mgoblue.com Open in urlscan Pro
74.205.81.134 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://mgoblue.com/
Effective URL:
https://mgoblue.com/
Submission: On January 22 via api (January 22nd 2022, 11:03:56 pm UTC) from SG — Scanned from DE

Summary HTTP 257 Redirects Links 91 Behaviour Indicators

Summary

This website contacted 60 IPs in 6 countries across 45 domains to perform 257 HTTP transactions. The main IP is 74.205.81.134, located in United States and belongs to RMH-14, US. The main domain is mgoblue.com. The Cisco Umbrella rank of the primary domain is 323256.
TLS certificate: Issued by Starfield Secure Certificate Authorit... on January 10th 2022. Valid for: 9 months.

This is the only time mgoblue.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 24	74.205.81.134 74.205.81.134	33070 (RMH-14) (RMH-14)
7	18.66.248.121 18.66.248.121	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:205... 2600:9000:2057:e800:4:cc99:4000:93a1	16509 (AMAZON-02) (AMAZON-02)
9	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
46	18.66.242.5 18.66.242.5	16509 (AMAZON-02) (AMAZON-02)
1	206.225.86.85 206.225.86.85	18501 (CODERO-DFW) (CODERO-DFW)
1 5	108.157.4.38 108.157.4.38	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6813:9308	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
4 10	142.250.185.70 142.250.185.70	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	52.217.45.52 52.217.45.52	16509 (AMAZON-02) (AMAZON-02)
4	174.143.40.29 174.143.40.29	33070 (RMH-14) (RMH-14)
8	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2620:1ec:27::... 2620:1ec:27::cafe:1994	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
6	151.101.130.133 151.101.130.133	54113 (FASTLY) (FASTLY)
7	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2 4	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
9	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	151.101.66.133 151.101.66.133	54113 (FASTLY) (FASTLY)
4	40.76.174.66 40.76.174.66	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	104.92.72.137 104.92.72.137	16625 (AKAMAI-AS) (AKAMAI-AS)
3 3	54.205.207.71 54.205.207.71	14618 (AMAZON-AES) (AMAZON-AES)
3 6	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
6	52.50.214.249 52.50.214.249	16509 (AMAZON-02) (AMAZON-02)
2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	35.177.23.252 35.177.23.252	16509 (AMAZON-02) (AMAZON-02)
1	69.169.86.38 69.169.86.38	29838 (AMC) (AMC)
1 1	2600:1901:0:8... 2600:1901:0:8eee::	15169 (GOOGLE) (GOOGLE)
1 2	35.186.212.60 35.186.212.60	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f23... 2a03:2880:f234:c5:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
1	2606:2800:134... 2606:2800:134:fa2:1627:1fe:edb:1665	15133 (EDGECAST) (EDGECAST)
1	3.5.0.189 3.5.0.189	14618 (AMAZON-AES) (AMAZON-AES)
4	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
12	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	52.218.208.177 52.218.208.177	16509 (AMAZON-02) (AMAZON-02)
2 7	2600:9000:206... 2600:9000:206f:7200:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
13 16	54.228.17.128 54.228.17.128	16509 (AMAZON-02) (AMAZON-02)
1 2	2.21.141.232 2.21.141.232	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	35.156.69.231 35.156.69.231	16509 (AMAZON-02) (AMAZON-02)
1	70.42.32.191 70.42.32.191	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1288:80:... 2a00:1288:80:800::7001	203220 (YAHOO-DEB) (YAHOO-DEB)
1 2	18.184.217.227 18.184.217.227	16509 (AMAZON-02) (AMAZON-02)
1 2	37.252.173.62 37.252.173.62	29990 (ASN-APPNEX) (ASN-APPNEX)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
257	60

24 74.205.81.134 (United States) 2 redirects

ASN33070 (RMH-14, US)

mgoblue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.66.248.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-121.dus51.r.cloudfront.net

dbukjj6eu5tsf.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.sidearmsports.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2057:e800:4:cc99:4000:93a1 (United States)

ASN16509 (AMAZON-02, US)

fonts.sidearmsports.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

46 18.66.242.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-242-5.dus51.r.cloudfront.net

d4njeax0ev936.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 206.225.86.85 (United States)

ASN18501 (CODERO-DFW, US)
PTR: 206-225-86-85.dedicated.codero.net

static.mgoblue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 108.157.4.38 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.185.70 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net

5189721.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
8277843.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.45.52 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

sidearm-syndication.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 174.143.40.29 (United States)

ASN33070 (RMH-14, US)

statcollector.sidearmsports.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:27::cafe:1994 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.130.133 (United States)

ASN54113 (FASTLY, US)

cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.223.40.198 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.66.133 (United States)

ASN54113 (FASTLY, US)

consumer.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 40.76.174.66 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

d.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.92.72.137 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-72-137.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.205.207.71 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-207-71.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.226 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.50.214.249 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-214-249.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.177.23.252 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-177-23-252.eu-west-2.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.169.86.38 (Cranford, United States)

ASN29838 (AMC, US)

global.ib-ibi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:8eee:: (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.212.60 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 60.212.186.35.bc.googleusercontent.com

tag.yieldoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f234:c5:face:b00c:0:43fe (Dallas, United States)

ASN32934 (FACEBOOK, US)

scontent-dfw5-1.cdninstagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.5.0.189 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: s3.us-east-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

2094213804051206dbc0ba34d0c35d4c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.208.177 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-r-w.amazonaws.com

fan-gtm-dev.s3-us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:206f:7200:6:9280:1080:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 54.228.17.128 (Dublin, Ireland) 13 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-17-128.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.21.141.232 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-232.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.156.69.231 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-69-231.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.191 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7001 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.184.217.227 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-217-227.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.173.62 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	cloudfront.net dbukjj6eu5tsf.cloudfront.net d4njeax0ev936.cloudfront.net	4 MB
31	doubleclick.net 7 redirects 5189721.fls.doubleclick.net — Cisco Umbrella Rank: 656232 stats.g.doubleclick.net — Cisco Umbrella Rank: 96 8277843.fls.doubleclick.net — Cisco Umbrella Rank: 565223 googleads.g.doubleclick.net — Cisco Umbrella Rank: 46 cm.g.doubleclick.net — Cisco Umbrella Rank: 197 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 pubads.g.doubleclick.net — Cisco Umbrella Rank: 462	161 KB
25	mgoblue.com 2 redirects mgoblue.com — Cisco Umbrella Rank: 323256 static.mgoblue.com — Cisco Umbrella Rank: 592956	95 KB
23	adroll.com 15 redirects s.adroll.com — Cisco Umbrella Rank: 2604 d.adroll.com — Cisco Umbrella Rank: 1561	29 KB
18	krxd.net 3 redirects cdn.krxd.net — Cisco Umbrella Rank: 1256 consumer.krxd.net — Cisco Umbrella Rank: 1549 usermatch.krxd.net — Cisco Umbrella Rank: 1214 beacon.krxd.net — Cisco Umbrella Rank: 408	179 KB
16	googlesyndication.com 2094213804051206dbc0ba34d0c35d4c.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 124 pagead2.googlesyndication.com — Cisco Umbrella Rank: 100	222 KB
14	google.com adservice.google.com — Cisco Umbrella Rank: 80 www.google.com — Cisco Umbrella Rank: 13 analytics.google.com — Cisco Umbrella Rank: 1062	3 KB
10	sidearmsports.com fonts.sidearmsports.com — Cisco Umbrella Rank: 27613 images.sidearmsports.com — Cisco Umbrella Rank: 61705 statcollector.sidearmsports.com — Cisco Umbrella Rank: 24639	86 KB
9	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	966 B
9	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 227	54 KB
8	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	512 KB
7	google.de 1 redirects www.google.de — Cisco Umbrella Rank: 5557 adservice.google.de — Cisco Umbrella Rank: 8028	2 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1498 d.clarity.ms — Cisco Umbrella Rank: 2246 c.clarity.ms — Cisco Umbrella Rank: 917	25 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	21 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	309 KB
5	cdninstagram.com scontent-dfw5-1.cdninstagram.com — Cisco Umbrella Rank: 6586	1 MB
5	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 138	3 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 165	139 KB
4	adsrvr.org 2 redirects insight.adsrvr.org — Cisco Umbrella Rank: 624 match.adsrvr.org — Cisco Umbrella Rank: 329	1 KB
4	gstatic.com fonts.gstatic.com	79 KB
3	amazonaws.com sidearm-syndication.s3.amazonaws.com — Cisco Umbrella Rank: 30641 s3.amazonaws.com fan-gtm-dev.s3-us-west-2.amazonaws.com — Cisco Umbrella Rank: 192024	15 KB
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 241	2 KB
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 287	1 KB
2	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 389	738 B
2	advertising.com 1 redirects pixel.advertising.com — Cisco Umbrella Rank: 327	520 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 590	2 KB
2	yieldoptimizer.com 1 redirects tag.yieldoptimizer.com — Cisco Umbrella Rank: 5621	1 KB
2	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 316	460 B
2	bluekai.com 1 redirects stags.bluekai.com — Cisco Umbrella Rank: 510	1 KB
2	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 2008
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 359	274 B
1	yahoo.com ads.yahoo.com — Cisco Umbrella Rank: 913	446 B
1	taboola.com sync.taboola.com — Cisco Umbrella Rank: 969	222 B
1	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 1032	548 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 758	477 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 312	239 B
1	twimg.com pbs.twimg.com — Cisco Umbrella Rank: 668	5 KB
1	pro-market.net 1 redirects fei.pro-market.net — Cisco Umbrella Rank: 2638	358 B
1	ib-ibi.com global.ib-ibi.com — Cisco Umbrella Rank: 1497	72 B
1	agkn.com aa.agkn.com — Cisco Umbrella Rank: 442	22 B
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 273	554 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 106	15 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1711	35 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	1 KB
0	ixiaa.com Failed kr.ixiaa.com Failed
257	45

	Domain	Requested by
46	d4njeax0ev936.cloudfront.net	mgoblue.com d4njeax0ev936.cloudfront.net
24	mgoblue.com	2 redirects mgoblue.com cdnjs.cloudflare.com dbukjj6eu5tsf.cloudfront.net
16	d.adroll.com	13 redirects s.adroll.com
11	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net mgoblue.com
9	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
9	www.facebook.com	mgoblue.com 8277843.fls.doubleclick.net
9	cdnjs.cloudflare.com	mgoblue.com cdnjs.cloudflare.com
8	connect.facebook.net	mgoblue.com connect.facebook.net 8277843.fls.doubleclick.net
7	s.adroll.com	2 redirects mgoblue.com s.adroll.com
7	www.google.com	mgoblue.com securepubads.g.doubleclick.net tpc.googlesyndication.com
7	8277843.fls.doubleclick.net	3 redirects www.googletagmanager.com mgoblue.com cdnjs.cloudflare.com
6	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
6	beacon.krxd.net	mgoblue.com cdn.krxd.net
6	cdn.krxd.net	mgoblue.com cdn.krxd.net
6	www.google-analytics.com	mgoblue.com www.google-analytics.com
6	www.googletagmanager.com	mgoblue.com www.googletagmanager.com
5	scontent-dfw5-1.cdninstagram.com	mgoblue.com
5	www.google.de	mgoblue.com
5	adservice.google.com	5189721.fls.doubleclick.net 8277843.fls.doubleclick.net securepubads.g.doubleclick.net
5	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
5	sb.scorecardresearch.com	1 redirects mgoblue.com
5	dbukjj6eu5tsf.cloudfront.net	mgoblue.com cdnjs.cloudflare.com
4	www.googletagservices.com	dbukjj6eu5tsf.cloudfront.net securepubads.g.doubleclick.net
4	d.clarity.ms	www.clarity.ms d.clarity.ms
4	statcollector.sidearmsports.com	dbukjj6eu5tsf.cloudfront.net statcollector.sidearmsports.com
4	fonts.gstatic.com	fonts.googleapis.com
4	fonts.sidearmsports.com	mgoblue.com fonts.sidearmsports.com
3	cm.g.doubleclick.net	3 redirects
3	usermatch.krxd.net	3 redirects
3	consumer.krxd.net	cdn.krxd.net
3	5189721.fls.doubleclick.net	1 redirects cdnjs.cloudflare.com adservice.google.com
2	ib.adnxs.com	1 redirects
2	x.bidswitch.net	1 redirects
2	eb2.3lift.com	1 redirects
2	pixel.advertising.com	1 redirects
2	dsum-sec.casalemedia.com	1 redirects
2	tag.yieldoptimizer.com	1 redirects mgoblue.com
2	idsync.rlcdn.com	mgoblue.com
2	match.adsrvr.org	2 redirects
2	stags.bluekai.com	1 redirects 5189721.fls.doubleclick.net
2	c.clarity.ms	1 redirects mgoblue.com
2	insight.adsrvr.org	8277843.fls.doubleclick.net
2	adservice.google.de	1 redirects securepubads.g.doubleclick.net
2	analytics.google.com	www.googletagmanager.com
2	images.sidearmsports.com	mgoblue.com
2	script.crazyegg.com	mgoblue.com
1	us-u.openx.net
1	ads.yahoo.com
1	sync.taboola.com
1	image2.pubmatic.com
1	sync.outbrain.com
1	pixel.rubiconproject.com
1	pubads.g.doubleclick.net	cdnjs.cloudflare.com
1	fan-gtm-dev.s3-us-west-2.amazonaws.com	www.googletagmanager.com
1	2094213804051206dbc0ba34d0c35d4c.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	s3.amazonaws.com	d4njeax0ev936.cloudfront.net
1	pbs.twimg.com	mgoblue.com
1	fei.pro-market.net	1 redirects
1	global.ib-ibi.com	mgoblue.com
1	aa.agkn.com	mgoblue.com
1	c.bing.com	1 redirects
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.googletagmanager.com
1	www.clarity.ms	mgoblue.com
1	sidearm-syndication.s3.amazonaws.com	cdnjs.cloudflare.com
1	www.googleoptimize.com	mgoblue.com
1	static.mgoblue.com	mgoblue.com
1	fonts.googleapis.com	mgoblue.com
0	kr.ixiaa.com Failed	mgoblue.com
257	69

This site contains links to these domains. Also see Links.

Domain
www.foxsports.com
gophersports.com
pac-12.com
www.thefosh.net
www.cbssports.com
stats.statbroadcast.com
www.bigtenplus.com
www.trackwrestling.com
sidearmstats.com
mgoblue.evenue.net
camps.mgoblue.com
www.thisismichigan.com
support.mgoblue.com
tailgateguys.com
www.stubhub.com
www.mgoblue.com
btn.com
macc.ath.umich.edu
eventteam.ath.umich.edu
facilityrentals.ath.umich.edu
www.mden.com
michiganphotostore.photoshelter.com
imgproducts.net
www.instagram.com
twitter.com
www.umich.edu
www.ncaa.com
bigten.org
www.learfield.com
sidearmsports.com
www.sidearmsports.com

Subject Issuer	Validity	Valid
lb04.sidearmsports.com Starfield Secure Certificate Authority - G2	`2022-01-10` - `2022-10-10`	9 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.sidearmsports.com Amazon	`2021-04-26` - `2022-05-25`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
static.mgoblue.com R3	`2022-01-16` - `2022-04-16`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-12-13` - `2022-12-13`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-11-01` - `2022-01-30`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2021-06-01` - `2022-06-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
cdn.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-12-30` - `2022-12-29`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
consumer.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-07-13` - `2022-07-12`	a year	crt.sh
a.clarity.ms Microsoft RSA TLS CA 01	`2021-07-27` - `2022-07-27`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-11-24` - `2022-04-26`	5 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.ib-ibi.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-03-08`	a year	crt.sh
*.instagram.com DigiCert SHA2 High Assurance Server CA	`2021-11-01` - `2022-01-30`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-06-23` - `2022-07-24`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
*.s3-us-west-2.amazonaws.com Amazon	`2021-03-26` - `2022-03-05`	a year	crt.sh
s.adroll.com Amazon	`2021-08-02` - `2022-08-31`	a year	crt.sh
adroll.mgr.consensu.org Amazon	`2021-09-09` - `2022-10-08`	a year	crt.sh

This page contains 19 frames:

Primary Page: https://mgoblue.com/
Frame ID: 468AC82FC17A38429C8BED76A0CB18B6
Requests: 190 HTTP requests in this frame

Frame: https://5189721.fls.doubleclick.net/activityi;dc_pre=CPb4iPy7xvUCFTP41Qod3e8K-A;src=5189721;type=btnes0;cat=michi009;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6684940228397.571
Frame ID: 53979802AD41417A181F8F27556C76CD
Requests: 1 HTTP requests in this frame

Frame: https://statcollector.sidearmsports.com/services/pixel.html?page_template=home&sport_name=0&sport_name_custom=0&site=umichigan&cbs_site_code=mich&content_id=null&sect=frontpage&sid=736b2c99-7c0b-4ae5-81a2-f147f684a4fa&uid=f268d166-1f70-4895-b8f1-414345f8f3d5&count=mgoblue_com.pageview%7Call.pageview&events=&traits=&r=mgoblue.com&server_name=1129023-LB15&path_and_query=%2F&_=1642892628225
Frame ID: 4E936062517B8E0E5926DC49B16C2125
Requests: 2 HTTP requests in this frame

Frame: https://statcollector.sidearmsports.com/services/pixel.html?page_template=home&sport_name=0&sport_name_custom=0&site=umichigan&cbs_site_code=mich&content_id=null&sect=frontpage&sid=736b2c99-7c0b-4ae5-81a2-f147f684a4fa&uid=f268d166-1f70-4895-b8f1-414345f8f3d5&count=mgoblue_com.active%7Call.active&events=&traits=&r=mgoblue.com&server_name=1129023-LB15&path_and_query=%2F&_=1642892628237
Frame ID: EC02BAFD212BEB695367A63391D6FD73
Requests: 2 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CPb4iPy7xvUCFTP41Qod3e8K-A;src=5189721;type=btnes0;cat=michi009;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6684940228397.571;~oref=https://mgoblue.com/
Frame ID: ACC54AFDE5D0F9854339323323720FA2
Requests: 1 HTTP requests in this frame

Frame: https://8277843.fls.doubleclick.net/activityi;dc_pre=CK-Vmfy7xvUCFZSD1QodkUoBFg;src=8277843;type=count0;cat=pagev0;ord=9079359458113;gtm=2wg1j0;auiddc=396860451.1642892628;u15=undefined;ps=1;~oref=https%3A%2F%2Fmgoblue.com%2F
Frame ID: DB61081279856C9A11F00AB5F0AC7714
Requests: 6 HTTP requests in this frame

Frame: https://8277843.fls.doubleclick.net/activityi;dc_pre=CIOamfy7xvUCFU-s1QodvjUJnQ;src=8277843;type=count0;cat=sitev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=9094576706051.719
Frame ID: ECC59E1827AF20E362280A73494DCCF6
Requests: 8 HTTP requests in this frame

Frame: https://8277843.fls.doubleclick.net/activityi;dc_pre=CKeZmfy7xvUCFTUfBgAd1r0LVg;src=8277843;type=counter;cat=sitev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=4252596835654.2275
Frame ID: 171B55852B6FB64F7AF581435E033652
Requests: 2 HTTP requests in this frame

Frame: https://5189721.fls.doubleclick.net/ddm/fls/r/dc_pre=CPb4iPy7xvUCFTP41Qod3e8K-A;src=5189721;type=btnes0;cat=michi009;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6684940228397.571;~oref=https://mgoblue.com/
Frame ID: 2CD668CBE3F9D02C4518E4F3C7877819
Requests: 1 HTTP requests in this frame

Frame: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Frame ID: 315E09F5695966D495169427F1393D5F
Requests: 15 HTTP requests in this frame

Frame: https://stags.bluekai.com/site/39812?ret=html&limit=10&phint=pctx%3Dmich_home
Frame ID: 50111377EFFBA81E7FC40AAA4ACF8E87
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: C3CF8523518AC68045A67EB10D16B65B
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 75C2FF8827B2A371D938DD46E3D43B95
Requests: 1 HTTP requests in this frame

Frame: https://2094213804051206dbc0ba34d0c35d4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CA31ACC84CF308777533F5DA4DC4B064
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssfLYNKRZQGTEAQ_imWeD9M064Kn0HoYLBhvWX4LidSpUE98i-hOoZQgmA6vbin-myDYO_oqryn1UcrlBnATZ6aQ3crY8xzrlsK4FueIAanwIqziFxJEUoU5__YrUQoPAxhDiWvaC0ePxBcg5uc_oHo_mgvT_jC8UdVtoaF2Ny-RZLo89ksWMlH-eJhcwXnnkpqjQJsJBRsZBjiTkJ59vMafdIT4xWlypmSa4ldSUF__8SxzQegsYFvEFA67z965IFRttPtHvVjUcsQdv6Rjqa0FueqSp2siEgm43NqKvwK&sig=Cg0ArKJSzF_KPtqYh5WSEAE&uach_m=[UACH]&adurl=
Frame ID: 441BD34E5481FFFCA82A9C3D91E7429B
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsudMxOsRVSTNiR42qkf_qb_LPDPrcRO0FgIEAz-5dUNj4xZYQeTTK62YcMdV8nZEyeiA4Y01YzBlNlHUWam7P3MxW9EMYXWWn4V1PdnciBz5_eDCFoJk98pmdOZ4jgGsezKp3kTaTjmAazmnDP29o_DUbDU_jPOOZprWA2iX_MC-gLWfzfgsvZzEd6AgWdQgjvYKkkkSfkUXoWMcldltkvSisM5M6p4hvDTqGSdEfE19jRPCT8JupOtEQ8HeNmCgF0cFau8WGl4B0YMKVazMA8MLHblF_t_U6NV8QM-dZfG&sig=Cg0ArKJSzAGqKQLAIoCGEAE&uach_m=[UACH]&adurl=
Frame ID: 01CE23EC92FB0AF1A8B1C12644B39CE3
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss1dknjqT2e0xJsJCCvjCYiaxJ9l7GHR3LwAECJXn43gyUB2XctKKhgWQQsr9D5vtqZzPcnlcHz5cl8-X__jqj8WLQleta2UzV7wDm5PYVeww2iIm6LSNfcBfVuuqiGWSjfRbRrzh6X7TUNwffEgtFOS7rlqCWkXa66qfkfhG2Bm3r2X62AU9fCIjxlEG6NWNJ1zl43V-mzCVhJpSmCIGaEHfr5wWgIDjQCRg5I8G6JSR-jKJ9CgdEgWc4HU6Mk5Cwsjkj85jtUpSWukKD7gNnjRw9IzxEVg8WhmeYzsOcB&sig=Cg0ArKJSzLOeqiQJqNJYEAE&uach_m=[UACH]&adurl=
Frame ID: 79B0DBC6C546F3920EDBEE050F1FEF91
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 01E69DA64517B51E8A74B96667ACB564
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 97F3232802EBE8234FCDECCE2EFADC05
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

University of Michigan Athletics - Official Athletics Website

Page URL History Show full URLs

http://mgoblue.com/ HTTP 301
https://mgoblue.com/ Page URL

Detected technologies

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

257
Requests

90 %
HTTPS

43 %
IPv6

45
Domains

69
Subdomains

60
IPs

6
Countries

7124 kB
Transfer

12442 kB
Size

61
Cookies

91 Outgoing links

These are links going to different origins than the main page.

URL: https://www.foxsports.com/live/btn
Title: Live video for Ice Hockey at #11 Minnesota on January 22, 2022

Search URL Search Domain Scan URL

URL: https://gophersports.com/sidearmstats/mhockey/summary
Title: Live stats for Ice Hockey at #11 Minnesota on January 22, 2022

Search URL Search Domain Scan URL

URL: https://pac-12.com/live/arizona-state-university
Title: Live video for Water Polo at #4 Arizona State on January 23, 2022

Search URL Search Domain Scan URL

URL: https://www.thefosh.net/live/12129
Title: Live stats for Water Polo at #4 Arizona State on January 23, 2022

Search URL Search Domain Scan URL

URL: https://www.cbssports.com/college-basketball/cbk-live/
Title: Live video for Men's Basketball at Indiana on January 23, 2022

Search URL Search Domain Scan URL

URL: http://stats.statbroadcast.com/statmonitr/?id=369130
Title: Live stats for Men's Basketball at Indiana on January 23, 2022

Search URL Search Domain Scan URL

URL: https://www.thefosh.net/live/12131
Title: Live stats for Water Polo vs #10 Fresno State on January 23, 2022

Search URL Search Domain Scan URL

URL: https://www.bigtenplus.com/en-int/playerpage/1170769
Title: Live video for Wrestling vs #14 Rutgers on January 23, 2022

Search URL Search Domain Scan URL

URL: https://www.trackwrestling.com/tw/seasons/LoadBalance.jsp?seasonId=1207109135&pageName=DualMatches.jsp&dualId=6221803132
Title: Live stats for Wrestling vs #14 Rutgers on January 23, 2022

Search URL Search Domain Scan URL

URL: http://sidearmstats.com/minnesota/wgym/
Title: Live stats for Women's Gymnastics at Minnesota on January 24, 2022

Search URL Search Domain Scan URL

URL: https://mgoblue.evenue.net/cgi-bin/ncommerce3/SEGetGroupList?groupCode=F&linkID=umichse&shopperContext=&caller=&appCode=&RSRC=WebFBLTicketDropdown&RDAT=FBL
Title: Football

Search URL Search Domain Scan URL

URL: https://mgoblue.evenue.net/cgi-bin/ncommerce3/SEGetGroupList?groupCode=B&linkID=umichse&shopperContext=&caller=&appCode=&RSRC=WebBKMTicketDropdown&RDAT=BKM
Title: Men's Basketball

Search URL Search Domain Scan URL

URL: https://mgoblue.evenue.net/cgi-bin/ncommerce3/SEGetGroupList?groupCode=WB&linkID=umichse&shopperContext=&caller=&appCode=&RSRC=WebBKWTicketDropdown&RDAT=BKW
Title: Women's Basketball

Search URL Search Domain Scan URL

URL: https://mgoblue.evenue.net/cgi-bin/ncommerce3/SEGetGroupList?groupCode=H&linkID=umichse&shopperContext=&caller=&appCode=&RSRC=WebIHMTicketDropdown&RDAT=IHM
Title: Ice Hockey

Search URL Search Domain Scan URL

URL: https://mgoblue.evenue.net/cgi-bin/ncommerce3/SEGetGroupList?groupCode=BB&linkID=umichse&shopperContext=&caller=&appCode=&RSRC=WebBSBTicketDropdown&RDAT=BSB
Title: Baseball

Search URL Search Domain Scan URL

URL: https://mgoblue.evenue.net/cgi-bin/ncommerce3/SEGetGroupList?groupCode=SB&linkID=umichse&shopperContext=&caller=&appCode=&RSRC=WebSFBTicketDropdown&RDAT=SFB
Title: Softball

Search URL Search Domain Scan URL

URL: https://mgoblue.evenue.net/cgi-bin/ncommerce3/SEGetGroupList?groupCode=WG&linkID=umichse&shopperContext=&caller=&appCode=&RSRC=WebGMWTicketDropdown&RDAT=GMW
Title: Women's Gymnastics

Search URL Search Domain Scan URL

URL: https://mgoblue.evenue.net/cgi-bin/ncommerce3/SEGetGroupList?groupCode=ML&linkID=umichse&shopperContext=&caller=&appCode=&RSRC=WebLXMTicketDropdown&RDAT=LXM
Title: Men's Lacrosse

Search URL Search Domain Scan URL

URL: https://mgoblue.evenue.net/cgi-bin/ncommerce3/SEGetGroupList?groupCode=MS&linkID=umichse&shopperContext=&caller=&appCode=&RSRC=WebSOMTicketDropdown&RDAT=SOM
Title: Men's Soccer

Search URL Search Domain Scan URL

URL: https://mgoblue.evenue.net/cgi-bin/ncommerce3/SEGetGroupList?groupCode=WS&linkID=umichse&shopperContext=&caller=&appCode=&RSRC=WebSOWTicketDropdown&RDAT=SOW
Title: Women's Soccer

Search URL Search Domain Scan URL

URL: https://mgoblue.evenue.net/cgi-bin/ncommerce3/SEGetGroupList?groupCode=V&linkID=umichse&shopperContext=&caller=&appCode=&RSRC=WebVBWTicketDropdown&RDAT=VBW
Title: Volleyball

Search URL Search Domain Scan URL

URL: https://mgoblue.evenue.net/cgi-bin/ncommerce3/SEGetGroupList?groupCode=W&linkID=umichse&shopperContext=&caller=&appCode=&RSRC=WebWRMTicketDropdown&RDAT=WRM
Title: Wrestling

Search URL Search Domain Scan URL

URL: https://camps.mgoblue.com/
Title: Camps & Clinics

Search URL Search Domain Scan URL

URL: http://www.thisismichigan.com/
Title: Info for Recruits

Search URL Search Domain Scan URL

URL: https://mgoblue.evenue.net/cgi-bin/ncommerce3/SEGetGroupList?groupCode=BB&linkID=umichse&shopperContext=&caller=&appCode=&RSRC=WebBSBTicketBuyNav&RDAT=BSB
Title: Buy

Search URL Search Domain Scan URL

URL: https://mgoblue.evenue.net/cgi-bin/ncommerce3/SEGetGroupList?groupCode=B&linkID=umichse&shopperContext=&caller=&appCode=&RSRC=WebBKMTicketBuyNav&RDAT=BKM
Title: Buy

