms_redirect/yes/mh/_z/mip/2a01:4a0:2c::10/mm/28/mn/sn-h0jelnes/ms/nvh/mt/1643811671/mv/u/mvi/4/pl/48/file/file.webm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4016:7::9 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
1c1b2843db1a0d10a23114343a2b792ff80cc3e40619c37bdcf62837153b2017
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.totalrl.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=2883584-

Response headers

date
Wed, 02 Feb 2022 14:33:38 GMT
x-content-type-options
nosniff
last-modified
Wed, 19 Jan 2022 14:32:14 GMT
server
gvs 1.0
vary
Origin
content-type
video/webm
Content-Range
bytes 2883584-2899214/2899215
client-protocol
quic
cache-control
private, max-age=21299
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
15631
expires
Wed, 02 Feb 2022 14:33:38 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame 24FC
42 B
64 B
Image
General
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BpPACQZb6Yae-AZD13wOEq5uAC87hoJRGAAAAEAEgsMGKGDgBWMeg_7-DBGC7hoCA0AqyAQ93d3cudG90YWxybC5jb226AQs0ODB4MzYwX3htbMgBBdoBGGh0dHBzOi8vd3d3LnRvdGFscmwuY29tL5gCnMcBqQKsW5IEUb22PsACAuACAOoCPi8yMDM0NjkzNi9mbHVpZC9wZXJmb3JtYW5jZS90b3RhbHJsL3RvdGFscmwuY29tL2Nhcm91c2VsXzE2MzY4-AKD0h6QA9AFmAPQBagDAeAEAdIFBhDX7Yj2FZAGAaAGI6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwHgBx_SCAkIgOGAEBABGB3YCAKACgWYCwHQFQH4FgGAFwE&sigh=SapCPwm5gTs&label=video_ad_loaded&acvw=&sdkv=h.3.496.0&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU4ODQ3NTM2MjMyDDEzODM3ODQ2NTM1MUCjA1IoCNAFEBIlAACgQSgBOgtLdUUxSGdpRlZoVUILZ29vZ2xldmlkZW9QABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 14:33:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 24FC
0
23 B
Image
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsueLJsP-8yM8UZjXg89i_x9r8XRGeMPuzoLj2kauJlBijs7w4pg8sVFGssXMOibuO5_LwKu0BmDgj5faQtVeVn0DKVCf95Tmwg4ucfnepiRLQB84oHU1OwNvYdDi4e4i1PuruJH5wVenz0O10dap3ttsHmxE6IEuB85L6O04EaFEs4sFlJz_JImyDD50KfHFwCC1G8eEKBxk2k8wO3b4J-E1uInVJokL8-8RulEB385PK93-6P9B326rYN9KcowewUmQFpGv_5RL54OPClouSzdH54NefcUbpKk8qGqRnKwMSz_lcDUezqglKiF5w-OeuD9kOjeVK0Hgn_Hkv-UVuX4iuOIehbjnkaYOajx5683Up6hNEAZkw&sig=Cg0ArKJSzALDBmcAmsXGEAE&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&sdkv=h.3.496.0&adurl=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Feb 2022 14:33:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
/
pubads.g.doubleclick.net/pagead/interaction/ Frame 24FC
42 B
64 B
Image
General
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BpPACQZb6Yae-AZD13wOEq5uAC87hoJRGAAAAEAEgsMGKGDgBWMeg_7-DBGC7hoCA0AqyAQ93d3cudG90YWxybC5jb226AQs0ODB4MzYwX3htbMgBBdoBGGh0dHBzOi8vd3d3LnRvdGFscmwuY29tL5gCnMcBqQKsW5IEUb22PsACAuACAOoCPi8yMDM0NjkzNi9mbHVpZC9wZXJmb3JtYW5jZS90b3RhbHJsL3RvdGFscmwuY29tL2Nhcm91c2VsXzE2MzY4-AKD0h6QA9AFmAPQBagDAeAEAdIFBhDX7Yj2FZAGAaAGI6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwHgBx_SCAkIgOGAEBABGB3YCAKACgWYCwHQFQH4FgGAFwE&sigh=SapCPwm5gTs&label=vast_creativeview&ad_mt=0&acvw=sv%3D915%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D1089,1115,1258,1415%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D20026%26vmtime%3D-1%26is%3D275%26cs%3D274%26c%3D0.65%26mc%3D0.65%26nc%3D0.65%26mv%3D0%26nv%3D0%26lte%3D0.65%26ces%26femt%3D646%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D0,0,4,0,0%26avms%3Dexc%26qi%3D391200892%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D0%26psa%3D0%26ptlt%3D2236%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.01%26t%3D1643812417503&sdkv=h.3.496.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU4ODQ3NTM2MjMyDDEzODM3ODQ2NTM1MUCjA1IrCNAFEBIlAACgQSgBOgtLdUUxSGdpRlZoVUILZ29vZ2xldmlkZW9IpwZQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 14:33:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 24FC
42 B
64 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvQxO95et520JWlyfHtTG3CVaSk4yhjiLcIEDclAagQ1R3_hvDg1dCqBwvHXswFcfutscHQzoECdsi1h26gxQAy9DbdkJwPzLFQh4qLm6sun-dWAEpB&sig=Cg0ArKJSzDgxBJtanF3vEAE&id=lidarv&acvw=sv%3D915%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D1089,1115,1258,1415%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D20026%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D0.65%26mc%3D0.65%26nc%3D0.65%26mv%3D0%26nv%3D0%26lte%3D0.65%26ces%26femt%3D646%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D0,0,4,0,0%26avms%3Dexc%26qi%3D391200892%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D0%26psa%3D0%26ptlt%3D2237%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.01%26t%3D1643812417503&avm=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 14:33:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame 24FC
42 B
64 B
Image
General
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BpPACQZb6Yae-AZD13wOEq5uAC87hoJRGAAAAEAEgsMGKGDgBWMeg_7-DBGC7hoCA0AqyAQ93d3cudG90YWxybC5jb226AQs0ODB4MzYwX3htbMgBBdoBGGh0dHBzOi8vd3d3LnRvdGFscmwuY29tL5gCnMcBqQKsW5IEUb22PsACAuACAOoCPi8yMDM0NjkzNi9mbHVpZC9wZXJmb3JtYW5jZS90b3RhbHJsL3RvdGFscmwuY29tL2Nhcm91c2VsXzE2MzY4-AKD0h6QA9AFmAPQBagDAeAEAdIFBhDX7Yj2FZAGAaAGI6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwHgBx_SCAkIgOGAEBABGB3YCAKACgWYCwHQFQH4FgGAFwE&sigh=SapCPwm5gTs&label=part2viewed&ad_mt=0&acvw=sv%3D915%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D1089,1115,1258,1415%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D20026%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D0.65%26mc%3D0.65%26nc%3D0.65%26mv%3D0%26nv%3D0%26lte%3D0.65%26ces%26femt%3D646%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D0,0,4,0,0%26avms%3Dexc%26qi%3D391200892%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D0%26psa%3D0%26ptlt%3D2239%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.01%26t%3D1643812417503&sdkv=h.3.496.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU4ODQ3NTM2MjMyDDEzODM3ODQ2NTM1MUCjA1IrCNAFEBIlAACgQSgBOgtLdUUxSGdpRlZoVUILZ29vZ2xldmlkZW9IpwZQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 14:33:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame 24FC
42 B
64 B
Image
General
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BpPACQZb6Yae-AZD13wOEq5uAC87hoJRGAAAAEAEgsMGKGDgBWMeg_7-DBGC7hoCA0AqyAQ93d3cudG90YWxybC5jb226AQs0ODB4MzYwX3htbMgBBdoBGGh0dHBzOi8vd3d3LnRvdGFscmwuY29tL5gCnMcBqQKsW5IEUb22PsACAuACAOoCPi8yMDM0NjkzNi9mbHVpZC9wZXJmb3JtYW5jZS90b3RhbHJsL3RvdGFscmwuY29tL2Nhcm91c2VsXzE2MzY4-AKD0h6QA9AFmAPQBagDAeAEAdIFBhDX7Yj2FZAGAaAGI6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwHgBx_SCAkIgOGAEBABGB3YCAKACgWYCwHQFQH4FgGAFwE&sigh=SapCPwm5gTs&label=admute&ad_mt=0&acvw=sv%3D915%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D1089,1115,1258,1415%26tos%3D0,0,11,0,0%26mtos%3D0,0,11,11,11%26amtos%3D0,0,0,0,0%26mcvt%3D11%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D11%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D11%26pst%3D-1%26dur%3D20026%26vmtime%3D-1%26dvs%3D11%26dfvs%3D0%26dvpt%3D11%26is%3D275%26i0%3D275%26ic%3D4096%26cs%3D4370%26c%3D0.65%26mc%3D0.65%26nc%3D0.65%26mv%3D0%26nv%3D0%26lte%3D0.65%26ces%26femt%3D646%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D0,0,4,0,0%26avms%3Dexc%26qi%3D391200892%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D0%26psa%3D0%26ptlt%3D2241%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,11&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.01%26t%3D1643812417503&sdkv=h.3.496.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU4ODQ3NTM2MjMyDDEzODM3ODQ2NTM1MUCjA1IrCNAFEBIlAACgQSgBOgtLdUUxSGdpRlZoVUILZ29vZ2xldmlkZW9IpwZQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 14:33:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad.png
z.moatads.com/fallback/ Frame 996C
4 KB
4 KB
Image
General
Full URL
https://z.moatads.com/fallback/ad.png
Requested by
Host: c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com
URL: https://c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
ef1f342a3e85285f6192a4b04d741a3018a8be6e882da7d9180a869dac3823f8

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 14:33:38 GMT
last-modified
Mon, 11 Feb 2019 20:23:54 GMT
server
AmazonS3
x-amz-request-id
49D31C1D0D873285
etag
"52ebe64201143a9c37ce86939fdc09e8"
content-type
image/png
accept-ranges
bytes
content-length
3937
x-amz-id-2
dAbrrL7VAH/ZEGcAu/BQ6XP5+G0ezSIfjiRDK6wOgJR472IymXY3N5B9Qbl2mauJaJ6Iiek2iJ4=
file.webm
r4---sn-h0jelnes.gvt1.com/videoplayback/id/e614b1d5bd2cf9d0/itag/44/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1643834017/sparams/acao,ctier,...
1 MB
0
Media
General
Full URL
https://r4---sn-h0jelnes.gvt1.com/videoplayback/id/e614b1d5bd2cf9d0/itag/44/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1643834017/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,requiressl,source/signature/3CD7011036201A15EA27821445A9F048ED55875D.3962C977F9E5742DAB0EAB31CD09AA4D43420D7E/key/cms1/cms_redirect/yes/mh/_z/mip/2a01:4a0:2c::10/mm/28/mn/sn-h0jelnes/ms/nvh/mt/1643811671/mv/u/mvi/4/pl/48/file/file.webm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4016:7::9 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.totalrl.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=32768-