Search URL Search Domain Scan URL

URL: https://mgoblue.evenue.net/cgi-bin/ncommerce3/SEGetGroupList?groupCode=WB&linkID=umichse&shopperContext=&caller=&appCode=&RSRC=WebBKWTicketBuyNav&RDAT=BKW
Title: Buy

Search URL Search Domain Scan URL

URL: https://mgoblue.evenue.net/cgi-bin/ncommerce3/SEGetGroupList?groupCode=F&linkID=umichse&shopperContext=&caller=&appCode=&RSRC=WebFBLTicketBuyNav&RDAT=FBL
Title: Buy

Search URL Search Domain Scan URL

URL: https://mgoblue.evenue.net/cgi-bin/ncommerce3/SEGetGroupList?groupCode=WG&linkID=umichse&shopperContext=&caller=&appCode=&RSRC=WebGMWTicketBuyNav&RDAT=GMW
Title: Buy

Search URL Search Domain Scan URL

URL: https://mgoblue.evenue.net/cgi-bin/ncommerce3/SEGetGroupList?groupCode=H&linkID=umichse&shopperContext=&caller=&appCode=&RSRC=WebIHMTicketBuyNav&RDAT=IHM
Title: Buy

Search URL Search Domain Scan URL

URL: https://mgoblue.evenue.net/cgi-bin/ncommerce3/SEGetGroupList?groupCode=ML&linkID=umichse&shopperContext=&caller=&appCode=&RSRC=WebLXMTicketBuyNav&RDAT=LXM
Title: Buy

Search URL Search Domain Scan URL

URL: https://mgoblue.evenue.net/cgi-bin/ncommerce3/SEGetGroupList?groupCode=MS&linkID=umichse&shopperContext=&caller=&appCode=&RSRC=WebSOMTicketBuyNav&RDAT=SOM
Title: Buy

Search URL Search Domain Scan URL

URL: https://mgoblue.evenue.net/cgi-bin/ncommerce3/SEGetGroupList?groupCode=WS&linkID=umichse&shopperContext=&caller=&appCode=&RSRC=WebSOWTicketBuyNav&RDAT=SOW
Title: Buy

Search URL Search Domain Scan URL

URL: https://mgoblue.evenue.net/cgi-bin/ncommerce3/SEGetGroupList?groupCode=SB&linkID=umichse&shopperContext=&caller=&appCode=&RSRC=WebSFBTicketBuyNav&RDAT=SFB
Title: Buy

Search URL Search Domain Scan URL

URL: https://mgoblue.evenue.net/cgi-bin/ncommerce3/SEGetGroupList?groupCode=V&linkID=umichse&shopperContext=&caller=&appCode=&RSRC=WebVBWTicketBuyNav&RDAT=VBW
Title: Buy

Search URL Search Domain Scan URL

URL: https://mgoblue.evenue.net/cgi-bin/ncommerce3/SEGetGroupList?groupCode=W&linkID=umichse&shopperContext=&caller=&appCode=&RSRC=WebWRMTicketBuyNav&RDAT=WRM
Title: Buy

Search URL Search Domain Scan URL

URL: https://support.mgoblue.com/sports/2019/2/13/premium-seating-2.aspx#Football%20Premium%20Seating
Title: Michigan Stadium

Search URL Search Domain Scan URL

URL: https://support.mgoblue.com/sports/2019/2/13/premium-seating-2.aspx#Men's%20Basketball%20Premium%20Seating
Title: Crisler Center

Search URL Search Domain Scan URL

URL: https://support.mgoblue.com/sports/2019/2/13/premium-seating-2.aspx#Premium%20Seat%20Exchange
Title: Premium Seat Exchange

Search URL Search Domain Scan URL

URL: http://tailgateguys.com/home/michigan?utm_source=Text_Link&utm_medium=Michigan&utm_campaign=Ticket_dropdown&utm_content=hospitality
Title: Football Reserved Tailgating

Search URL Search Domain Scan URL

URL: https://www.stubhub.com/michigan-wolverines-tickets/grouping/227747/?gcid=chPRT-_-geoUS-_-vnMICHIGAN-_-genNCAAF-_-cmNCAAREGSEASON-_-srcTEXTLINK
Title: StubHub: Buy or Sell Tickets

Search URL Search Domain Scan URL

URL: https://mgoblue.evenue.net/cgi-bin/ncommerce3/GetApps?linkID=umichse&RSRC=&RDAT=&linkSource=SR&caller=appList&_ga=2.261318861.1187849799.1498309791-935369138.1498309789
Title: Season Renewals

Search URL Search Domain Scan URL

URL: https://mgoblue.evenue.net/cgi-bin/ncommerce3/EVExecMacro?linkID=umichse&evm=myac&entry=DPFundDetails.html&url=https%3A//mgoblue.evenue.net/cgi-bin/ncommerce3/DPLanding%3FlinkID%3Dumichse&RSRC=&RDAT=&_ga=2.22243707.1187849799.1498309791-935369138.1498309789
Title: PSC Renewals

Search URL Search Domain Scan URL

URL: http://www.mgoblue.com/watch/
Title: MGoBlueTV

Search URL Search Domain Scan URL

URL: http://btn.com/about/btn-channelfinder/
Title: BTN Channel Finder

Search URL Search Domain Scan URL

URL: http://btn.com/about/hotels-with-btn/
Title: Hotels with BTN

Search URL Search Domain Scan URL

URL: http://macc.ath.umich.edu/
Title: Career Center

Search URL Search Domain Scan URL

URL: http://support.mgoblue.com/
Title: Development

Search URL Search Domain Scan URL

URL: http://eventteam.ath.umich.edu/
Title: Event Team

Search URL Search Domain Scan URL

URL: http://facilityrentals.ath.umich.edu/
Title: Special Events

Search URL Search Domain Scan URL

URL: http://facilityrentals.ath.umich.edu/index.php/facility-tours/
Title: Facility Tours

Search URL Search Domain Scan URL

URL: https://tailgateguys.com/home/michigan?utm_source=Text_Link&utm_medium=Michigan&utm_campaign=Gameday_Page
Title: Reserved Tailgating

Search URL Search Domain Scan URL

URL: http://www.mden.com/
Title: Official Team Store

Search URL Search Domain Scan URL

URL: http://michiganphotostore.photoshelter.com/
Title: Photo Store

Search URL Search Domain Scan URL

URL: https://www.mden.com/
Title: The M Den Home Page

Search URL Search Domain Scan URL

URL: https://www.mden.com/new-arrivals.html#1
Title: New Arrivals

Search URL Search Domain Scan URL

URL: https://www.mden.com/nike-jerseys.html#1
Title: Nike Jerseys

Search URL Search Domain Scan URL

URL: https://www.mden.com/jordan-brand.html#1Jor
Title: Jordan Brand Clothing

Search URL Search Domain Scan URL

URL: https://www.mden.com/proudbox.html
Title: ProudBox Subscriptions

Search URL Search Domain Scan URL

URL: https://www.mden.com/vc-index.html
Title: The Victors Collection

Search URL Search Domain Scan URL

URL: http://mgoblue.evenue.net/cgi-bin/ncommerce3/SEGetGroupList?groupCode=GS&linkID=umichse&shopperContext=&caller=&appCode=&RSRC=nav&RDAT=shop&_ga=2.211881744.56425418.1495116919-1870179246.1493321050
Title: Buy Tickets Online

Search URL Search Domain Scan URL

URL: https://imgproducts.net/collections/michigan
Title: Publications

Search URL Search Domain Scan URL

URL: https://mgoblue.evenue.net/cgi-bin/ncommerce3/EVExecMacro?linkID=umichse&evm=myac&entry=DisplayGroupList.html&url=https%3A//mgoblue.evenue.net/cgi-bin/ncommerce3/SEGetGroupList%3FgroupCode%3DGS%26linkID%3Dumichse%26shopperContext%3D%26caller%3D%26appCode%3D
Title: Ticket Login

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CZALEPOL7mj/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CY5fZqoM-Ux/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CY5Ao27rbHs/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CY4CYncsiIl/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CY1_OvdPxj2/

Search URL Search Domain Scan URL

URL: https://twitter.com/UMichAthletics
Title: @UMichAthletics

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?in_reply_to=1484946690952122377
Title: Reply

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/retweet?tweet_id=1484946690952122377
Title: Retweet

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/favorite?tweet_id=1484946690952122377
Title: Favorite

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?in_reply_to=1484907248967163905
Title: Reply

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/retweet?tweet_id=1484907248967163905
Title: Retweet

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/favorite?tweet_id=1484907248967163905
Title: Favorite

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?in_reply_to=1484907214246748163
Title: Reply

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/retweet?tweet_id=1484907214246748163
Title: Retweet

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/favorite?tweet_id=1484907214246748163
Title: Favorite

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?in_reply_to=1484711168866496512
Title: Reply

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/retweet?tweet_id=1484711168866496512
Title: Retweet

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/favorite?tweet_id=1484711168866496512
Title: Favorite

Search URL Search Domain Scan URL

URL: https://www.umich.edu/

Search URL Search Domain Scan URL

URL: http://www.ncaa.com/

Search URL Search Domain Scan URL

URL: http://bigten.org/

Search URL Search Domain Scan URL

URL: http://btn.com/

Search URL Search Domain Scan URL

URL: https://www.learfield.com/partner/michigan-sports-properties/

Search URL Search Domain Scan URL

URL: http://sidearmsports.com/

Search URL Search Domain Scan URL

URL: https://sidearmsports.com/privacypolicy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://sidearmsports.com/terms-of-service/
Title: Terms of Service

Search URL Search Domain Scan URL

URL: http://www.cbssports.com/
Title: Video Platform powered by CBS Sports

Search URL Search Domain Scan URL

URL: http://www.sidearmsports.com/blockers
Title: Learn More About Ad Blockers

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://mgoblue.com/ HTTP 301
https://mgoblue.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://sb.scorecardresearch.com/b?c1=2&c2=3005086&ns__t=1642892628065&ns_c=UTF-8&cv=3.5&c8=&c7=https%3A%2F%2Fmgoblue.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=3005086&ns__t=1642892628065&ns_c=UTF-8&cv=3.5&c8=&c7=https%3A%2F%2Fmgoblue.com%2F&c9=

Request Chain 32

https://5189721.fls.doubleclick.net/activityi;src=5189721;type=btnes0;cat=michi009;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6684940228397.571 HTTP 302
https://5189721.fls.doubleclick.net/activityi;dc_pre=CPb4iPy7xvUCFTP41Qod3e8K-A;src=5189721;type=btnes0;cat=michi009;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6684940228397.571

Request Chain 63

https://8277843.fls.doubleclick.net/activityi;src=8277843;type=count0;cat=pagev0;ord=9079359458113;gtm=2wg1j0;auiddc=396860451.1642892628;u15=undefined;ps=1;~oref=https%3A%2F%2Fmgoblue.com%2F HTTP 302
https://8277843.fls.doubleclick.net/activityi;dc_pre=CK-Vmfy7xvUCFZSD1QodkUoBFg;src=8277843;type=count0;cat=pagev0;ord=9079359458113;gtm=2wg1j0;auiddc=396860451.1642892628;u15=undefined;ps=1;~oref=https%3A%2F%2Fmgoblue.com%2F

Request Chain 66

https://mgoblue.com/services/socialize.ashx/users/me HTTP 302
https://mgoblue.com/sorry.ashx

Request Chain 75

https://8277843.fls.doubleclick.net/activityi;src=8277843;type=count0;cat=sitev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=9094576706051.719 HTTP 302
https://8277843.fls.doubleclick.net/activityi;dc_pre=CIOamfy7xvUCFU-s1QodvjUJnQ;src=8277843;type=count0;cat=sitev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=9094576706051.719

Request Chain 76

https://8277843.fls.doubleclick.net/activityi;src=8277843;type=counter;cat=sitev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=4252596835654.2275 HTTP 302
https://8277843.fls.doubleclick.net/activityi;dc_pre=CKeZmfy7xvUCFTUfBgAd1r0LVg;src=8277843;type=counter;cat=sitev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=4252596835654.2275

Request Chain 90

https://adservice.google.de/ddm/fls/i/dc_pre=CPb4iPy7xvUCFTP41Qod3e8K-A;src=5189721;type=btnes0;cat=michi009;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6684940228397.571;~oref=https://mgoblue.com/ HTTP 302
https://5189721.fls.doubleclick.net/ddm/fls/r/dc_pre=CPb4iPy7xvUCFTP41Qod3e8K-A;src=5189721;type=btnes0;cat=michi009;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6684940228397.571;~oref=https://mgoblue.com/

Request Chain 114

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=90E4361E083E4B68A80E37BB3C44B241&RedC=c.clarity.ms&MXFR=26F91670034B6DB402270744074B63D9 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=90E4361E083E4B68A80E37BB3C44B241&MUID=3F98EED6D980657E3452FFE2D8EB6420

Request Chain 119

https://usermatch.krxd.net/um/v2?partner=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_cm&google_nid=krux_digital&google_hm=T25pQ3JTTUs HTTP 302
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEGKx8LXX_R7CNcpVreQ9O7c&google_cver=1

Request Chain 120

https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=T25pQ3JTTUs HTTP 302
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEGKx8LXX_R7CNcpVreQ9O7c&google_cver=1

Request Chain 121

https://match.adsrvr.org/track/cmf/generic?ttd_pid=krux&ttd_tpi=1&ttd_puid=OniCrSMK&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=krux&ttd_tpi=1&ttd_puid=OniCrSMK&gdpr=0 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=ttd&partner_uid=a549e39d-c979-408d-a772-dbadf3aab451

Request Chain 123

https://stags.bluekai.com/site/26357?id=OniCrSMK&redir=https://beacon.krxd.net/usermatch.gif?_kuid%3DOniCrSMK%26partner%3Dbluekai%26bk_uuid%3D%24_BK_UUID HTTP 302
https://beacon.krxd.net/usermatch.gif?_kuid=OniCrSMK&partner=bluekai&bk_uuid=$_BK_UUID

Request Chain 125

https://usermatch.krxd.net/um/v2?partner=neustar HTTP 302
https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=OniCrSMK

Request Chain 128

https://fei.pro-market.net/engine?mimetype=img&du=88&csync=OniCrSMK HTTP 302
https://idsync.rlcdn.com/398696.gif?partner_uid=2156166975331058319

Request Chain 129

https://usermatch.krxd.net/um/v2?partner=adara HTTP 302
https://tag.yieldoptimizer.com/ps/ps?t=s&p=2818&uid=OniCrSMK HTTP 302
https://tag.yieldoptimizer.com/ps/ps?tc=787720556&t=s&p=2818&uid=OniCrSMK

Request Chain 226

https://s.adroll.com/j/exp/HLZE36KS75DE7K4FCCRIGK/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 227

https://s.adroll.com/j/pre/HLZE36KS75DE7K4FCCRIGK/KF56POYC6FEVFJF3X6KW55/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

Request Chain 239

https://d.adroll.com/pixel/HLZE36KS75DE7K4FCCRIGK/KF56POYC6FEVFJF3X6KW55?adroll_fpc=f647c5ccbb4218e843664397792ee7d8-1642892630373&arrfrr=https%3A%2F%2Fmgoblue.com%2F&pv=92024034436.64215&cookie=&adroll_s_ref=&keyw= HTTP 302
https://s.adroll.com/pixel/HLZE36KS75DE7K4FCCRIGK/KF56POYC6FEVFJF3X6KW55/VVHZAYZ36JEKLOAZEQPQVH.js

Request Chain 244

https://d.adroll.com/cm/index/out?adroll_fpc=f647c5ccbb4218e843664397792ee7d8-1642892630373&arrfrr=https%3A%2F%2Fmgoblue.com%2F&advertisable=HLZE36KS75DE7K4FCCRIGK HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MjAxNWExNjU3YTdlZDg2OTBhYzAzMzg3ZWE1N2EwYzc&expiration=1674428631 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MjAxNWExNjU3YTdlZDg2OTBhYzAzMzg3ZWE1N2EwYzc&expiration=1674428631&C=1

Request Chain 245

https://d.adroll.com/cm/n/out?adroll_fpc=f647c5ccbb4218e843664397792ee7d8-1642892630373&arrfrr=https%3A%2F%2Fmgoblue.com%2F&advertisable=HLZE36KS75DE7K4FCCRIGK HTTP 302
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=MjAxNWExNjU3YTdlZDg2OTBhYzAzMzg3ZWE1N2EwYzc&expires=365

Request Chain 246

https://d.adroll.com/cm/onevideo/out?adroll_fpc=f647c5ccbb4218e843664397792ee7d8-1642892630373&arrfrr=https%3A%2F%2Fmgoblue.com%2F&advertisable=HLZE36KS75DE7K4FCCRIGK HTTP 302
https://pixel.advertising.com/ups/55980/sync?uid=MjAxNWExNjU3YTdlZDg2OTBhYzAzMzg3ZWE1N2EwYzc&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
https://pixel.advertising.com/ups/55980/sync?uid=MjAxNWExNjU3YTdlZDg2OTBhYzAzMzg3ZWE1N2EwYzc&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true

Request Chain 247

https://d.adroll.com/cm/outbrain/out?adroll_fpc=f647c5ccbb4218e843664397792ee7d8-1642892630373&arrfrr=https%3A%2F%2Fmgoblue.com%2F&advertisable=HLZE36KS75DE7K4FCCRIGK HTTP 302
https://sync.outbrain.com/cookie-sync?p=adroll&uid=MjAxNWExNjU3YTdlZDg2OTBhYzAzMzg3ZWE1N2EwYzc

Request Chain 248

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=f647c5ccbb4218e843664397792ee7d8-1642892630373&arrfrr=https%3A%2F%2Fmgoblue.com%2F&advertisable=HLZE36KS75DE7K4FCCRIGK HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=MjAxNWExNjU3YTdlZDg2OTBhYzAzMzg3ZWE1N2EwYzc&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA

Request Chain 249

https://d.adroll.com/cm/taboola/out?adroll_fpc=f647c5ccbb4218e843664397792ee7d8-1642892630373&arrfrr=https%3A%2F%2Fmgoblue.com%2F&advertisable=HLZE36KS75DE7K4FCCRIGK HTTP 302
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=MjAxNWExNjU3YTdlZDg2OTBhYzAzMzg3ZWE1N2EwYzc

Request Chain 250

https://d.adroll.com/cm/triplelift/out?adroll_fpc=f647c5ccbb4218e843664397792ee7d8-1642892630373&arrfrr=https%3A%2F%2Fmgoblue.com%2F&advertisable=HLZE36KS75DE7K4FCCRIGK HTTP 302
https://eb2.3lift.com/xuid?mid=4714&xuid=MjAxNWExNjU3YTdlZDg2OTBhYzAzMzg3ZWE1N2EwYzc&dongle=c85e HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=MjAxNWExNjU3YTdlZDg2OTBhYzAzMzg3ZWE1N2EwYzc&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=

Request Chain 251

https://d.adroll.com/cm/r/out?adroll_fpc=f647c5ccbb4218e843664397792ee7d8-1642892630373&arrfrr=https%3A%2F%2Fmgoblue.com%2F&advertisable=HLZE36KS75DE7K4FCCRIGK HTTP 302
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Request Chain 252

https://d.adroll.com/cm/b/out?adroll_fpc=f647c5ccbb4218e843664397792ee7d8-1642892630373&arrfrr=https%3A%2F%2Fmgoblue.com%2F&advertisable=HLZE36KS75DE7K4FCCRIGK HTTP 302
https://x.bidswitch.net/sync?dsp_id=44&user_id=MjAxNWExNjU3YTdlZDg2OTBhYzAzMzg3ZWE1N2EwYzc HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=MjAxNWExNjU3YTdlZDg2OTBhYzAzMzg3ZWE1N2EwYzc

Request Chain 253

https://d.adroll.com/cm/x/out?adroll_fpc=f647c5ccbb4218e843664397792ee7d8-1642892630373&arrfrr=https%3A%2F%2Fmgoblue.com%2F&advertisable=HLZE36KS75DE7K4FCCRIGK HTTP 302
https://ib.adnxs.com/setuid?entity=172&code=MjAxNWExNjU3YTdlZDg2OTBhYzAzMzg3ZWE1N2EwYzc HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DMjAxNWExNjU3YTdlZDg2OTBhYzAzMzg3ZWE1N2EwYzc

Request Chain 255

https://d.adroll.com/cm/o/out?adroll_fpc=f647c5ccbb4218e843664397792ee7d8-1642892630373&arrfrr=https%3A%2F%2Fmgoblue.com%2F&advertisable=HLZE36KS75DE7K4FCCRIGK HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537103138&val=2015a1657a7ed8690ac03387ea57a0c7

Request Chain 256

https://d.adroll.com/cm/g/out?adroll_fpc=f647c5ccbb4218e843664397792ee7d8-1642892630373&arrfrr=https%3A%2F%2Fmgoblue.com%2F&advertisable=HLZE36KS75DE7K4FCCRIGK&google_nid=adroll2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=IBWhZXp-2GkKwDOH6legxw HTTP 302
https://d.adroll.com/cm/g/in

257 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
mgoblue.com/
Redirect Chain

http://mgoblue.com/
https://mgoblue.com/

1 MB
48 KB

526ms
149ms

Document
text/html

74.205.81.134
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblue.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.205.81.134 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

7674a0e94edc4d1d1b6c737707dc10f138b1abab50c4e738078c37c4a08bcd3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Cache-Control: public, max-age=1562
Content-Type: text/html; charset=utf-8
Content-Encoding: br
Expires: Sat, 22 Jan 2022 23:29:49 GMT
Last-Modified: Sat, 22 Jan 2022 22:59:49 GMT
Vary: *
Server: Microsoft-IIS/10.0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=0;
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Date: Sat, 22 Jan 2022 23:03:46 GMT
Content-Length: 48731

Redirect headers

Location: https://mgoblue.com/
Server: Microsoft-IIS/8.5
Strict-Transport-Security: max-age=0;
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Date: Sat, 22 Jan 2022 23:03:45 GMT
Content-Length: 0

GET
H2 200 main.1642517942691.js Show response
dbukjj6eu5tsf.cloudfront.net/assets.sidearmsports.com/responsive/js/ 119 KB
27 KB 61ms
12ms Script
application/javascript 18.66.248.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dbukjj6eu5tsf.cloudfront.net/assets.sidearmsports.com/responsive/js/main.1642517942691.js
Requested by: Host: mgoblue.com
URL: https://mgoblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-121.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0a12f82693d094e1e8192ee9466dec6d9aef2342638e02366108a066fbd4f546

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 10:34:30 GMT
content-encoding: gzip
last-modified: Tue, 18 Jan 2022 14:59:05 GMT
server: AmazonS3
age: 304158
etag: "9b6429bb882749591dd1d5c3f8a9cdf2"
x-cache: Hit from cloudfront
x-amz-version-id: muTNNZ.zJ.iQZFZ70zG9jWhSS.S8KNKI
via: 1.1 127feb674de1f66343675c9727fafd6c.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-type: application/javascript
content-length: 27083
x-amz-cf-id: AbLIFW3sWBdltJUovLVL_aIsWrYj8TCWWCDOehvCDYR9y7Y_MkiBWQ==
expires: Thu, 18 Jan 2024 14:59:02 GMT

GET
H2 200 sidearm_font_v2.css
fonts.sidearmsports.com/sidearm_v2/2021-08-16-883562/ 14 KB
3 KB 85ms
7ms Stylesheet
text/css 2600:9000:2057:e800:4:cc99:4000:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.sidearmsports.com/sidearm_v2/2021-08-16-883562/sidearm_font_v2.css
Requested by: Host: mgoblue.com
URL: https://mgoblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:e800:4:cc99:4000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 22aa5adb7ec9ec635bf5ea794b146c0ef2fc74e4849d6c36e2db99b1144cc700

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 14:01:03 GMT
content-encoding: gzip
last-modified: Mon, 16 Aug 2021 20:52:08 GMT
server: AmazonS3
age: 9450165
etag: "51f84a4d56570f38f0a95eab98731858"
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 3005
x-amz-cf-id: h5tDCgoyNJ5wfXC5hQRKoM-bRdYtn_-QaW9KJz3Sk515QT-o7mm37w==
expires: Wed, 16 Aug 2023 20:52:03 GMT

GET
H2 200 sidearm_font.css
fonts.sidearmsports.com/sidearm/2020-05-12-535576/ 11 KB
3 KB 85ms
7ms Stylesheet
text/css 2600:9000:2057:e800:4:cc99:4000:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.sidearmsports.com/sidearm/2020-05-12-535576/sidearm_font.css
Requested by: Host: mgoblue.com
URL: https://mgoblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:e800:4:cc99:4000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d713dd84892c763b25143502308aa8cf82f0d60aad22ea5b6c2968cf9b6bb135

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 02:48:14 GMT
content-encoding: gzip
last-modified: Tue, 12 May 2020 20:42:55 GMT
server: AmazonS3
age: 8972134
etag: "1ad82ee377693ace7a947b0c66052a4d"
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 2670
x-amz-cf-id: NMteOSh-y3FxKzjsZwtphjxUTO85aql4xfvQCrHp-8tEgwflCQHS4w==
expires: Thu, 12 May 2022 20:42:52 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/1.9.1/ 90 KB
29 KB 36ms
15ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/1.9.1/jquery.min.js

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 23:03:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5781904
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29363
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-169d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hoCgtQzuVcTkA3gl2vQOAkyHXF0RfkjtrHfiqdEUaPaH%2FnCId2pkYFil9By%2Fyxe2H%2FNKz25E9W7zK7t3YVPyU%2Fk9iawPsVfeC1BVccDle39C2sHqR3XN8DrLXQ50eAz3IPs6eJFGM%2BQ5HvhMAuxSPeCf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6d1c6ae87f6c8bed-FRA
expires: Thu, 12 Jan 2023 23:03:47 GMT

GET
H2 200 require.min.js Show response
cdnjs.cloudflare.com/ajax/libs/require.js/2.2.0/ 25 KB
8 KB 35ms
14ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/require.js/2.2.0/require.min.js

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02055da12953582666aec83c667c693f874a6bd5068e41b6f9c574b18615734c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 23:03:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6487161
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7122
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fbf-653e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GULAefcJ3Eq7n1v%2FNG86PQcLnrbTZOq2CKkqYBoZTnXcqdykp2Ud1qnkKQiwzimnTLhv4BpaS5E38EPxAm7k1u4XtPflBpzj74pBJw33COgc%2FfvNvAYAPhX%2FLBudpXGedDXVEYYGg0f9lDCZrmLutUUy"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6d1c6ae87f6a8bed-FRA
expires: Thu, 12 Jan 2023 23:03:47 GMT

GET
H2 200 bundle.1623185959941.js Show response
dbukjj6eu5tsf.cloudfront.net/assets.sidearmsports.com/responsive/js/ 475 KB
136 KB 68ms
20ms Script
application/javascript 18.66.248.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dbukjj6eu5tsf.cloudfront.net/assets.sidearmsports.com/responsive/js/bundle.1623185959941.js
Requested by: Host: mgoblue.com
URL: https://mgoblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-121.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: df9dc60b9eb6c3b12435878476d534072616a4e0677c57c25b9ad3a7d6a8d08f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 04:22:55 GMT
content-encoding: gzip
last-modified: Tue, 08 Jun 2021 20:59:25 GMT
server: AmazonS3
age: 5164853
etag: "755badebea710386655f939549133367"
x-cache: Hit from cloudfront
x-amz-version-id: vGHF.2fkmpHLhkO.ae7OsVyYgDLAytcP
via: 1.1 127feb674de1f66343675c9727fafd6c.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-type: application/javascript
content-length: 138581
x-amz-cf-id: VVGIPOVkYdQ8va0xYWe6oyeWuBx-ZoBZ6zO5ZQzmYXUkuYDtfmTn3g==
expires: Thu, 08 Jun 2023 20:59:20 GMT

GET
H2 200 css2
fonts.googleapis.com/ 15 KB
1 KB 42ms
18ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@400;700&family=Roboto+Slab:wght@400;700&family=Roboto:wght@400;500;700&display=swap

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8020398b1dc9cc0167fb51f66970d7c03a3daa3018f250cfff6125545104e2a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 22 Jan 2022 23:03:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 22 Jan 2022 23:03:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 22 Jan 2022 23:03:47 GMT

GET
H2 200 slick.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.5.9/ 1 KB
711 B 38ms
19ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.5.9/slick.min.css

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9811f9f571e747d90c59b3dafcc49ef225807b15f2b06e1c92f14d02739653b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 23:03:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 104941
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 347
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-4fc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xuDuNQ0rRtiSrW%2FvFgWnj%2Fc3guxNWqVfKYQTYg2QL1TH3x4ALrF%2FbPiRv6yiaUEjR%2F%2BAiYrTxnYlRzMpMLs74kKOGc46wykK30Ed2u%2BCLI4hlNu%2B8SOozR4ulP3w3XGMlo4OlnXOHwHfo9uTpafXeMfe"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6d1c6ae87f688bed-FRA
expires: Thu, 12 Jan 2023 23:03:47 GMT

GET
H2 200 sidearm-responsive-grid.less
d4njeax0ev936.cloudfront.net/less/ 240 KB
21 KB 748ms
700ms Stylesheet
text/css 18.66.242.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d4njeax0ev936.cloudfront.net/less/sidearm-responsive-grid.less?_=637782714551261522

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.242.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-242-5.dus51.r.cloudfront.net

Software

Microsoft-IIS/8.5 /

Resource Hash

3cd7697e10174bd0398570f661196f97462595b780ea83614b43e8110fb462f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=0;
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: DUS51-P1
x-cache: Miss from cloudfront
content-length: 21224
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 20 Jan 2022 10:32:47 GMT
server: Microsoft-IIS/8.5
date: Sat, 22 Jan 2022 23:03:46 GMT
vary: *
content-type: text/css; charset=utf-8
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
cache-control: public
etag: "w2a3jptwqL/gO0193npR///0HmUuvTbDF45UKabNS8c="
x-amz-cf-id: ojNMscPSb_Zg02uNAgjImd_hgln9MXrFoi5OildgjrCwN4nv7Z0_dA==
expires: Sat, 29 Jan 2022 12:37:47 GMT

GET
H2 200 site.less
d4njeax0ev936.cloudfront.net/site/ 145 KB
16 KB 443ms
395ms Stylesheet
text/css 18.66.242.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d4njeax0ev936.cloudfront.net/site/site.less?_=637783800869491024

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.242.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-242-5.dus51.r.cloudfront.net

Software

Microsoft-IIS/10.0 /

Resource Hash

6caae779093bfb5c06719ccff287d74525c29ca37b65db084a951741c3145e10

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=0;
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: DUS51-P1
x-cache: Miss from cloudfront
content-length: 15560
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: Microsoft-IIS/10.0
date: Sat, 22 Jan 2022 23:03:46 GMT
vary: *
content-type: text/css; charset=utf-8
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
cache-control: public
x-amz-cf-id: odyny9yQQvrJPJdLhHNbK-dUPjZ-ug-y0SGkveKaWaU4rsMpZLcG6A==
expires: Sat, 29 Jan 2022 23:03:47 GMT

GET
H/1.1 200
OK mgo-17.css
static.mgoblue.com/custompages/css/ 30 KB
6 KB 625ms
148ms Stylesheet
text/css 206.225.86.85
CODERO-DFW

General

Check archive.org

Show headers Download Go to

Full URL: https://static.mgoblue.com/custompages/css/mgo-17.css
Requested by: Host: mgoblue.com
URL: https://mgoblue.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 206.225.86.85 , United States, ASN18501 (CODERO-DFW, US),
Reverse DNS: 206-225-86-85.dedicated.codero.net
Software: Microsoft-IIS/8.5 /
Resource Hash: 463ea082db429a843ae208a2e0d543cbd42a0a57a9ba0ce1edd062a06581aa32

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 22 Jan 2022 23:03:49 GMT
Content-Encoding: gzip
Last-Modified: Thu, 20 Jan 2022 21:16:41 GMT
Server: Microsoft-IIS/8.5
ETag: "808296443ed81:0"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Length: 6212

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 55ms
11ms Script
application/javascript 108.157.4.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: mgoblue.com
URL: https://mgoblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 22 Jan 2022 04:29:51 GMT
content-encoding: gzip
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 66838
etag: W/"1827f116c73f319409b97f10b8a58ade"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3a42f75e219a9a44a54979112dcb25dc.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: PRD124bCOV_8Qtwdsr6NFmyxgJ-TQRh1e64XT6S9MOEKhUArDPMVGg==

GET
H2 410 5118.js
script.crazyegg.com/pages/scripts/0072/ 0
0 53ms
18ms Script
application/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0072/5118.js
Requested by: Host: mgoblue.com
URL: https://mgoblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 23:03:48 GMT
cf-cache-status: HIT
last-modified: Sat, 22 Jan 2022 10:52:35 GMT
server: cloudflare
age: 43873
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86400, s-maxage=86400
cf-ray: 6d1c6aedae9d6931-FRA
content-length: 0

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 87 KB
35 KB 42ms
19ms Script
application/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-W9JD44W

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1648b37e1d500eace252c04de0d66bd8199220d6a3a74c5ea07705282bc70635

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 23:03:47 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35136
x-xss-protection: 0
last-modified: Sat, 22 Jan 2022 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 22 Jan 2022 23:03:47 GMT

GET
H2 200 main_logo.png
d4njeax0ev936.cloudfront.net/images/ 16 KB
16 KB 14ms
13ms Image
image/png 18.66.242.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d4njeax0ev936.cloudfront.net/images/main_logo.png

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.242.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-242-5.dus51.r.cloudfront.net

Software

Microsoft-IIS/8.5 /

Resource Hash

8ad1ab37490d1ec81984c695d4f8502c89214e9afcc934984917ff637f7e1f85

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=0;
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 4632013
x-cache: Hit from cloudfront
content-length: 16124
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 30 Nov 2021 07:11:56 GMT
server: Microsoft-IIS/8.5
date: Tue, 30 Nov 2021 08:23:34 GMT
content-type: image/png
cache-control: public
etag: "74deff8eb9e5d71:0"
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: _Gt9T_i_a1h-mCiWVXGxkg0yT2jp1sZGiVOrNFwM5dlTolL9D8-rqw==
expires: Mon, 28 Feb 2022 08:23:35 GMT

GET
H2 200 scroll_logo.png
d4njeax0ev936.cloudfront.net/images/ 2 KB
2 KB 11ms
11ms Image
image/png 18.66.242.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d4njeax0ev936.cloudfront.net/images/scroll_logo.png

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.242.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-242-5.dus51.r.cloudfront.net

Software

Microsoft-IIS/8.5 /

Resource Hash

31d72edd138f6d74c65957bbdb1b807a6c246e59c8b6c42b1c9598bb75263d34

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=0;
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 456832
x-cache: Hit from cloudfront
content-length: 1857
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 17 Jan 2022 16:09:56 GMT
server: Microsoft-IIS/8.5
date: Mon, 17 Jan 2022 16:09:56 GMT
content-type: image/png
cache-control: public
etag: W/"92c35eabbcbd81:0"
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: 8ujEe8nBECZmwOyECtuqzh7OTklZGiA9uQS0ehhRRvdcDUAF7BLg6A==
expires: Sun, 17 Apr 2022 16:09:56 GMT

GET
H2 200 M_logo.png
d4njeax0ev936.cloudfront.net/images/ 2 KB
2 KB 11ms
11ms Image
image/png 18.66.242.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d4njeax0ev936.cloudfront.net/images/M_logo.png

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.242.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-242-5.dus51.r.cloudfront.net

Software

Microsoft-IIS/8.5 /

Resource Hash

5325654d5b7a093152c503807aaf63438ea2b21693e2191b179e11f70b3259c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=0;
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 3909764
x-cache: Hit from cloudfront
content-length: 1907
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 08 Dec 2021 17:01:04 GMT
server: Microsoft-IIS/8.5
date: Wed, 08 Dec 2021 17:01:04 GMT
content-type: image/png
cache-control: public
etag: W/"278e802f55ecd71:0"
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: ugpRWxnh0JntVXu128x45UH2a5YdSuRA3QPq4FXLp1TqCCoqUu7Qhg==
expires: Tue, 08 Mar 2022 17:01:04 GMT

GET
H/1.1 200
OK fan-experience.js Show response
mgoblue.com/site/ 17 KB
5 KB 125ms
125ms Script
application/javascript 74.205.81.134
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblue.com/site/fan-experience.js

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.205.81.134 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

7b06061dc0fec7216425ccdda6a0b9e57faa07a2493e98d349e80e3d035df841

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=0;
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 11 Jan 2021 20:24:48 GMT
Server: Microsoft-IIS/10.0
ETag: "0e899ce57e8d61:0"
Vary: Accept-Encoding
Content-Type: application/javascript
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=15552000
Date: Sat, 22 Jan 2022 23:03:47 GMT
Accept-Ranges: bytes
Content-Length: 4333
X-Content-Type-Options: nosniff

GET
H2 200 umich_logo_2018.png
d4njeax0ev936.cloudfront.net/images/2018/1/31/ 4 KB
4 KB 16ms
15ms Image
image/png 18.66.242.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d4njeax0ev936.cloudfront.net/images/2018/1/31/umich_logo_2018.png

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.242.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-242-5.dus51.r.cloudfront.net

Software

Microsoft-IIS/10.0 /

Resource Hash

a277eabe51d909ef812c7e7d07db58668bdda2cd027e21334f1c7727ff9f9893

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=0;
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 5150452
x-cache: Hit from cloudfront
content-length: 3952
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 24 Nov 2021 08:22:56 GMT
server: Microsoft-IIS/10.0
date: Wed, 24 Nov 2021 08:22:55 GMT
content-type: image/png
cache-control: public
etag: W/"3821e67bce1d71:0"
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: PzA5BG0ER78nwcpUNUt2UR3I3vkq-bzbL4EoKf3bAEyMFxA9fWLSZw==
expires: Tue, 22 Feb 2022 08:22:56 GMT

GET
H2 200 footer_ncaa.png
d4njeax0ev936.cloudfront.net/images/ 6 KB
7 KB 15ms
14ms Image
image/png 18.66.242.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d4njeax0ev936.cloudfront.net/images/footer_ncaa.png

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.242.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-242-5.dus51.r.cloudfront.net

Software

Microsoft-IIS/10.0 /

Resource Hash

c4e0f02ed30c5d143324998bef099e91ab6b2ea83615dbe967d1b375f8d19b32

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=0;
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 497126
x-cache: Hit from cloudfront
content-length: 6478
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 16 Jan 2022 20:48:14 GMT
server: Microsoft-IIS/10.0
date: Mon, 17 Jan 2022 04:58:21 GMT
content-type: image/png
cache-control: public
etag: "09bb8611abd81:0"
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: o5gC4sqebB1mGIf_dlmAm7FjjMIqbHnW5nDNGub_bPR6fOnTeGk86w==
expires: Sun, 17 Apr 2022 04:58:22 GMT

GET
H2 200 footer_B10.png
d4njeax0ev936.cloudfront.net/images/ 6 KB
7 KB 14ms
13ms Image
image/png 18.66.242.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d4njeax0ev936.cloudfront.net/images/footer_B10.png

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.242.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-242-5.dus51.r.cloudfront.net

Software

Microsoft-IIS/8.5 /

Resource Hash

b666b7df48fa32ce75fabe512746646a0c090ab72deb3d18ef06ff032da62459

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=0;
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 456809
x-cache: Hit from cloudfront
content-length: 6622
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 17 Jan 2022 16:10:19 GMT
server: Microsoft-IIS/8.5
date: Mon, 17 Jan 2022 16:10:18 GMT
content-type: image/png
cache-control: public
etag: W/"504725b9bcbd81:0"
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: lgvgEiz1PMu2T1VkKun41-5oPJOMXxK7qGwcVVl1CYKHrOgMpH07zg==
expires: Sun, 17 Apr 2022 16:10:19 GMT

GET
H2 200 footer_BTN.png
d4njeax0ev936.cloudfront.net/images/ 4 KB
5 KB 16ms
15ms Image
image/png 18.66.242.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d4njeax0ev936.cloudfront.net/images/footer_BTN.png

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.242.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-242-5.dus51.r.cloudfront.net

Software

Microsoft-IIS/8.5 /

Resource Hash

ce773c49893415c0005e1ee5a47b54d333f897c7fbbc9761f79f089fa1c947b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=0;
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 4632013
x-cache: Hit from cloudfront
content-length: 4386
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 30 Nov 2021 07:11:56 GMT
server: Microsoft-IIS/8.5
date: Tue, 30 Nov 2021 08:23:34 GMT
content-type: image/png
cache-control: public
etag: "1ea2238fb9e5d71:0"
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: RHUOU1Wg5yNJOb1JlBHidtyXam4QrXRcbFxhnYo1v9AjwPCOH9QzZQ==
expires: Mon, 28 Feb 2022 08:23:35 GMT

GET
H2 200 learfield_on-light.svg
images.sidearmsports.com/logos.sidearmsports.com/learfield/ 1 KB
2 KB 152ms
10ms Image
image/svg+xml 18.66.248.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.sidearmsports.com/logos.sidearmsports.com/learfield/learfield_on-light.svg
Requested by: Host: mgoblue.com
URL: https://mgoblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-121.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f19d68699f455d1086778fe814e6e4baaa2f245a0948f891b2207a33db964668

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 22:47:27 GMT
via: 1.1 c31ad517510d586c0f2aa3c5dbc40b06.cloudfront.net (CloudFront)
etag: "077650fabdaf6dcd0ff7f672008a9c1c"
last-modified: Tue, 27 Jul 2021 20:37:54 GMT
server: AmazonS3
age: 2825
x-amz-meta-cb-modifiedtime: Tue, 27 Jul 2021 20:37:44 GMT
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-length: 1427
x-amz-cf-id: 28Nv_zcUDjWc2DpC8gpPZUeYPYanrHEj8G5lS-wYO1MSrrHh1BcYHQ==

GET
H2 200 sidearm-stacked_on-light.svg
images.sidearmsports.com/logos.sidearmsports.com/sidearm/ 9 KB
9 KB 155ms
13ms Image
image/svg+xml 18.66.248.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.sidearmsports.com/logos.sidearmsports.com/sidearm/sidearm-stacked_on-light.svg
Requested by: Host: mgoblue.com
URL: https://mgoblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-121.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4d1a3e107eeb4a2a7d18b52d992064b23953153727b6ddb96f1d1ccb08e42316

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-meta-cb-modifiedtime: Tue, 27 Jul 2021 19:26:33 GMT
date: Sat, 22 Jan 2022 01:20:13 GMT
via: 1.1 c31ad517510d586c0f2aa3c5dbc40b06.cloudfront.net (CloudFront)
last-modified: Tue, 27 Jul 2021 19:42:43 GMT
server: AmazonS3
age: 78216
etag: "eae9a94e3a7971c5822ccf90482b9924"
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-length: 8710
x-amz-cf-id: 2B6hgZi412_DuKODm8lJJYYRBqYMuyNst-3q2x2NIEWnrGrWDgWkoA==

GET
H2 200 site.png
d4njeax0ev936.cloudfront.net/images/logos/site/ 2 KB
2 KB 14ms
13ms Image
image/png 18.66.242.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d4njeax0ev936.cloudfront.net/images/logos/site/site.png?width=48

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.242.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-242-5.dus51.r.cloudfront.net

Software

Microsoft-IIS/10.0 /

Resource Hash

f1673bf0bf96beadb44a6e33fb1b5b80e7bb846809b437121b28cac04e9b77f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=0;
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 4011666
x-cache: Hit from cloudfront
content-length: 1649
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 07 Dec 2021 08:39:03 GMT
server: Microsoft-IIS/10.0
date: Tue, 07 Dec 2021 12:42:41 GMT
content-type: image/png
cache-control: public
etag: "da2ce2e345ebd71:0"
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: e9pUEsGtGzgsL6A8dJNIiOZZjibYR9aw3RBwbqqZcsrZQ7bkVoZEAg==
expires: Mon, 07 Mar 2022 12:42:42 GMT

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=3005086&ns__t=1642892628065&ns_c=UTF-8&cv=3.5&c8=&c7=https%3A%2F%2Fmgoblue.com%2F&c9=
https://sb.scorecardresearch.com/b2?c1=2&c2=3005086&ns__t=1642892628065&ns_c=UTF-8&cv=3.5&c8=&c7=https%3A%2F%2Fmgoblue.com%2F&c9=

0
225 B

15ms
15ms

Image
text/plain

108.157.4.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=3005086&ns__t=1642892628065&ns_c=UTF-8&cv=3.5&c8=&c7=https%3A%2F%2Fmgoblue.com%2F&c9=
Requested by: Host: mgoblue.com
URL: https://mgoblue.com/
Protocol: H2
Server: 108.157.4.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 23:03:48 GMT
via: 1.1 3a42f75e219a9a44a54979112dcb25dc.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: KVPKU4D5U0ZmCmSPPdivHQcNvQlX_PoDFDM7bbs4VwhEY_ATgNkL-Q==
x-cache: Miss from cloudfront

Redirect headers

date: Sat, 22 Jan 2022 23:03:48 GMT
via: 1.1 3a42f75e219a9a44a54979112dcb25dc.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=3005086&ns__t=1642892628065&ns_c=UTF-8&cv=3.5&c8=&c7=https%3A%2F%2Fmgoblue.com%2F&c9=
content-length: 151
x-amz-cf-id: CamXh2u4iGhTFFo_NjpRfslLJqdsPBNTFCHmbBF1_Gd5yDa2zHyRQg==

GET
H2 410 5118.js
script.crazyegg.com/pages/scripts/0072/ 0
0 15ms
15ms Script
application/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0072/5118.js
Requested by: Host: mgoblue.com
URL: https://mgoblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 23:03:48 GMT
cf-cache-status: HIT
last-modified: Sat, 22 Jan 2022 10:52:35 GMT
server: cloudflare
age: 43873
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86400, s-maxage=86400
cf-ray: 6d1c6aedef316931-FRA
content-length: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 153 KB
55 KB 55ms
30ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WGF5BMK

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2a8527ed1ffc88202b0e2869583c0f46662a781fa28dd8cbc2223ffe99604053

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 23:03:48 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55771
x-xss-protection: 0
last-modified: Sat, 22 Jan 2022 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 22 Jan 2022 23:03:48 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 119 KB
43 KB 41ms
16ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K3TH4CC

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d228a34e4f2e24477626624c350fc1999792ac4c1c37ebe80ac0e0eeb7670a14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 23:03:48 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43733
x-xss-protection: 0
last-modified: Sat, 22 Jan 2022 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 22 Jan 2022 23:03:48 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 102 KB
38 KB 47ms
23ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TW6R675

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d99d7520ae7e2fd8b3dc282353fbb8bf15d3c5b03b48c9990631d171fc944df6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 23:03:48 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38719
x-xss-protection: 0
last-modified: Sat, 22 Jan 2022 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 22 Jan 2022 23:03:48 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 220 KB
51 KB 56ms
32ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-54NFNZ5

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b3cdf87f0c17b7d7432c622f2ce5aae47e4da5cb0de501e0f623cd60f9c4a6ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 23:03:48 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52198
x-xss-protection: 0
last-modified: Sat, 22 Jan 2022 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 22 Jan 2022 23:03:48 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3536
date: Sat, 22 Jan 2022 22:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 23 Jan 2022 00:04:52 GMT

GET
H3

200

activityi;dc_pre=CPb4iPy7xvUCFTP41Qod3e8K-A;src=5189721;type=btnes0;cat=michi009;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6684940228397.571 Show response
5189721.fls.doubleclick.net/ Frame 5397
Redirect Chain

https://5189721.fls.doubleclick.net/activityi;src=5189721;type=btnes0;cat=michi009;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6684940228397.571?
https://5189721.fls.doubleclick.net/activityi;dc_pre=CPb4iPy7xvUCFTP41Qod3e8K-A;src=5189721;type=btnes0;cat=michi009;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6684940228397.571?

485 B
401 B

33ms
18ms

Document
text/html

142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5189721.fls.doubleclick.net/activityi;dc_pre=CPb4iPy7xvUCFTP41Qod3e8K-A;src=5189721;type=btnes0;cat=michi009;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6684940228397.571?

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.9.1/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

9a5b5e4cc321d85d04fd9c8b410a8e911a2518c92e4a43ffad3c668b4d02d473

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 22 Jan 2022 23:03:48 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 376
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 22 Jan 2022 23:03:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5189721.fls.doubleclick.net/activityi;dc_pre=CPb4iPy7xvUCFTP41Qod3e8K-A;src=5189721;type=btnes0;cat=michi009;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6684940228397.571?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 30ms
7ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@400;700&family=Roboto+Slab:wght@400;700&family=Roboto:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mgoblue.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 17:56:19 GMT
x-content-type-options: nosniff
age: 277649
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 19 Jan 2023 17:56:19 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 30ms
9ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@400;700&family=Roboto+Slab:wght@400;700&family=Roboto:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mgoblue.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 21 Jan 2022 13:39:48 GMT
x-content-type-options: nosniff
age: 120240
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 21 Jan 2023 13:39:48 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
338 B 15ms
14ms Image
text/plain 108.157.4.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=19291688&ns__t=1642892628182&ns_c=UTF-8&cv=3.5&c8=University%20of%20Michigan%20Athletics%20-%20Official%20Athletics%20Website&c7=https%3A%2F%2Fmgoblue.com%2F&c9=
Requested by: Host: mgoblue.com
URL: https://mgoblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 23:03:48 GMT
via: 1.1 3a42f75e219a9a44a54979112dcb25dc.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: k6V0gZIiYR98I54qtI2Fv0ztekSU4Ex05CpypPJLEqvqj_IfcL0OUg==
x-cache: Miss from cloudfront

GET
H2 200 knockout-fast-foreach.min.js Show response
dbukjj6eu5tsf.cloudfront.net/assets.sidearmsports.com/common/js/ 7 KB
7 KB 234ms
231ms Script
application/x-javascript 18.66.248.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dbukjj6eu5tsf.cloudfront.net/assets.sidearmsports.com/common/js/knockout-fast-foreach.min.js?bust=637765667896571572
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/require.js/2.2.0/require.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-121.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eec10fa1e2c159ef712bb5add157fce337037e1fb9177cfdeb659536a4bc38c0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-meta-cb-modifiedtime: Tue, 16 May 2017 21:35:03 GMT
date: Sat, 22 Jan 2022 23:03:49 GMT
via: 1.1 127feb674de1f66343675c9727fafd6c.cloudfront.net (CloudFront)
last-modified: Tue, 27 Nov 2018 22:42:47 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
etag: "7d4c22c0f7e7c7eff721fadb17e18645"
x-cache: Miss from cloudfront
x-amz-version-id: lKr3ANDj088p2nhHUmVOIYlNf8.eSZsC
accept-ranges: bytes
content-type: application/x-javascript
content-length: 7184
x-amz-cf-id: -hX2DXCpnwOcmUbp4LXUXHUTzFzCdugNmqUzqvE9_nRn_IeTSmsxhA==
expires: Thu Nov 11 2021 00:00:00 GMT

GET
H2 200 underscore-min.js Show response
cdnjs.cloudflare.com/ajax/libs/underscore.js/1.8.3/ 16 KB
6 KB 17ms
16ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/underscore.js/1.8.3/underscore-min.js?bust=637765667896571572

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/require.js/2.2.0/require.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1b6400a21ddee090e93d8882ffa629963132785bfa41b0abbea199d278121e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 23:03:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1486785
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5303
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04015-4041"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qrlKY8W3K45H1RMGiL2SIluaBe%2FhN6O4tthiyW4rN2ed0F%2FJul6c3IyaemfmDX0xeq8oSWMbPdnqpNMYG3AzFx36c9p7v2%2F8PnUZfV%2BS%2BEJUPXtKMisvzbRCs5t8r07eiq6iGeb3oHlFku%2BLk4k2q4cn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6d1c6aee4b848bed-FRA
expires: Thu, 12 Jan 2023 23:03:48 GMT

GET
H/1.1 200
OK cbs-surround.js Show response
mgoblue.com/common/ts/dist/ 9 KB
3 KB 125ms
125ms Script
application/javascript 74.205.81.134
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblue.com/common/ts/dist/cbs-surround.js?bust=637765667896571572

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/require.js/2.2.0/require.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.205.81.134 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

e2835d80b6411495935bae8411e0b879708edfdd4fc8534e3dc73a6ded9243ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=0;
Content-Encoding: br
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 20 Jan 2022 10:01:13 GMT
Server: Microsoft-IIS/10.0
ETag: "807a4a8e4dd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=15552000
Date: Sat, 22 Jan 2022 23:03:47 GMT
Accept-Ranges: bytes
Content-Length: 2280
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK header-bidding-wrapper.bundle.js Show response
sidearm-syndication.s3.amazonaws.com/prod/ 4 KB
2 KB 443ms
112ms Script
application/javascript 52.217.45.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sidearm-syndication.s3.amazonaws.com/prod/header-bidding-wrapper.bundle.js?bust=637765667896571572
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/require.js/2.2.0/require.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.45.52 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: e9dcc2645a16e5d73a567d092634a84efd25429916a7e8e0725364afe3a9fe68

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 22 Jan 2022 23:03:49 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Nov 2021 18:07:41 GMT
Server: AmazonS3
x-amz-request-id: FN9G2JPBTJX384X2
ETag: "cdcb6419fd5882ec9a677b357d7c729b"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 1842
x-amz-id-2: geBxdXoH3yOYhPMEhglC1XuWEGP0gdmS2GM0q9LZEv3XbDRAHvkGAN8g1TYkpUbT9hG7x84mkw4=

GET
H2 200 pixel.html Show response
statcollector.sidearmsports.com/services/ Frame 4E93 7 KB
2 KB 431ms
129ms Document
text/html 174.143.40.29
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://statcollector.sidearmsports.com/services/pixel.html?page_template=home&sport_name=0&sport_name_custom=0&site=umichigan&cbs_site_code=mich&content_id=null&sect=frontpage&sid=736b2c99-7c0b-4ae5-81a2-f147f684a4fa&uid=f268d166-1f70-4895-b8f1-414345f8f3d5&count=mgoblue_com.pageview%7Call.pageview&events=&traits=&r=mgoblue.com&server_name=1129023-LB15&path_and_query=%2F&_=1642892628225
Requested by: Host: dbukjj6eu5tsf.cloudfront.net
URL: https://dbukjj6eu5tsf.cloudfront.net/assets.sidearmsports.com/responsive/js/bundle.1623185959941.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 174.143.40.29 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 9b4169ff73f9018c3a92743f72a209b998deb1809e9a07984a7e1e7603522aa9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/

Response headers

cache-control: max-age=2592000
content-type: text/html
content-encoding: br
last-modified: Thu, 18 Oct 2018 17:58:52 GMT
accept-ranges: bytes
etag: "0568a3ac67d41:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
date: Sat, 22 Jan 2022 23:03:47 GMT
content-length: 1782

GET
H2 200 pixel.html Show response
statcollector.sidearmsports.com/services/ Frame EC02 7 KB
2 KB 431ms
130ms Document
text/html 174.143.40.29
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://statcollector.sidearmsports.com/services/pixel.html?page_template=home&sport_name=0&sport_name_custom=0&site=umichigan&cbs_site_code=mich&content_id=null&sect=frontpage&sid=736b2c99-7c0b-4ae5-81a2-f147f684a4fa&uid=f268d166-1f70-4895-b8f1-414345f8f3d5&count=mgoblue_com.active%7Call.active&events=&traits=&r=mgoblue.com&server_name=1129023-LB15&path_and_query=%2F&_=1642892628237
Requested by: Host: dbukjj6eu5tsf.cloudfront.net
URL: https://dbukjj6eu5tsf.cloudfront.net/assets.sidearmsports.com/responsive/js/bundle.1623185959941.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 174.143.40.29 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 9b4169ff73f9018c3a92743f72a209b998deb1809e9a07984a7e1e7603522aa9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/

Response headers

cache-control: max-age=2592000
content-type: text/html
content-encoding: br
last-modified: Thu, 18 Oct 2018 17:58:52 GMT
accept-ranges: bytes
etag: "0568a3ac67d41:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
date: Sat, 22 Jan 2022 23:03:47 GMT
content-length: 1782

GET
H2 200 sidearm_font.woff2
fonts.sidearmsports.com/sidearm/2020-05-12-535576/ 25 KB
26 KB 30ms
9ms Font
font/woff2 2600:9000:2057:e800:4:cc99:4000:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.sidearmsports.com/sidearm/2020-05-12-535576/sidearm_font.woff2?1790541
Requested by: Host: fonts.sidearmsports.com
URL: https://fonts.sidearmsports.com/sidearm/2020-05-12-535576/sidearm_font.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:e800:4:cc99:4000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 444963e1e31f8fc85c130de4b47ac44c1fbbb895af2ce037d60e0fa33536f5f6

Request headers

Referer: https://fonts.sidearmsports.com/sidearm/2020-05-12-535576/sidearm_font.css
Origin: https://mgoblue.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 05:34:39 GMT
content-encoding: gzip
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 9566950
x-cache: Hit from cloudfront
content-length: 25877
access-control-allow-origin: *
last-modified: Tue, 12 May 2020 20:42:55 GMT
server: AmazonS3
etag: "e2106beae2f5fdf4d1252ab2ab4b43a3"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
via: 1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-amz-cf-id: 8urq1tzvJS8OczLsf0BitumuiKszLybIz-907SWDiPmZrdQrg914Og==
expires: Thu, 12 May 2022 20:42:52 GMT

GET
H3 200 lazysizes-umd.min.js Show response
cdnjs.cloudflare.com/ajax/libs/lazysizes/4.1.5/ 7 KB
3 KB 17ms
17ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/lazysizes/4.1.5/lazysizes-umd.min.js?bust=637765667896571572

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/require.js/2.2.0/require.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c907bd7064f1d38a655634ba22d80fa1d1995ad33eb3296d3f14849be4566dec

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 23:03:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 180593
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2847
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:12:00 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed0-1aa5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Htt%2FTobkz4z3G7%2BsY1SjRxmPJ1ARyNzlLSfU19Q6XulzUSdJoY0gKzKCdOdEqSoqADIqdRG4e1PJPuQ8rFpG%2BSGDYhXwkFCILzkcP0eqg%2F72c5ruFKLyhr3alNkozrVY%2Fx44ggvZvU5DnHA3%2B%2BNWVUOh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6d1c6aeebb312b1e-FRA
expires: Thu, 12 Jan 2023 23:03:48 GMT

GET
H3 200 jquery.lazyload.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.lazyload/1.9.1/ 3 KB
2 KB 17ms
17ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.lazyload/1.9.1/jquery.lazyload.min.js?bust=637765667896571572