Response headers

date
Wed, 02 Feb 2022 14:33:38 GMT
x-content-type-options
nosniff
last-modified
Wed, 19 Jan 2022 14:32:14 GMT
server
gvs 1.0
vary
Origin
content-type
video/webm
Content-Range
bytes 32768-2899214/2899215
client-protocol
quic
cache-control
private, max-age=21299
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
2866447
expires
Wed, 02 Feb 2022 14:33:38 GMT
pixel.gif
px.moatads.com/ Frame 3A16
43 B
260 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=17&i=TUI_UK_FT_DISPLAY_BS2&zMoatUrl=https%3A%2F%2Fwww.totalrl.com%2F&zMoatBSWFFID=_moatApi40612328&zMoatJPCN=MoatHandleJsonpResponse_30120629&zMoatCURL=totalrl.com&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatJPRCVD=t&zMoatJBR2=1&zMoatGSTS=0&zMoatLT=%7Bt0%3A1643812417525%2Ct1%3A1643812417877%2Ct2%3A1643812418216%2Ct3%3A1643812418216%2Cta%3A1643812417849%7D&zMoatNL=1&zMoatPRTJ=%7BconnectEnd%3A1020%2CconnectStart%3A888%2CdecodedBodySize%3A315%2CdomainLookupEnd%3A888%2CdomainLookupStart%3A734%2Cduration%3A338%2CencodedBodySize%3A315%2CfetchStart%3A733%2CredirectEnd%3A0%2CredirectStart%3A0%2CrequestStart%3A1021%2CresponseEnd%3A1071%2CresponseStart%3A1070%2CsecureConnectionStart%3A969%2CstartTime%3A733%2CtransferSize%3A615%2CworkerStart%3A0%7D&zMoatDUR=339&zMoatF3D9Z4=b&zMoatCHNLS=gb_measurable_2%2Cmoat_safe%2Cgb_measurable%2Cdomain_safe%2Cgs_sport_rugby%2Cpr_cheltenham_2020%2Cgs_entertain%2Cgs_business%2Cgs_sport&zMoatINS=4&zMoatGSCACHE=1&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fwww.totalrl.com&lp=https%3A%2F%2Fwww.totalrl.com&t=1643812418408&de=194226317259&m=0&ar=3902fe7180d-clean&iw=469380a&q=2&cb=0&ym=0&cu=1643812418408&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=24411788%3A5549275%3A277843234%3A252610558&zGSRC=1&gv=gb_measurable_2%2Cmoat_safe%2Cgb_measurable%2Cdomain_safe%2Cgs_sport_rugby%2Cpr_cheltenham_2020%2Cgs_entertain%2Cgs_business%2Cgs_sport&hw=1&zMoatGSE=1&gu=https%3A%2F%2Fwww.totalrl.com%2F&id=0&ii=3&bo=undefined&bd=totalrl.com&gq=3&zMoatDTYPE=1&oj=339&gw=tuiukftdisplaybs288007166418&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A782%3A782%3A0%3A766&fs=196551&na=930113055&cs=0
Requested by
Host: c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com
URL: https://c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 14:33:38 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 02 Feb 2022 14:33:38 GMT
pixel.gif
px.moatads.com/ Frame 3A16
43 B
260 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&zMoatUrl=https%3A%2F%2Fwww.totalrl.com%2F&zMoatBSWFFID=_moatApi40612328&zMoatJPCN=MoatHandleJsonpResponse_30120629&zMoatCURL=totalrl.com&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatJPRCVD=t&zMoatJBR2=1&zMoatGSTS=0&zMoatLT=%7Bt0%3A1643812417525%2Ct1%3A1643812417877%2Ct2%3A1643812418216%2Ct3%3A1643812418216%2Cta%3A1643812417849%7D&zMoatNL=1&zMoatPRTJ=%7BconnectEnd%3A1020%2CconnectStart%3A888%2CdecodedBodySize%3A315%2CdomainLookupEnd%3A888%2CdomainLookupStart%3A734%2Cduration%3A338%2CencodedBodySize%3A315%2CfetchStart%3A733%2CredirectEnd%3A0%2CredirectStart%3A0%2CrequestStart%3A1021%2CresponseEnd%3A1071%2CresponseStart%3A1070%2CsecureConnectionStart%3A969%2CstartTime%3A733%2CtransferSize%3A615%2CworkerStart%3A0%7D&zMoatDUR=339&zMoatF3D9Z4=b&zMoatCHNLS=gb_measurable_2%2Cmoat_safe%2Cgb_measurable%2Cdomain_safe%2Cgs_sport_rugby%2Cpr_cheltenham_2020%2Cgs_entertain%2Cgs_business%2Cgs_sport&zMoatINS=4&zMoatGSCACHE=1&zMoatPRTM=%7BconnectEnd%3A0%2CconnectStart%3A0%2CdecodedBodySize%3A0%2CdomainLookupEnd%3A0%2CdomainLookupStart%3A0%2Cduration%3A182%2CencodedBodySize%3A0%2CfetchStart%3A1073%2CredirectEnd%3A0%2CredirectStart%3A0%2CrequestStart%3A0%2CresponseEnd%3A1255%2CresponseStart%3A0%2CsecureConnectionStart%3A0%2CstartTime%3A1073%2CtransferSize%3A0%2CworkerStart%3A0%7D&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fc01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com%2F%2Fsafeframe%2F1-0-38%2Fhtml%2FIFRAME&i=TUI_UK_FT_DISPLAY_BS2&ol=1456765835&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-ML1UUZTTfLdd1xZPfUWeGV63nryfnddNoipOGLOPg%2Fj24vrl5%2FmliBNlAlwWxmRnpyWz&rs=1-WYivBihjElCFgA%3D%3D&sc=1&os=1-oQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=728&zGSRC=1&gv=gb_measurable_2%2Cmoat_safe%2Cgb_measurable%2Cdomain_safe%2Cgs_sport_rugby%2Cpr_cheltenham_2020%2Cgs_entertain%2Cgs_business%2Cgs_sport&hw=1&zMoatGSE=1&gu=https%3A%2F%2Fwww.totalrl.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.totalrl.com&lp=https%3A%2F%2Fwww.totalrl.com&t=1643812418408&de=194226317259&cu=1643812418408&m=NaN&ar=3902fe7180d-clean&iw=469380a&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=94&le=1&gm=1&io=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=0%3A782%3A782%3A0%3A766&im=0&in=0&pd=0&em=0&en=0&bu=0&cd=0&ah=0&am=0&rf=0&re=1&cl=0&at=0&d=24411788%3A5549275%3A277843234%3A252610558&bo=undefined&bd=totalrl.com&gq=3&zMoatDTYPE=1&oj=339&gw=tuiukftdisplaybs288007166418&hv=BrandSafetyFrame&ab=2&ac=1&fd=1&kt=null&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=196551&na=358205102&cs=0
Requested by
Host: c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com
URL: https://c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 14:33:38 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 02 Feb 2022 14:33:38 GMT
segment0.ts
videos.skysports.com/media/v1/hls/v5/clear/6057984924001/b0248a43-fb74-40da-8949-21fd14ad8f94/85c0ba97-a5b1-4a89-8d05-25d601a4e6c2/3x/ Frame EA80
112 KB
113 KB
XHR
General
Full URL
https://videos.skysports.com/media/v1/hls/v5/clear/6057984924001/b0248a43-fb74-40da-8949-21fd14ad8f94/85c0ba97-a5b1-4a89-8d05-25d601a4e6c2/3x/segment0.ts
Requested by
Host: cdnb.4strokemedia.com
URL: https://cdnb.4strokemedia.com/carousel/v4/hls.min.js?v01416
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.251.57 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-251-57.deploy.static.akamaitechnologies.com
Software
/ BC
Resource Hash
a2494f93c1fb3174d8dd96276cb7bb70a3047ecba2e533dd95792e40ae2d57a4

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 14:33:38 GMT
X-Amz-Cf-Pop
LHR62-C4
X-Powered-By
BC
Backend-IP
52.84.93.126
X-Cache-Hits
1
BC-MID
true
Connection
keep-alive
Content-Length
114680
X-Served-By
cache-lhr7361-LHR
Last-Modified
Fri, 01 Jan 2016 00:00:00 GMT
X-Timer
S1643800064.069882,VS0,VE1
X-Powered-From
gantry
ETag
"5da795a2b900fa7066785875b8a7ee4c"
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Content-Type
video/MP2T
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,Range,Content-Length,Content-Range
Cache-Control
public, max-age=31522326
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Requested-With,Origin,Range,Accept-Encoding,Referer
X-Amz-Cf-Id
45pV8QBLsFl3rehNDR7mPMuLui6BF2HjXAc2WOHvGkvWtad6WSJERQ==
Expires
Thu, 02 Feb 2023 10:45:44 GMT
pixel.gif
px.moatads.com/ Frame 3A16
43 B
260 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&zMoatUrl=https%3A%2F%2Fwww.totalrl.com%2F&zMoatBSWFFID=_moatApi40612328&zMoatJPCN=MoatHandleJsonpResponse_30120629&zMoatCURL=totalrl.com&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatJPRCVD=t&zMoatJBR2=1&zMoatGSTS=0&zMoatLT=%7Bt0%3A1643812417525%2Ct1%3A1643812417877%2Ct2%3A1643812418216%2Ct3%3A1643812418216%2Cta%3A1643812417849%7D&zMoatNL=1&zMoatPRTJ=%7BconnectEnd%3A1020%2CconnectStart%3A888%2CdecodedBodySize%3A315%2CdomainLookupEnd%3A888%2CdomainLookupStart%3A734%2Cduration%3A338%2CencodedBodySize%3A315%2CfetchStart%3A733%2CredirectEnd%3A0%2CredirectStart%3A0%2CrequestStart%3A1021%2CresponseEnd%3A1071%2CresponseStart%3A1070%2CsecureConnectionStart%3A969%2CstartTime%3A733%2CtransferSize%3A615%2CworkerStart%3A0%7D&zMoatDUR=339&zMoatF3D9Z4=b&zMoatCHNLS=gb_measurable_2%2Cmoat_safe%2Cgb_measurable%2Cdomain_safe%2Cgs_sport_rugby%2Cpr_cheltenham_2020%2Cgs_entertain%2Cgs_business%2Cgs_sport&zMoatINS=4&zMoatGSCACHE=1&zMoatPRTM=%7BconnectEnd%3A0%2CconnectStart%3A0%2CdecodedBodySize%3A0%2CdomainLookupEnd%3A0%2CdomainLookupStart%3A0%2Cduration%3A182%2CencodedBodySize%3A0%2CfetchStart%3A1073%2CredirectEnd%3A0%2CredirectStart%3A0%2CrequestStart%3A0%2CresponseEnd%3A1255%2CresponseStart%3A0%2CsecureConnectionStart%3A0%2CstartTime%3A1073%2CtransferSize%3A0%2CworkerStart%3A0%7D&zMoatPTNS=1643812417144&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TUI_UK_FT_DISPLAY_BS2&ol=1456765835&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-ML1UUZTTfLdd1xZPfUWeGV63nryfnddNoipOGLOPg%2Fj24vrl5%2FmliBNlAlwWxmRnpyWz&rs=1-WYivBihjElCFgA%3D%3D&sc=1&os=1-oQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=728&zGSRC=1&gv=gb_measurable_2%2Cmoat_safe%2Cgb_measurable%2Cdomain_safe%2Cgs_sport_rugby%2Cpr_cheltenham_2020%2Cgs_entertain%2Cgs_business%2Cgs_sport&hw=1&zMoatGSE=1&gu=https%3A%2F%2Fwww.totalrl.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.totalrl.com&lp=https%3A%2F%2Fwww.totalrl.com&t=1643812418408&de=194226317259&cu=1643812418408&m=63&ar=3902fe7180d-clean&iw=469380a&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=94&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A782%3A782%3A0%3A766&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&bu=53&cd=0&ah=53&am=0&rf=0&re=1&wb=1&cl=0&at=0&d=24411788%3A5549275%3A277843234%3A252610558&bo=undefined&bd=totalrl.com&gq=3&zMoatDTYPE=1&oj=339&gw=tuiukftdisplaybs288007166418&hv=BrandSafetyFrame&ab=2&ac=1&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=196551&na=297889267&cs=0
Requested by
Host: c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com
URL: https://c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 14:33:38 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 02 Feb 2022 14:33:38 GMT
pixel.gif
px.moatads.com/ Frame 3A16
43 B
260 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=37&q=0&zMoatUrl=https%3A%2F%2Fwww.totalrl.com%2F&zMoatBSWFFID=_moatApi40612328&zMoatJPCN=MoatHandleJsonpResponse_30120629&zMoatCURL=totalrl.com&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatJPRCVD=t&zMoatJBR2=1&zMoatGSTS=0&zMoatLT=%7Bt0%3A1643812417525%2Ct1%3A1643812417877%2Ct2%3A1643812418216%2Ct3%3A1643812418216%2Cta%3A1643812417849%7D&zMoatNL=1&zMoatPRTJ=%7BconnectEnd%3A1020%2CconnectStart%3A888%2CdecodedBodySize%3A315%2CdomainLookupEnd%3A888%2CdomainLookupStart%3A734%2Cduration%3A338%2CencodedBodySize%3A315%2CfetchStart%3A733%2CredirectEnd%3A0%2CredirectStart%3A0%2CrequestStart%3A1021%2CresponseEnd%3A1071%2CresponseStart%3A1070%2CsecureConnectionStart%3A969%2CstartTime%3A733%2CtransferSize%3A615%2CworkerStart%3A0%7D&zMoatDUR=339&zMoatF3D9Z4=b&zMoatCHNLS=gb_measurable_2%2Cmoat_safe%2Cgb_measurable%2Cdomain_safe%2Cgs_sport_rugby%2Cpr_cheltenham_2020%2Cgs_entertain%2Cgs_business%2Cgs_sport&zMoatINS=4&zMoatGSCACHE=1&zMoatPRTM=%7BconnectEnd%3A0%2CconnectStart%3A0%2CdecodedBodySize%3A0%2CdomainLookupEnd%3A0%2CdomainLookupStart%3A0%2Cduration%3A182%2CencodedBodySize%3A0%2CfetchStart%3A1073%2CredirectEnd%3A0%2CredirectStart%3A0%2CrequestStart%3A0%2CresponseEnd%3A1255%2CresponseStart%3A0%2CsecureConnectionStart%3A0%2CstartTime%3A1073%2CtransferSize%3A0%2CworkerStart%3A0%7D&zMoatPTNS=1643812417144&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TUI_UK_FT_DISPLAY_BS2&ol=1456765835&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-ML1UUZTTfLdd1xZPfUWeGV63nryfnddNoipOGLOPg%2Fj24vrl5%2FmliBNlAlwWxmRnpyWz&rs=1-WYivBihjElCFgA%3D%3D&sc=1&os=1-oQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=728&zGSRC=1&gv=gb_measurable_2%2Cmoat_safe%2Cgb_measurable%2Cdomain_safe%2Cgs_sport_rugby%2Cpr_cheltenham_2020%2Cgs_entertain%2Cgs_business%2Cgs_sport&hw=1&zMoatGSE=1&gu=https%3A%2F%2Fwww.totalrl.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.totalrl.com&lp=https%3A%2F%2Fwww.totalrl.com&t=1643812418408&de=194226317259&cu=1643812418408&m=207&ar=3902fe7180d-clean&iw=469380a&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=94&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=99&vx=-%3A99%3A-&pe=0%3A782%3A782%3A0%3A766&aa=0&ad=74&cn=0&gk=74&gl=0&ik=74&ic=74&ez=1&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=53&cd=53&ah=53&am=53&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=24411788%3A5549275%3A277843234%3A252610558&bo=undefined&bd=totalrl.com&gq=3&zMoatDTYPE=1&oj=339&gw=tuiukftdisplaybs288007166418&hv=BrandSafetyFrame&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=196551&na=582567747&cs=0
Requested by
Host: c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com
URL: https://c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 14:33:38 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 02 Feb 2022 14:33:38 GMT
segment0.ts
videos.skysports.com/media/v1/hls/v5/clear/6057984924001/b0248a43-fb74-40da-8949-21fd14ad8f94/1c1e2675-fe97-443c-929f-985f5e75b078/3x/ Frame EA80
714 KB
715 KB
XHR
General
Full URL
https://videos.skysports.com/media/v1/hls/v5/clear/6057984924001/b0248a43-fb74-40da-8949-21fd14ad8f94/1c1e2675-fe97-443c-929f-985f5e75b078/3x/segment0.ts
Requested by
Host: cdnb.4strokemedia.com
URL: https://cdnb.4strokemedia.com/carousel/v4/hls.min.js?v01416
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.251.57 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-251-57.deploy.static.akamaitechnologies.com
Software
/ BC
Resource Hash
86826d6100240b31ce53819619d821691753321cefa122c3accb42f35d1134ab