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/require.js/2.2.0/require.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad79ce7e34d1a788809bb853031133de2ae45f3c19ac4955dae46c7490188c2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 23:03:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 80767
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1120
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-d35"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NCGlFIyelARtEfkGSDCVm%2F50Z6FOogO4uZDluEE567YGaDgAa5SAkbxGCP3zB3ap%2B44UcrswRCJmrYNBC%2BI%2FXiPgmD%2F816lJ5n2dbOkl%2FdS00k6VPKnz1ElEFg7lLjQ16ixJ3dd3xNsPe%2FEp7LjHRYtL"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6d1c6aeebb352b1e-FRA
expires: Thu, 12 Jan 2023 23:03:48 GMT

GET
H2 200 sidearm.showcaseplayerembed.min.js Show response
dbukjj6eu5tsf.cloudfront.net/assets.sidearmsports.com/common/js/ 927 B
851 B 216ms
215ms Script
application/javascript 18.66.248.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dbukjj6eu5tsf.cloudfront.net/assets.sidearmsports.com/common/js/sidearm.showcaseplayerembed.min.js?bust=637765667896571572
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/require.js/2.2.0/require.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-121.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6c50f2e1a8fd249e8aac7c38d8e515d6d92ff8909cfd73185124dd5e397f341f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 23:03:49 GMT
content-encoding: gzip
last-modified: Fri, 19 Jul 2019 14:48:11 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
etag: "888c63df665817774a9931f08fcde5ef"
x-cache: Miss from cloudfront
x-amz-version-id: 0Xdf3vz0Gb9nfHFZTni0S4qUG5cVpsyc
via: 1.1 127feb674de1f66343675c9727fafd6c.cloudfront.net (CloudFront)
accept-ranges: bytes
content-type: application/javascript
content-length: 465
x-amz-cf-id: 5iI4wIUsy11XrQHhn1VbmWjqITVN4jgECA4kf6qRkW3CyTjBuAkOqA==

GET
H3 200 imagesloaded.pkgd.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.imagesloaded/3.1.8/ 7 KB
3 KB 20ms
19ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.imagesloaded/3.1.8/imagesloaded.pkgd.min.js?bust=637765667896571572

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/require.js/2.2.0/require.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37dbf4b6012d4e23cbc1cba50baa3572c93a5c371b9873fb5440cb84dfbf9902

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 23:03:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 229025
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2101
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-1b25"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EFS8g2OsCYLSM7giOMNn0BvPxdWK%2BAirshIauagDKeeEzc5toiTfhrJtpPooRVvr4%2B%2F6fvlcRX3ZPP848tYa%2BaJaE7JuNSVTLTNUi1kPiqwxCXGHJMosFmvA%2Fysoc39MdFHY3Zfn1k%2BZPPzUIFK2vWkY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6d1c6aeebb382b1e-FRA
expires: Thu, 12 Jan 2023 23:03:48 GMT

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 22ms
7ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 22:43:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1198
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 22 Jan 2022 23:43:50 GMT

GET
H3 200 BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v16/ 32 KB
32 KB 24ms
9ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@400;700&family=Roboto+Slab:wght@400;700&family=Roboto:wght@400;500;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c2dd34c8a8d2ed4b4e91eed55c2404518bb4a5ff02ae68e7a08f4e14ddb3e46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mgoblue.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 09:15:12 GMT
x-content-type-options: nosniff
age: 222516
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32876
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 18:12:04 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 20 Jan 2023 09:15:12 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 14ms
14ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=87953647&t=pageview&_s=1&dl=https%3A%2F%2Fmgoblue.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=University%20of%20Michigan%20Athletics%20-%20Official%20Athletics%20Website&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEIhAAAAAC~&jid=1524965079&gjid=1097616445&cid=1263369283.1642892628&tid=UA-87580067-2&_gid=958779505.1642892628&_r=1&_slc=1&z=1555609448

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://mgoblue.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 22 Jan 2022 23:03:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mgoblue.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 16 KB
16 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@400;700&family=Roboto+Slab:wght@400;700&family=Roboto:wght@400;500;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mgoblue.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 14:02:00 GMT
x-content-type-options: nosniff
age: 378108
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 18 Jan 2023 14:02:00 GMT

GET
H2 200 video_bg.jpg
d4njeax0ev936.cloudfront.net/images/ 815 KB
817 KB 14ms
13ms Image
image/jpeg 18.66.242.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d4njeax0ev936.cloudfront.net/images/video_bg.jpg

Requested by

Host: d4njeax0ev936.cloudfront.net
URL: https://d4njeax0ev936.cloudfront.net/site/site.less?_=637783800869491024

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.242.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-242-5.dus51.r.cloudfront.net

Software

Microsoft-IIS/10.0 /

Resource Hash

c749ab7e403ba88fa9ff8bf88caef49470791f06d32848532c45a7c526a65599

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d4njeax0ev936.cloudfront.net/site/site.less?_=637783800869491024
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=0;
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 6863566
x-cache: Hit from cloudfront
content-length: 834871
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 04 Nov 2021 12:31:02 GMT
server: Microsoft-IIS/10.0
date: Thu, 04 Nov 2021 12:31:02 GMT
content-type: image/jpeg
cache-control: public
etag: W/"a5d284d477d1d71:0"
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: hlUTdAaR9WcKGBoy7yLrB59_uwUUAXD0PP7QizagjlojrCYff_mN6g==
expires: Wed, 02 Feb 2022 12:31:02 GMT

GET
H2 200 my_goblue_bg.png
d4njeax0ev936.cloudfront.net/images/ 124 KB
124 KB 33ms
33ms Image
image/png 18.66.242.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d4njeax0ev936.cloudfront.net/images/my_goblue_bg.png

Requested by

Host: d4njeax0ev936.cloudfront.net
URL: https://d4njeax0ev936.cloudfront.net/site/site.less?_=637783800869491024

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.242.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-242-5.dus51.r.cloudfront.net

Software

Microsoft-IIS/10.0 /

Resource Hash

57626bad7bcd4d15f9c011820e49cce9be9bd1c2e37282e7202dea7412d87818

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d4njeax0ev936.cloudfront.net/site/site.less?_=637783800869491024
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=0;
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 5974416
x-cache: Hit from cloudfront
content-length: 126705
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 14 Nov 2021 19:29:23 GMT
server: Microsoft-IIS/10.0
date: Sun, 14 Nov 2021 19:30:12 GMT
content-type: image/png
cache-control: public
etag: "7ca0fbed8dd9d71:0"
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: wTe4NGF80YH6X5soWiRSdG44-LH01c-WBc67jyIAzPEwN3vP2BWGqA==
expires: Sat, 12 Feb 2022 19:30:12 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 15ms
14ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=87953647&t=pageview&_s=1&dl=https%3A%2F%2Fmgoblue.com%2F&ul=en-us&de=UTF-8&dt=University%20of%20Michigan%20Athletics%20-%20Official%20Athletics%20Website&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEIhAAAAAC~&jid=1456135649&gjid=218697006&cid=1263369283.1642892628&tid=UA-180696617-1&_gid=958779505.1642892628&_r=1&gtm=2wg1j0K3TH4CC&cd1=2022-01-22T23%3A03%3A48%2B00%3A00&cd20=University%20of%20Michigan&cd21=DI&cd22=Big%20Ten&cd23=1344&cd24=University%20of%20Michigan%20Athletics%20-%20Official%20Athletics%20Website&cd25=home&cd26=1&cd27=LFIMGC&cd28=1&cd29=1&cd35=0&cd37=0&cd49=UA-180624321-2&cd50=umichigan&cd53=frontpage&cd54=paciolan&cd55=east&cd56=SIDEARM&cd5=1263369283.1642892628&z=1877475294

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://mgoblue.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 22 Jan 2022 23:03:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mgoblue.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 social_pattern_repeater.png
d4njeax0ev936.cloudfront.net/images/ 3 KB
4 KB 56ms
56ms Image
image/png 18.66.242.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d4njeax0ev936.cloudfront.net/images/social_pattern_repeater.png

Requested by

Host: d4njeax0ev936.cloudfront.net
URL: https://d4njeax0ev936.cloudfront.net/site/site.less?_=637783800869491024

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.242.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-242-5.dus51.r.cloudfront.net

Software

Microsoft-IIS/8.5 /

Resource Hash

66483d3df13722c6eaed672d5414278e3c38167a7e652e209a5d094fe4ae28d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d4njeax0ev936.cloudfront.net/site/site.less?_=637783800869491024
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=0;
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 4701535
x-cache: Hit from cloudfront
content-length: 3369
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 29 Nov 2021 13:04:53 GMT
server: Microsoft-IIS/8.5
date: Mon, 29 Nov 2021 13:04:52 GMT
content-type: image/png
cache-control: public
etag: W/"82b1bb321e5d71:0"
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: FcHDCJEsj9nUIvDho5DXOPmprUUKgKJfieGLobYNkrlzYlubHEFl5Q==
expires: Sun, 27 Feb 2022 13:04:53 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 39ms
39ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=87953647&t=pageview&_s=1&dl=https%3A%2F%2Fmgoblue.com%2F&ul=en-us&de=UTF-8&dt=University%20of%20Michigan%20Athletics%20-%20Official%20Athletics%20Website&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEIhAAAAAC~&jid=594176667&gjid=708907689&cid=1263369283.1642892628&tid=UA-180624321-2&_gid=958779505.1642892628&_r=1&gtm=2wg1j0TW6R675&cd1=2022-01-22T23%3A03%3A48%2B00%3A00&cd20=University%20of%20Michigan&cd21=DI&cd22=Big%20Ten&cd23=1344&cd24=University%20of%20Michigan%20Athletics%20-%20Official%20Athletics%20Website&cd25=home&cd26=1&cd27=LFIMGC&cd28=1&cd29=1&cd35=0&cd37=0&cd49=UA-180624321-2&cd50=umichigan&cd53=frontpage&cd54=paciolan&cd55=east&cd5=1263369283.1642892628&z=951040336

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://mgoblue.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 22 Jan 2022 23:03:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mgoblue.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 167 KB
61 KB 59ms
22ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LLXBLNKGX6&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGF5BMK

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b1fcf0d6fc40b829bec1163f6412bf66cb68c4d0271bf565b4d6f062e0e24b3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 23:03:48 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62919
x-xss-protection: 0
expires: Sat, 22 Jan 2022 23:03:48 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 51ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

16c13044cedc5c7482ad7db51913c164ffabc787ec5b6b0246acfec84cd6d01b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 26187
x-xss-protection: 0
pragma: public
x-fb-debug: TJy96Khy8uo1kFGqbcyTNNf5yAuhTjpm9AxrzB8ur4sLevCWQLdV41IKzASEBsVc/EIfEZyO5LWs/eJTrlGMdQ==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Sat, 22 Jan 2022 23:03:48 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 3vorl6by2j Show response
www.clarity.ms/tag/ 588 B
965 B 274ms
137ms Script
application/x-javascript 2620:1ec:27::cafe:1994
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/3vorl6by2j
Requested by: Host: mgoblue.com
URL: https://mgoblue.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1994 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 567c6e2e74e980e2df06b761ea02bb137d3144fcef99e2e4dffbf5b6ae869143

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 23:03:48 GMT
x-powered-by: ASP.NET
x-azure-ref: 0VI3sYQAAAACkbWYHjE0HRKGvimZacwLKSEVMMDFFREdFMjExMwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
expires: -1
cache-control: no-cache, no-store
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
436 B 72ms
19ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-87580067-2&cid=1263369283.1642892628&jid=1524965079&gjid=1097616445&_gid=958779505.1642892628&_u=IEBAAEIgAAAAAC~&z=1553289101

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mgoblue.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 22 Jan 2022 23:03:48 GMT
content-type: text/plain
access-control-allow-origin: https://mgoblue.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 thisismichigan_bg.jpg
d4njeax0ev936.cloudfront.net/images/ 98 KB
98 KB 26ms
26ms Image
image/jpeg 18.66.242.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d4njeax0ev936.cloudfront.net/images/thisismichigan_bg.jpg

Requested by

Host: d4njeax0ev936.cloudfront.net
URL: https://d4njeax0ev936.cloudfront.net/site/site.less?_=637783800869491024

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.242.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-242-5.dus51.r.cloudfront.net

Software

Microsoft-IIS/10.0 /

Resource Hash

aa83582e31ed490037d6f3a6bd274e110f78cb48c85dbd2013fe50d23636a69d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d4njeax0ev936.cloudfront.net/site/site.less?_=637783800869491024
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=0;
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 7636859
x-cache: Hit from cloudfront
content-length: 100056
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 26 Oct 2021 13:42:49 GMT
server: Microsoft-IIS/10.0
date: Tue, 26 Oct 2021 13:42:49 GMT
content-type: image/jpeg
cache-control: public
etag: W/"56885e6fcad71:0"
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: 2kWn7Mx_85kdUh7LL8Ty611cm0F9R5sMaVrljbYCzQyyKG0J6ZRvjA==
expires: Mon, 24 Jan 2022 13:42:49 GMT

GET
H2 200 / Show response
adservice.google.com/ddm/fls/i/dc_pre=CPb4iPy7xvUCFTP41Qod3e8K-A;src=5189721;type=btnes0;cat=michi009;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6684940228397.571;~oref=https://mgoblue.... Frame ACC5 484 B
846 B 79ms
42ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CPb4iPy7xvUCFTP41Qod3e8K-A;src=5189721;type=btnes0;cat=michi009;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6684940228397.571;~oref=https://mgoblue.com/

Requested by

Host: 5189721.fls.doubleclick.net
URL: https://5189721.fls.doubleclick.net/activityi;dc_pre=CPb4iPy7xvUCFTP41Qod3e8K-A;src=5189721;type=btnes0;cat=michi009;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6684940228397.571?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69f626b01329882fe9c258c3e46c59cb180d5e547343defdd3f4731364e8e9c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://5189721.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 22 Jan 2022 23:03:48 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 377
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
72 B 60ms
20ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-180696617-1&cid=1263369283.1642892628&jid=1456135649&gjid=218697006&_gid=958779505.1642892628&_u=aEDAAEIhAAAAAC~&z=1570074636

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mgoblue.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 22 Jan 2022 23:03:48 GMT
content-type: text/plain
access-control-allow-origin: https://mgoblue.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

activityi;dc_pre=CK-Vmfy7xvUCFZSD1QodkUoBFg;src=8277843;type=count0;cat=pagev0;ord=9079359458113;gtm=2wg1j0;auiddc=396860451.1642892628;u15=undefined;ps=1;~oref=https%3A%2F%2Fmgoblue.com%2F Show response
8277843.fls.doubleclick.net/ Frame DB61
Redirect Chain

https://8277843.fls.doubleclick.net/activityi;src=8277843;type=count0;cat=pagev0;ord=9079359458113;gtm=2wg1j0;auiddc=396860451.1642892628;u15=undefined;ps=1;~oref=https%3A%2F%2Fmgoblue.com%2F?
https://8277843.fls.doubleclick.net/activityi;dc_pre=CK-Vmfy7xvUCFZSD1QodkUoBFg;src=8277843;type=count0;cat=pagev0;ord=9079359458113;gtm=2wg1j0;auiddc=396860451.1642892628;u15=undefined;ps=1;~oref=...

1 KB
759 B

33ms
33ms

Document
text/html

142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8277843.fls.doubleclick.net/activityi;dc_pre=CK-Vmfy7xvUCFZSD1QodkUoBFg;src=8277843;type=count0;cat=pagev0;ord=9079359458113;gtm=2wg1j0;auiddc=396860451.1642892628;u15=undefined;ps=1;~oref=https%3A%2F%2Fmgoblue.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54NFNZ5

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

7d08c25981ebdc10e73bfec0322ca7b715b7a2f4a297aeb98017ece8d7269950

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 22 Jan 2022 23:03:48 GMT
expires: Sat, 22 Jan 2022 23:03:48 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 736
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 22 Jan 2022 23:03:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8277843.fls.doubleclick.net/activityi;dc_pre=CK-Vmfy7xvUCFZSD1QodkUoBFg;src=8277843;type=count0;cat=pagev0;ord=9079359458113;gtm=2wg1j0;auiddc=396860451.1642892628;u15=undefined;ps=1;~oref=https%3A%2F%2Fmgoblue.com%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 38 KB
15 KB 39ms
16ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54NFNZ5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

0ce5d039d3e58fc10808f0695156d2bd99daae7791d26cc5dfc569154b5e0b22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 23:03:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14846
x-xss-protection: 0
server: cafe
etag: 1633785920527017951
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 22 Jan 2022 23:03:48 GMT

GET
H2 200 activityi;register_conversion=1;src=8277843;type=count0;cat=pagev0;ord=9079359458113;gtm=2wg1j0;auiddc=396860451.1642892628;u15=undefined;ps=1;~oref=https%3A%2F%2Fmgoblue.com%2F
8277843.fls.doubleclick.net/ 0
0 45ms
15ms Image
text/html 142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8277843.fls.doubleclick.net/activityi;register_conversion=1;src=8277843;type=count0;cat=pagev0;ord=9079359458113;gtm=2wg1j0;auiddc=396860451.1642892628;u15=undefined;ps=1;~oref=https%3A%2F%2Fmgoblue.com%2F?
Requested by: Host: mgoblue.com
URL: https://mgoblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f6.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H/1.1

500
Internal Server Error

sorry.ashx Show response
mgoblue.com/
Redirect Chain

https://mgoblue.com/services/socialize.ashx/users/me
https://mgoblue.com/sorry.ashx

720 B
1 KB

356ms
129ms

XHR
text/html

74.205.81.134
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblue.com/sorry.ashx

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

HTTP/1.1

Server

74.205.81.134 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

87289d0d29e68e66443fed5dfd1d30e4c5ee8f57a85de8bc7cefec10d6637580

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=0;
Referrer-Policy: no-referrer-when-downgrade
Server: Microsoft-IIS/10.0
Date: Sat, 22 Jan 2022 23:03:48 GMT
Content-Type: text/html; charset=utf-8
Cache-Control: private
X-Content-Type-Options: nosniff
Content-Length: 720
X-XSS-Protection: 1; mode=block

Redirect headers

Strict-Transport-Security: max-age=0;
Referrer-Policy: no-referrer-when-downgrade
Server: Microsoft-IIS/10.0
Date: Sat, 22 Jan 2022 23:03:47 GMT
Content-Type: text/html; charset=utf-8
Location: /sorry.ashx
Cache-Control: private
X-Content-Type-Options: nosniff
Content-Length: 128
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK assets.aspx Show response
mgoblue.com/services/ 16 KB
2 KB 260ms
132ms XHR
application/json 74.205.81.134
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblue.com/services/assets.aspx?operation=sports&require=allaccess

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.9.1/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.205.81.134 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

c0f24be81bbaf7e84022bff2d4dd70f9f23a59f83b2fdd0ebe30bced761dcb52

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://mgoblue.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=0;
Content-Encoding: br
Referrer-Policy: no-referrer-when-downgrade
Server: Microsoft-IIS/10.0
Date: Sat, 22 Jan 2022 23:03:48 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: application/json; charset=utf-8
X-XSS-Protection: 1; mode=block
Cache-Control: private
Vary: Accept-Encoding
Content-Length: 1459
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK get Show response
mgoblue.com/services/allaccess.ashx/media/ 12 KB
2 KB 373ms
127ms XHR
application/json 74.205.81.134
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblue.com/services/allaccess.ashx/media/get?type=Live&count=10

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.9.1/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.205.81.134 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

d4d3116afa98f99999e54721f7b4f8f10f23339b56e7ca777759cf48740783f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://mgoblue.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=0;
Content-Encoding: br
X-Content-Type-Options: nosniff
Server: Microsoft-IIS/10.0
Date: Sat, 22 Jan 2022 23:03:48 GMT
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Content-Length: 1512
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Expires: -1

GET
H/1.1 200
OK search_instagram.aspx Show response
mgoblue.com/services/ 44 KB
6 KB 387ms
130ms XHR
application/json 74.205.81.134
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblue.com/services/search_instagram.aspx?instagram_username=UMichAthletics&rpp=4

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.9.1/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.205.81.134 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

29141f19d64c6b9c968de137a7ecc20877ad0ca3952850e8d405250135a56f74

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://mgoblue.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=0;
Content-Encoding: br
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Sat, 22 Jan 2022 23:03:48 GMT
Server: Microsoft-IIS/10.0
X-Frame-Options: SAMEORIGIN
Date: Sat, 22 Jan 2022 23:03:48 GMT
Vary: *
Content-Type: application/json; charset=utf-8
Cache-Control: public, max-age=4000
X-Content-Type-Options: nosniff
Content-Length: 5485
X-XSS-Protection: 1; mode=block
Expires: Sun, 23 Jan 2022 00:10:28 GMT

GET
H/1.1 200
OK search_twitter.aspx Show response
mgoblue.com/services/ 25 KB
4 KB 392ms
134ms XHR
application/json 74.205.81.134
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblue.com/services/search_twitter.aspx?q=from%3AUMichAthletics&rpp=4

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.9.1/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.205.81.134 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

3e3dfe7ddf926d5e0d8c898c2af58d92bc51c105bd666b69d463adb1f7bb92e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://mgoblue.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=0;
Content-Encoding: br
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Sat, 22 Jan 2022 23:03:48 GMT
Server: Microsoft-IIS/10.0
X-Frame-Options: SAMEORIGIN
Date: Sat, 22 Jan 2022 23:03:48 GMT
Vary: *
Content-Type: application/json; charset=utf-8
Cache-Control: public, max-age=1800
X-Content-Type-Options: nosniff
Content-Length: 3251
X-XSS-Protection: 1; mode=block
Expires: Sat, 22 Jan 2022 23:33:48 GMT

GET
H/1.1 200
OK adaptive_components.ashx Show response
mgoblue.com/services/ 6 KB
1 KB 391ms
132ms XHR
text/html 74.205.81.134
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblue.com/services/adaptive_components.ashx?type=all-access&sport_id=0&count=6

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.9.1/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.205.81.134 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

f71b824b2acfb708ccf0538f08db9cc43dbf6dac768e09cfd1063b884832a488

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://mgoblue.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=0;
Content-Encoding: br
Referrer-Policy: no-referrer-when-downgrade
Server: Microsoft-IIS/10.0
Date: Sat, 22 Jan 2022 23:03:48 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
X-XSS-Protection: 1; mode=block
Cache-Control: private
Content-Length: 898
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK assets.aspx Show response
mgoblue.com/services/ 13 KB
2 KB 391ms
131ms XHR
application/json 74.205.81.134
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblue.com/services/assets.aspx?operation=sports&require=realsport

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.9.1/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.205.81.134 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

6734b3138d8c5a68a442a92236db8a7f9486c695ffc83c8e89ed4dd9961d2a79

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://mgoblue.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=0;
Content-Encoding: br
Referrer-Policy: no-referrer-when-downgrade
Server: Microsoft-IIS/10.0
Date: Sat, 22 Jan 2022 23:03:48 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: application/json; charset=utf-8
X-XSS-Protection: 1; mode=block
Cache-Control: private
Vary: Accept-Encoding
Content-Length: 1226
X-Content-Type-Options: nosniff

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 20ms
19ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-19201985-1&cid=1263369283.1642892628&jid=167688170&gjid=1555157826&_gid=958779505.1642892628&_u=aGDAiEIhBAAAAG~&z=540475115

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mgoblue.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 22 Jan 2022 23:03:48 GMT
content-type: text/plain
access-control-allow-origin: https://mgoblue.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=87953647&t=pageview&_s=1&dl=https%3A%2F%2Fmgoblue.com%2F&ul=en-us&de=UTF-8&dt=University%20of%20Michigan%20Athletics%20-%20Official%20Athletics%20Website&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAiEIhBAAAAC~&jid=167688170&gjid=1555157826&cid=1263369283.1642892628&tid=UA-19201985-1&_gid=958779505.1642892628&gtm=2wg1j0WGF5BMK&z=1410538585

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jan 2022 15:05:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 28706
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

200

activityi;dc_pre=CIOamfy7xvUCFU-s1QodvjUJnQ;src=8277843;type=count0;cat=sitev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=9094576706051.719 Show response
8277843.fls.doubleclick.net/ Frame ECC5
Redirect Chain

https://8277843.fls.doubleclick.net/activityi;src=8277843;type=count0;cat=sitev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=9094576706051.719?
https://8277843.fls.doubleclick.net/activityi;dc_pre=CIOamfy7xvUCFU-s1QodvjUJnQ;src=8277843;type=count0;cat=sitev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=9094576706051.719?

1 KB
837 B

25ms
25ms

Document
text/html

142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8277843.fls.doubleclick.net/activityi;dc_pre=CIOamfy7xvUCFU-s1QodvjUJnQ;src=8277843;type=count0;cat=sitev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=9094576706051.719?

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.9.1/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

240d8b4f3639e407002a3872648de122cb4d32c5538bba0085c9111b65f563a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 22 Jan 2022 23:03:48 GMT
expires: Sat, 22 Jan 2022 23:03:48 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 814
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 22 Jan 2022 23:03:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8277843.fls.doubleclick.net/activityi;dc_pre=CIOamfy7xvUCFU-s1QodvjUJnQ;src=8277843;type=count0;cat=sitev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=9094576706051.719?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

activityi;dc_pre=CKeZmfy7xvUCFTUfBgAd1r0LVg;src=8277843;type=counter;cat=sitev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=4252596835654.2275 Show response
8277843.fls.doubleclick.net/ Frame 171B
Redirect Chain

https://8277843.fls.doubleclick.net/activityi;src=8277843;type=counter;cat=sitev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=4252596835654.2275?
https://8277843.fls.doubleclick.net/activityi;dc_pre=CKeZmfy7xvUCFTUfBgAd1r0LVg;src=8277843;type=counter;cat=sitev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=4252596835654.2275?

395 B
350 B

22ms
21ms

Document
text/html

142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8277843.fls.doubleclick.net/activityi;dc_pre=CKeZmfy7xvUCFTUfBgAd1r0LVg;src=8277843;type=counter;cat=sitev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=4252596835654.2275?

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.9.1/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

b1a82062391e01e56dbc4ea0c8cc38048602d75ca0e0ca1e7cd68c225e3d681b

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 22 Jan 2022 23:03:48 GMT
expires: Sat, 22 Jan 2022 23:03:48 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 327
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 22 Jan 2022 23:03:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8277843.fls.doubleclick.net/activityi;dc_pre=CKeZmfy7xvUCFTUfBgAd1r0LVg;src=8277843;type=counter;cat=sitev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=4252596835654.2275?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 so4l4yxm2.js Show response
cdn.krxd.net/controltag/ 14 KB
4 KB 52ms
7ms Script
text/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/so4l4yxm2.js
Requested by: Host: mgoblue.com
URL: https://mgoblue.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f49be56afd4d83f03bcdeb4f0075c7a56c58ec084993ddc9363ed8fca5be339d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Sat, 22 Jan 2022 23:03:48 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 390
x-cache: MISS, HIT, HIT, HIT
x-app-cache: HIT
x-age: 0
content-encoding: gzip
content-length: 4049
x-served-by: config-service-a006-ash-prod.krxd.net, cache-bwi5173-BWI, cache-iad-kjyo7100173-IAD, cache-hhn4069-HHN
x-response-time: 0
x-do-esi: esi
x-timer: S1642892629.511073,VS0,VE0
etag: "00a81b4c48d78e470ca600b86689df178587abe3"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 1, 1, 2

GET
H3 200 headroom.min.js Show response
cdnjs.cloudflare.com/ajax/libs/headroom/0.7.0/ 4 KB
2 KB 17ms
17ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/headroom/0.7.0/headroom.min.js?bust=637765667896571572

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/require.js/2.2.0/require.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7159b1e57dc6cfa8abd3a69a3ae0c6de500aad6566d820b9c2588ee653333cdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 23:03:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 178659
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1339
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:30 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e76-10dd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YZUWgIMvQzA860UP4LLx5ij2QEr3zU8M8y4i%2BcdYzhdh4MYDoe%2FGZMlZ3FgvIH4W%2F5Nzb77Tq179J6ZeDHmKQPXSKeMOxSjeXVaEUaEJ102oxT82DpdEyPd3JZv0%2FwXfqGD7AGTL7kOMckBqFT28Asio"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6d1c6af01e4b2b1e-FRA
expires: Thu, 12 Jan 2023 23:03:48 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 42ms
20ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-180696617-1&cid=1263369283.1642892628&jid=1456135649&_u=aEDAAEIhAAAAAC~&z=599538150

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jan 2022 23:03:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 45ms
20ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-180696617-1&cid=1263369283.1642892628&jid=1456135649&_u=aEDAAEIhAAAAAC~&z=599538150

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jan 2022 23:03:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 jQuery.headroom.min.js Show response
cdnjs.cloudflare.com/ajax/libs/headroom/0.7.0/ 547 B
973 B 14ms
13ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/headroom/0.7.0/jQuery.headroom.min.js?bust=637765667896571572

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/require.js/2.2.0/require.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c602b6dc9a9a0796f3301b161df700920336416bef6c5f01e6f3fbfa02f2b8e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 23:03:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 881049
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 279
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:30 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e76-223"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BLg7T4kRumsKnsknm50OYfMF1KnvUmoaYb%2BWD9CxL7vVcyrDjapaxi%2FewDLad5p%2Bp9U8nBpWDNu2TaN24WGUPbSyTgyZFKCWoHl8Zn6JWAEcHbdfoFzgAF6%2FrkOPeozUqKEXQoLpwxYKBWPrwHpSmpzM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6d1c6af02e612b1e-FRA
expires: Thu, 12 Jan 2023 23:03:48 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 31ms
19ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-19201985-1&cid=1263369283.1642892628&jid=167688170&_u=aGDAiEIhBAAAAG~&z=642382773

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jan 2022 23:03:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 34ms
19ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-19201985-1&cid=1263369283.1642892628&jid=167688170&_u=aGDAiEIhBAAAAG~&z=642382773

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jan 2022 23:03:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

HEAD
H/1.1 200
OK analytics.js Show response
mgoblue.com/components/js/ 0
417 B 328ms
126ms XHR
application/javascript 74.205.81.134
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblue.com/components/js/analytics.js

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.9.1/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.205.81.134 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://mgoblue.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=0;
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 20 Jan 2022 10:01:21 GMT
Server: Microsoft-IIS/10.0
ETag: "79e5eade4dd81:0"
Content-Type: application/javascript
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=15552000
Date: Sat, 22 Jan 2022 23:03:48 GMT
Accept-Ranges: bytes
Content-Length: 0
X-Content-Type-Options: nosniff

GET
H3 200 1861382974088750 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 60ms
48ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1861382974088750?v=2.9.49&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2f502ffb82e0c70eaef3a8d5e03b6a7e44604264ef37e4c23dba61b08c231b9d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: ZaTFm9Ws3Zh7HtT0Wa0nqL3Zo6c3LJ6Dv1WL7E+MD7rvZOnGVQZu1jpHx7PrPCAI3oT6M/D13gbQdR9W5J7CoQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 22 Jan 2022 23:03:48 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/945900876/ 2 KB
2 KB 50ms
24ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/945900876/?random=1642892628516&cv=9&fst=1642892628516&num=1&label=k7mXCKiox6cBEMyahcMD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1j0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fmgoblue.com%2F&tiba=University%20of%20Michigan%20Athletics%20-%20Official%20Athletics%20Website&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3973c02a4caf4fa1397ade84afcd6d65e12a2ddf89898788125bc6937d4097bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jan 2022 23:03:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1136
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
344 B 40ms
16ms Ping
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-LLXBLNKGX6&gtm=2oe1j0&_p=87953647&sr=1600x1200&_gaz=1&ul=en-us&cid=1263369283.1642892628&ir=1&_s=1&dl=https%3A%2F%2Fmgoblue.com%2F&dt=University%20of%20Michigan%20Athletics%20-%20Official%20Athletics%20Website&sid=1642892628&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_eu=Q
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LLXBLNKGX6&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mgoblue.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 22 Jan 2022 23:03:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mgoblue.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 44ms
23ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-LLXBLNKGX6&cid=1263369283.1642892628&gtm=2oe1j0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LLXBLNKGX6&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mgoblue.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 22 Jan 2022 23:03:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mgoblue.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 34ms
17ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LLXBLNKGX6&cid=1263369283.1642892628&gtm=2oe1j0&aip=1&z=1314726763

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jan 2022 23:03:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/ Show response
5189721.fls.doubleclick.net/ddm/fls/r/dc_pre=CPb4iPy7xvUCFTP41Qod3e8K-A;src=5189721;type=btnes0;cat=michi009;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6684940228397.571;~oref=https://m... Frame 2CD6
Redirect Chain

https://adservice.google.de/ddm/fls/i/dc_pre=CPb4iPy7xvUCFTP41Qod3e8K-A;src=5189721;type=btnes0;cat=michi009;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6684940228397.571;~oref=https://m...
https://5189721.fls.doubleclick.net/ddm/fls/r/dc_pre=CPb4iPy7xvUCFTP41Qod3e8K-A;src=5189721;type=btnes0;cat=michi009;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6684940228397.571;~oref=h...