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 14:33:38 GMT
X-Amz-Cf-Pop
LHR61-C2
X-Powered-By
BC
Backend-IP
13.224.227.90
X-Cache-Hits
1
BC-MID
true
Connection
keep-alive
Content-Length
731320
X-Served-By
cache-lhr7349-LHR
Last-Modified
Fri, 01 Jan 2016 00:00:00 GMT
X-Timer
S1643800064.861897,VS0,VE1
X-Powered-From
gantry
ETag
"efa4b1bdbe707e827fad8af9f22aa5b2"
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Content-Type
video/MP2T
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,Range,Content-Length,Content-Range
Cache-Control
public, max-age=31522425
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Requested-With,Origin,Range,Accept-Encoding,Referer
X-Amz-Cf-Id
g_qSdZz_50OVF5Y2VRwZHX0SlDPohCindEm25xVBuG-z00MGRX_gMA==
Expires
Thu, 02 Feb 2023 10:47:23 GMT
ae66e5cb-0f9b-45a8-b356-4266e9467a58
https://www.totalrl.com/ Frame EA80
61 KB
0
Other
General
Full URL
blob:https://www.totalrl.com/ae66e5cb-0f9b-45a8-b356-4266e9467a58
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
703ae506a96c2ded1ba790a6c9575b59cd22b94ce61ab7eac3aca7add6932d76

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length
62051
Content-Type
text/javascript
activeview
pagead2.googlesyndication.com/pcs/ Frame 3A16
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvKXs-nAXycZ5O9K290BcdbRX-sAzr5xNYBjusQguDs8-RSkQljAOSzlK-r-fjwAn_wIdwqT-84iSgeAx2lEDMGvqN_buCfCYkQdVDJ7GvHeZx_X1RdLg&sai=AMfl-YSdcqxDSnnV44g1N1A4N_i5ieRUkYVOVzen1fxsbL9JHNj7QeP0uMz_uvakNfUuC5yW35G14qEYpz2tRqNgLtV9I0fkllpM4YFNowFvbdIZZ_nyg_n24AH0i-gm&sig=Cg0ArKJSzPJlsWVff56wEAE&cid=CAASEuRob0FHamGDphZK5IOTpIH6BA&id=lidar2&mcvt=1001&p=66,706,160,1434&mtos=0,1001,1001,1001,1001&tos=0,1001,0,0,0&v=20220131&bin=7&avms=nio&bs=0,0&mc=0.95&if=1&app=0&itpl=20&adk=1263673500&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1643812417144&rpt=762&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 14:33:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
83eee2f7-1c47-4bc0-a6a6-ef7e281e4798
https://www.totalrl.com/ Frame EA80
61 KB
0
Other
General
Full URL
blob:https://www.totalrl.com/83eee2f7-1c47-4bc0-a6a6-ef7e281e4798
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
703ae506a96c2ded1ba790a6c9575b59cd22b94ce61ab7eac3aca7add6932d76

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length
62051
Content-Type
text/javascript
pv
bd.tncid.app/
72 B
445 B
XHR
General
Full URL
https://bd.tncid.app/pv
Requested by
Host: js.tncid.app
URL: https://js.tncid.app/tnc.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.51.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
234.51.120.34.bc.googleusercontent.com
Software
/
Resource Hash
9dddc91b29cffa63af4fbb64810916b6f1ece118aad738629e634b94ea1bf8b7

Request headers

Referer
https://www.totalrl.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 14:33:39 GMT
via
1.1 google
last-modified
Wed, 02 Feb 2022 14:33:39 GMT
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Pragma, Cache-Control
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc
clear
content-length
72
expires
Wed, 11 Nov 1998 11:11:11 GMT
rendition.m3u8
manifest.prod.boltdns.net/manifest/v1/hls/v5/clear/6057984924001/b0248a43-fb74-40da-8949-21fd14ad8f94/5958faa0-7cbe-4c1c-9d12-a349b635ea31/6s/ Frame EA80
4 KB
4 KB
XHR
General
Full URL
https://manifest.prod.boltdns.net/manifest/v1/hls/v5/clear/6057984924001/b0248a43-fb74-40da-8949-21fd14ad8f94/5958faa0-7cbe-4c1c-9d12-a349b635ea31/6s/rendition.m3u8?fastly_token=NjFmYWVlYzZfMjlhYjhmY2Y3NTBhZWUyODFiYTJjZThiOGEwOGRmMGEyOGZlYzkzY2M1NWU5YjAzMDVlMGQzY2QyODQyMDFhNA%3D%3D
Requested by
Host: cdnb.4strokemedia.com
URL: https://cdnb.4strokemedia.com/carousel/v4/hls.min.js?v01416
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::539 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ BC
Resource Hash
429509f60db238d27e807f1c72d6d9168c086c8bc99fddf557b73120de7acfa3

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 14:33:39 GMT
via
1.1 varnish
age
0
x-powered-by
BC
x-cache
MISS
content-length
4013
x-served-by
cache-icn1450059-ICN
x-device-group
desktop-chrome
x-timer
S1643812419.377078,VS0,VE308
x-powered-from
gantry
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Server,Range,Content-Length,Content-Range
cache-control
s-maxage=10800, max-age=10800
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits
0
segment1.ts
videos.skysports.com/media/v1/hls/v5/clear/6057984924001/b0248a43-fb74-40da-8949-21fd14ad8f94/85c0ba97-a5b1-4a89-8d05-25d601a4e6c2/3x/ Frame EA80
115 KB
116 KB
XHR
General
Full URL
https://videos.skysports.com/media/v1/hls/v5/clear/6057984924001/b0248a43-fb74-40da-8949-21fd14ad8f94/85c0ba97-a5b1-4a89-8d05-25d601a4e6c2/3x/segment1.ts
Requested by
Host: cdnb.4strokemedia.com
URL: https://cdnb.4strokemedia.com/carousel/v4/hls.min.js?v01416
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.251.57 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-251-57.deploy.static.akamaitechnologies.com
Software
/ BC
Resource Hash
2d3553e4811f748bb8fc11d6c2294d1df8e3ed216a078e048fe9bacc75c9d09b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 14:33:39 GMT
X-Amz-Cf-Pop
LHR62-C4
X-Powered-By
BC
Backend-IP
52.84.93.45
X-Cache-Hits
1
BC-MID
true
Connection
keep-alive
Content-Length
118064
X-Served-By
cache-lhr7349-LHR
Last-Modified
Fri, 01 Jan 2016 00:00:00 GMT
X-Timer
S1643800065.906427,VS0,VE1
X-Powered-From
gantry
ETag
"d640a03589f799cb0870d4cd2a13671c"
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Content-Type
video/MP2T
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,Range,Content-Length,Content-Range
Cache-Control
public, max-age=31522445
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Requested-With,Origin,Range,Accept-Encoding,Referer
X-Amz-Cf-Id
bRoKSDawSZN-qARDgZ6wtLRwyf-4P9C-6lzuM-JfJ4pfucf5pkUpkA==
Expires
Thu, 02 Feb 2023 10:47:44 GMT
DFPAudiencePixel;ord=4553089287781.591;dc_seg=6760747540;ppid=ab2546de-1c5b-4363-af4a-747accbc9673
securepubads.g.doubleclick.net/activity;dc_iu=/316816995/
42 B
63 B
Image
General
Full URL
https://securepubads.g.doubleclick.net/activity;dc_iu=/316816995/DFPAudiencePixel;ord=4553089287781.591;dc_seg=6760747540;ppid=ab2546de-1c5b-4363-af4a-747accbc9673?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 14:33:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rid
match.adsrvr.org/track/
108 B
542 B
XHR
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=2jqw284&fmt=json
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/8/d/888a21-7200-4950-964c-28a7af0912d4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
7a6e010ff1e8981f263947d6c27b125696a7bfdac0ee62a72a8c7d5fc131b4a8

Request headers

Referer
https://www.totalrl.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 02 Feb 2022 14:33:39 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.totalrl.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Fri, 04 Mar 2022 14:33:39 GMT
1013.json
id5-sync.com/g/v2/
213 B
533 B
XHR
General
Full URL
https://id5-sync.com/g/v2/1013.json
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/8/d/888a21-7200-4950-964c-28a7af0912d4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
141.95.3.9 , France, ASN16276 (OVH, FR),
Reverse DNS
p32.id5-sync.com
Software
/
Resource Hash
8f7134841cac4cf8fba5faf246a352c01cbe26eb6b99c6c20d2343e7ac746523
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.totalrl.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.totalrl.com
Date
Wed, 02 Feb 2022 14:33:39 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/
44 B
110 B
XHR
General
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=1458
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/8/d/888a21-7200-4950-964c-28a7af0912d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.totalrl.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 02 Feb 2022 14:33:39 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.totalrl.com
access-control-allow-credentials
true
alt-svc
clear
content-length
44
usersync
rtb.gumgum.com/
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%...
  • https://rtb.gumgum.com/usersync?b=vnt&i=1d5510e0-8435-11ec-a6ce-4582b9d74417
35 B
208 B
Image
General
Full URL
https://rtb.gumgum.com/usersync?b=vnt&i=1d5510e0-8435-11ec-a6ce-4582b9d74417
Protocol
H2
Server
52.30.114.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-114-170.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 14:33:40 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=vnt&i=1d5510e0-8435-11ec-a6ce-4582b9d74417
Date
Wed, 02 Feb 2022 14:33:39 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
1d5510e1-8435-11ec-a6ce-4582b9d74417
cksync.php
contextual.media.net/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&gdpr_pd=1
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dmedianet
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dmedianet
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=92abe6c2-9be2-4d96-b08f-571c8fb1e27a&ssp=medianet
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=b5bcd426-2a0b-4048-85d8-093f463b7639&gdpr=&gdpr_consent=&gdpr_pd=
45 B
463 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=b5bcd426-2a0b-4048-85d8-093f463b7639&gdpr=&gdpr_consent=&gdpr_pd=
Protocol
H2
Server
184.87.212.24 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-212-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Wed, 02 Feb 2022 14:33:40 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Wed, 02 Feb 2022 14:33:40 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?cs=1&type=bs&ovsid=b5bcd426-2a0b-4048-85d8-093f463b7639&gdpr=&gdpr_consent=&gdpr_pd=
Date
Wed, 02 Feb 2022 14:33:39 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
i.gif
e.serverbid.com/udb/9969/sync/
Redirect Chain
  • https://pixel.advertising.com/ups/56621/occ
  • https://pixel.advertising.com/ups/56621/occ?verify=true
  • https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP1d0f07a1-8435-11ec-b9b5-0213114c0708
  • https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP1d0f07a1-8435-11ec-b9b5-0213114c0708&verify=true
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP1d0f07a1-8435-11ec-b9b5-0213114c0708
0
44 B
Image
General
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP1d0f07a1-8435-11ec-b9b5-0213114c0708
Protocol
H2
Server
134.209.129.254 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 14:33:39 GMT
content-length
0

Redirect headers

location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP1d0f07a1-8435-11ec-b9b5-0213114c0708
date
Wed, 02 Feb 2022 14:33:40 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
i.gif
e.serverbid.com/udb/9969/sync/
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26a%3Dtrue%26userId%3D
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&a=true&userId=YfqWQYRUodm3ZrwEjRCWJAAA%26319
0
44 B
Image
General
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&a=true&userId=YfqWQYRUodm3ZrwEjRCWJAAA%26319
Protocol
H2
Server
134.209.129.254 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 14:33:39 GMT
content-length
0

Redirect headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 14:33:39 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&a=true&userId=YfqWQYRUodm3ZrwEjRCWJAAA%26319
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
292
Expires
Wed, 02 Feb 2022 14:33:39 GMT
9.gif
id5-sync.com/s/441/
43 B
1009 B
Image
General
Full URL
https://id5-sync.com/s/441/9.gif?puid=&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
141.95.3.9 , France, ASN16276 (OVH, FR),
Reverse DNS
p32.id5-sync.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 14:33:39 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
cksync.php
contextual.media.net/
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=1189342d-e72a-4afa-8d01-0dbbb7410791
45 B
614 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=1189342d-e72a-4afa-8d01-0dbbb7410791
Protocol
H2
Server
184.87.212.24 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-212-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Wed, 02 Feb 2022 14:33:39 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Wed, 02 Feb 2022 14:33:39 GMT

Redirect headers

pragma
no-cache
date
Wed, 02 Feb 2022 14:33:39 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=1189342d-e72a-4afa-8d01-0dbbb7410791
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1736613
content-length
0
expires
Wed, 02 Feb 2022 00:00:00 GMT
sync
x.bidswitch.net/
43 B
220 B
Image
General
Full URL
https://x.bidswitch.net/sync?ssp=gumgum2&user_id=&gdpr=1&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.58.191 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-58-191.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 14:33:39 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
usersync
rtb.gumgum.com/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
  • https://rtb.gumgum.com/usersync?b=apn&i=3068919121630451178
35 B
208 B
Image
General
Full URL
https://rtb.gumgum.com/usersync?b=apn&i=3068919121630451178
Protocol
H2
Server
52.30.114.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-114-170.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 14:33:39 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 14:33:39 GMT
X-Proxy-Origin
82.199.130.36; 82.199.130.36; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
4b4407a5-e33c-4538-85bf-0f6377b5d4f1
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://rtb.gumgum.com/usersync?b=apn&i=3068919121630451178
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usa
sync.go.sonobi.com/
0
478 B
Image
General
Full URL
https://sync.go.sonobi.com/usa?https://e.serverbid.com/udb/9969/sync/i.gif?a=true&partnerId=38&userId=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 14:33:39 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
ImgSync
image8.pubmatic.com/AdServer/
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156972
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NUQwNTlGQUMtRUYyQS00M0Q3LTk2QTItOTQ2RTZGNzFFODYw&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEP3QrMZQzH-SXzHzrPD2fSc&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
160 B
Image
General
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Protocol
H2
Server
198.47.127.18 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 14:33:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Wed, 02 Feb 2022 14:33:39 GMT
cache-control
no-store, no-cache, private
x-lat
sfopug019:0:938
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cksync.php
cs.media.net/
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Ddxu%26ovsid%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Ddxu%26ovsid%3D_wfivefivec_
  • https://cs.media.net/cksync.php?cs=8&type=dxu&ovsid=HcNfqIU31NfgHx5
45 B
455 B
Image
General
Full URL
https://cs.media.net/cksync.php?cs=8&type=dxu&ovsid=HcNfqIU31NfgHx5
Protocol
H2
Server
184.87.212.24 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-212-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 14:33:40 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
timing-allow-origin
*
content-length
45
x-mnet-hl2
E
expires
Wed, 02 Feb 2022 14:33:40 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 14:33:39 GMT
Server
PingMatch/v2.0.30-702-g2925257#rel-ec2-master i-0a9739bdde9ce53f1@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://cs.media.net/cksync.php?cs=8&type=dxu&ovsid=HcNfqIU31NfgHx5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
current
medianet-match.dotomi.com/match/bounce/
0
104 B
Image
General
Full URL
https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Dcon%26ovsid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 14:33:39 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
cksync.php
cs.media.net/
44 B
294 B
Image
General
Full URL
https://cs.media.net/cksync.php?cs=8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.87.212.24 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-212-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1681cb2b2db935f48c843351945df3f3f77f79c1c8de28c4fa88d8b655c25ae2

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 14:33:40 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
timing-allow-origin
*
content-length
44
x-mnet-hl2
E
expires
Wed, 02 Feb 2022 14:33:40 GMT
pixel.gif
px.moatads.com/ Frame 3A16
43 B
260 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=37&q=1&zMoatUrl=https%3A%2F%2Fwww.totalrl.com%2F&zMoatBSWFFID=_moatApi40612328&zMoatJPCN=MoatHandleJsonpResponse_30120629&zMoatCURL=totalrl.com&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatJPRCVD=t&zMoatJBR2=1&zMoatGSTS=0&zMoatLT=%7Bt0%3A1643812417525%2Ct1%3A1643812417877%2Ct2%3A1643812418216%2Ct3%3A1643812418216%2Cta%3A1643812417849%7D&zMoatNL=1&zMoatPRTJ=%7BconnectEnd%3A1020%2CconnectStart%3A888%2CdecodedBodySize%3A315%2CdomainLookupEnd%3A888%2CdomainLookupStart%3A734%2Cduration%3A338%2CencodedBodySize%3A315%2CfetchStart%3A733%2CredirectEnd%3A0%2CredirectStart%3A0%2CrequestStart%3A1021%2CresponseEnd%3A1071%2CresponseStart%3A1070%2CsecureConnectionStart%3A969%2CstartTime%3A733%2CtransferSize%3A615%2CworkerStart%3A0%7D&zMoatDUR=339&zMoatF3D9Z4=b&zMoatCHNLS=gb_measurable_2%2Cmoat_safe%2Cgb_measurable%2Cdomain_safe%2Cgs_sport_rugby%2Cpr_cheltenham_2020%2Cgs_entertain%2Cgs_business%2Cgs_sport&zMoatINS=4&zMoatGSCACHE=1&zMoatPRTM=%7BconnectEnd%3A0%2CconnectStart%3A0%2CdecodedBodySize%3A0%2CdomainLookupEnd%3A0%2CdomainLookupStart%3A0%2Cduration%3A182%2CencodedBodySize%3A0%2CfetchStart%3A1073%2CredirectEnd%3A0%2CredirectStart%3A0%2CrequestStart%3A0%2CresponseEnd%3A1255%2CresponseStart%3A0%2CsecureConnectionStart%3A0%2CstartTime%3A1073%2CtransferSize%3A0%2CworkerStart%3A0%7D&zMoatPTNS=1643812417144&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TUI_UK_FT_DISPLAY_BS2&ol=1456765835&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-ML1UUZTTfLdd1xZPfUWeGV63nryfnddNoipOGLOPg%2Fj24vrl5%2FmliBNlAlwWxmRnpyWz&rs=1-WYivBihjElCFgA%3D%3D&sc=1&os=1-oQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=728&zGSRC=1&gv=gb_measurable_2%2Cmoat_safe%2Cgb_measurable%2Cdomain_safe%2Cgs_sport_rugby%2Cpr_cheltenham_2020%2Cgs_entertain%2Cgs_business%2Cgs_sport&hw=1&zMoatGSE=1&gu=https%3A%2F%2Fwww.totalrl.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.totalrl.com&lp=https%3A%2F%2Fwww.totalrl.com&t=1643812418408&de=194226317259&cu=1643812418408&m=1215&ar=3902fe7180d-clean&iw=469380a&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=94&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=99&vx=-%3A99%3A-&pe=0%3A782%3A782%3A1615%3A766&aa=1&ad=1083&cn=74&gn=1&gk=1083&gl=74&ik=1083&ic=1083&ez=1&co=1083&cp=1009&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1009&cd=53&ah=1009&am=53&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=24411788%3A5549275%3A277843234%3A252610558&bo=undefined&bd=totalrl.com&gq=3&zMoatDTYPE=1&oj=339&gw=tuiukftdisplaybs288007166418&hv=BrandSafetyFrame&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=196551&na=1492447841&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 14:33:39 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 02 Feb 2022 14:33:39 GMT
pixel.gif
px.moatads.com/ Frame 3A16
43 B
260 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=5&q=0&zMoatUrl=https%3A%2F%2Fwww.totalrl.com%2F&zMoatBSWFFID=_moatApi40612328&zMoatJPCN=MoatHandleJsonpResponse_30120629&zMoatCURL=totalrl.com&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatJPRCVD=t&zMoatJBR2=1&zMoatGSTS=0&zMoatLT=%7Bt0%3A1643812417525%2Ct1%3A1643812417877%2Ct2%3A1643812418216%2Ct3%3A1643812418216%2Cta%3A1643812417849%7D&zMoatNL=1&zMoatPRTJ=%7BconnectEnd%3A1020%2CconnectStart%3A888%2CdecodedBodySize%3A315%2CdomainLookupEnd%3A888%2CdomainLookupStart%3A734%2Cduration%3A338%2CencodedBodySize%3A315%2CfetchStart%3A733%2CredirectEnd%3A0%2CredirectStart%3A0%2CrequestStart%3A1021%2CresponseEnd%3A1071%2CresponseStart%3A1070%2CsecureConnectionStart%3A969%2CstartTime%3A733%2CtransferSize%3A615%2CworkerStart%3A0%7D&zMoatDUR=339&zMoatF3D9Z4=b&zMoatCHNLS=gb_measurable_2%2Cmoat_safe%2Cgb_measurable%2Cdomain_safe%2Cgs_sport_rugby%2Cpr_cheltenham_2020%2Cgs_entertain%2Cgs_business%2Cgs_sport&zMoatINS=4&zMoatGSCACHE=1&zMoatPRTM=%7BconnectEnd%3A0%2CconnectStart%3A0%2CdecodedBodySize%3A0%2CdomainLookupEnd%3A0%2CdomainLookupStart%3A0%2Cduration%3A182%2CencodedBodySize%3A0%2CfetchStart%3A1073%2CredirectEnd%3A0%2CredirectStart%3A0%2CrequestStart%3A0%2CresponseEnd%3A1255%2CresponseStart%3A0%2CsecureConnectionStart%3A0%2CstartTime%3A1073%2CtransferSize%3A0%2CworkerStart%3A0%7D&zMoatPTNS=1643812417144&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TUI_UK_FT_DISPLAY_BS2&ol=1456765835&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-ML1UUZTTfLdd1xZPfUWeGV63nryfnddNoipOGLOPg%2Fj24vrl5%2FmliBNlAlwWxmRnpyWz&rs=1-WYivBihjElCFgA%3D%3D&sc=1&os=1-oQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=728&zGSRC=1&gv=gb_measurable_2%2Cmoat_safe%2Cgb_measurable%2Cdomain_safe%2Cgs_sport_rugby%2Cpr_cheltenham_2020%2Cgs_entertain%2Cgs_business%2Cgs_sport&hw=1&zMoatGSE=1&gu=https%3A%2F%2Fwww.totalrl.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.totalrl.com&lp=https%3A%2F%2Fwww.totalrl.com&t=1643812418408&de=194226317259&cu=1643812418408&m=1216&ar=3902fe7180d-clean&iw=469380a&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=94&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=99&vx=-%3A99%3A-&pe=0%3A782%3A782%3A1615%3A766&aa=1&ad=1083&cn=1083&gn=1&gk=1083&gl=1083&ik=1083&ic=1083&ez=1&co=1083&cp=1009&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1009&cd=1009&ah=1009&am=1009&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=24411788%3A5549275%3A277843234%3A252610558&bo=undefined&bd=totalrl.com&gq=3&zMoatDTYPE=1&oj=339&gw=tuiukftdisplaybs288007166418&hv=BrandSafetyFrame&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=196551&na=1093151561&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 14:33:39 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 02 Feb 2022 14:33:39 GMT
pixel.gif
px.moatads.com/ Frame 3A16
43 B
260 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=37&q=2&zMoatUrl=https%3A%2F%2Fwww.totalrl.com%2F&zMoatBSWFFID=_moatApi40612328&zMoatJPCN=MoatHandleJsonpResponse_30120629&zMoatCURL=totalrl.com&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatJPRCVD=t&zMoatJBR2=1&zMoatGSTS=0&zMoatLT=%7Bt0%3A1643812417525%2Ct1%3A1643812417877%2Ct2%3A1643812418216%2Ct3%3A1643812418216%2Cta%3A1643812417849%7D&zMoatNL=1&zMoatPRTJ=%7BconnectEnd%3A1020%2CconnectStart%3A888%2CdecodedBodySize%3A315%2CdomainLookupEnd%3A888%2CdomainLookupStart%3A734%2Cduration%3A338%2CencodedBodySize%3A315%2CfetchStart%3A733%2CredirectEnd%3A0%2CredirectStart%3A0%2CrequestStart%3A1021%2CresponseEnd%3A1071%2CresponseStart%3A1070%2CsecureConnectionStart%3A969%2CstartTime%3A733%2CtransferSize%3A615%2CworkerStart%3A0%7D&zMoatDUR=339&zMoatF3D9Z4=b&zMoatCHNLS=gb_measurable_2%2Cmoat_safe%2Cgb_measurable%2Cdomain_safe%2Cgs_sport_rugby%2Cpr_cheltenham_2020%2Cgs_entertain%2Cgs_business%2Cgs_sport&zMoatINS=4&zMoatGSCACHE=1&zMoatPRTM=%7BconnectEnd%3A0%2CconnectStart%3A0%2CdecodedBodySize%3A0%2CdomainLookupEnd%3A0%2CdomainLookupStart%3A0%2Cduration%3A182%2CencodedBodySize%3A0%2CfetchStart%3A1073%2CredirectEnd%3A0%2CredirectStart%3A0%2CrequestStart%3A0%2CresponseEnd%3A1255%2CresponseStart%3A0%2CsecureConnectionStart%3A0%2CstartTime%3A1073%2CtransferSize%3A0%2CworkerStart%3A0%7D&zMoatPTNS=1643812417144&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TUI_UK_FT_DISPLAY_BS2&ol=1456765835&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-ML1UUZTTfLdd1xZPfUWeGV63nryfnddNoipOGLOPg%2Fj24vrl5%2FmliBNlAlwWxmRnpyWz&rs=1-WYivBihjElCFgA%3D%3D&sc=1&os=1-oQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=5&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=728&zGSRC=1&gv=gb_measurable_2%2Cmoat_safe%2Cgb_measurable%2Cdomain_safe%2Cgs_sport_rugby%2Cpr_cheltenham_2020%2Cgs_entertain%2Cgs_business%2Cgs_sport&hw=1&zMoatGSE=1&gu=https%3A%2F%2Fwww.totalrl.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.totalrl.com&lp=https%3A%2F%2Fwww.totalrl.com&t=1643812418408&de=194226317259&cu=1643812418408&m=1217&ar=3902fe7180d-clean&iw=469380a&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=94&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=99&vx=-%3A99%3A-&pe=0%3A782%3A782%3A1615%3A766&aa=1&ad=1083&cn=1083&gn=1&gk=1083&gl=1083&ik=1083&ic=1083&ez=1&co=1083&cp=1009&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1009&cd=1009&ah=1009&am=1009&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=24411788%3A5549275%3A277843234%3A252610558&bo=undefined&bd=totalrl.com&gq=3&zMoatDTYPE=1&oj=339&gw=tuiukftdisplaybs288007166418&hv=BrandSafetyFrame&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=196551&na=923321304&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 14:33:39 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 02 Feb 2022 14:33:39 GMT
rendition.m3u8
manifest.prod.boltdns.net/manifest/v1/hls/v5/clear/6057984924001/b0248a43-fb74-40da-8949-21fd14ad8f94/5a87c692-4fad-4e80-b4f3-b88e623941b5/6s/ Frame EA80
4 KB
4 KB
XHR
General
Full URL
https://manifest.prod.boltdns.net/manifest/v1/hls/v5/clear/6057984924001/b0248a43-fb74-40da-8949-21fd14ad8f94/5a87c692-4fad-4e80-b4f3-b88e623941b5/6s/rendition.m3u8?fastly_token=NjFmYWVlYzZfMWNlMzg3MDdiODI3NzE3MWNhYTIxOTMyMjQwZjEyZWNiYzMyNzZmMzU1YTgxZWNkMDE1ZTkzOWEzYTUyMDhkZA%3D%3D
Requested by
Host: cdnb.4strokemedia.com
URL: https://cdnb.4strokemedia.com/carousel/v4/hls.min.js?v01416
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::539 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ BC
Resource Hash
f232eb973c7f9998919c06ad4025e8b07c6d7fbcccfc512c19e933d9b5d639ea