424 B
346 B

20ms
19ms

Document
text/html

142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5189721.fls.doubleclick.net/ddm/fls/r/dc_pre=CPb4iPy7xvUCFTP41Qod3e8K-A;src=5189721;type=btnes0;cat=michi009;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6684940228397.571;~oref=https://mgoblue.com/

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CPb4iPy7xvUCFTP41Qod3e8K-A;src=5189721;type=btnes0;cat=michi009;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6684940228397.571;~oref=https://mgoblue.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

d7f148e3819c863e2d22f35e8bf4cb9adcc6ed1e63c38845068b267c606e0565

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 22 Jan 2022 23:03:48 GMT
expires: Sat, 22 Jan 2022 23:03:48 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 323
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 22 Jan 2022 23:03:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://5189721.fls.doubleclick.net/ddm/fls/r/dc_pre=CPb4iPy7xvUCFTP41Qod3e8K-A;src=5189721;type=btnes0;cat=michi009;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6684940228397.571;~oref=https://mgoblue.com/
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3 200 dc_pre=CKeZmfy7xvUCFTUfBgAd1r0LVg;src=8277843;type=counter;cat=sitev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=4252596835654.2275
adservice.google.com/ddm/fls/z/ Frame 171B 42 B
63 B 60ms
45ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CKeZmfy7xvUCFTUfBgAd1r0LVg;src=8277843;type=counter;cat=sitev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=4252596835654.2275

Requested by

Host: 8277843.fls.doubleclick.net
URL: https://8277843.fls.doubleclick.net/activityi;dc_pre=CKeZmfy7xvUCFTUfBgAd1r0LVg;src=8277843;type=counter;cat=sitev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=4252596835654.2275?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8277843.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jan 2022 23:03:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 controltag.js.a1705c5ac5f06cf0c202ff70908fc042 Show response
cdn.krxd.net/ctjs/ 259 KB
83 KB 19ms
19ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/so4l4yxm2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Sat, 22 Jan 2022 23:03:48 GMT
content-encoding: gzip
age: 4664551
x-amz-server-side-encryption: AES256
x-cache: HIT
x-cache-hits: 9662932
content-length: 84509
x-served-by: cache-hhn4069-HHN
last-modified: Mon, 02 Aug 2021 12:06:17 GMT
x-timer: S1642892629.567632,VS0,VE0
etag: "a1705c5ac5f06cf0c202ff70908fc042"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Thu, 31 Jul 2031 12:06:16 GMT

GET
H2 200 /
insight.adsrvr.org/track/pxl/ Frame ECC5 70 B
261 B 103ms
37ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=5i12avh&ct=0:3wgowod&fmt=3
Requested by: Host: 8277843.fls.doubleclick.net
URL: https://8277843.fls.doubleclick.net/activityi;dc_pre=CIOamfy7xvUCFU-s1QodvjUJnQ;src=8277843;type=count0;cat=sitev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=9094576706051.719?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8277843.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jan 2022 23:03:48 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 /
insight.adsrvr.org/track/conv/ Frame ECC5 70 B
260 B 104ms
38ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/conv/?adv=d19qv26&ct=0:f3l28ni&fmt=3
Requested by: Host: 8277843.fls.doubleclick.net
URL: https://8277843.fls.doubleclick.net/activityi;dc_pre=CIOamfy7xvUCFU-s1QodvjUJnQ;src=8277843;type=count0;cat=sitev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=9094576706051.719?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8277843.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jan 2022 23:03:48 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3 200 dc_pre=CIOamfy7xvUCFU-s1QodvjUJnQ;src=8277843;type=count0;cat=sitev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=9094576706051.719
adservice.google.com/ddm/fls/z/ Frame ECC5 42 B
63 B 56ms
44ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CIOamfy7xvUCFU-s1QodvjUJnQ;src=8277843;type=count0;cat=sitev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=9094576706051.719

Requested by

Host: 8277843.fls.doubleclick.net
URL: https://8277843.fls.doubleclick.net/activityi;dc_pre=CIOamfy7xvUCFU-s1QodvjUJnQ;src=8277843;type=count0;cat=sitev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=9094576706051.719?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8277843.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jan 2022 23:03:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_pre=CK-Vmfy7xvUCFZSD1QodkUoBFg;src=8277843;type=count0;cat=pagev0;ord=9079359458113;gtm=2wg1j0;auiddc=*;u15=undefined;ps=1;~oref=https%3A%2F%2Fmgoblue.com%2F
adservice.google.com/ddm/fls/z/ Frame DB61 42 B
63 B 56ms
44ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CK-Vmfy7xvUCFZSD1QodkUoBFg;src=8277843;type=count0;cat=pagev0;ord=9079359458113;gtm=2wg1j0;auiddc=*;u15=undefined;ps=1;~oref=https%3A%2F%2Fmgoblue.com%2F

Requested by

Host: 8277843.fls.doubleclick.net
URL: https://8277843.fls.doubleclick.net/activityi;dc_pre=CK-Vmfy7xvUCFZSD1QodkUoBFg;src=8277843;type=count0;cat=pagev0;ord=9079359458113;gtm=2wg1j0;auiddc=396860451.1642892628;u15=undefined;ps=1;~oref=https%3A%2F%2Fmgoblue.com%2F?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8277843.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jan 2022 23:03:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame ECC5 99 KB
26 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

16c13044cedc5c7482ad7db51913c164ffabc787ec5b6b0246acfec84cd6d01b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8277843.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 26187
x-xss-protection: 0
pragma: public
x-fb-debug: TJy96Khy8uo1kFGqbcyTNNf5yAuhTjpm9AxrzB8ur4sLevCWQLdV41IKzASEBsVc/EIfEZyO5LWs/eJTrlGMdQ==
x-frame-options: DENY
date: Sat, 22 Jan 2022 23:03:48 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame DB61 99 KB
26 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

16c13044cedc5c7482ad7db51913c164ffabc787ec5b6b0246acfec84cd6d01b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8277843.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 26187
x-xss-protection: 0
pragma: public
x-fb-debug: TJy96Khy8uo1kFGqbcyTNNf5yAuhTjpm9AxrzB8ur4sLevCWQLdV41IKzASEBsVc/EIfEZyO5LWs/eJTrlGMdQ==
x-frame-options: DENY
date: Sat, 22 Jan 2022 23:03:48 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/945900876/ 42 B
64 B 38ms
17ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/945900876/?random=1642892628516&cv=9&fst=1642892400000&num=1&label=k7mXCKiox6cBEMyahcMD&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1j0&sendb=1&frm=0&url=https%3A%2F%2Fmgoblue.com%2F&tiba=University%20of%20Michigan%20Athletics%20-%20Official%20Athletics%20Website&async=1&fmt=3&is_vtc=1&cid=CAQSKQCNIrLMiTMG7rvmbr4Sgb--Ys4BK-vcxb3Fxnwnmy2C_E9vGw2SpBFt&random=2293366744&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jan 2022 23:03:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/945900876/ 42 B
64 B 22ms
22ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/945900876/?random=1642892628516&cv=9&fst=1642892400000&num=1&label=k7mXCKiox6cBEMyahcMD&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1j0&sendb=1&frm=0&url=https%3A%2F%2Fmgoblue.com%2F&tiba=University%20of%20Michigan%20Athletics%20-%20Official%20Athletics%20Website&async=1&fmt=3&is_vtc=1&cid=CAQSKQCNIrLMiTMG7rvmbr4Sgb--Ys4BK-vcxb3Fxnwnmy2C_E9vGw2SpBFt&random=2293366744&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jan 2022 23:03:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 561883908045644 Show response
connect.facebook.net/signals/config/ Frame ECC5 305 KB
87 KB 50ms
50ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/561883908045644?v=2.9.49&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a136401e472d4ba03d4319a8f96f2086b7450a7a20f2581941adfb3491a746c2

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8277843.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: zdai9mIiUOFu40kMQrx5GdVPiawC7KOjaQveq+2Kld+2d5XuSxS7dexBoaFFt2kpdXapnXmraxgGf+/YWe3a6Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 22 Jan 2022 23:03:48 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 298193007389075 Show response
connect.facebook.net/signals/config/ Frame DB61 305 KB
87 KB 54ms
54ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/298193007389075?v=2.9.49&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e1846359941d53ccd089024b15b6b4872318fdf1d3c61bd8cd6ed2b52b27062c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8277843.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: 4DrdAXQ1TdPNCyS77V1nvuj5H0Q72qVf9gUJmeV9G5icAEERIgef6q/iTaO1xWUONMcgY0dB3lPSrkkz6K/1Ag==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 22 Jan 2022 23:03:48 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 proxy.3d2100fd7107262ecb55ce6847f01fa5.html Show response
cdn.krxd.net/partnerjs/xdi/ Frame 315E 805 B
828 B 7ms
7ms Document
text/html 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/

Response headers

last-modified: Tue, 21 Feb 2017 17:50:54 GMT
etag: "3d2100fd7107262ecb55ce6847f01fa5"
cache-control: public, max-age=315360000
expires: Fri, 19 Feb 2027 17:50:50 GMT
content-type: text/html
x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
content-encoding: gzip
accept-ranges: bytes
date: Sat, 22 Jan 2022 23:03:48 GMT
via: 1.1 varnish
age: 5697777
x-served-by: cache-hhn4069-HHN
x-cache: HIT
x-cache-hits: 2388564
x-timer: S1642892629.628474,VS0,VE0
vary: Accept-Encoding
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length: 525

GET
H3 200 298193007389075 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 61ms
60ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/298193007389075?v=2.9.49&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e1846359941d53ccd089024b15b6b4872318fdf1d3c61bd8cd6ed2b52b27062c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: +yA9G/Fx2p+A0OoSBBUdk5/7jYqIFfUcBNcB72ast8I3SA6bz57MzySO4UEm+XTwkcgN3hd17gj0R+gbRNdwCQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 22 Jan 2022 23:03:48 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
406 B 31ms
10ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1861382974088750&ev=PageView&dl=https%3A%2F%2Fmgoblue.com%2F&rl=&if=false&ts=1642892628637&sw=1600&sh=1200&v=2.9.49&r=stable&ec=0&o=30&fbp=fb.1.1642892628636.32569364&it=1642892628512&coo=false&rqm=GET

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 23:03:48 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Sat, 22 Jan 2022 23:03:48 GMT

GET
H2 200 so4l4yxm2.js Show response
cdn.krxd.net/controltag/ Frame 315E 14 KB
4 KB 11ms
11ms Script
text/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/so4l4yxm2.js
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f49be56afd4d83f03bcdeb4f0075c7a56c58ec084993ddc9363ed8fca5be339d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Sat, 22 Jan 2022 23:03:48 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 391
x-cache: MISS, HIT, HIT, HIT
x-app-cache: HIT
x-age: 0
content-encoding: gzip
content-length: 4049
x-served-by: config-service-a006-ash-prod.krxd.net, cache-bwi5173-BWI, cache-iad-kjyo7100173-IAD, cache-hhn4069-HHN
x-response-time: 0
x-do-esi: esi
x-timer: S1642892629.650749,VS0,VE0
etag: "00a81b4c48d78e470ca600b86689df178587abe3"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 1, 1, 3

GET
H2 200 controltag.js.a1705c5ac5f06cf0c202ff70908fc042 Show response
cdn.krxd.net/ctjs/ Frame 315E 259 KB
83 KB 10ms
10ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/so4l4yxm2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Sat, 22 Jan 2022 23:03:48 GMT
content-encoding: gzip
age: 4664551
x-amz-server-side-encryption: AES256
x-cache: HIT
x-cache-hits: 9662933
content-length: 84509
x-served-by: cache-hhn4069-HHN
last-modified: Mon, 02 Aug 2021 12:06:17 GMT
x-timer: S1642892629.664208,VS0,VE0
etag: "a1705c5ac5f06cf0c202ff70908fc042"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Thu, 31 Jul 2031 12:06:16 GMT

GET
H3 200 /
www.facebook.com/tr/ Frame ECC5 44 B
90 B 17ms
8ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=561883908045644&ev=PageView&dl=https%3A%2F%2F8277843.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCIOamfy7xvUCFU-s1QodvjUJnQ%3Bsrc%3D8277843%3Btype%3Dcount0%3Bcat%3Dsitev0%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Bord%3D1%3Bnum%3D9094576706051.719%3F&rl=https%3A%2F%2Fmgoblue.com%2F&if=true&ts=1642892628674&sw=1600&sh=1200&v=2.9.49&r=stable&ec=0&o=30&it=1642892628600&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8277843.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 23:03:48 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Sat, 22 Jan 2022 23:03:48 GMT

GET
H2 200 57df5244-ab7b-416d-92b3-c6c352ac3360 Show response
consumer.krxd.net/consent/get/ 243 B
307 B 75ms
34ms Script
text/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/57df5244-ab7b-416d-92b3-c6c352ac3360?idt=device&dt=kxcookie&callback=Krux.ns.mogointeractive.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0096abe5b817d6ea9eac518f16604bdee4632105b66d385c221966a121a5730c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 23:03:48 GMT
via: 1.1 varnish
age: 0
x-served-by: consumer-a008-dub-prod.krxd.net, cache-hhn4046-HHN
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1642892629.732009,VS0,VE27
content-length: 195
x-cache-hits: 0, 0

GET
H2 200 57df5244-ab7b-416d-92b3-c6c352ac3360 Show response
consumer.krxd.net/consent/set/ 308 B
491 B 74ms
33ms Script
text/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/set/57df5244-ab7b-416d-92b3-c6c352ac3360?idt=device&dt=kxcookie&dc=1&al=1&tg=1&cd=0&sh=0&re=0&callback=Krux.ns.mogointeractive.kxjsonp_consent_set_1
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3c84d25e67a3f74fc28368523c4cfd2d8ae074707a2f8fb0f2a0477bebcf2b84

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 23:03:48 GMT
via: 1.1 varnish
x-timer: S1642892629.732096,VS0,VE26
x-served-by: consumer-a005-dub-prod.krxd.net, cache-hhn4046-HHN
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=10
x-age: 0
accept-ranges: bytes
content-encoding: gzip
content-length: 250
x-cache-hits: 0, 0

GET
H3 200 /
www.facebook.com/tr/ Frame DB61 44 B
88 B 12ms
11ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=298193007389075&ev=PageView&dl=https%3A%2F%2F8277843.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCK-Vmfy7xvUCFZSD1QodkUoBFg%3Bsrc%3D8277843%3Btype%3Dcount0%3Bcat%3Dpagev0%3Bord%3D9079359458113%3Bgtm%3D2wg1j0%3Bauiddc%3D396860451.1642892628%3Bu15%3Dundefined%3Bps%3D1%3B~oref%3Dhttps%253A%252F%252Fmgoblue.com%252F%3F&rl=https%3A%2F%2Fmgoblue.com%2F&if=true&ts=1642892628695&sw=1600&sh=1200&v=2.9.49&r=stable&ec=0&o=30&it=1642892628602&coo=false&exp=p0&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8277843.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 23:03:48 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Sat, 22 Jan 2022 23:03:48 GMT

GET
H2 200 57df5244-ab7b-416d-92b3-c6c352ac3360 Show response
consumer.krxd.net/consent/get/ Frame 315E 228 B
285 B 48ms
36ms Script
text/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/57df5244-ab7b-416d-92b3-c6c352ac3360?idt=device&dt=kxcookie&callback=Krux.ns.mogointeractive.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2cbd58ecb14bd568100ac218a2d7a51d0332dc1d554b975e0bc81e723bb8c09e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 23:03:48 GMT
via: 1.1 varnish
age: 0
x-served-by: consumer-a006-dub-prod.krxd.net, cache-hhn4046-HHN
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1642892629.732150,VS0,VE28
content-length: 185
x-cache-hits: 0, 0

GET
H2 200 clarity.js Show response
d.clarity.ms/s/0.6.31/ 52 KB
23 KB 349ms
93ms Script
application/javascript 40.76.174.66
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.clarity.ms/s/0.6.31/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/3vorl6by2j
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b2d2f11eb78159e31bce4355ffd5e696717de4270a77ba1d2038e066462008ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 23:03:48 GMT
content-encoding: br
etag: "1d80efbbe51fb00"
last-modified: Fri, 21 Jan 2022 19:19:00 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=90E4361E083E4B68A80E37BB3C44B241&RedC=c.clarity.ms&MXFR=26F91670034B6DB402270744074B63D9
https://c.clarity.ms/c.gif?CtsSyncId=90E4361E083E4B68A80E37BB3C44B241&MUID=3F98EED6D980657E3452FFE2D8EB6420

42 B
368 B

32ms
32ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=90E4361E083E4B68A80E37BB3C44B241&MUID=3F98EED6D980657E3452FFE2D8EB6420
Requested by: Host: mgoblue.com
URL: https://mgoblue.com/
Protocol: H2
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jan 2022 23:03:48 GMT
last-modified: Wed, 12 Jan 2022 02:05:35 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "9ea1ae3587d81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Sat, 22 Jan 2022 23:03:48 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B8BB706E264241C98C6FA1D78BAC4B98 Ref B: FRAEDGE1416 Ref C: 2022-01-22T23:03:48Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=90E4361E083E4B68A80E37BB3C44B241&MUID=3F98EED6D980657E3452FFE2D8EB6420
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 pixel.ashx
statcollector.sidearmsports.com/services/ Frame 4E93 42 B
258 B 129ms
128ms Image
image/gif 174.143.40.29
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://statcollector.sidearmsports.com/services/pixel.ashx?page_template=home&sport_name=0&sport_name_custom=0&site=umichigan&cbs_site_code=mich&content_id=null&sect=frontpage&r=mgoblue.com&server_name=1129023-LB15&path_and_query=%2F&_=1642892628225&user_id=f268d166-1f70-4895-b8f1-414345f8f3d5&session_id=736b2c99-7c0b-4ae5-81a2-f147f684a4fa&pv_id=&traits=&count=mgoblue_com.pageview%7Call.pageview&_=1642892628726
Requested by: Host: statcollector.sidearmsports.com
URL: https://statcollector.sidearmsports.com/services/pixel.html?page_template=home&sport_name=0&sport_name_custom=0&site=umichigan&cbs_site_code=mich&content_id=null&sect=frontpage&sid=736b2c99-7c0b-4ae5-81a2-f147f684a4fa&uid=f268d166-1f70-4895-b8f1-414345f8f3d5&count=mgoblue_com.pageview%7Call.pageview&events=&traits=&r=mgoblue.com&server_name=1129023-LB15&path_and_query=%2F&_=1642892628225
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 174.143.40.29 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://statcollector.sidearmsports.com/services/pixel.html?page_template=home&sport_name=0&sport_name_custom=0&site=umichigan&cbs_site_code=mich&content_id=null&sect=frontpage&sid=736b2c99-7c0b-4ae5-81a2-f147f684a4fa&uid=f268d166-1f70-4895-b8f1-414345f8f3d5&count=mgoblue_com.pageview%7Call.pageview&events=&traits=&r=mgoblue.com&server_name=1129023-LB15&path_and_query=%2F&_=1642892628225
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jan 2022 23:03:47 GMT
x-invalid-metric: mgoblue_com.pageview, all.pageview
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-pv-id
content-type: image/gif
cache-control: no-cache
x-session-id: 736b2c99-7c0b-4ae5-81a2-f147f684a4fa
content-length: 42
x-user-id: f268d166-1f70-4895-b8f1-414345f8f3d5
expires: -1

GET
H2 200 pixel.ashx
statcollector.sidearmsports.com/services/ Frame EC02 42 B
107 B 124ms
124ms Image
image/gif 174.143.40.29
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://statcollector.sidearmsports.com/services/pixel.ashx?page_template=home&sport_name=0&sport_name_custom=0&site=umichigan&cbs_site_code=mich&content_id=null&sect=frontpage&r=mgoblue.com&server_name=1129023-LB15&path_and_query=%2F&_=1642892628237&user_id=f268d166-1f70-4895-b8f1-414345f8f3d5&session_id=736b2c99-7c0b-4ae5-81a2-f147f684a4fa&pv_id=&traits=&count=mgoblue_com.active%7Call.active&_=1642892628731
Requested by: Host: statcollector.sidearmsports.com
URL: https://statcollector.sidearmsports.com/services/pixel.html?page_template=home&sport_name=0&sport_name_custom=0&site=umichigan&cbs_site_code=mich&content_id=null&sect=frontpage&sid=736b2c99-7c0b-4ae5-81a2-f147f684a4fa&uid=f268d166-1f70-4895-b8f1-414345f8f3d5&count=mgoblue_com.active%7Call.active&events=&traits=&r=mgoblue.com&server_name=1129023-LB15&path_and_query=%2F&_=1642892628237
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 174.143.40.29 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://statcollector.sidearmsports.com/services/pixel.html?page_template=home&sport_name=0&sport_name_custom=0&site=umichigan&cbs_site_code=mich&content_id=null&sect=frontpage&sid=736b2c99-7c0b-4ae5-81a2-f147f684a4fa&uid=f268d166-1f70-4895-b8f1-414345f8f3d5&count=mgoblue_com.active%7Call.active&events=&traits=&r=mgoblue.com&server_name=1129023-LB15&path_and_query=%2F&_=1642892628237
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jan 2022 23:03:47 GMT
x-invalid-metric: mgoblue_com.active, all.active
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-pv-id
content-type: image/gif
cache-control: no-cache
x-session-id: 736b2c99-7c0b-4ae5-81a2-f147f684a4fa
content-length: 42
x-user-id: f268d166-1f70-4895-b8f1-414345f8f3d5
expires: -1

GET
H/1.1 200
OK 39812 Show response
stags.bluekai.com/site/ Frame 5011 71 B
758 B 223ms
162ms Document
text/html 104.92.72.137
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stags.bluekai.com/site/39812?ret=html&limit=10&phint=pctx%3Dmich_home
Requested by: Host: 5189721.fls.doubleclick.net
URL: https://5189721.fls.doubleclick.net/ddm/fls/r/dc_pre=CPb4iPy7xvUCFTP41Qod3e8K-A;src=5189721;type=btnes0;cat=michi009;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6684940228397.571;~oref=https://mgoblue.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.72.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-72-137.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://5189721.fls.doubleclick.net/

Response headers

Content-Type: text/html
Content-Length: 71
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
BK-Server: d53d
Date: Sat, 22 Jan 2022 23:03:48 GMT
Connection: keep-alive

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
8ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=298193007389075&ev=PageView&dl=https%3A%2F%2Fmgoblue.com%2F&rl=&if=false&ts=1642892628735&sw=1600&sh=1200&v=2.9.49&r=stable&ec=0&o=30&fbp=fb.1.1642892628636.32569364&it=1642892628512&coo=false&rqm=GET

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 23:03:48 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Sat, 22 Jan 2022 23:03:48 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 315E
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=google
https://cm.g.doubleclick.net/pixel?google_cm&google_nid=krux_digital&google_hm=T25pQ3JTTUs
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEGKx8LXX_R7CNcpVreQ9O7c&google_cver=1

0
337 B

33ms
33ms

Image
text/plain

52.50.214.249
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?google_gid=CAESEGKx8LXX_R7CNcpVreQ9O7c&google_cver=1
Requested by: Host: mgoblue.com
URL: https://mgoblue.com/
Protocol: H2
Server: 52.50.214.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-214-249.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 23:03:49 GMT
cache-control: private, no-cache, no-store
x-request-time: D=40 t=1642892629
x-served-by: beacon-n014-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Sat, 22 Jan 2022 23:03:49 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://beacon.krxd.net/usermatch.gif?google_gid=CAESEGKx8LXX_R7CNcpVreQ9O7c&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 291
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 315E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=T25pQ3JTTUs
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEGKx8LXX_R7CNcpVreQ9O7c&google_cver=1

0
337 B

136ms
38ms

Image
text/plain

52.50.214.249
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?google_gid=CAESEGKx8LXX_R7CNcpVreQ9O7c&google_cver=1
Requested by: Host: mgoblue.com
URL: https://mgoblue.com/
Protocol: H2
Server: 52.50.214.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-214-249.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 23:03:48 GMT
cache-control: private, no-cache, no-store
x-request-time: D=29 t=1642892628
x-served-by: beacon-n002-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Sat, 22 Jan 2022 23:03:48 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://beacon.krxd.net/usermatch.gif?google_gid=CAESEGKx8LXX_R7CNcpVreQ9O7c&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 291
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 315E
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=krux&ttd_tpi=1&ttd_puid=OniCrSMK&gdpr=0
https://match.adsrvr.org/track/cmb/generic?ttd_pid=krux&ttd_tpi=1&ttd_puid=OniCrSMK&gdpr=0
https://beacon.krxd.net/usermatch.gif?partner=ttd&partner_uid=a549e39d-c979-408d-a772-dbadf3aab451

0
338 B

104ms
37ms

Image
text/plain

52.50.214.249
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=ttd&partner_uid=a549e39d-c979-408d-a772-dbadf3aab451
Requested by: Host: mgoblue.com
URL: https://mgoblue.com/
Protocol: H2
Server: 52.50.214.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-214-249.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 23:03:48 GMT
cache-control: private, no-cache, no-store
x-request-time: D=25 t=1642892628
x-served-by: beacon-n013-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Sat, 22 Jan 2022 23:03:48 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://beacon.krxd.net/usermatch.gif?partner=ttd&partner_uid=a549e39d-c979-408d-a772-dbadf3aab451
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 227

GET
H2 200 379708.gif
idsync.rlcdn.com/ Frame 315E 42 B
416 B 45ms
16ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/379708.gif?partner_uid=OniCrSMK
Requested by: Host: mgoblue.com
URL: https://mgoblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 22 Jan 2022 23:03:48 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 315E
Redirect Chain

https://stags.bluekai.com/site/26357?id=OniCrSMK&redir=https://beacon.krxd.net/usermatch.gif?_kuid%3DOniCrSMK%26partner%3Dbluekai%26bk_uuid%3D%24_BK_UUID
https://beacon.krxd.net/usermatch.gif?_kuid=OniCrSMK&partner=bluekai&bk_uuid=$_BK_UUID

0
337 B

36ms
36ms

Image
text/plain

52.50.214.249
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?_kuid=OniCrSMK&partner=bluekai&bk_uuid=$_BK_UUID
Requested by: Host: mgoblue.com
URL: https://mgoblue.com/
Protocol: H2
Server: 52.50.214.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-214-249.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 23:03:49 GMT
cache-control: private, no-cache, no-store
x-request-time: D=27 t=1642892629
x-served-by: beacon-n024-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location: https://beacon.krxd.net/usermatch.gif?_kuid=OniCrSMK&partner=bluekai&bk_uuid=$_BK_UUID
Date: Sat, 22 Jan 2022 23:03:48 GMT
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2 200 p
sb.scorecardresearch.com/ Frame 315E 64 B
444 B 16ms
16ms Image
image/gif 108.157.4.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=9&c2=8188709&cs_xi=OniCrSMK&rn=1642892629
Requested by: Host: mgoblue.com
URL: https://mgoblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 23:03:48 GMT
via: 1.1 3a42f75e219a9a44a54979112dcb25dc.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: b9XIhXtP9__Mlw89M1i-8Oge17ajXBKlwN6m_bq1LaW5jFYoT3OfKA==

GET
H2

400

g.js
aa.agkn.com/adscores/ Frame 315E
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=neustar
https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=OniCrSMK

22 B
22 B

106ms
20ms

Image
text/plain

35.177.23.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=OniCrSMK
Requested by: Host: mgoblue.com
URL: https://mgoblue.com/
Protocol: H2
Server: 35.177.23.252 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-177-23-252.eu-west-2.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: 412fe890925c0966aa6ed312e5846cac1572c856e551717cd07d0e5f805ac3c8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 23:03:49 GMT
server: AAWebServer
content-type: text/plain
content-length: 22
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"

Redirect headers

location: https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=OniCrSMK
date: Sat, 22 Jan 2022 23:03:49 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a014-ash-prod.krxd.net

GET a.gif
kr.ixiaa.com/C726AB29-0470-440B-B8D2-D552CED3A3DC/ Frame 315E 0
0

GET
H/1.0 200
OK image.sbxx
global.ib-ibi.com/ Frame 315E 0
72 B 365ms
87ms Image
text/plain 69.169.86.38
AMC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global.ib-ibi.com/image.sbxx?go=247532&pid=314&xid=OniCrSMK
Requested by: Host: mgoblue.com
URL: https://mgoblue.com/
Protocol: HTTP/1.0
Security: TLS 1.2, RSA, AES_256_CBC
Server: 69.169.86.38 Cranford, United States, ASN29838 (AMC, US),
Reverse DNS
Software: BigIP /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Connection: close
Content-Length: 0
Server: BigIP

GET
H2

451

398696.gif
idsync.rlcdn.com/ Frame 315E
Redirect Chain

https://fei.pro-market.net/engine?mimetype=img&du=88&csync=OniCrSMK
https://idsync.rlcdn.com/398696.gif?partner_uid=2156166975331058319

0
44 B

16ms
16ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/398696.gif?partner_uid=2156166975331058319
Requested by: Host: mgoblue.com
URL: https://mgoblue.com/
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 23:03:48 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

Redirect headers

pragma: no-cache
date: Sat, 22 Jan 2022 23:03:48 GMT
via: 1.1 google
server: Apache-Coyote/1.1
access-control-allow-origin: *
anserver: gapp-eu-4.c.datonics-gcp-01.internal
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location: https://idsync.rlcdn.com/398696.gif?partner_uid=2156166975331058319
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Mon, 1 Jan 1990 0:0:0 GMT

GET
H3

200

ps
tag.yieldoptimizer.com/ps/ Frame 315E
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=adara
https://tag.yieldoptimizer.com/ps/ps?t=s&p=2818&uid=OniCrSMK
https://tag.yieldoptimizer.com/ps/ps?tc=787720556&t=s&p=2818&uid=OniCrSMK

162 B
162 B

24ms
15ms

Image
text/javascript

35.186.212.60
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.yieldoptimizer.com/ps/ps?tc=787720556&t=s&p=2818&uid=OniCrSMK
Requested by: Host: mgoblue.com
URL: https://mgoblue.com/
Protocol: H3
Server: 35.186.212.60 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 60.212.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jan 2022 23:03:49 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
cache-control: no-cache
content-type: text/javascript;charset=ISO-8859-1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 162
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 22 Jan 2022 23:03:48 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
location: https://tag.yieldoptimizer.com/ps/ps?tc=787720556&t=s&p=2818&uid=OniCrSMK
cache-control: no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK dfp-component-template.html Show response
mgoblue.com/common/templates/dfp/ 2 KB
2 KB 135ms
134ms XHR
text/html 74.205.81.134
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblue.com/common/templates/dfp/dfp-component-template.html

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.9.1/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.205.81.134 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

63cd626197ef47ca000709818f5cb43050d2f84bcfe65741a8eb6fd6b9468d4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://mgoblue.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=0;
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 20 Jan 2022 10:01:21 GMT
Server: Microsoft-IIS/10.0
ETag: "251455ade4dd81:0"
Content-Type: text/html
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=15552000
Date: Sat, 22 Jan 2022 23:03:48 GMT
Accept-Ranges: bytes
Content-Length: 1551
X-Content-Type-Options: nosniff

GET
H2 200 272179945_344267637333601_8701502631793038131_n.jpg
scontent-dfw5-1.cdninstagram.com/v/t51.29350-15/ 204 KB
204 KB 422ms
130ms Image
image/jpeg 2a03:2880:f234:c5:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-dfw5-1.cdninstagram.com/v/t51.29350-15/272179945_344267637333601_8701502631793038131_n.jpg?_nc_cat=111&ccb=1-5&_nc_sid=8ae9d6&_nc_ohc=5zBaj4QITzAAX8-Ihj9&_nc_ht=scontent-dfw5-1.cdninstagram.com&edm=AM6HXa8EAAAA&oh=00_AT-3X3QA1YiKqFv-oGQiqhR6J9wpOuO0GRdd__wRieqXbA&oe=61F2531A
Requested by: Host: mgoblue.com
URL: https://mgoblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f234:c5:face:b00c:0:43fe Dallas, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: f5ba66c1bcc27061a8e4914e220af1a4e2cf05cb3b5c0f33f08d2233905370ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-haystack-needlechecksum: 97366575
date: Sat, 22 Jan 2022 23:03:49 GMT
x-fb-trip-id: 1984883670
last-modified: Fri, 21 Jan 2022 18:46:38 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1404640876
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1404640876
timing-allow-origin: *
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 208473

GET
H2 200 271980125_463620508733043_2093827962695691450_n.jpg
scontent-dfw5-1.cdninstagram.com/v/t51.29350-15/ 302 KB
302 KB 422ms
130ms Image
image/jpeg 2a03:2880:f234:c5:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-dfw5-1.cdninstagram.com/v/t51.29350-15/271980125_463620508733043_2093827962695691450_n.jpg?_nc_cat=110&ccb=1-5&_nc_sid=8ae9d6&_nc_ohc=yi0wgGBen-AAX92zA7M&_nc_ht=scontent-dfw5-1.cdninstagram.com&edm=AM6HXa8EAAAA&oh=00_AT-IOgIEEMXWFVmbdAm_qm0QF7ql-x4A7qWkFdrmP_D8cw&oe=61F12CEC
Requested by: Host: mgoblue.com
URL: https://mgoblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f234:c5:face:b00c:0:43fe Dallas, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 648684dbfceac7d9de40a693935dcc9a18c4aa3192818db3b15691e7d51f7b34

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-haystack-needlechecksum: 1638775568
date: Sat, 22 Jan 2022 23:03:49 GMT
x-fb-trip-id: 1984883670
last-modified: Wed, 19 Jan 2022 04:28:49 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2718972290
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2718972290
timing-allow-origin: *
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 308989

GET
H2 200 272152750_465451578278513_7725576444062661355_n.jpg
scontent-dfw5-1.cdninstagram.com/v/t51.29350-15/ 233 KB
233 KB 421ms
129ms Image
image/jpeg 2a03:2880:f234:c5:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-dfw5-1.cdninstagram.com/v/t51.29350-15/272152750_465451578278513_7725576444062661355_n.jpg?_nc_cat=106&ccb=1-5&_nc_sid=8ae9d6&_nc_ohc=B0c22ZMC__UAX9yciud&_nc_ht=scontent-dfw5-1.cdninstagram.com&edm=AM6HXa8EAAAA&oh=00_AT_a5ST2ixM6fQUizuYESynsCpPzBLY0c3HhNwgj08SMdQ&oe=61F08E5B
Requested by: Host: mgoblue.com
URL: https://mgoblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f234:c5:face:b00c:0:43fe Dallas, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 2de75ead58e22826a392980d479a732dbc4775079e84b27d1a863628b80f2959

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-haystack-needlechecksum: 1464505593
date: Sat, 22 Jan 2022 23:03:49 GMT
x-fb-trip-id: 1984883670
last-modified: Wed, 19 Jan 2022 00:00:02 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=3636738532
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3636738532
timing-allow-origin: *
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 238262

GET
H2 200 272014142_156865366681510_556758349347377039_n.jpg
scontent-dfw5-1.cdninstagram.com/v/t51.2885-15/ 233 KB
233 KB 421ms
129ms Image
image/jpeg 2a03:2880:f234:c5:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-dfw5-1.cdninstagram.com/v/t51.2885-15/272014142_156865366681510_556758349347377039_n.jpg?_nc_cat=106&ccb=1-5&_nc_sid=8ae9d6&_nc_ohc=hodsSXBVf3gAX_UwYnv&_nc_ht=scontent-dfw5-1.cdninstagram.com&edm=AM6HXa8EAAAA&oh=00_AT9edf19edsvJtkD7l2q5PxKeFNLVkdhzvgFKbyW2eQ1Mg&oe=61F10BE7
Requested by: Host: mgoblue.com
URL: https://mgoblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f234:c5:face:b00c:0:43fe Dallas, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: adc9882785260ee36ac0fe93d5383b90facad41ca412192b1f583d18d7291fae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-haystack-needlechecksum: 2080785428
date: Sat, 22 Jan 2022 23:03:49 GMT
x-fb-trip-id: 1984883670
last-modified: Tue, 18 Jan 2022 14:57:15 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2635706400
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2635706400
timing-allow-origin: *
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 238502

GET
H2 200 271955195_461305832352590_1196037524685486208_n.jpg
scontent-dfw5-1.cdninstagram.com/v/t51.29350-15/ 232 KB
233 KB 422ms
130ms Image
image/jpeg 2a03:2880:f234:c5:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-dfw5-1.cdninstagram.com/v/t51.29350-15/271955195_461305832352590_1196037524685486208_n.jpg?_nc_cat=106&ccb=1-5&_nc_sid=8ae9d6&_nc_ohc=Zzupnc82ePUAX-S3Ltu&_nc_ht=scontent-dfw5-1.cdninstagram.com&edm=AM6HXa8EAAAA&oh=00_AT9A93057irGJXHYt900EvJML0hVeBblEHU4Ld-NaHdq0Q&oe=61F2129C
Requested by: Host: mgoblue.com
URL: https://mgoblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f234:c5:face:b00c:0:43fe Dallas, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: fddd26abae0ec9aa87dba3abfbd50fa9b776864df87d015c938cf629b65419b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-haystack-needlechecksum: 3281250048
date: Sat, 22 Jan 2022 23:03:49 GMT
x-fb-trip-id: 1984883670
last-modified: Mon, 17 Jan 2022 19:12:08 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=4219432741
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 4219432741
timing-allow-origin: *
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 238003

GET
H2 200 z0goiLWI_normal.png
pbs.twimg.com/profile_images/1310974620116287488/ 4 KB
5 KB 172ms
38ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1310974620116287488/z0goiLWI_normal.png

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CFA) /

Resource Hash

5f80d49e52e4dba3370aa6ee0486f63b9a559d1f205ce5d3416ef7155140ffc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 23:03:49 GMT
x-content-type-options: nosniff
age: 179059
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
content-length: 4163
x-response-time: 111
surrogate-key: profile_images profile_images/bucket/6 profile_images/1310974620116287488
last-modified: Tue, 29 Sep 2020 16:06:00 GMT
server: ECS (mil/6CFA)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 72c28512cf8e8e044334b2700ab56d8356cf263f6693178f91f8fc9f43d46bad
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 IHM21_Niagara_043_.jpg
d4njeax0ev936.cloudfront.net/images/2022/1/6/ 242 KB
243 KB 20ms
18ms Image
image/jpeg 18.66.242.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d4njeax0ev936.cloudfront.net/images/2022/1/6/IHM21_Niagara_043_.jpg

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.242.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-242-5.dus51.r.cloudfront.net

Software

Microsoft-IIS/10.0 /

Resource Hash

bfe05f6178a5a4184e4855bf0f549f92fd8cb468332612e9356770b4afb2e25e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=0;
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 65451
x-cache: Hit from cloudfront
content-length: 248084
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 22 Jan 2022 04:48:48 GMT
server: Microsoft-IIS/10.0
date: Sat, 22 Jan 2022 04:52:57 GMT
content-type: image/jpeg
cache-control: public
etag: "d55d27584bfd81:0"
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: n52ahTswqNcNnNeHOC0chy4kcktuEQYXxR8ar9v1mQlVxQpXKVNjgw==
expires: Fri, 22 Apr 2022 04:52:57 GMT

GET
H2 200 TNM21_MSU_117_.jpg
d4njeax0ev936.cloudfront.net/images/2021/9/26/ 329 KB
330 KB 31ms
30ms Image
image/jpeg 18.66.242.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d4njeax0ev936.cloudfront.net/images/2021/9/26/TNM21_MSU_117_.jpg

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.242.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-242-5.dus51.r.cloudfront.net

Software

Microsoft-IIS/10.0 /

Resource Hash

8f78ef0010e91e8c8ce5b110bf224e3dc00efef79eef68008de26d225c34fc2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=0;
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 68947
x-cache: Hit from cloudfront
content-length: 337384
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 22 Jan 2022 03:54:41 GMT
server: Microsoft-IIS/10.0
date: Sat, 22 Jan 2022 03:54:41 GMT
content-type: image/jpeg
cache-control: public
etag: W/"b6b918c943fd81:0"
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: 4ml8WeTa0RUUs3gFSgiMuo9_T0gfohiamwkiQMkQvaG1bTZLP5oP6Q==
expires: Fri, 22 Apr 2022 03:54:41 GMT

GET
H2 200 BKM20_SVSU_028_.jpg
d4njeax0ev936.cloudfront.net/images/2021/10/4/ 363 KB
364 KB 14ms
13ms Image
image/jpeg 18.66.242.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d4njeax0ev936.cloudfront.net/images/2021/10/4/BKM20_SVSU_028_.jpg

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.242.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-242-5.dus51.r.cloudfront.net

Software

Microsoft-IIS/10.0 /

Resource Hash

383a2faf58bbdd421088ba0f94111b4a7d10145bd6234656f7f100fee5ca8e3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=0;
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 95529
x-cache: Hit from cloudfront
content-length: 371611
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 21 Jan 2022 20:31:39 GMT
server: Microsoft-IIS/10.0
date: Fri, 21 Jan 2022 20:31:38 GMT
content-type: image/jpeg
cache-control: public
etag: W/"8f92d9e45fd81:0"
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: YFOrWIBzcfqrcru0m4WJj2xgCsV0CPlEzArRekBLdavnNV36Su1RRA==
expires: Thu, 21 Apr 2022 20:31:39 GMT

GET
H2 200 BKW22_Wisconsin_mgb_034_.jpg
d4njeax0ev936.cloudfront.net/images/2022/1/20/ 318 KB
319 KB 43ms
42ms Image
image/jpeg 18.66.242.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d4njeax0ev936.cloudfront.net/images/2022/1/20/BKW22_Wisconsin_mgb_034_.jpg

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.242.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-242-5.dus51.r.cloudfront.net

Software

Microsoft-IIS/10.0 /

Resource Hash

7190d00515b299c84c0f57a24888fe57827f621f31f47f1aeb991c53999de068

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=0;
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 157516
x-cache: Hit from cloudfront
content-length: 326000
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 21 Jan 2022 03:18:32 GMT
server: Microsoft-IIS/10.0
date: Fri, 21 Jan 2022 03:18:32 GMT
content-type: image/jpeg
cache-control: public
etag: W/"4517bd9175ed81:0"
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: l1albII_TP15YZKwgOPnCIR3IUR3_rrVyhh4lL3SbT5YzveFLY-WpQ==
expires: Thu, 21 Apr 2022 03:18:32 GMT

GET
H2 200 20220120_ihm_beniers_brisson.jpg
d4njeax0ev936.cloudfront.net/images/2022/1/20/ 319 KB
319 KB 114ms
113ms Image
image/jpeg 18.66.242.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d4njeax0ev936.cloudfront.net/images/2022/1/20/20220120_ihm_beniers_brisson.jpg

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.242.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-242-5.dus51.r.cloudfront.net

Software

Microsoft-IIS/10.0 /

Resource Hash

ba1d5f2c251a2842e6d25b5638886038fe1bee4071f4fec4329bfc4c3e2559b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=0;
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 190836
x-cache: Hit from cloudfront
content-length: 326236
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 20 Jan 2022 17:59:41 GMT
server: Microsoft-IIS/10.0
date: Thu, 20 Jan 2022 18:03:12 GMT
content-type: image/jpeg
cache-control: public
etag: "24e0a67f27ed81:0"
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: -PZRywVEpE90hvSNsTltJUvX8MwmRNQ9oEKJy8gMap8GIDshfrTaoA==
expires: Wed, 20 Apr 2022 18:03:12 GMT

GET
H/1.1 200
OK play-full.png
s3.amazonaws.com/assets.sidearmsports.com/images/ 11 KB
12 KB 436ms
110ms Image
image/png 3.5.0.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/assets.sidearmsports.com/images/play-full.png
Requested by: Host: d4njeax0ev936.cloudfront.net
URL: https://d4njeax0ev936.cloudfront.net/site/site.less?_=637783800869491024
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.0.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3.us-east-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 16034c7daf9472652803c7e1a48e71cdccfc01078caccb16dde5ca960bc70345

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d4njeax0ev936.cloudfront.net/site/site.less?_=637783800869491024
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-meta-cb-modifiedtime: Mon, 26 Sep 2016 20:44:02 GMT
Date: Sat, 22 Jan 2022 23:03:50 GMT
Last-Modified: Mon, 26 Sep 2016 20:44:26 GMT
Server: AmazonS3
x-amz-request-id: 3J44JMMEQAV42T31
ETag: "c8bb08a9d05af7adc638efa99b7361e6"
x-amz-version-id: SWusgjG9EK5OQ4e9K71v034R46XveZrm
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 11305
x-amz-id-2: z9HgjexMpMt0Zxz0v/lzdscFYYHTQs7gWfZ4glGWsj6ApcG1nv4oGumH79nZBm/osJSwscEuWMkITmeDLW5aDw==

GET
H2 200 cal_default_logo.png
d4njeax0ev936.cloudfront.net/images/ 2 KB
2 KB 97ms
96ms Image
image/png 18.66.242.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d4njeax0ev936.cloudfront.net/images/cal_default_logo.png

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.242.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-242-5.dus51.r.cloudfront.net

Software

Microsoft-IIS/10.0 /

Resource Hash

8fd74b4608509df5f6986726803b420bbf637496b49452a35ce8309d3eac70b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=0;
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 5978201
x-cache: Hit from cloudfront
content-length: 1789
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 14 Nov 2021 18:27:07 GMT
server: Microsoft-IIS/10.0
date: Sun, 14 Nov 2021 18:27:06 GMT
content-type: image/png
cache-control: public
etag: W/"36b2be3a85d9d71:0"
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: CCweX_I9D_McneHI5sZ0iWAeAvkl0Nh-IuJiK-dBzuSJFza8f-oKsw==
expires: Sat, 12 Feb 2022 18:27:06 GMT

GET
H2 200 cal_logo.png
d4njeax0ev936.cloudfront.net/images/ 2 KB
2 KB 96ms
96ms Image
image/png 18.66.242.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d4njeax0ev936.cloudfront.net/images/cal_logo.png

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.242.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-242-5.dus51.r.cloudfront.net

Software

Microsoft-IIS/8.5 /

Resource Hash

7732b46065b08e159e891d25a65b084f99d189e57e28dca5ace7d7effcd144c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=0;
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 456830
x-cache: Hit from cloudfront
content-length: 1713
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 17 Jan 2022 16:09:58 GMT
server: Microsoft-IIS/8.5
date: Mon, 17 Jan 2022 16:09:57 GMT
content-type: image/png
cache-control: public
etag: W/"52e37cacbcbd81:0"
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: 08H1BOV17I9psHHeldGMNxAGaP1m09QJl7DKeqzDOpv4UkViFyc_rA==
expires: Sun, 17 Apr 2022 16:09:58 GMT

GET
H/1.1 200
OK countdown-logo.png
mgoblue.com/images/ 2 KB
2 KB 141ms
140ms Image
image/png 74.205.81.134
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mgoblue.com/images/countdown-logo.png

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.205.81.134 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

28cf9b1f57a7f960354d637e62b45c9da1e0efc6d0e72e4bc0dd6a318f61b490

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=0;
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Sat, 22 Jan 2022 07:06:07 GMT
Server: Microsoft-IIS/10.0
ETag: "c7cac875efd81:0"
Content-Type: image/png
X-XSS-Protection: 1; mode=block
Cache-Control: public
Date: Sat, 22 Jan 2022 23:03:48 GMT
Accept-Ranges: bytes
Content-Length: 1793
X-Content-Type-Options: nosniff
Expires: Fri, 22 Apr 2022 23:03:48 GMT

GET
H/1.1 200
OK countdown-logo.png
mgoblue.com/images/ 1 KB
2 KB 142ms
141ms Image
image/png 74.205.81.134
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mgoblue.com/images/countdown-logo.png?width=60

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.205.81.134 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

3005391ffa513d59365354ca8d9c61cd367c13ce1384a9ee9e34570c8446e8da

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=0;
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Sat, 22 Jan 2022 07:06:07 GMT
Server: Microsoft-IIS/10.0
ETag: "ed427875efd81:0"
Content-Type: image/png
X-XSS-Protection: 1; mode=block
Cache-Control: public
Date: Sat, 22 Jan 2022 23:03:48 GMT
Accept-Ranges: bytes
Content-Length: 1235
X-Content-Type-Options: nosniff
Expires: Fri, 22 Apr 2022 23:03:48 GMT

GET
H/1.1 200
OK alert-component-template.html Show response
mgoblue.com/components/templates/ 1 KB
892 B 142ms
141ms XHR
text/html 74.205.81.134
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblue.com/components/templates/alert-component-template.html?bust=637765667896571572

Requested by

Host: dbukjj6eu5tsf.cloudfront.net
URL: https://dbukjj6eu5tsf.cloudfront.net/assets.sidearmsports.com/responsive/js/bundle.1623185959941.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.205.81.134 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

004e7c9081a21dd28b1c7897373a5f3a934a3bb231152b1a4b5edee1e6ec18fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=0;
Content-Encoding: br
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 20 Jan 2022 10:01:22 GMT
Server: Microsoft-IIS/10.0
ETag: "5661a1ade4dd81:0"
Vary: Accept-Encoding
Content-Type: text/html
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=15552000
Date: Sat, 22 Jan 2022 23:03:48 GMT
Accept-Ranges: bytes
Content-Length: 440
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK livestats.ashx Show response
mgoblue.com/services/ 12 B
402 B 135ms
134ms XHR
application/json 74.205.81.134
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblue.com/services/livestats.ashx

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.9.1/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.205.81.134 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

3afdd367b45f02a8d2b88343e8d622c44332965cf6004d63831b22eb6219fcd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://mgoblue.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=0;
Content-Encoding: br
Referrer-Policy: no-referrer-when-downgrade
Server: Microsoft-IIS/10.0
ETag: F24602A3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
X-XSS-Protection: 1; mode=block
Cache-Control: private
Date: Sat, 22 Jan 2022 23:03:48 GMT
Content-Length: 16
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK sportnames.ashx Show response
mgoblue.com/services/ 15 KB
2 KB 166ms
126ms XHR
text/html 74.205.81.134
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblue.com/services/sportnames.ashx

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.9.1/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.205.81.134 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

b448f609fca74b4602082c54ef2adcaeae6d944251c9f080687f1fdf392b26b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://mgoblue.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=0;
Content-Encoding: br
Referrer-Policy: no-referrer-when-downgrade
Server: Microsoft-IIS/10.0
Date: Sat, 22 Jan 2022 23:03:48 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
X-XSS-Protection: 1; mode=block
Cache-Control: private
Content-Length: 1629
X-Content-Type-Options: nosniff

GET
H2 200 Virginia-Tech.png
d4njeax0ev936.cloudfront.net/images/logos/ 1 KB
2 KB 22ms
19ms Image
image/png 18.66.242.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d4njeax0ev936.cloudfront.net/images/logos/Virginia-Tech.png?width=30

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.242.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-242-5.dus51.r.cloudfront.net

Software

Microsoft-IIS/10.0 /

Resource Hash

10996a7c28302ece0e18c26dcaf4faad2461de27904c94b3c09514e3363ac11d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=0;
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 1340567
x-cache: Hit from cloudfront
content-length: 1104
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 07 Jan 2022 10:41:02 GMT
server: Microsoft-IIS/10.0
date: Fri, 07 Jan 2022 10:41:02 GMT
content-type: image/png
cache-control: public
etag: W/"dee0b11b33d81:0"
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: R-iWkWCES64xlBFUaGuCO97zugPrA-YIB-MW3xRjSjKXZVw2OOrYdw==
expires: Thu, 07 Apr 2022 10:41:02 GMT

GET
H2 200 Maryland_Terps.png
d4njeax0ev936.cloudfront.net/images/logos/ 2 KB
2 KB 22ms
19ms Image
image/png 18.66.242.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d4njeax0ev936.cloudfront.net/images/logos/Maryland_Terps.png?width=30

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.242.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-242-5.dus51.r.cloudfront.net

Software

Microsoft-IIS/10.0 /

Resource Hash

e7bf9d3390b3fd4855c4e32af5fb48cda80ee1139c8ccb84f867940c491a460b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=0;
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 4546422
x-cache: Hit from cloudfront
content-length: 1722
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 01 Dec 2021 08:10:07 GMT
server: Microsoft-IIS/10.0
date: Wed, 01 Dec 2021 08:10:06 GMT
content-type: image/png
cache-control: public
etag: W/"45e7bda8ae6d71:0"
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: wBZ6bDdWC6IqmpAOCsIn3qolIyRTGxNXTxrdi6dJXBeMwnbL4dIlbA==
expires: Tue, 01 Mar 2022 08:10:07 GMT

GET
H2 200 Wisconsin.png
d4njeax0ev936.cloudfront.net/images/logos/ 1 KB
2 KB 25ms
21ms Image
image/png 18.66.242.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d4njeax0ev936.cloudfront.net/images/logos/Wisconsin.png?width=30

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.242.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-242-5.dus51.r.cloudfront.net

Software

Microsoft-IIS/10.0 /

Resource Hash

c23635b51bd2c2e128204ad92fa444b2268c44df2c466576397025a0cfd1a272

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=0;
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 771293
x-cache: Hit from cloudfront
content-length: 1501
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 14 Jan 2022 00:48:56 GMT
server: Microsoft-IIS/10.0
date: Fri, 14 Jan 2022 00:48:55 GMT
content-type: image/png
cache-control: public
etag: W/"6d507f82e08d81:0"
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: maGRL2EDHoJWejBVHJlwZsG-jN990TFsF4aNLfnH7chuYse_qBe-jg==
expires: Thu, 14 Apr 2022 00:48:56 GMT

GET
H2 200 cal_logo.png
d4njeax0ev936.cloudfront.net/images/logos/ 1 KB
2 KB 22ms
19ms Image
image/png 18.66.242.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d4njeax0ev936.cloudfront.net/images/logos/cal_logo.png?width=30

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.242.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-242-5.dus51.r.cloudfront.net

Software

Microsoft-IIS/10.0 /

Resource Hash

9884a08de84597787a29c331c22cf5db84cc10d5a1efc5a838d06f4321b54eb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=0;
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 4084774
x-cache: Hit from cloudfront
content-length: 1350
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 06 Dec 2021 16:24:15 GMT
server: Microsoft-IIS/10.0
date: Mon, 06 Dec 2021 16:24:15 GMT
content-type: image/png
cache-control: public
etag: W/"61f64ab6bdead71:0"
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: xH893siXFZjdqXlREZovHE_Adn_u8FVA0gBKrb9uXRl3ilT1cvZAGQ==
expires: Sun, 06 Mar 2022 16:24:15 GMT

GET
H2 200 Penn-State.png
d4njeax0ev936.cloudfront.net/images/logos/ 2 KB
2 KB 23ms
20ms Image
image/png 18.66.242.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d4njeax0ev936.cloudfront.net/images/logos/Penn-State.png?width=30

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.242.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-242-5.dus51.r.cloudfront.net

Software

Microsoft-IIS/8.5 /

Resource Hash

1e706ac5e0cfdd3695b21c85ec1dcef44c23cb09b210d7c64ca8ad038165a931

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=0;
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 3898358
x-cache: Hit from cloudfront
content-length: 1558
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 08 Dec 2021 20:11:12 GMT
server: Microsoft-IIS/8.5
date: Wed, 08 Dec 2021 20:11:11 GMT
content-type: image/png
cache-control: public
etag: W/"669f7be6fecd71:0"
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: aygjYnwQqaIEx1c_FACMuooeq9g--gTrOwevaBF7R-Nv10bPhkaIwA==
expires: Tue, 08 Mar 2022 20:11:11 GMT