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 14:33:40 GMT
via
1.1 varnish
age
0
x-powered-by
BC
x-cache
MISS
content-length
4183
x-served-by
cache-icn1450059-ICN
x-device-group
desktop-chrome
x-timer
S1643812420.977529,VS0,VE381
x-powered-from
gantry
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Server,Range,Content-Length,Content-Range
cache-control
s-maxage=10800, max-age=10800
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 24FC
42 B
64 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvQxO95et520JWlyfHtTG3CVaSk4yhjiLcIEDclAagQ1R3_hvDg1dCqBwvHXswFcfutscHQzoECdsi1h26gxQAy9DbdkJwPzLFQh4qLm6sun-dWAEpB&sig=Cg0ArKJSzDgxBJtanF3vEAE&id=lidarv&acvw=sv%3D915%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D1089,1115,1258,1415%26tos%3D0,0,2049,0,0%26mtos%3D0,0,2049,2049,2049%26amtos%3D0,0,0,0,0%26mcvt%3D2049%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2049%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D590%26pst%3D435%26dur%3D20026%26vmtime%3D1795%26dtos%3D2049%26dtoss%3D1%26dvs%3D2038%26dfvs%3D0%26dvpt%3D2038%26is%3D275%26i0%3D275%26ic%3D1%26cs%3D4371%26c%3D0.65%26mc%3D0.65%26nc%3D0.65%26mv%3D0%26nv%3D0%26lte%3D0.65%26ces%26femt%3D646%26femvt%3D0%26emc%3D14%26emuc%3D0%26emb%3D0,0,14,0,0%26avms%3Dexc%26qi%3D391200892%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D0%26psa%3D0%26ptlt%3D4279%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2049&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.01%26t%3D1643812417503
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 14:33:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
segment0.ts
videos.skysports.com/media/v1/hls/v5/clear/6057984924001/b0248a43-fb74-40da-8949-21fd14ad8f94/5a87c692-4fad-4e80-b4f3-b88e623941b5/3x/ Frame EA80
103 KB
104 KB
XHR
General
Full URL
https://videos.skysports.com/media/v1/hls/v5/clear/6057984924001/b0248a43-fb74-40da-8949-21fd14ad8f94/5a87c692-4fad-4e80-b4f3-b88e623941b5/3x/segment0.ts
Requested by
Host: cdnb.4strokemedia.com
URL: https://cdnb.4strokemedia.com/carousel/v4/hls.min.js?v01416
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.251.57 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-251-57.deploy.static.akamaitechnologies.com
Software
/ BC
Resource Hash
2e0e89de10a4c0e3a4d4e98314bcc98f7696776b853c625da54160a6a4be3bb6

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 14:33:40 GMT
X-Amz-Cf-Pop
LHR61-C1
X-Powered-By
BC
Backend-IP
99.86.105.121
X-Cache-Hits
1
BC-MID
true
Connection
keep-alive
Content-Length
105656
X-Served-By
cache-lhr7361-LHR
Last-Modified
Fri, 01 Jan 2016 00:00:00 GMT
X-Timer
S1643800065.287556,VS0,VE1
X-Powered-From
gantry
ETag
"8d577ff918dc9bae9c6b9f4a8f7b9734"
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Content-Type
video/MP2T
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,Range,Content-Length,Content-Range
Cache-Control
public, max-age=31522385
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Requested-With,Origin,Range,Accept-Encoding,Referer
X-Amz-Cf-Id
OwTQmbOVnAYG0Y1gxpB-lkCLpK8Y8ZMFt0-W4fREyhrhTV9sbxCMug==
Expires
Thu, 02 Feb 2023 10:46:45 GMT
segment1.ts
videos.skysports.com/media/v1/hls/v5/clear/6057984924001/b0248a43-fb74-40da-8949-21fd14ad8f94/5a87c692-4fad-4e80-b4f3-b88e623941b5/3x/ Frame EA80
106 KB
107 KB
XHR
General
Full URL
https://videos.skysports.com/media/v1/hls/v5/clear/6057984924001/b0248a43-fb74-40da-8949-21fd14ad8f94/5a87c692-4fad-4e80-b4f3-b88e623941b5/3x/segment1.ts
Requested by
Host: cdnb.4strokemedia.com
URL: https://cdnb.4strokemedia.com/carousel/v4/hls.min.js?v01416
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.251.57 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-251-57.deploy.static.akamaitechnologies.com
Software
/ BC
Resource Hash
b17084c513c3b4bf0efdcfac7eaaae1088e36361fa4b992c8e028e365cbfd29b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.totalrl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 14:33:40 GMT
X-Amz-Cf-Pop
LHR61-C1
X-Powered-By
BC
Backend-IP
99.86.105.218
X-Cache-Hits
1
BC-MID
true
Connection
keep-alive
Content-Length
109040
X-Served-By
cache-lhr7349-LHR
Last-Modified
Fri, 01 Jan 2016 00:00:00 GMT
X-Timer
S1643800066.585836,VS0,VE1
X-Powered-From
gantry
ETag
"a97bda9bd60733986f6078802beafb1d"
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Content-Type
video/MP2T
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,Range,Content-Length,Content-Range
Cache-Control
public, max-age=31522473
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Requested-With,Origin,Range,Accept-Encoding,Referer
X-Amz-Cf-Id
L34RIbghzjH0Ic7_N0_9GXLx4uek78Hg1hpD5MA0UIFRPJHh_V3htg==
Expires
Thu, 02 Feb 2023 10:48:13 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame 24FC
42 B
64 B
Image
General
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BpPACQZb6Yae-AZD13wOEq5uAC87hoJRGAAAAEAEgsMGKGDgBWMeg_7-DBGC7hoCA0AqyAQ93d3cudG90YWxybC5jb226AQs0ODB4MzYwX3htbMgBBdoBGGh0dHBzOi8vd3d3LnRvdGFscmwuY29tL5gCnMcBqQKsW5IEUb22PsACAuACAOoCPi8yMDM0NjkzNi9mbHVpZC9wZXJmb3JtYW5jZS90b3RhbHJsL3RvdGFscmwuY29tL2Nhcm91c2VsXzE2MzY4-AKD0h6QA9AFmAPQBagDAeAEAdIFBhDX7Yj2FZAGAaAGI6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwHgBx_SCAkIgOGAEBABGB3YCAKACgWYCwHQFQH4FgGAFwE&sigh=SapCPwm5gTs&label=videoplaytime25&ad_mt=5051&acvw=sv%3D915%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D1089,1115,1258,1415%26tos%3D0,0,5253,0,0%26mtos%3D0,0,5253,5253,5253%26amtos%3D0,0,0,0,0%26mcvt%3D5253%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D5253%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1191%26pst%3D435%26dur%3D20026%26vmtime%3D5050%26dtos%3D3204%26dtoss%3D2%26dvs%3D3204%26dfvs%3D0%26dvpt%3D3204%26is%3D275%26i0%3D275%26i1%3D275%26ic%3D0%26cs%3D4371%26c%3D0.65%26mc%3D0.65%26nc%3D0.65%26mv%3D0%26nv%3D0%26qmt%3D0,0,5253,5253,5253%26qnc%3D0.65%26qmv%3D0%26qnv%3D0%26lte%3D0.65%26ces%26femt%3D646%26femvt%3D0%26emc%3D30%26emuc%3D0%26emb%3D0,0,30,0,0%26avms%3Dexc%26qi%3D391200892%26psm%3D-2147483585%26psv%3D-2147483585%26psfv%3D0%26psa%3D0%26ptlt%3D7484%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,5253&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.01%26t%3D1643812417503&sdkv=h.3.496.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU4ODQ3NTM2MjMyDDEzODM3ODQ2NTM1MUCjA1IrCNAFEBIlAACgQSgBOgtLdUUxSGdpRlZoVUILZ29vZ2xldmlkZW9IpwZQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 14:33:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/generate_204?s2us7Q
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=8P6qEasKRGG-WLPVqqds2Q&google_push=AYg5qPJUShcpGd6EMX_RNBnQLvGL5JYabbRhTzGEfkCosywXQqytjbtaaqBoZRUCEmwzxtLg1JdYZtFuXxsIWh62e_j6023_kk0

Verdicts & Comments Add Verdict or Comment

172 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| _iub function| iCallback object| _wca undefined| $ function| jQuery object| objectL10n object| helper function| YOPPollBasicScrollToMessage function| YOPPollSendBasicVoteWithReCaptchaV2Invisible object| YOPPollReCaptchaElements function| YOPPollOnLoadRecaptcha object| lp_registration_redirect_ajax function| gtag object| dataLayer object| $MMT function| confiantWrap function| pageSpeed function| mmtwrapper function| pbjsChunk object| pbjs object| _pbjsGlobals object| mnet function| MobileDetect object| ifvisible function| inView object| apstag number| p number| pl number| c object| adsbygoogle object| runtime object| regeneratorRuntime function| setImmediate function| clearImmediate object| wpcf7 object| wc_add_to_cart_params function| Cookies object| woocommerce_params object| wc_cart_fragments_params object| leaky_paywall_script_ajax object| bestwp_ajax_object object| jetpackLazyImagesL10n function| ResizeSensor function| xDomainCookie object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| wpcf7_recaptcha object| reviveAsync object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| googletag object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc string| google_user_agent_client_hint object| ats string| ggv2id object| __webpackStripeJSv3Jsonp function| Stripe object| wp object| _stq object| _tkq function| st_go function| linktracker_init object| wpcom object| $mcSite function| YOPPollBasicIsFacebookBrowser function| YOPPollBasicGetPollCookieData function| YOPPollBasicGetCookieData function| YOPPollBasicSetCookieData function| YOPPollBasicIsResultsShowPercentages function| YOPPollBasicIsResultsShowVotes function| YOPPollBasicGetClassForColumns function| YopPollBasicShowResultsForTextQuestion function| YopPollBasicLoadBuiltInCaptcha function| YOPPollBasicLoadReCaptchaV2Invisible function| YOPPollReCaptchaFilled function| YOPPollSendBasicVote function| YOPPollBasicUpdateToken object| gaplugins object| gaGlobal object| gaData object| recaptcha object| closure_lm_220444 function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| __connect boolean| apstagLOADED object| ggevents undefined| bean object| GUMGUM object| headertag object| ggData function| dojoDefine function| dojoRequire object| dojo object| dijit object| dojox object| dojo_request_script_callbacks object| confiant boolean| dexPresent boolean| _4s_id_28875818 boolean| creativeVendorLibraryLoaded function| _4sjq3 object| _google_rum_ns_ function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| ima object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google function| _4sPicla function| SignupForm function| PopupSignupForm object| parts object| __tnc object| GoogleGcLKhOms object| closure_lm_20319 string| __tnc_eid function| __tnc_push_cv function| __tnc_send_data object| closure_lm_231144 undefined| __tcfapi