GET
H2 200 Western_Michigan_Uni.png
d4njeax0ev936.cloudfront.net/images/logos/ 2 KB
2 KB 24ms
21ms Image
image/png 18.66.242.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d4njeax0ev936.cloudfront.net/images/logos/Western_Michigan_Uni.png?width=30

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.242.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-242-5.dus51.r.cloudfront.net

Software

Microsoft-IIS/8.5 /

Resource Hash

c21c3c17fb3be2449fb42012b3090615bb598df9b8c087bbc49d0c9b6dbb38a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=0;
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 7552323
x-cache: Hit from cloudfront
content-length: 1850
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 27 Oct 2021 13:03:23 GMT
server: Microsoft-IIS/8.5
date: Wed, 27 Oct 2021 13:11:46 GMT
content-type: image/png
cache-control: public
etag: "203b3e633cbd71:0"
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: rOvTMOQPDWTBK07EObGmbKwDrbZdRKiGOEUJr0h41HgEEvJVD13AUg==
expires: Tue, 25 Jan 2022 13:11:46 GMT

GET
H2 200 Minnesota-200.png
d4njeax0ev936.cloudfront.net/images/logos/ 1 KB
2 KB 24ms
21ms Image
image/png 18.66.242.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d4njeax0ev936.cloudfront.net/images/logos/Minnesota-200.png?width=30

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.242.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-242-5.dus51.r.cloudfront.net

Software

Microsoft-IIS/10.0 /

Resource Hash

115b5c88a50cfa5e4c737bc10163345683aed9fcdbf6d1d5142e72ed6328c8a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=0;
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 6749970
x-cache: Hit from cloudfront
content-length: 1389
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 05 Nov 2021 19:58:55 GMT
server: Microsoft-IIS/10.0
date: Fri, 05 Nov 2021 20:04:18 GMT
content-type: image/png
cache-control: public
etag: "7bd771907fd2d71:0"
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: B_cL3y2nSk62dOU_m9JQBFZDB9MQ-mQtpPE--Nbbd7699RqUhprsgw==
expires: Thu, 03 Feb 2022 20:04:19 GMT

GET
H2 200 Michigan_GoldM.png
d4njeax0ev936.cloudfront.net/images/logos/ 1 KB
1 KB 25ms
21ms Image
image/png 18.66.242.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d4njeax0ev936.cloudfront.net/images/logos/Michigan_GoldM.png?width=30

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.242.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-242-5.dus51.r.cloudfront.net

Software

Microsoft-IIS/8.5 /

Resource Hash

6466866c6fb0971b7d55964fa8113b1e382b3ba6ed6194fe294e8f130cfc69d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=0;
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 5063872
x-cache: Hit from cloudfront
content-length: 1026
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 25 Nov 2021 08:25:57 GMT
server: Microsoft-IIS/8.5
date: Thu, 25 Nov 2021 08:25:57 GMT
content-type: image/png
cache-control: public
etag: W/"2ae46112d6e1d71:0"
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: vl5dpeU01AoKP4miPZO3cA2mX8ltlioF0k1lP35E5GoDdttCh7UFvw==
expires: Wed, 23 Feb 2022 08:25:57 GMT

GET
H2 200 UC-Irvine.png
d4njeax0ev936.cloudfront.net/images/logos/ 2 KB
2 KB 24ms
20ms Image
image/png 18.66.242.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d4njeax0ev936.cloudfront.net/images/logos/UC-Irvine.png?width=30

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.242.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-242-5.dus51.r.cloudfront.net

Software

Microsoft-IIS/10.0 /

Resource Hash

af8df8bae976ced1a94f51bbe75770e3b7a377f942987cbfeea477d89d906f34

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=0;
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 1894780
x-cache: Hit from cloudfront
content-length: 1911
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 01 Jan 2022 00:44:09 GMT
server: Microsoft-IIS/10.0
date: Sat, 01 Jan 2022 00:44:09 GMT
content-type: image/png
cache-control: public
etag: W/"febc22b0a8fed71:0"
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: 641SqvnbVGsVcqtorofM8cIynsAxBd1cOznLLtZzLNTZfJa36jBIJQ==
expires: Fri, 01 Apr 2022 00:44:09 GMT

GET
H2 200 GrizzHead_3c_special.png
d4njeax0ev936.cloudfront.net/images/logos/ 2 KB
2 KB 25ms
21ms Image
image/png 18.66.242.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d4njeax0ev936.cloudfront.net/images/logos/GrizzHead_3c_special.png?width=30

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.242.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-242-5.dus51.r.cloudfront.net

Software

Microsoft-IIS/10.0 /

Resource Hash

77b721ad8bae520e7eb6ded24e95a9a6e0b9633ae8c1d72590608b50b156eefd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=0;
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 4074097
x-cache: Hit from cloudfront
content-length: 1988
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 06 Dec 2021 19:22:12 GMT
server: Microsoft-IIS/10.0
date: Mon, 06 Dec 2021 19:22:12 GMT
content-type: image/png
cache-control: public
etag: W/"1d353d92d6ead71:0"
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: Nq3Y3z6Q2enhMBf-7huk-tMdINMtHhPoquSugbGzJvMGrnj8iKo5_w==
expires: Sun, 06 Mar 2022 19:22:12 GMT

GET
H2 200 Arizona-State.png
d4njeax0ev936.cloudfront.net/images/logos/ 1 KB
2 KB 26ms
22ms Image
image/png 18.66.242.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d4njeax0ev936.cloudfront.net/images/logos/Arizona-State.png?width=30

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.242.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-242-5.dus51.r.cloudfront.net

Software

Microsoft-IIS/8.5 /

Resource Hash

bd702a57ee5de4ad1ae8b7e68e704136e62f39a4767be29600f45ba5288a102e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=0;
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 5020172
x-cache: Hit from cloudfront
content-length: 1081
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 25 Nov 2021 20:34:17 GMT
server: Microsoft-IIS/8.5
date: Thu, 25 Nov 2021 20:34:17 GMT
content-type: image/png
cache-control: public
etag: W/"3d3552d13be2d71:0"
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: CPovPI07M5fWzc55Nzd-9PWYKhctqiKAN3RWJX5v5XJgWls6w38sjg==
expires: Wed, 23 Feb 2022 20:34:17 GMT

GET
H2 200 Indiana-University.png
d4njeax0ev936.cloudfront.net/images/logos/ 927 B
1 KB 25ms
22ms Image
image/png 18.66.242.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d4njeax0ev936.cloudfront.net/images/logos/Indiana-University.png?width=30

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.242.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-242-5.dus51.r.cloudfront.net

Software

Microsoft-IIS/10.0 /

Resource Hash

d3f3a5af88b9bcf4dca1f1e33022f7b6877ba818596a19abf9eb39398850dab7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=0;
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 6045810
x-cache: Hit from cloudfront
content-length: 927
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 13 Nov 2021 23:40:19 GMT
server: Microsoft-IIS/10.0
date: Sat, 13 Nov 2021 23:40:19 GMT
content-type: image/png
cache-control: public
etag: W/"76fd6ed1e7d8d71:0"
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: Zw49l52WCashVSbiTZiINE_U4lHjo7YUkVS6l9sRZZYSmhDxgNJGaA==
expires: Fri, 11 Feb 2022 23:40:19 GMT

GET
H2 200 fresnostate_200x200.png
d4njeax0ev936.cloudfront.net/images/logos/ 2 KB
2 KB 31ms
28ms Image
image/png 18.66.242.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d4njeax0ev936.cloudfront.net/images/logos/fresnostate_200x200.png?width=30

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.242.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-242-5.dus51.r.cloudfront.net

Software

Microsoft-IIS/8.5 /

Resource Hash

a9ff02627771b86d11eea4420042546a4a4d466f3cd498c064edf25f5fc1eafb

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=0;
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 273959
x-cache: Hit from cloudfront
content-length: 1746
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 19 Jan 2022 11:22:37 GMT
server: Microsoft-IIS/8.5
date: Wed, 19 Jan 2022 18:57:49 GMT
content-type: image/png
cache-control: public
etag: "d0a0e5dc26dd81:0"
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: ObPFiLqA2xTBn0RKL0kprTOPxATP4PeyoGPl5RS7FHG2BYIFJu-BVA==
expires: Tue, 19 Apr 2022 18:57:50 GMT

GET
H2 200 Rutgers.png
d4njeax0ev936.cloudfront.net/images/logos/ 1 KB
2 KB 40ms
37ms Image
image/png 18.66.242.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d4njeax0ev936.cloudfront.net/images/logos/Rutgers.png?width=30

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.242.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-242-5.dus51.r.cloudfront.net

Software

Microsoft-IIS/10.0 /

Resource Hash

6ce74ce52de36753dcc3c5a4fb03ad763f5d599580f705e35573fb4c97816694

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=0;
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 14162
x-cache: Hit from cloudfront
content-length: 1089
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 22 Jan 2022 19:07:47 GMT
server: Microsoft-IIS/10.0
date: Sat, 22 Jan 2022 19:07:46 GMT
content-type: image/png
cache-control: public
etag: W/"aea9ed57c3fd81:0"
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: aWorJWVUt7Tho8ztxx1rzGXPx80hz0XPyfvWnYHzHs_P18fDukXaew==
expires: Fri, 22 Apr 2022 19:07:47 GMT

GET
H2 200 Purdue.png
d4njeax0ev936.cloudfront.net/images/logos/ 981 B
1 KB 30ms
27ms Image
image/png 18.66.242.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d4njeax0ev936.cloudfront.net/images/logos/Purdue.png?width=30

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.242.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-242-5.dus51.r.cloudfront.net

Software

Microsoft-IIS/10.0 /

Resource Hash

615c6e81c3af813a5529172745f18e54ba1c770f2ff9905539791e935342ba49

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=0;
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 1939196
x-cache: Hit from cloudfront
content-length: 981
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 31 Dec 2021 12:23:53 GMT
server: Microsoft-IIS/10.0
date: Fri, 31 Dec 2021 12:23:52 GMT
content-type: image/png
cache-control: public
etag: W/"ec6ceb4541fed71:0"
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: suV77DBekYclgeyB7dmkipI_5G8_OpDhVo5VeYWb-cQXJd8eU13aUA==
expires: Thu, 31 Mar 2022 12:23:52 GMT

GET
H2 200 Northwestern_university.png
d4njeax0ev936.cloudfront.net/images/logos/ 980 B
1 KB 30ms
27ms Image
image/png 18.66.242.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d4njeax0ev936.cloudfront.net/images/logos/Northwestern_university.png?width=30

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.242.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-242-5.dus51.r.cloudfront.net

Software

Microsoft-IIS/8.5 /

Resource Hash

499e5313fd25c59b0153446b0c00700c61afb9429aaa3ee69a9aea44e8dde93e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=0;
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 2274558
x-cache: Hit from cloudfront
content-length: 980
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 27 Dec 2021 14:45:08 GMT
server: Microsoft-IIS/8.5
date: Mon, 27 Dec 2021 15:14:30 GMT
content-type: image/png
cache-control: public
etag: "2461d25730fbd71:0"
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: M_8Fc11zXCgvEhMGEyPNIvW1oTfRi2qcnFUsZtU0PIkq4PLVLaQGYQ==
expires: Sun, 27 Mar 2022 15:14:31 GMT

GET
H2 200 ohio_state_logo.png
d4njeax0ev936.cloudfront.net/images/logos/ 2 KB
3 KB 31ms
28ms Image
image/png 18.66.242.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d4njeax0ev936.cloudfront.net/images/logos/ohio_state_logo.png?width=30

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.242.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-242-5.dus51.r.cloudfront.net

Software

Microsoft-IIS/10.0 /

Resource Hash

8456ccaf1046ea415ef69f94a85e26750ceb8501f1c7fbccaf374f044d50f6fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=0;
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 7701928
x-cache: Hit from cloudfront
content-length: 2346
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 25 Oct 2021 19:38:21 GMT
server: Microsoft-IIS/10.0
date: Mon, 25 Oct 2021 19:38:21 GMT
content-type: image/png
cache-control: public
etag: W/"e7970ded7c9d71:0"
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: cFmqUEF_2aTtV0qMivED6wJvvpBLqJYeS8aJtxCU_wQ_MkhWZhwvdQ==
expires: Sun, 23 Jan 2022 19:38:21 GMT

GET
H2 200 Kentucky.png
d4njeax0ev936.cloudfront.net/images/logos/ 2 KB
2 KB 30ms
28ms Image
image/png 18.66.242.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d4njeax0ev936.cloudfront.net/images/logos/Kentucky.png?width=30

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.242.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-242-5.dus51.r.cloudfront.net

Software

Microsoft-IIS/8.5 /

Resource Hash

d4a05b20cb48e3220c17a618c5532f73d1d2ea38e764698c4ca83d26878ff29d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=0;
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 5615248
x-cache: Hit from cloudfront
content-length: 1578
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 18 Nov 2021 21:01:03 GMT
server: Microsoft-IIS/8.5
date: Thu, 18 Nov 2021 23:16:21 GMT
content-type: image/png
cache-control: public
etag: "81b68065bfdcd71:0"
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: xK8pb5eFLbEE7PTk1hw56vzSzrQkEmVHAqRVkdaJW4j2b2qtuFw7pA==
expires: Wed, 16 Feb 2022 23:16:21 GMT

GET
H/1.1 200
OK stubhub.png
mgoblue.com/images/2021/4/27/ 3 KB
4 KB 131ms
131ms Image
image/png 74.205.81.134
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mgoblue.com/images/2021/4/27/stubhub.png

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.205.81.134 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

4acb5a0fd1ae2acdedd2fe597fe108270b2e89adf70db5602c85931189086ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=0;
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Sat, 22 Jan 2022 07:05:05 GMT
Server: Microsoft-IIS/10.0
ETag: "28942625efd81:0"
Content-Type: image/png
X-XSS-Protection: 1; mode=block
Cache-Control: public
Date: Sat, 22 Jan 2022 23:03:48 GMT
Accept-Ranges: bytes
Content-Length: 3493
X-Content-Type-Options: nosniff
Expires: Fri, 22 Apr 2022 23:03:49 GMT

GET
H/1.1 200
OK adaptive_components.ashx Show response
mgoblue.com/services/ 4 KB
1 KB 128ms
128ms XHR
text/html 74.205.81.134
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblue.com/services/adaptive_components.ashx?type=ads&sport_id=0&name=calendar-buy-tickets-html-ad-003d57

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.9.1/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.205.81.134 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

b8a56b25112538a30ee01ef002eb22535e58c4cf5d5ce39b393a8e4d02602a5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://mgoblue.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=0;
Content-Encoding: br
Referrer-Policy: no-referrer-when-downgrade
Server: Microsoft-IIS/10.0
Date: Sat, 22 Jan 2022 23:03:48 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
X-XSS-Protection: 1; mode=block
Cache-Control: private
Content-Length: 818
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK adaptive_components.ashx Show response
mgoblue.com/services/ 427 B
554 B 129ms
129ms XHR
text/html 74.205.81.134
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblue.com/services/adaptive_components.ashx?type=ads&sport_id=0&name=scoreboard-cs-ad-3c4197

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.9.1/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.205.81.134 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

53516d40a458c72846fc1c1cd2bb73bac2977bdb5b46b78cffcce3585fa10005

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://mgoblue.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=0;
Content-Encoding: br
Referrer-Policy: no-referrer-when-downgrade
Server: Microsoft-IIS/10.0
Date: Sat, 22 Jan 2022 23:03:48 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
X-XSS-Protection: 1; mode=block
Cache-Control: private
Content-Length: 190
X-Content-Type-Options: nosniff

GET
H2 200 WRM22_PennSt_mgb_022_.jpg
d4njeax0ev936.cloudfront.net/images/2022/1/21/ 158 KB
158 KB 43ms
41ms Image
image/jpeg 18.66.242.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d4njeax0ev936.cloudfront.net/images/2022/1/21/WRM22_PennSt_mgb_022_.jpg?width=1128&height=635&mode=crop

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.242.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-242-5.dus51.r.cloudfront.net

Software

Microsoft-IIS/10.0 /

Resource Hash

3abe65aca4e7fab8ce4384cf9015828471b6dae7f7dd64da2915058d10d98d48

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=0;
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 68975
x-cache: Hit from cloudfront
content-length: 161544
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 22 Jan 2022 03:54:14 GMT
server: Microsoft-IIS/10.0
date: Sat, 22 Jan 2022 03:54:13 GMT
content-type: image/jpeg
cache-control: public
etag: W/"4c648db843fd81:0"
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: GKtHlQk-ywOL0pup2d_afMxknp3WnvTI2C4EFXPAiNl6FBPAfqLp0w==
expires: Fri, 22 Apr 2022 03:54:13 GMT

GET
H2 200 20220121_ihm_samoskevich.jpg
d4njeax0ev936.cloudfront.net/images/2022/1/22/ 121 KB
122 KB 14ms
12ms Image
image/jpeg 18.66.242.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d4njeax0ev936.cloudfront.net/images/2022/1/22/20220121_ihm_samoskevich.jpg?width=1128&height=635&mode=crop

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.242.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-242-5.dus51.r.cloudfront.net

Software

Microsoft-IIS/10.0 /

Resource Hash

d03e8020c256a83acc9a4c583edda6499a9c1f2289791440b619f5d9bbb31cd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=0;
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 60373
x-cache: Hit from cloudfront
content-length: 123939
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 22 Jan 2022 06:17:36 GMT
server: Microsoft-IIS/10.0
date: Sat, 22 Jan 2022 06:17:36 GMT
content-type: image/jpeg
cache-control: public
etag: W/"dfd42bc057fd81:0"
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: rsxA0chVWH4M4RX6t8woNu0k-IZdHwYB0Q1C_iwGU_fovdGSehAvvQ==
expires: Fri, 22 Apr 2022 06:17:36 GMT

GET
H2 200 20220121_tmn_cooksey.jpg
d4njeax0ev936.cloudfront.net/images/2022/1/21/ 113 KB
113 KB 32ms
31ms Image
image/jpeg 18.66.242.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d4njeax0ev936.cloudfront.net/images/2022/1/21/20220121_tmn_cooksey.jpg?width=1128&height=635&mode=crop

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.242.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-242-5.dus51.r.cloudfront.net

Software

Microsoft-IIS/10.0 /

Resource Hash

93d494cba44f479fc9fdbb030d16d1515c285e2a24e0cc4d633ab623c83ad4f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=0;
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 68975
x-cache: Hit from cloudfront
content-length: 115379
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 22 Jan 2022 03:54:14 GMT
server: Microsoft-IIS/10.0
date: Sat, 22 Jan 2022 03:54:13 GMT
content-type: image/jpeg
cache-control: public
etag: W/"de35acb843fd81:0"
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: JmjHLaMy6RUzLco3k53HNZ6OoKmoxeHuUDBGSAybSTaNivyACVUiBA==
expires: Fri, 22 Apr 2022 03:54:13 GMT

GET
H2 200 20210825_gen_conquring_heroes_logo_2021a.jpg
d4njeax0ev936.cloudfront.net/images/2021/8/25/ 82 KB
82 KB 24ms
23ms Image
image/jpeg 18.66.242.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d4njeax0ev936.cloudfront.net/images/2021/8/25/20210825_gen_conquring_heroes_logo_2021a.jpg?width=1024&height=576&mode=crop

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.242.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-242-5.dus51.r.cloudfront.net

Software

Microsoft-IIS/10.0 /

Resource Hash

0282863567499b13755bd021a18a41c54349a86bda28263fab857752f6d4ac1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=0;
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 193536
x-cache: Hit from cloudfront
content-length: 83719
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 20 Jan 2022 17:18:13 GMT
server: Microsoft-IIS/10.0
date: Thu, 20 Jan 2022 17:18:13 GMT
content-type: image/jpeg
cache-control: public
etag: W/"245ae3b421ed81:0"
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: 8TWlEQ-6rKBqG8G8a7OT-UlgY7uXz15E2NvzRE38yqf9eX8Ei3U55A==
expires: Wed, 20 Apr 2022 17:18:13 GMT

GET
H2 200 20220122_tfm_recap_Amene.jpg
d4njeax0ev936.cloudfront.net/images/2022/1/22/ 120 KB
120 KB 87ms
86ms Image
image/jpeg 18.66.242.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d4njeax0ev936.cloudfront.net/images/2022/1/22/20220122_tfm_recap_Amene.jpg?width=1024&height=576&mode=crop

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.242.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-242-5.dus51.r.cloudfront.net

Software

Microsoft-IIS/10.0 /

Resource Hash

11127ee1f4f2f4d62823ba8e673d096b60113fa2b975a1d9921fbb0bc79616b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=0;
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 1243
x-cache: Hit from cloudfront
content-length: 122505
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 22 Jan 2022 22:42:11 GMT
server: Microsoft-IIS/10.0
date: Sat, 22 Jan 2022 22:43:05 GMT
content-type: image/jpeg
cache-control: public
etag: "d264354be1fd81:0"
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: pMd5UGSyMMhL8S3FR3qPL27TNgzHE_xNen5HL5dXoKNKBB9ybJk64Q==
expires: Fri, 22 Apr 2022 22:43:06 GMT

GET
H2 200 20220122_tfw_recap_Holman.jpg
d4njeax0ev936.cloudfront.net/images/2022/1/22/ 101 KB
102 KB 150ms
149ms Image
image/jpeg 18.66.242.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d4njeax0ev936.cloudfront.net/images/2022/1/22/20220122_tfw_recap_Holman.jpg?width=1024&height=576&mode=crop

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.242.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-242-5.dus51.r.cloudfront.net

Software

Microsoft-IIS/10.0 /

Resource Hash

947771138c2b29a1bbccb3361d4fcfec1a607bd4f900b852e0d6d28e2962cc05

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=0;
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: DUS51-P1
x-cache: Miss from cloudfront
content-length: 103929
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 22 Jan 2022 22:50:46 GMT
server: Microsoft-IIS/10.0
date: Sat, 22 Jan 2022 23:03:48 GMT
content-type: image/jpeg
cache-control: public
etag: "93a4227ee2fd81:0"
accept-ranges: bytes
x-amz-cf-id: yHndmvs5ni5gRFV2EsVM4VML7On0fW--7Mnv2LnF04XNQXlchQ56cg==
expires: Fri, 22 Apr 2022 23:03:49 GMT

GET
H2 200 TNW20_WolvInvite_113_1_.jpg
d4njeax0ev936.cloudfront.net/images/2022/1/22/ 321 KB
321 KB 47ms
47ms Image
image/jpeg 18.66.242.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d4njeax0ev936.cloudfront.net/images/2022/1/22/TNW20_WolvInvite_113_1_.jpg

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.242.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-242-5.dus51.r.cloudfront.net

Software

Microsoft-IIS/10.0 /

Resource Hash

e7e45fddaf2caddeb91ebbfd1159ea293d87f2671f56912dab7235aa18d0851a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=0;
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 14219
x-cache: Hit from cloudfront
content-length: 328202
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 22 Jan 2022 18:58:11 GMT
server: Microsoft-IIS/10.0
date: Sat, 22 Jan 2022 19:06:50 GMT
content-type: image/jpeg
cache-control: public
etag: "8b317c0c2fd81:0"
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: 5ifJr8WzWiFSYd1CsAPNtEv8dryW8BPOvGlZSEiYfFUZY5Lq2vYlpw==
expires: Fri, 22 Apr 2022 19:06:50 GMT

GET
H/1.1 200
OK adaptive_components.ashx Show response
mgoblue.com/services/ 255 B
549 B 129ms
129ms XHR
text/html 74.205.81.134
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblue.com/services/adaptive_components.ashx?type=alerts&sport_id=0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.9.1/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.205.81.134 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

0814b863bf377a49d8ba9b2a3fa51d07aab47ee376e6de83b5a0655229ae9703

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://mgoblue.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=0;
Content-Encoding: br
Referrer-Policy: no-referrer-when-downgrade
Server: Microsoft-IIS/10.0
Date: Sat, 22 Jan 2022 23:03:48 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
X-XSS-Protection: 1; mode=block
Cache-Control: private
Content-Length: 185
X-Content-Type-Options: nosniff

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 78 KB
27 KB 70ms
14ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: dbukjj6eu5tsf.cloudfront.net
URL: https://dbukjj6eu5tsf.cloudfront.net/assets.sidearmsports.com/responsive/js/main.1642517942691.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c23e1ac09981f482a8e986029bb865a4ad954540e785f04c3367bfc30f62601b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 23:03:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26997
x-xss-protection: 0
server: sffe
etag: "1110 / 790 of 1000 / last-modified: 1642808442"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 22 Jan 2022 23:03:49 GMT

GET
H/1.1 200
OK adaptive_components.ashx Show response
mgoblue.com/services/ 427 B
554 B 129ms
128ms XHR
text/html 74.205.81.134
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://mgoblue.com/services/adaptive_components.ashx?type=ads&sport_id=0&name=videos-cs-ad-43b14e

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.9.1/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.205.81.134 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

53516d40a458c72846fc1c1cd2bb73bac2977bdb5b46b78cffcce3585fa10005

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://mgoblue.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=0;
Content-Encoding: br
Referrer-Policy: no-referrer-when-downgrade
Server: Microsoft-IIS/10.0
Date: Sat, 22 Jan 2022 23:03:48 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
X-XSS-Protection: 1; mode=block
Cache-Control: private
Content-Length: 190
X-Content-Type-Options: nosniff

POST
H3 200 / Show response
www.facebook.com/tr/ Frame C3CF 0
15 B 30ms
11ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://mgoblue.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://mgoblue.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Sat, 22 Jan 2022 23:03:49 GMT

GET
H2 200 Gatorade_150x50.jpg
dbukjj6eu5tsf.cloudfront.net/mgoblue.com/images/2017/6/27/ 3 KB
3 KB 20ms
20ms Image
image/jpeg 18.66.248.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbukjj6eu5tsf.cloudfront.net/mgoblue.com/images/2017/6/27/Gatorade_150x50.jpg
Requested by: Host: mgoblue.com
URL: https://mgoblue.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-121.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9b3c1c4cbf0cb5d36327d2db12736ba8eb4273804b999b60a71bbbcac2cfcbc6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: O0LZOUeQ1DilTHzdbkRzecCa36pFsACK
via: 1.1 127feb674de1f66343675c9727fafd6c.cloudfront.net (CloudFront)
last-modified: Thu, 29 Jun 2017 13:50:26 GMT
server: AmazonS3
age: 53367
etag: "9d0a7825269fd006ff8d2f280bc0da95"
x-cache: Hit from cloudfront
content-type: image/jpeg
date: Sat, 22 Jan 2022 08:14:23 GMT
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-length: 3063
x-amz-cf-id: Wbf-kQwEIAgQ_MIGGTIZRHY37_7G0OuVnqq3JaQTiFZohG0u0zR8Fw==

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 75C2 0
15 B 24ms
19ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://mgoblue.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://mgoblue.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Sat, 22 Jan 2022 23:03:49 GMT

GET
H2 200 sidearm_font_v2.woff2
fonts.sidearmsports.com/sidearm_v2/2021-08-16-883562/ 39 KB
39 KB 10ms
10ms Font
font/woff2 2600:9000:2057:e800:4:cc99:4000:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.sidearmsports.com/sidearm_v2/2021-08-16-883562/sidearm_font_v2.woff2?58914551
Requested by: Host: fonts.sidearmsports.com
URL: https://fonts.sidearmsports.com/sidearm_v2/2021-08-16-883562/sidearm_font_v2.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:e800:4:cc99:4000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7904b4c684b31d393b96a92275154b596b5263784fc3da9a2748757318c6a6fe

Request headers

Referer: https://fonts.sidearmsports.com/sidearm_v2/2021-08-16-883562/sidearm_font_v2.css
Origin: https://mgoblue.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 10:28:32 GMT
content-encoding: gzip
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 9203718
x-cache: Hit from cloudfront
content-length: 39801
access-control-allow-origin: *
last-modified: Mon, 16 Aug 2021 20:52:08 GMT
server: AmazonS3
etag: "56bb58ff45823e6bc55e9d0f4ce85169"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
via: 1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-amz-cf-id: RffBaL6p54_p_h7ohF5-t_2Wdm2f45R2EZInnwgifajQE6S2edPq_Q==
expires: Wed, 16 Aug 2023 20:52:03 GMT

POST
H2 204 collect Show response
d.clarity.ms/ 0
67 B 93ms
92ms XHR
text/plain 40.76.174.66
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.clarity.ms/collect
Requested by: Host: d.clarity.ms
URL: https://d.clarity.ms/s/0.6.31/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://mgoblue.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: https://mgoblue.com
date: Sat, 22 Jan 2022 23:03:48 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H2 200 pubads_impl_2022011408.js Show response
securepubads.g.doubleclick.net/gpt/ 351 KB
119 KB 46ms
8ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

0530384d8115b9411cd4fac3bad2e6565ab2ddf9c866c86b1422a65dfccb3980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 21:18:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6323
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120805
x-xss-protection: 0
last-modified: Sat, 15 Jan 2022 00:18:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 22 Jan 2023 21:18:26 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 97 B
722 B 52ms
15ms XHR
application/json 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=mgoblue.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