79 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09APj96hRJKoF8VJ1o5vSuJZPU8_bJ6GGe2W6uG8t9IJbtE9H5CipBD7XYTkgW3luxWkbCJYyW24Fa-dm5dMVEcj4
.totalrl.com/ Name: tk_or
Value: %22%22
.totalrl.com/ Name: tk_r3d
Value: %22%22
.totalrl.com/ Name: tk_lr
Value: %22%22
www.totalrl.com/ Name: session
Value: 99f25e07-edd3-4de6-6af8-0d417416536e
.totalrl.com/ Name: _ga
Value: GA1.2.595393601.1643812415
.totalrl.com/ Name: _gid
Value: GA1.2.1773688815.1643812415
.totalrl.com/ Name: _gat_gtag_UA_1347693_3
Value: 1
www.totalrl.com/ Name: _lr_geo_location
Value: DE
.adsrvr.org/ Name: TDID
Value: 06101a18-9575-4b84-81e1-349f513d71ac
www.totalrl.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.gumgum.com/ Name: cs
Value: true
.list-manage.com/ Name: _abck
Value: 02375241B2E115D2C7F83417F0E58246~-1~YAAQwV4OF8z517d+AQAAEenaugfoI/TbMtXb2CrQeRe0W9Qb3kp68R/DI1Bdj7JMnqdot+mImYs4KcfWIEzJr3+TUjSgKD1owpf6BAp6WS99/Z2iGwHkYQZJQXlfshyXIcBBq1Pr7/8V6HnKljNisRbcDfbcqc2BjeDkLAsISOsmbZbpA2SSwklRWjAA6s0zFPm6PmbUNfeSY0djXZfDyEVjswZf9Xmvy++JJEClbdO2lvxzMYl+CzhCyaNtiIwleWTY7s70ubHZAKxpe0IhDyDmARtTDh8364sj4hOJ3ihMGMG6r64w8ShQgqoCALsud/wI3lp6lgxQSMGFJJ2cunG3lsqk7o4rmkAldunDieRbXgT60Hytv8/kgvn+g0Co0A==~-1~-1~-1
.us20.list-manage.com/ Name: ak_bmsc
Value: 9C18B9A7238BB7E6945E59A71C0B38D8~000000000000000000000000000000~YAAQwV4OF83517d+AQAAEenaug5G4Bys2YJY6JSmioXeMF1NwWvZqZNVMkxxk6R+B+rSt3MMDgNtiWx3VAjR0hQLVsMXfId100g4eZHlCz4wsdSCqW8Y/ETIAaLY6NeQers8HEBBE7ayCtBdVfz+6P2nQ+GDKaEkq+C0RFrZxsg8MGD1dFkvPss4xwTynYYwEKJfpdzA5B9JsdPv8wU8GMObflfc5pIQWlKxvizBczTB1moaC8Ckw/NFK1+Jg+H8H3myh0bEVhEPmLw23AQ4dj+rxaA/yKJc3LZVuXcc0dFi3DRiIe+S3uoT87Sa3LUEct41VhbEbx+R2/e3vPyS1eRvj3Q3Ur4GFF2gkjbPuvYkWNxF9eHnR0IFh4EcX2PENYbDGqp75d6Yo7x3vY8CqR6Du4E=
.list-manage.com/ Name: bm_sz
Value: 7E173371A7AED7D8B1976C71C3F183BD~YAAQwV4OF87517d+AQAAEenaug5APyTSvisqR3vHlttPSghUMFORZVDqq41JAjpah4idqw4SqyX6WKJrrJEUSEQQuO+qXk3fauxiLf4+zUnfmZQK7/n86BiYXY3ZP1jqiOGgo3YuHeLcjP64X6Zy93Y/wVcvi0esRIKNsYjpoH7ZBvB/QrUVmD20U6HdBhIpP6tfV0TVa3OZaeK9ejAGHMoEqnzVsaHNWR7x2DC8C0rYRbi2aJmgfzpHCZp/aU++ZnLFjN+apNJWG4PJlBQrenZ5dQuAk3FiUNkbUTaFVlc+GxiB6WyXcQ==~4343347~3290928
.gumgum.com/ Name: loc
Value: SfolTs1ZIlPt4unIug7NGHTHprMos3ZuqTBxlXamrm8hq5y7FIAFJqALzTMF75FKPWrPvLHvI6Vn8Of3jTfySlxFcBUU5_13
.gumgum.com/ Name: vst
Value: e_55b37152-d29c-49fb-9c5d-1f8da3d7571f
.go.sonobi.com/ Name: __uih
Value: 1
.go.sonobi.com/ Name: HAPLB5A
Value: s569|YfqWQ
.rubiconproject.com/ Name: khaos
Value: KZ5NGXU9-Q-F6H0
.rubiconproject.com/ Name: audit
Value: 1|SDziDG3X/EgQuRS3vWHiIa2qEsFCZ0ctSdOhPT1GMTmAc5uHgCNHvmUWydwC8zfuBO22HzdmmeY471py8WPC4CL5hAXvaZVpMqRw+pFDXPs=
.adnxs.com/ Name: icu
Value: ChgIhNdwEAoYASABKAEwwKzqjwY4AUABSAEQwKzqjwYYAA..
.adnxs.com/ Name: uuid2
Value: 3068919121630451178
e.serverbid.com/ Name: azk
Value: ue1-sb1-bfa609ef-221f-4cc6-a9b3-9f87eb21cc98
prebid.a-mo.net/ Name: __amc
Value: 1_1643812416_1643812416
m.stripe.com/ Name: m
Value: 874c4ce4-8771-48b1-9e5e-3035aeb77933533418
.doubleclick.net/ Name: IDE
Value: AHWqTUlHgkYKhUy0NhT-kBqCC5Q7UEg41_Gkhw_aEGHBj_XC_VUDfa7IZPsOlOx5mYo
.www.totalrl.com/ Name: __stripe_mid
Value: c4a12fd7-8024-4c22-a3f9-20a3e28abe01fd2d48
.www.totalrl.com/ Name: __stripe_sid
Value: c8cb5e47-bcce-44a4-ac58-6068d9443de199dc35
.totalrl.com/ Name: __gads
Value: ID=e8291dbb01f33a34:T=1643812415:S=ALNI_Ma7WOIQgeiYQ3ETdHka2qlY-Ds58Q
.demdex.net/ Name: demdex
Value: 21736693000665342020065033899279355244
.4strokemedia.com/ Name: AMCVS_1A124673527853290A490D45%40AdobeOrg
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YfqWQQAAAKIJ1gP0
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2HaPtC+K'!@wnfH8K6pQK`!5=E<*L5?%M<2#ob+6F.a0g?5D5/QffylK*???wLX(A<hvN%nugO%v4VB%nn#<*-R^]
.casalemedia.com/ Name: CMPS
Value: 1837
.sky.it/ Name: s_ecid
Value: MCMID%7C13549180551071825570864908283195552139
.dpm.demdex.net/ Name: dpm
Value: 21736693000665342020065033899279355244
.4strokemedia.com/ Name: AMCV_1A124673527853290A490D45%40AdobeOrg
Value: -1124106680%7CMCIDTS%7C19026%7CMCMID%7C13549180551071825570864908283195552139%7CMCAAMLH-1644417217%7C6%7CMCAAMB-1644417217%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1643819617s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19033%7CvVersion%7C5.2.0
.casalemedia.com/ Name: CMID
Value: YfqWQYRUodm3ZrwEjRCWJAAA
.casalemedia.com/ Name: CMPRO
Value: 319
.casalemedia.com/ Name: CMRUM3
Value: 2d61fa96422760CAESECrOu4Tb_qjeGjJ16Re_ys8
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.3lift.com/ Name: tluid
Value: 1680632259461640886654
.360yield.com/ Name: tuuid
Value: f0feaa11-ab0a-4461-be58-b3d5aaa76cd9
.360yield.com/ Name: tuuid_lu
Value: 1643812418
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 5D059FAC-EF2A-43D7-96A2-946E6F71E860
.bidswitch.net/ Name: tuuid
Value: b5bcd426-2a0b-4048-85d8-093f463b7639
.bidswitch.net/ Name: c
Value: 1643812418
.bidswitch.net/ Name: tuuid_lu
Value: 1643812418
.bidswitch.net/ Name: google_push
Value: AYg5qPLcuCyupu4d5AwmSnCCNa404Fk9veJR98FVJogynyMsOPiOcy21-gYXnMnX21PRd4-WrEwjuWIdWgCFQnvLojStUzq-6Q
.turn.com/ Name: uid
Value: 3173409455361369088
www.totalrl.com/ Name: _lr_retry_request
Value: true
www.totalrl.com/ Name: _lr_env_src_ats
Value: false
www.totalrl.com/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%2206101a18-9575-4b84-81e1-349f513d71ac%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222022-01-02T14%3A33%3A39%22%7D
.advertising.com/ Name: APID
Value: UP1d0f07a1-8435-11ec-b9b5-0213114c0708
.pubmatic.com/ Name: pi
Value: 156972:3
.criteo.com/ Name: uid
Value: 1189342d-e72a-4afa-8d01-0dbbb7410791
.casalemedia.com/ Name: CMST
Value: YfqWQmH6lkMA
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
ads.avct.cloud/ Name: uuid
Value: 92abe6c2-9be2-4d96-b08f-571c8fb1e27a
.w55c.net/ Name: wfivefivec
Value: HcNfqIU31NfgHx5
.media.net/ Name: data-c
Value: 1189342d-e72a-4afa-8d01-0dbbb7410791~~1
.media.net/ Name: data-c-ts
Value: 1643812419
.yahoo.com/ Name: A3
Value: d=AQABBEOW-mECEFRuFKs8G0cC3fHHMiU8b8MFEgEBAQHn-2EEYgAAAAAA_eMAAA&S=AQAAArO2raD-yBti2HBB-VuNe88
.w55c.net/ Name: matchmedianet
Value: 5
.analytics.yahoo.com/ Name: IDSYNC
Value: 17ot~230e
.media.net/ Name: data-bs
Value: b5bcd426-2a0b-4048-85d8-093f463b7639~~1
.media.net/ Name: data-xu
Value: HcNfqIU31NfgHx5~~8
.ipredictive.com/ Name: cu
Value: 1d5510e0-8435-11ec-a6ce-4582b9d74417|1643812420189
.pubmatic.com/ Name: PUBMDCID
Value: 1
.pubmatic.com/ Name: SyncRTB3
Value: 1644969600%3A220_21
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEP3QrMZQzH-SXzHzrPD2fSc&KRTB&16514-CAESEP3QrMZQzH-SXzHzrPD2fSc&KRTB&23025-CAESEP3QrMZQzH-SXzHzrPD2fSc
.pubmatic.com/ Name: PugT
Value: 1643812419
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 3

7 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src https://m.stripe.network 'sha256-Qj6AdMOUjZkBBUTjGW/OORBoqx2Pohcq8Bg/ZvZzgYw=' 'report-sample'".
network error URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Message:
Failed to load resource: the server responded with a status of 451 ()
other warning URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js(Line 346)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js(Line 346)
Message:
Unrecognized feature: 'attribution-reporting'.
javascript warning URL: https://z.moatads.com/tuiukftdisplaybs288007166418/moatad.js(Line 131)
Message:
The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1458
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=8P6qEasKRGG-WLPVqqds2Q&google_push=AYg5qPJUShcpGd6EMX_RNBnQLvGL5JYabbRhTzGEfkCosywXQqytjbtaaqBoZRUCEmwzxtLg1JdYZtFuXxsIWh62e_j6023_kk0
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.turn.com
ads.avct.cloud
ads.yieldmo.com
adservice.google.co.uk
adservice.google.com
ajax.googleapis.com
ap.lijit.com
apex.go.sonobi.com
api.condatis.sky
api.rlcdn.com
as-sec.casalemedia.com
assets.adobedtm.com
ats.rlcdn.com
bd.tncid.app
bid.g.doubleclick.net
btlr.sharethrough.com
c.amazon-adsystem.com
c0.wp.com
c01c8f702fdcc04f0e78129d1fc8f5e2.safeframe.googlesyndication.com
c2shb.pubgw.yahoo.com
cdn-images.mailchimp.com
cdn.iubenda.com
cdnb.4strokemedia.com
cf-images.eu-west-1.prod.boltdns.net
chimpstatic.com
cm.everesttech.net
cm.g.doubleclick.net
confiant-integrations.global.ssl.fastly.net
contextual.media.net
cs.media.net
csi.gstatic.com
dis.criteo.com
display.bfmio.com
dmx.districtm.io
downloads.mailchimp.com
dpm.demdex.net
dsum-sec.casalemedia.com
e.serverbid.com
eb2.3lift.com
fastlane.rubiconproject.com
feed.4strokemedia.com
fluid.4strokemedia.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
gcdn.2mdn.net
geo.privacymanager.io
get.s-onetag.com
googleads.g.doubleclick.net
hb.emxdgt.com
hbopenbid.pubmatic.com
hits-i.iubenda.com
htlb.casalemedia.com
i0.wp.com
ib.adnxs.com
id5-sync.com
image2.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
imps.monu.delivery
ipwatch.monu.delivery
js-sec.indexww.com
js.gumgum.com
js.stripe.com
js.tncid.app
m.stripe.com
m.stripe.network
manifest.prod.boltdns.net
match.adsrvr.org
mb.moatads.com
mc.us20.list-manage.com
medianet-match.dotomi.com
monu.delivery
onetag-geo.s-onetag.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.advertising.com
pixel.wp.com
playback.brightcovecdn.com
pm.w55c.net
prebid.a-mo.net
prebid.media.net
protected-by.clarium.io
pubads.g.doubleclick.net
px.moatads.com
q.stripe.com
r.turn.com
r2---sn-h0jeln7l.c.2mdn.net
r4---sn-h0jelnes.gvt1.com
redirector.gvt1.com
rtb.gumgum.com
s0.2mdn.net
s2.adform.net
secure.adnxs.com
securepubads.g.doubleclick.net
signal-beacon.s-onetag.com
skyit.demdex.net
smetrics.sky.it
ssum-sec.casalemedia.com
stats.g.doubleclick.net
stats.wp.com
sync.go.sonobi.com
sync.ipredictive.com
tpc.googlesyndication.com
track.adform.net
ups.analytics.yahoo.com
videos.skysports.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.iubenda.com
www.totalrl.com
x.bidswitch.net
z.moatads.com
cm.g.doubleclick.net
tpc.googlesyndication.com
104.111.214.240
104.111.232.95
104.111.251.57
104.16.68.69
104.36.113.17
13.35.253.181
134.209.129.254
141.95.3.9
142.250.13.155
142.250.186.98
143.204.215.111
143.204.215.76
147.75.61.140
15.197.193.217
15.236.176.210
151.101.193.194
161.35.91.33
172.217.23.98
178.162.133.149
178.162.133.150
178.250.0.163
18.156.0.31
18.157.231.140
18.159.247.85
18.195.184.255
18.196.230.57
18.66.122.50
18.66.248.56
184.87.212.24
192.0.76.3
192.0.77.2
192.0.77.37
198.47.127.18
198.47.127.19
2.18.234.21
2.18.235.40
2001:678:cb4:bbbb::11
204.237.133.116
216.52.2.30
23.32.243.206
23.37.38.181
23.45.110.243
2600:1901:0:333a::
2600:9000:2057:600:17:d591:65c0:93a1
2600:9000:2057:b800:2:dc6c:1340:93a1
2602:803:c003:200::41
2620:112:f006:bbbb::12
2800:3f0:4001:803::2003
2a00:1450:4001:802::2002
2a00:1450:4001:802::2003
2a00:1450:4001:809::2003
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:812::200e
2a00:1450:4001:813::2008
2a00:1450:4001:827::2006
2a00:1450:4001:828::2001
2a00:1450:4001:828::200e
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200e
2a00:1450:4001:830::200a
2a00:1450:4001:831::2002
2a00:1450:400c:c06::9b
2a00:1450:4016:1::7
2a00:1450:4016:7::9
2a01:7e01:1::ac69:92e7
2a02:26f0:6c00:2a6::1e80
2a02:fa8:8806:16::1400
2a04:4e42:200::539
3.11.115.229
3.122.58.191
34.107.148.139
34.120.133.55
34.120.51.234
34.209.192.116
34.243.37.252
34.250.101.202
35.157.246.167
35.158.41.182
35.186.236.140
35.244.250.22
37.157.2.237
37.157.2.247
37.252.172.45
37.252.173.215
5.44.23.147
51.75.86.98
52.211.244.253
52.30.114.170
52.57.8.134
54.154.165.122
54.187.119.242
54.209.6.173
54.210.154.62
65.9.63.17
65.9.63.82
65.9.64.91
65.9.71.173
76.223.111.18
99.81.30.72
99.86.3.103
99.86.3.117
99.86.3.46
01d97466334b225c2342ecf317d69bc5d939999d191cbf8e0e1126f7d6865938
01ef6ebd6eb1681f764ebaaca655e0fb590967176f2df5b3fd9e67e1bd525ebe
0219b6f237ec7186b860484267d55d4587087a7ea6a5b97fab426d703316e0ef
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
029e397f5091f72db15257548e07a6f9008457e90acb7cd22efbdb8264b2a592
03b80524f00e75c11bde4a280e78918f1f936d6c1c7698fdfef9042a583a96fa
050a5e26de3c73200dd744c8da1fcbe56cb5251e39db924dfab959f246739cdd
055a8cb2584977312a704f1a717b7b50407df4301e8f4823645672f1897a3c5d
056243a8f69e5d7938632cd86d7921c162e669e189308b98007f3c16bee9d4f3
05b937a293d74b75235d9c29829929d2e50c2f4fdf44b8691123feb81a0a76ff
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0b6e6e96c63e723030507c4f23696b166fbac858c64267e63f1130b55a50b62b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c08815f5e74c5477b25c5303f3b512b5c04ccf403e41e319c29cb5243fce5f8
0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0f5448c4ca19c1af049dc5d9f4e44cfe0b3210c3bf0f4b4db12b51a6297e6eba
1021efafbf9b43acf446f436556222d910e0d86d09d796b6fb16101efedffa22
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13668d79bf9f6614b49314dc9e688a6b33ab26faf6fcb394660018d97b66cd22
13fe424f0269038ee50e77d5d3ba2e31746e9444081365ba8d623506d7c154aa
1422f7f98e5d8add6f887b0b3d9e54fe7c4c0583a5570ae270a079b50ec11eb4
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
15398d9b9c6666d022c54cb40fa642de186febdeac77da72940e666dcb4974cd
1681cb2b2db935f48c843351945df3f3f77f79c1c8de28c4fa88d8b655c25ae2
16b7151c309a42d06e006110e17a6b6da40d713f98950a3b371a87224b66a56b
16f9118e12b1784ddb04e5bed28890974030a04131120c68eb0529f61019a5eb
1737ea638bd3cd46c86b9f987a13ee5ea1f3d02a4bc4e054390a244b10fe2283
185b1dd98b9c0365cd9104daa666f88b44161ba1599605bcf8d7a4aeb4fbbbf5
19f5176ec241cffb3e67c18d3958ddba74a5d7e730b5bb56d62e636d756f205b
1b8df1f23a285394b8e49fd7fb675fff923f973ca54874248e1b6d8ebb7b4fe7
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c1b2843db1a0d10a23114343a2b792ff80cc3e40619c37bdcf62837153b2017
1d812d5ab22d2bd6302ad49b3937c7fe5d6ef1ef70c58ccc38369b2d2dd70817
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1e64111322063fbdbb59cce165f62cd71f550c35ddb3bb9810d7045e642a8903
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1f6bae641f15dc47614f681338bcdb83c4de10b413d593ff93e53ea89e8978e0
2164ccda35ef9f1994988c3854e7941905fffa2b6edf0a2f32826ada9b4c3ed0
23e4199d0339edc7466e330c698039cf57f82808c44e524070d3dc7f64450d3c
25dae738788b47297f6388eb8194ee177eb760891b4883e55c9092d2721605bb
25e428bb95c97c9eec042c92bb23dfb30e4c023f215e308cc51e5966011d1347
293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b742a8e40eda53cab177f16e49ad9e68978ff9074da055d14299a9ca6934787
2b91370e789086e60b5b8b97843078053e709be24dd2eaea8d135a5a3eacf058
2d022db650d194d935faea46a40e5512235b43bc3f8b181e32ce6d3dd745f4e1
2d3553e4811f748bb8fc11d6c2294d1df8e3ed216a078e048fe9bacc75c9d09b
2dc284b2ad91b4802c47ee82997c27c098fd5e5d0e7f0b7b5b5ed596c096feb0
2e0e89de10a4c0e3a4d4e98314bcc98f7696776b853c625da54160a6a4be3bb6
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
307c668b5665de11bb3ec117d95716d89fa8a21ec605ecfa4df1a83d72d71260
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
33c02a8215e3a0d77a0346beb053c756387bdad894b1055340ce6627a6428f3c
34234d910031585619f02c11fbd88bea41cb621ec3368d2574b2d355a7ccb8b3
396b2258a1c9d4d10ebf7adc61ed3994b7e91bd2ddac80c70cbe59faf57e62cd
3a1c4663bf15e9613ec0f649930b0e55a3d6ea8c64386fed656da8dcb52e0f90
3a5f03015a288f4466d7941b70c9b6c5ef85c2c12c56ee595706e1162996e692
3b1384ff918d4b7f95f9ee5c8fc388203dedff7344d3d96598c9562162788612
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544
3bee5b12e78da531b468ad518e1a8af67136d3f13cfc44466876d4551e399a21
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
3d35d5bb684e82531b15e8ee66f81f23e3b00ed653a2a3fbe39d0268621732ee
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e799d21e1116a135fcd10c071506f34b99cf79d93b5548199e1376f88b62434
41279971398be468b2ff4a75328372c5e31cdb4b46dc5f7dc9637a279b6d73ea
4199d5560f45f0efcf4dd0a9930cd5c89053df05e1374ff00a377cb6582330d1
41ac98831a8184099454864cc91dd7ec13a196dc0134aa631b4fdc58307c7fb9
425d7478422a02b8592686dd947b18cae0ca66ab39dc437067219356fb7a0a61
429509f60db238d27e807f1c72d6d9168c086c8bc99fddf557b73120de7acfa3
44056a1e3bb806588d99206d952887b543acc53694d9739563317b07e141f97e
4533f2605eb87cb13c783758ea0b3f638f8a9706f1691b331c1a8c7d33a6bbf2
47fbef673e3fd16d2e384649afc460941b3eaa1597be32607da3a794a088bbd8
482ce4e19d28b9c3691c2f60b1d6396c0970fb00edb1fb8fab8081fdfba02955
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4a489035ccd7750345914ef32cfca55b18dcdfe469f61fe87b37dde76ac0cbc5
4a504c3c24ec66f0c890c1636f51e2fe8898121a9579ec6f8ef43be3637b0279
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c69c701fd3700fca10f8e6180c9f60f9af13c943ee7f1513f4b7709d8b75d72
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e464107ba4301877e7131c0108649f811828efa1327da626809628228931058
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5118910d0000d3afddb130203e98ce5a84b29157d6aa791aebcc20282d0d05c7
51442a5c648cc49796a01dac8824df5557ea1909154f93ef9fca95c55f0bb9b2
529310c96a5376ec30d8138b4ba4331d82bb1c5488b3686c0256efa46c3e6326
52f983ff863ed9c3b719cbf7db8eb07e28643d50578e06c68e37c92c5f16b263
542da17e42805eb985c077f0d034703ba313b23d666b9a80863a56b2274f34aa
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
550ceb9559bb4237527909ff21e719804f6b9df337f741f756821c0c9963392b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55cdc8b7f3c5ebebefb2b7149eecd38cadb28e5534411e226c168d5abc0463fe
59439170e46863f8536b25d0ea81aca87c68435665f13f7d6a41110a9fa4a560
599e6d8d4b07d96ac0b642a33f3a653920114016dd9de3fb609d8b7b978b3bac
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5cfd3418ebf7c95f8f7a9024ebfa383ff5a267a8568c9a2708c26733824bdf07
5d186172059c67e5f0f612c73126b60c8f009625df963609e52eacc13bff1716
5e1f4bf959be40d3ceeec669ecc7ff0fdc02a1a5d0c25268d3c6cbb06dddd555
5e5463be7757c5cce8b12d7983f534156d7ede1e990423b575e99e835de375cc
5e7c700786c63938365fc5981756851eca661a1a953d6f11177262a4a8dab691
5ecd74fe5c5171b7ab7f31b3fa784739b88dd4616f517dc794cb480a42a9e104
5eedd64decfe4315f0866bcdf489510d0c41744f8c1145f42763c119133fd625
60ba711b322f168743b210335a096a38483703ccdb7e6be640fe59988d3cb721
60defd0229880a6f78696fcf8e687f94e43fc8bb5ff66028e23e546d0345d2f1
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62495c692e079e02b02fdcd0c7d841f93e0afb9796819becc8f25006b2a26fee
62b5d97a832e22409282da8a94594b8efb69724db13f7ade304727337785f0dc
6379ca090b5fe6148eaa54587241829dd3e14cf2329c4ccaa13a38f373b15978
644001fbfe5648ddf2d075527b307fbe7de569575b4b0168957cced600849898
64b2e009ad24e97899c8e5f8e886fb4bcfc9d6c3f8515d024c63c7beb0d7ddd1
65d08c006b0232c4523f008d6c33f0657f71529f2bd3922bf1047d63d1a3ea31
65f16db16de18a47fbd856c4157d1ddeb2be3e294e00150b01159e08b33a5849
6790a4ef1fb009e201f25147784e51dcf143ed59198c482f980a76435bac724d
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
6a40709aedf2d236dab6c9738c855693654ef014a6e3a1e7f5bc8eec594f48df
6a673ab92aad948dbdf04e8a7b1c9f3219ad45f625ccc2e6fd7d6d44afbade72
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
6b5402ff8932ed835d39a31b75c6bc737a80f6ddcd6269a1fa53556485ca3ad8
6db6d954f7c47051109e6907a1dc482b0ba4d05208da0aa306ea6c6049d01fbc
703ae506a96c2ded1ba790a6c9575b59cd22b94ce61ab7eac3aca7add6932d76
704a67731f561105ab48ee943933832b408a672cb507e77de9c821e0baaa4194
72a2230aa0b888893b2925b6864f5f76be860f4af47ca0dfbabf3cdb45d0ae5e
72c5d10e99c6620a2561415895a84064b5b5616c2b1914602263886be4cdc229
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
77185d2c75ce2cf2afc5886bbb6eacd05e42d84ea54438eed43450d499f78e02
77987f07909696d82ca5e6c6c88789a5380b5bad61eed6c9f3ea010f2e30863f
781170fbc19a7ee620e36f6dcba2460d86f57b3d6a9087e0de1bf72615bf3a02
7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34
79e35db67a8a26848533c303f8d922ec20c2a38853b48422f81bf7a52c221c78
7a6e010ff1e8981f263947d6c27b125696a7bfdac0ee62a72a8c7d5fc131b4a8
7a9cfa79825fae09ce91485b8e0350306038bd7b78afd48a054d1b6c1fa7bbff
7b0fb27181aa8c2244ab51f28e8b544248585a334184445b1da9b04f89a794ac
7b4ac435c6aa587f2d9eb67c66b897771a25024f73e3b34b00da30d67e034a7d
7be2c9bc6b9a05e71e1f8289428698cb3b9ccee7b01f0a32fe899aaa67e7c911
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7f5f0cf63c303075558f8fd8b499567de412984b938c3e26886ef1d8a74e6677
7faf2fee5a715e1668f517f67a4b21cddd539b978678ce1bfd48a597044079e1
7fcaa4d432eb8627f0ab7efdc3ce11a4e593f29443fc6bb1888f4955c55f868b
7fd79d8376974089c18364b6c540328404fbd2429be4ffd105ed6012d7fbead5
802a3b18272fce86b7ae5e349963873801db2a682c542ba2a78b673f295ff5e2
829f4e5622e3e804a8debb6737c587156dd009d67536f9e0646b3060de3e1466
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
8300689d57b8b76acaf84fdbf3dffebc500b799b8e125852e02e08994a991bf1
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
83f0139d17ec56eea8e5834ed925a00110689b5b0cc7fec2fb13999222801a97
84f86d633f3e8caebf1946b617e3b7c410528b9b149c9d1d7093bd1b5923c3cb
8634aa7a3ac0bc6d359b458c8922e9d3269f64c1355b329bfe215beb12773af8
86826d6100240b31ce53819619d821691753321cefa122c3accb42f35d1134ab
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
873af853dede2eef6d739dd841fb21596d262ff33e68a965eb377e47ed8d4c7c
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8aa75e7861483c23dfe59fd3653c337a7906b1cb024cc859ee3311d589e20f01
8ad395fdfb5aac4360150a7ed80f98ade4af89fd20b021bd72304daf0c61913c
8bf959d961f4a2f7bee689959d7e02a58c70dfbf9f8c51c50ae5b75f270e6469
8ea9df9aa296a2eac3fe1a8b6972fecea49c7295f723cf9c93356ff9301a09ec
8f7134841cac4cf8fba5faf246a352c01cbe26eb6b99c6c20d2343e7ac746523
8f9cd9f9903fd0845eeb5e4757d74810cd184a10a63dbe796f39dea634334f1c
90010d290a9685edd670686392de1c4dcc585d2269650ab5cd95d3bfcd01274f
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
92c9af7db31c2227c92c12fd8c2b7b51cb19c70bf99f90ce067533adf7b3bb75
93ad8a23f602843f3f07ebd5ad27070d7e921a8628698962f440ae0c80d1a22c
93ffe8a780b4034c7b14ac0d57d752368b53eafc734d906c8cdf3d3642a9eb36
956783dc8aef72febb6ea0b7369c0d564d578afcbe4f4b9eb7876a1d7a360e3e
958d46af4272fd75603fbcd0680896efbe73e2609987de68b0665500e607a6d5
9674edcf0e628b3cd1ba61841d4a7bb2e3d36544c8fd28cee7738010e346bad0
96a9c514268a3df54a5b17e2735ec920c5b151ade2bdf8ba9999423ce36111ca
97c8f279229e1db1fc340de3c4fbf154ee841b0d7015ed146f4bc9ea100906bd
97f59ccead873800701418302300e1c43fc7d41efe5aeb412d8279fefd5cd913
988564fda7d3c8275a4073e60777292849d718daaa2eb7f78f046392edea405c
996b03b26f92419006b6d5da48902ed4a4a08bb7df1c52942a939f72b89087e0
99d92eaf7d593c51fe87df4cccaf87125a40d2fce3379437ee8c599620a719a5
9a0c2ad1c8ca6305bbc61243360d2cab13ec3bffd6ad915b07a83952f14a7a2b
9a7446a80db505537475425bc1367ef1457d15fb0ec16b75591c7496b47064ec
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c21b3dbf862e916d2689453d7f27dcc0539a0239bf323e5f2db397fca0e5d21
9d9c224b9a0613f2b32232c1692facdba66da6722645c311854999087539186d
9dddc91b29cffa63af4fbb64810916b6f1ece118aad738629e634b94ea1bf8b7
9dfb5766eb50b6a0179c1f080b8630f1d17e919b5cfb7cbc37f7640b442343f6
9ef261bec3d934fc35da4e3521c205b481a6f6d2f4a6816ce5de3a1dec772cbc
9fd95260ee110232e2e143adfb5c5f0df7ffee9d2513288ff4102d9e401c663c
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1faba847198a727bc13e12d8d1d89f6e83b48322bb19bf53d1bb07823d52d57
a2494f93c1fb3174d8dd96276cb7bb70a3047ecba2e533dd95792e40ae2d57a4
a256fccecac3b32ab73c91d79a18747519a1a18023be05465c933b03523a82e8
a2f6b81396ab1150effea054efbf1623212ea0419976389ce8f10e909d39e4c7
a40b1a4606d56f0041dcd0c2261415d3970dee1fb5c37948e2993e696a0c9409
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7a83e60e7e3b8cadeed69327ba498b4cd68605db6e408729fa1b946758e7501
a90b3a79a5605961b73075ac6be9f9624b3c74095d16fd216d4983453f0a480a
a917f4179203230547c3fcb75808e5360c61fd052e072a851863f574cdcbd7b1
a9e15c941f9c7cee11888c71910cf171b12ef00ca0777e70e951c5ac8e17aacf
ac138862a6a69be41b3982b059b15218f428f00dcedd7336662167abee0404cf
ac24c37aa66aaae9ae2823f9e3600acc7e64a90500b941953ec7cf41d27b0b0a
ad15af820c7cba3e2f41662837854c46385e59062069ed88429ee7e9a8d0c5c6
aeb31b9c4d7e3a7c32d9af15009f8ab3996e954ea20f60d57564c346b4464098
af75ac04b971d7d163851cc11bee12191c2b58f59bc29a18334db29f55d13fba
b01dcbec628f66da59ebc2e2e3c85af086c22acb8a6c02176607672dd47e6185
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b17084c513c3b4bf0efdcfac7eaaae1088e36361fa4b992c8e028e365cbfd29b
b193cc79e9e873f16a4d5cd5283537232f80bcaad0b009a1db887a74ed0f3e54
b1d4335a4e40bb5670078aee0c19c5f3f45e4c0ae7b75d55efd0fb389fa4150f
b2badc7d78c63a9353041f10f807602152bde5d497ec1ffe7dd612ad63fa1bd8
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757
b34133b372ccddbbf34c56c984827a87d49aeb216031ab6ad14fb78c0a98627b
b4a576181de48e65c16476d10dcb5de9730675835d885ae49ae1ae3a67ae950b
b4e67ffe378514e703d29eaa6c79f5feb6b5e0c084a83bdb25a74840a538afc9
b67fad811e7e9b06f1bb367ae9204cbdd235b7de4d8b7131a4d4cb212ce6b298
b750d11b7b319a0240584cee576adec9eb21abae2dedd7e1e1d1a7e65bd19a42
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b7acd9fe5bcfb5cf54a4917be380d8050b5ce5c52cd6c61b0315bf5b2ad5a758
b958e0f47861dde13a175cc69494bdb54f08e2b5e78cecf6abd16470d2085257
b960a89dca43490bf0005a6ed7ef8287405c4bd8b050fc4a4934580d8a5920c6
b99dd13d1c454a056a1e66c4b88f716fd2fbf200c51c14143df0fd9af5f60dbc
bbb1ab9b4d39f294ce7fac524f8fe959eab8eef61411d41bb64fa77d34e95460
bccee6e41dc6d1722c34a9572e62379ff4a6e64a76755c6afdf6f8624b8ba4e9
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bece213397fe5f546674ee29dd3f69ec2f2cc0e480e67f09dcc4c25c0d12a3d7
c4132727de13420afc7c53fb9143e9676b2691e70158d0fa316e81ae672f7560
c59ecf34c8e169eb2c385296530f952be5ced6af24abbe7f2d47b89e520be544
c5a7c2be9c96f773f8954c3cca18a2b4a4c837a018591588c6cd21d2dd29d104
c791e58ebf175ac1baaec6d910bcaabcda984f6b0f8fa0a266ab3618452fb885
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd1cc439833c31415662b922ecef8a99376743935f82358e4d922ff65fb1b203
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cff480a1710938005570567721ab2b59be5fe1455c99fd641b9c661c4615223e
d0a122415151778fa38fef8b6d30325d24c06e2605ca6ba372f762c7efb5134e
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d3322ccb3912f7a9485eb1d75971fd5e1eb49c6575ff5ad985fb5496333e8c8b
d3d758c3632f5ac1ef5b6cddf50941ca9b7997ffe48bef30229ebf8ee835cb50
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32
d9e23a9a540db9949de27fb0e07192a0fb917126d089d6533db9b400d7e7cce7
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
db6e227c51b78203752bdc36a19b414161c5beae47cc0cdf2ff9f5c89f4f2526
dd18a408a35aa5d393458657eb24fb56ab754ece3f88bd78a038e5793d3f6991
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0851812785e04cdea931d982997d5e290ed10b495d2a73a3d8bc277e3aeefc6
e23ad9ec3cb81502280a4d2fcc39b0d2a1186d49a97585568d94a1db3eaacc09
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5e81127d4f59b668613ce602b56f5d10203543f7284760e94b7e61df5c5d5d5
e6350c1dc3fbee7fd3ee6950481ed2d1530a7c50a41f8944c7350c365b3245d8
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7
e8d43f268042bacb6a37bf1a0213a35330020444c8983a796699b27a4fc707a2
ec5896d0d69377b6bf32029102283961cf19735f37a4682946262d313d8b867b
ed34a59f182c66e2b25c602f3c9b0f21435a8f475d5dbc9e6830ff4c7929f5cd
ee60625ba8a2fd9490a733f6b2098cddbbb0b7a97928735205e89130bd3e5b3f
ee94251fea8b03da5d0dc6f8489a529c1a2d2a031d874b0ec61866784e3c73c3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef1f342a3e85285f6192a4b04d741a3018a8be6e882da7d9180a869dac3823f8
ef22199864042b8ceeee3729f3254c140df7217364045737ca3aadf8434fb3da
ef4cc058c6834333c9eefe4308e7902df6612c918a142d76747c27c931d4230b
ef5cb5659851cb365a92732c1140de8ec3c208ce097dcb641fef73c996959f32
f00f0db75a38bc7dc4d3f22d22dd27342a2be43763699d35423ea4a22f352b89
f1870f734a253734a07b0542733fbed3b28ae811a83967deed504d31274407f4
f232eb973c7f9998919c06ad4025e8b07c6d7fbcccfc512c19e933d9b5d639ea
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f4b4589b103abc2c0fe755e676cf1570cba3572199e289a3ce6bb9cb5922534a
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f70a3567a3625b1c6c58da5afae02b72aa417f99508d3a6365f5f69025cf0fc1
f724cb79da22169a8630f7fe6965f5767a7d9dffdf392aaad7a5987536aa8314
fde98a3e06f299a73b0a3eb6c095649b9c3f9c342596091936a4675fd6980a1c
fe04893d1202c74bdec4137a3d8b54fb7305bb99dead994d317184154b8c4b34