02966e3dc6fb36cec1a788790dacaec2f78643e8ea12dd5189550a33159b9cba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 22 Jan 2022 23:03:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86
x-xss-protection: 0
expires: Sat, 22 Jan 2022 23:03:49 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 31ms
16ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=mgoblue.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 22 Jan 2022 23:03:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=mgoblue.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 22 Jan 2022 23:03:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
11 KB 65ms
50ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1568162526289125&correlator=1823409342350433&output=ldjh&impl=fifs&eid=44755509&vrg=2022011408&ptt=17&sc=1&sfv=1-0-38&ecs=20220122&iu_parts=21708449227%2CMICH&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&prev_scp=pos%3Dtop&eri=1&cust_params=env%3Dprod%26firstpg%3D1%26ptype%3Dhome%26session%3Df%26subses%3D3%26sport%3D0%26vguid%3D93012ddd-54fa-4005-bf12-4ebcb302dafd%26page_template%3Dhome%26sport_name%3D0%26sport_name_custom%3D0%26site%3Dumichigan%26cbs_site_code%3Dmich%26sect%3Dfrontpage&cookie_enabled=1&bc=31&abxe=1&dt=1642892629552&lmt=1642892389&dlt=1642892627236&idt=2283&frm=20&biw=1600&bih=1200&oid=2&adxs=104&adys=723&adks=3860285207&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fmgoblue.com%2F&vis=1&scr_x=0&scr_y=0&psz=300x600&msz=300x-1&ga_vid=1263369283.1642892628&ga_sid=1642892630&ga_hid=87953647&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

c69920b8106dbb53cb781c040b567b4649dbfa2c5428858e633c31580e1d6109

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 23:03:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11745
x-xss-protection: 0
google-lineitem-id: 5770575245
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138360578251
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mgoblue.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
2094213804051206dbc0ba34d0c35d4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CA31 6 KB
4 KB 94ms
42ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2094213804051206dbc0ba34d0c35d4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 22 Jan 2022 23:03:49 GMT
expires: Sun, 22 Jan 2023 23:03:49 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
12 KB 57ms
51ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1568162526289125&correlator=4420698915636769&output=ldjh&impl=fifs&eid=44755509&vrg=2022011408&ptt=17&sc=1&sfv=1-0-38&ecs=20220122&iu_parts=21708449227%2CMICH&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x66%7C970x90%7C728x90&prev_scp=pos%3Dbottom&eri=1&cust_params=env%3Dprod%26firstpg%3D1%26ptype%3Dhome%26session%3Df%26subses%3D3%26sport%3D0%26vguid%3D93012ddd-54fa-4005-bf12-4ebcb302dafd%26page_template%3Dhome%26sport_name%3D0%26sport_name_custom%3D0%26site%3Dumichigan%26cbs_site_code%3Dmich%26sect%3Dfrontpage&cookie_enabled=1&bc=31&abxe=1&dt=1642892629567&lmt=1642892389&dlt=1642892627236&idt=2283&frm=20&biw=1600&bih=1200&oid=2&adxs=315&adys=2284&adks=389753080&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fmgoblue.com%2F&vis=1&scr_x=0&scr_y=0&psz=1440x66&msz=970x-1&ga_vid=1263369283.1642892628&ga_sid=1642892630&ga_hid=87953647&ga_fc=true&fws=0&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

800daa44ad61ff27786321d0ae2fac9087167a24df564c27a80641ade7d1e9e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 23:03:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12064
x-xss-protection: 0
google-lineitem-id: 5770575245
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138360578656
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mgoblue.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
12 KB 50ms
48ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1568162526289125&correlator=4202219464659428&output=ldjh&impl=fifs&eid=44755509&vrg=2022011408&ptt=17&sc=1&sfv=1-0-38&ecs=20220122&iu_parts=21708449227%2CMICH&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x66&prev_scp=pos%3Dsticky&eri=1&cust_params=env%3Dprod%26firstpg%3D1%26ptype%3Dhome%26session%3Df%26subses%3D3%26sport%3D0%26vguid%3D93012ddd-54fa-4005-bf12-4ebcb302dafd%26page_template%3Dhome%26sport_name%3D0%26sport_name_custom%3D0%26site%3Dumichigan%26cbs_site_code%3Dmich%26sect%3Dfrontpage&cookie_enabled=1&bc=31&abxe=1&dt=1642892629572&lmt=1642892389&dlt=1642892627236&idt=2283&frm=20&biw=1600&bih=1200&oid=2&adxs=315&adys=1122&adks=1916067378&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fmgoblue.com%2F&vis=1&scr_x=0&scr_y=0&psz=1600x-1&msz=970x-1&ga_vid=1263369283.1642892628&ga_sid=1642892630&ga_hid=87953647&ga_fc=true&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

7be31bb64ef867a8cf9efb787c7b4611c8dcfef6c95107185a2d88eccf50ae0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 23:03:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12082
x-xss-protection: 0
google-lineitem-id: 5770575245
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138360578257
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mgoblue.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 441B 0
0 42ms
41ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssfLYNKRZQGTEAQ_imWeD9M064Kn0HoYLBhvWX4LidSpUE98i-hOoZQgmA6vbin-myDYO_oqryn1UcrlBnATZ6aQ3crY8xzrlsK4FueIAanwIqziFxJEUoU5__YrUQoPAxhDiWvaC0ePxBcg5uc_oHo_mgvT_jC8UdVtoaF2Ny-RZLo89ksWMlH-eJhcwXnnkpqjQJsJBRsZBjiTkJ59vMafdIT4xWlypmSa4ldSUF__8SxzQegsYFvEFA67z965IFRttPtHvVjUcsQdv6Rjqa0FueqSp2siEgm43NqKvwK&sig=Cg0ArKJSzF_KPtqYh5WSEAE&uach_m=[UACH]&adurl=

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 22 Jan 2022 23:03:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/ Frame 441B 2 KB
2 KB 46ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 22:59:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 230
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 05 Feb 2022 22:59:59 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 441B 122 KB
37 KB 60ms
44ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

425f48a06ab0e9a4a4d792a6677189720f377ec09a073ecdae6232a89cc221f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 23:03:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38060
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1642595990432946"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 22 Jan 2022 23:03:49 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 441B 0
0 15ms
15ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT9-LbH_X__yKDZumOWAzqKRWl2DpN5yTPoDjTWp2kBhMQr8K3ROPtK7DlTrkdzafhCH4dV
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 11077064202136683614
tpc.googlesyndication.com/simgad/ Frame 441B 46 KB
46 KB 46ms
8ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11077064202136683614

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1db8e16dee3454362799155b1ad1191b7a3786fbfae03e143328368cb67d0f29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 17:41:53 GMT
x-content-type-options: nosniff
age: 278516
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47031
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 16:15:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 19 Jan 2023 17:41:53 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 01CE 0
0 43ms
43ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsudMxOsRVSTNiR42qkf_qb_LPDPrcRO0FgIEAz-5dUNj4xZYQeTTK62YcMdV8nZEyeiA4Y01YzBlNlHUWam7P3MxW9EMYXWWn4V1PdnciBz5_eDCFoJk98pmdOZ4jgGsezKp3kTaTjmAazmnDP29o_DUbDU_jPOOZprWA2iX_MC-gLWfzfgsvZzEd6AgWdQgjvYKkkkSfkUXoWMcldltkvSisM5M6p4hvDTqGSdEfE19jRPCT8JupOtEQ8HeNmCgF0cFau8WGl4B0YMKVazMA8MLHblF_t_U6NV8QM-dZfG&sig=Cg0ArKJSzAGqKQLAIoCGEAE&uach_m=[UACH]&adurl=

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 22 Jan 2022 23:03:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/ Frame 01CE 2 KB
1 KB 34ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 22:59:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 230
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 05 Feb 2022 22:59:59 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 01CE 122 KB
37 KB 65ms
62ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

425f48a06ab0e9a4a4d792a6677189720f377ec09a073ecdae6232a89cc221f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 23:03:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38060
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1642595990432946"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 22 Jan 2022 23:03:49 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 01CE 0
0 14ms
14ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRXkoWAOv4-2SSEfMiDJlvDDiO-h_BaEwRfW0pqSXhXJ0guEhIJ5McS-d5uwdbzR-DA1toP
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 11290210093221454265
tpc.googlesyndication.com/simgad/ Frame 01CE 88 KB
89 KB 43ms
18ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11290210093221454265

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2fb7bf89fa597157b822a0ddfca9e97eff45f64e20fc6434547df434df7c91ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 19:18:41 GMT
x-content-type-options: nosniff
age: 272708
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90570
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 16:15:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 19 Jan 2023 19:18:41 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 79B0 0
0 51ms
50ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss1dknjqT2e0xJsJCCvjCYiaxJ9l7GHR3LwAECJXn43gyUB2XctKKhgWQQsr9D5vtqZzPcnlcHz5cl8-X__jqj8WLQleta2UzV7wDm5PYVeww2iIm6LSNfcBfVuuqiGWSjfRbRrzh6X7TUNwffEgtFOS7rlqCWkXa66qfkfhG2Bm3r2X62AU9fCIjxlEG6NWNJ1zl43V-mzCVhJpSmCIGaEHfr5wWgIDjQCRg5I8G6JSR-jKJ9CgdEgWc4HU6Mk5Cwsjkj85jtUpSWukKD7gNnjRw9IzxEVg8WhmeYzsOcB&sig=Cg0ArKJSzLOeqiQJqNJYEAE&uach_m=[UACH]&adurl=

Requested by

Host: mgoblue.com
URL: https://mgoblue.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 22 Jan 2022 23:03:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/ Frame 79B0 2 KB
1 KB 25ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 22:59:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 230
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 05 Feb 2022 22:59:59 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 79B0 122 KB
37 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

425f48a06ab0e9a4a4d792a6677189720f377ec09a073ecdae6232a89cc221f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 23:03:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38060
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1642595990432946"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 22 Jan 2022 23:03:49 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 79B0 0
0 16ms
15ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTAw6LMg1X0wmMHKdf6wcwncvZSyeQn83ZsEbbkubVV7lzk0F6m1sOiIMcWbduFHWLUFD--
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 367129088708586022
tpc.googlesyndication.com/simgad/ Frame 79B0 46 KB
46 KB 41ms
24ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/367129088708586022

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28316d8e97a31a4edc82d6b989531702093019b5fad1b4472958bfd0fe8318c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 20:52:15 GMT
x-content-type-options: nosniff
age: 439894
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46793
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 16:15:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 17 Jan 2023 20:52:15 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 441B 0
0 58ms
42ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstG7lJH4od1R4dhYx66sUinpHtkzJfz-wLMYyORCEAup8PrApQDiLpJtX51QEFmKZ41Q08mKViUeKTFdecW9CkHqrgz8mBW6T1nHrdLlGNYGH2on9wEWSer-9g-ROVhHpGw12cr2fcxjCce8jkblDe93JmhwSnYKKjb_jTX8pQ3mtTw9X4B3zSFg1xuBAy-D6MLkgv0c8jNLMLR2gEEDiCeYNV6PqwWOmvdEAvmdp8c95rjmzDIynljvYCn3TbqW8J_uCWF2IcUbkxw2yk3TF32rt_pr9BuqdndZUOGk3Q1pEM&sig=Cg0ArKJSzCtmZnzYYkagEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 22 Jan 2022 23:03:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 22 Jan 2022 23:03:49 GMT

GET
DATA 200
OK truncated
/ Frame 441B 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41006c8020842b8fe329ec7dda56d69fb6bb87eec1b391f0f822bb4d2edb8726

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 01CE 0
0 43ms
43ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuJP64Ac28L7kFRGNZWi2hTgecaDI_xf0RWrmX4sg0iDxmktl5iLPPw0G4zda4KIcm_Lh5mECz95N3eAQ2Bfp757gND4z-KIa4kvmp3HUjSyvXQEfZf0t-ZgA8T6KkkJMcTYO4rXatYMVfPTPzpO74a-dN0_qeMXN7kN33V7RrnKhw_9KgdsoXWtIyEAZDyleklAQ98DtQs0Jgw5Pba5DhCoaiHu8qPSTCfS8vCIUaZeGyZJEYxtUjxkeFowMsJt7SLVCHoW3CXvC3MV9FjAyyQYByBhHKGMORzOmo0WFeON1M&sig=Cg0ArKJSzBh0coH7TVohEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 22 Jan 2022 23:03:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 22 Jan 2022 23:03:49 GMT

GET
DATA 200
OK truncated
/ Frame 01CE 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 178d3f3bf087dec9441ffad02afcd36737ddca2653a981d8d64e66db70d10119

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 79B0 0
0 41ms
41ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvzFta7U1MsNTi-83iUbuYDHNywLXEsqKEcgZnNGely-DcBfwQcHr8vxHcTNP-Apf060coAyZ_8z7OuC8-srTujnhL5j3E-9L6S8YJ6QvQ1bV6bv_z7wzAaIw4itgPIfpEBEUG360vgQjgJ5mfiX-N8WWnWIu4q3PmF7dFFWM4pbYuyoU8qFeS4LtKjKZJS6qvD5X1G-l37ktZjtCU6JjZnW-yUN0-bQPdFqNpGwMaB5LZWyxSmbiOSAgmNjG1ab9NMoTHtrLOKB5i8s-apOyDdAp1OY-QYBmLIwViTJP58G-k&sig=Cg0ArKJSzLyQkXQ9XLjzEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 22 Jan 2022 23:03:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 22 Jan 2022 23:03:49 GMT

GET
DATA 200
OK truncated
/ Frame 79B0 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d6c602583eafa010722cfd465fc04289e2aa559442e7ad82c57f08f99493ff4e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 optout_check Show response
beacon.krxd.net/ 88 B
247 B 31ms
31ms Script
text/javascript 52.50.214.249
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.mogointeractive.kxjsonp_optOutCheck
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.214.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-214-249.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 5976854ac6b658e0f25c447470e8dc0c542b9bd3681c3ffd83095025f1202ea2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 23:03:49 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=80 t=1642892629
x-served-by: beacon-n015-dub-prod.krxd.net
content-type: text/javascript

GET
H2 200 get Show response
cdn.krxd.net/userdata/ 367 B
509 B 106ms
106ms Script
text/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/userdata/get?pub=57df5244-ab7b-416d-92b3-c6c352ac3360&technographics=1&callback=Krux.ns.mogointeractive.kxjsonp_userdata
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 58056b761da2c1aba5886ffe75f4148453ae2587929ec131d33dbbd3ee41d257

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_userdata_ash_prod_krxd_net___UserData_Service_V2
date: Sat, 22 Jan 2022 23:03:50 GMT
content-encoding: gzip
age: 0
x-served-by: userdata-a009-ash-prod.krxd.net, cache-hhn4069-HHN
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript
via: 1.1 varnish
cache-control: private, max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1642892630.986127,VS0,VE98
content-length: 281
x-cache-hits: 0, 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 53ms
20ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022011408&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b9c404134899360da61bc9edc6312a9062f6fc47bbf15d14b8209d76e140c5bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 22 Jan 2022 23:03:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9097
x-xss-protection: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 165 KB
61 KB 21ms
21ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Y29PC3P5S9&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGF5BMK

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8af58297d91b1275b4a0530b55d8614897e8c400b0db7c08916f36cdc2548ec0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 23:03:49 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62517
x-xss-protection: 0
expires: Sat, 22 Jan 2022 23:03:49 GMT

GET
H/1.1 200
OK landing_gtm.js Show response
fan-gtm-dev.s3-us-west-2.amazonaws.com/ 968 B
1 KB 680ms
174ms Script
application/javascript 52.218.208.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fan-gtm-dev.s3-us-west-2.amazonaws.com/landing_gtm.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGF5BMK
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.208.177 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 23a3cafd9b4f68274b63b50b35dbe4feca86e77a41423b0c045b5bc46643d26a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 22 Jan 2022 23:03:51 GMT
Last-Modified: Wed, 10 Jun 2020 17:44:22 GMT
Server: AmazonS3
x-amz-request-id: 15NGP4TF3DBQ4D92
ETag: "fb96983415efc8ab8284f78a663485e7"
Content-Type: application/javascript
x-amz-version-id: 10m7hfx4N10mGvbVkNOxWP_Ze_n4N5xm
Accept-Ranges: bytes
Content-Length: 968
x-amz-id-2: 5TiLWVxGitpMCxTc2WwBpxeUdEQY/yFGvyNi9yOS3T1J44KbzuMp6VJvPSouC023yjBQJ0exgj8=

POST
H2 204 collect Show response
d.clarity.ms/ 0
48 B 382ms
196ms XHR
text/plain 40.76.174.66
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.clarity.ms/collect
Requested by: Host: d.clarity.ms
URL: https://d.clarity.ms/s/0.6.31/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://mgoblue.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: https://mgoblue.com
date: Sat, 22 Jan 2022 23:03:49 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 72ms
54ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011408.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 23:03:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 22 Jan 2022 23:03:50 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 46 KB
15 KB 59ms
8ms Script
text/javascript 2600:9000:206f:7200:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: mgoblue.com
URL: https://mgoblue.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:7200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d62a3b924d49cc3909d8c7e7d66c6fda8780c357fae0f927993f424928401b20

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

X-Amz-Version-Id: TrxFtQaM8s37m_Nm4h1GkMAOXYF47jUQ
Content-Encoding: gzip
Etag: W/"b8caabe626e64605e61edd5174246bf4"
Age: 793
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Via: 1.1 106758604a7f1ae0fa6678cd3d828d62.cloudfront.net (CloudFront)
Last-Modified: Fri, 14 Jan 2022 00:11:04 GMT
Server: AmazonS3
Date: Sat, 22 Jan 2022 22:50:50 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA56-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: xPGf5z15Z-y_gXk9A_-gp_5egunhfX7K4xvX4jAvbcZBdsjnmMXO8A==

POST
H3 204 collect
analytics.google.com/g/ 0
17 B 29ms
14ms Ping
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-Y29PC3P5S9&gtm=2oe1j0&_p=87953647&sr=1600x1200&_gaz=1&ul=en-us&cid=1263369283.1642892628&_s=1&dl=https%3A%2F%2Fmgoblue.com%2F&dt=University%20of%20Michigan%20Athletics%20-%20Official%20Athletics%20Website&sid=1642892629&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.division=DI&ep.conference=Big%20Ten&ep.ss_client_id=1344&ep.school_name=University%20of%20Michigan
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y29PC3P5S9&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mgoblue.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 22 Jan 2022 23:03:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mgoblue.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 19ms
19ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-Y29PC3P5S9&cid=1263369283.1642892628&gtm=2oe1j0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y29PC3P5S9&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mgoblue.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 22 Jan 2022 23:03:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mgoblue.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 19ms
18ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Y29PC3P5S9&cid=1263369283.1642892628&gtm=2oe1j0&aip=1&z=25415598

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jan 2022 23:03:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/HLZE36KS75DE7K4FCCRIGK/index.js
https://s.adroll.com/j/exp/index.js

28 B
763 B

8ms
8ms

Script
application/javascript

2600:9000:206f:7200:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Protocol: HTTP/1.1
Server: 2600:9000:206f:7200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

X-Amz-Version-Id: VxC0v7SN4NsT_sJxZYoy27yA4ALlRfhC
Via: 1.1 106758604a7f1ae0fa6678cd3d828d62.cloudfront.net (CloudFront)
Etag: "5816cced8568d223aa09d889f300692b"
Age: 148777
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 28
Last-Modified: Mon, 18 Oct 2021 21:07:54 GMT
Server: AmazonS3
Date: Sat, 22 Jan 2022 05:06:30 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA56-C1
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 8jfN0whtJ-JwmFGv3JsxdmDShikSsvNBvBDSwcs4XDbAIxMWSceX2Q==

Redirect headers

Date: Sat, 22 Jan 2022 13:06:35 GMT
Via: 1.1 106758604a7f1ae0fa6678cd3d828d62.cloudfront.net (CloudFront)
Age: 35834
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA56-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: jp7TAWIkGj3QEaOXnlY8kj2JEyhR3rO_QuVIOn9OjkZnBgZrBFCcpw==

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/HLZE36KS75DE7K4FCCRIGK/KF56POYC6FEVFJF3X6KW55/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
733 B

9ms
8ms

Script
application/javascript

2600:9000:206f:7200:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Protocol: HTTP/1.1
Server: 2600:9000:206f:7200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Via: 1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Age: 58616
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Server: AmazonS3
Date: Sat, 22 Jan 2022 06:46:55 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA56-C1
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: j5cO7yCZCR0TD28bFD__YBTZHoCwi77RNOg2KWP1YFtCZhBfTfYCsQ==

Redirect headers

Date: Sat, 22 Jan 2022 05:44:57 GMT
Via: 1.1 106758604a7f1ae0fa6678cd3d828d62.cloudfront.net (CloudFront)
Age: 62332
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Location: https://s.adroll.com/j/pre/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA56-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 7FT7GOJYEhsELY7IoUMqYNbxB8a-a-YRHv9Z-3F0AVTISF6_Jp0OCA==

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/HLZE36KS75DE7K4FCCRIGK/KF56POYC6FEVFJF3X6KW55/ 0
786 B 24ms
9ms Script
text/javascript 2600:9000:206f:7200:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/HLZE36KS75DE7K4FCCRIGK/KF56POYC6FEVFJF3X6KW55/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:7200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

X-Amz-Version-Id: qGIvrtObO7zhFceqKCdyfqY7bdDfvNHx
Via: 1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Age: 2412
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Tue, 18 Jan 2022 05:23:16 GMT
Server: AmazonS3
Date: Sat, 22 Jan 2022 22:23:39 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA56-C1
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: KveGdRok4BxCY7dcflxt-tgBtgumv7fOuhagBtc7MNMbLBNV8fcRHg==

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 01E6 13 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 22 Jan 2022 21:26:20 GMT
expires: Sun, 22 Jan 2023 21:26:20 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 5850
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 97F3 783 B
535 B 17ms
17ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0b6f23c3914828ea724fb1ac5397d2040260e2605ae67f95186bb5981b2a8713

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-As08//xFKFpqOkK0P4d5jg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 22 Jan 2022 23:03:50 GMT
date: Sat, 22 Jan 2022 23:03:50 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-As08//xFKFpqOkK0P4d5jg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 VYSAmqkCqqI2p1vG7N0EZhME2mSBj47Ds8I6nIhDmP4.js Show response
pagead2.googlesyndication.com/bg/ Frame 01E6 35 KB
13 KB 8ms
7ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VYSAmqkCqqI2p1vG7N0EZhME2mSBj47Ds8I6nIhDmP4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

5584809aa902aaa236a75bc6ecdd04661304da64818f8ec3b3c23a9c884398fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 00:04:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82731
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13526
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 22 Jan 2023 00:04:59 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 97F3 0
0 43ms
42ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022011408&jk=1568162526289125&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 HLZE36KS75DE7K4FCCRIGK Show response
d.adroll.com/consent/check/ 395 B
863 B 133ms
31ms Script
application/javascript 54.228.17.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/HLZE36KS75DE7K4FCCRIGK?arrfrr=https%3A%2F%2Fmgoblue.com%2F&_s=120e210269a09491e283712e74ee0c96&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.228.17.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-228-17-128.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 878434bb9b99d89d1a1766aabc20f003af2846d9cc9b7c5595cac80615964b6d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jan 2022 23:03:50 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-type: application/javascript
content-length: 395
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2 204 pixel.gif
beacon.krxd.net/ 0
337 B 30ms
30ms Image
text/plain 52.50.214.249
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/pixel.gif?source=smarttag&fired=report&confid=so4l4yxm2&_kpid=57df5244-ab7b-416d-92b3-c6c352ac3360&_kcp_s=Sidearm&_kcp_d=mgoblue.com&_knifr=13&_kua_kx_tz=0&geo_country=de&geo_region=by&geo_dma=276005&_kua_kx_lang=en-us&_kua_kx_tech_browser_language=en-us&_kua_kx_tech_browser=Chrome%209&_kua_kx_tech_manufacturer=Microsoft%20Corporation&_kua_kx_tech_device=Computer&_kua_kx_tech_os=Windows%2010&_kua_kx_geo_country=de&_kua_kx_geo_region=by&_kua_kx_geo_dma=276005&_kua_kx_whistle=0&_kpa_domain=mgoblue.com&_kpa_sidearm_page_template=home&_kpa_sidearm_sport_name=0&_kpa_sidearm_sport_name_custom=0&_kpa_sidearm_site=umichigan&_kpa_sidearm_cbs_site_code=mich&_kpa_sidearm_sect=frontpage&t_navigation_type=0&t_dns=0&t_tcp=377&t_http_request=-1&t_http_response=134&t_content_ready=2029&t_window_load=3536&t_redirect=0&interchange_ran=false&userdata_was_requested=true&userdata_did_respond=true&store_user_after=w2oc5hzmk&_kurl_=https%3A%2F%2Fmgoblue.com&userdata_user=OniCrSMK%2Cw2oc5hzmk&sview=1&kplt0=34590&kplt1=34589&kplt2=34663&jsonp_requests=https%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2F57df5244-ab7b-416d-92b3-c6c352ac3360%2C78%2Chttps%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fset%2F57df5244-ab7b-416d-92b3-c6c352ac3360%2C75%2Chttps%3A%2F%2Fbeacon.krxd.net%2Foptout_check%2C82%2Chttps%3A%2F%2Fcdn.krxd.net%2Fuserdata%2Fget%2C111
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.214.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-214-249.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 23:03:50 GMT
cache-control: private, no-cache, no-store
x-request-time: D=73 t=1642892630
x-served-by: beacon-n017-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 200 /
www.facebook.com/tr/ Frame ECC5 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=561883908045644&ev=Microdata&dl=https%3A%2F%2F8277843.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCIOamfy7xvUCFU-s1QodvjUJnQ%3Bsrc%3D8277843%3Btype%3Dcount0%3Bcat%3Dsitev0%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Bord%3D1%3Bnum%3D9094576706051.719%3F&rl=https%3A%2F%2Fmgoblue.com%2F&if=true&ts=1642892630247&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.49&r=stable&ec=1&o=30&it=1642892628600&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8277843.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 23:03:50 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Sat, 22 Jan 2022 23:03:50 GMT

GET
H3 200 /
www.facebook.com/tr/ Frame DB61 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=298193007389075&ev=Microdata&dl=https%3A%2F%2F8277843.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCK-Vmfy7xvUCFZSD1QodkUoBFg%3Bsrc%3D8277843%3Btype%3Dcount0%3Bcat%3Dpagev0%3Bord%3D9079359458113%3Bgtm%3D2wg1j0%3Bauiddc%3D396860451.1642892628%3Bu15%3Dundefined%3Bps%3D1%3B~oref%3Dhttps%253A%252F%252Fmgoblue.com%252F%3F&rl=https%3A%2F%2Fmgoblue.com%2F&if=true&ts=1642892630250&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.49&r=stable&ec=1&o=30&it=1642892628602&coo=false&es=automatic&tm=3&exp=p0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8277843.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 23:03:50 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Sat, 22 Jan 2022 23:03:50 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 01E6 0
9 B 7ms
6ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?WlUy8g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 23:03:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 43ms
42ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022011408&jk=1568162526289125&bg=!gYKlgsbNAAZ_DxPPfw87ACkAdvg8WuyQoWkQYsXPpmTrXMGChUlkSVuw6F9D_fQGEkDUuTFRnQFI8QIAAABuUgAAAANoAQeZAtfNVCrx7LkkmyGSck2Bxx8zNKqzThAK3Pb24edHuFh5l1jRCmcl2ZtC9tPoiul9pVOUVNluuJN8dM1UHUH4n3MR2ZUSi91O8NLeFoogOXepOkCU-u_SCYxAxJkVDUmw8ow-cM209so4Zjlgp0hfGlHOnG6Lc1YG0iQjZKjPRjea1BUSHbZsGPNgTug_vNRwfPc0wpmpRsmPYUa-__Tc5ylgppu56fxyQf5VS6CmAZtLPY9vGVDpcvQTe-eejcPBKrSdA2Y3LVp1zTxwrLknOZ3e3gfo9kTn-79AjsWYFrMzToPnHdfo8qOjgot-p1iRKXVFr3mx27Bpm_RwFiNK47AXml4Wq34L77xEoXxaW8RvWUzSKJoMbNkuZD_X-2UjP9slPMY8nGko7aMluUMgu4NNUdA-TCveYNdt7uhbKPmIdaClEiHubtEUUtKEY9rGXseEHiFOGcjIpHtuKsr6R5PGaY-OERTc727CQg6B_H-wWK3hpSRta_ejX0aZpl9lNvaU8RNXfMKr8QhVNdiAdfzsThzwkzEWUWFg1fiDB4pbDRNsoZTo1g32JoZpxGclh5TuHbFMFlPLJJbJ4UQGbamtw58Al0auGmYpu2bZbwS3VXw_SP6ByHY7JSBZspPCL_O-p5No2NKNjr8WsbWcffh2BlzCoTJPmDPn-fwEfpUWfgIbGdwmzwP9XPJtgE4M60Q5yGhkWLX7igm2tgK4h2J9sQcqXKBfWDf09glgys4NKP0LZ4xAAPG0BjTe8SBmJgNalQToDwG13Zxgnau-y2QiZ9yUdSMNcZy9Aftp_x9LrZ9wsZ2MXQfj0FkUHZhvzV8QvYr921BPZFX1SVGQ2_nu4ubX-R6_hjnw2mHSUmXYSJalzg_fZ0i_FM2BOKh7HGirPnHNTj6hA2iy0dCOdsrtKfxwH9ev61ktmYah40YUxl9mfOLxlpOTziZdRQ7_VwqS-CSVc6td

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jan 2022 23:03:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

VVHZAYZ36JEKLOAZEQPQVH.js Show response
s.adroll.com/pixel/HLZE36KS75DE7K4FCCRIGK/KF56POYC6FEVFJF3X6KW55/
Redirect Chain

https://d.adroll.com/pixel/HLZE36KS75DE7K4FCCRIGK/KF56POYC6FEVFJF3X6KW55?adroll_fpc=f647c5ccbb4218e843664397792ee7d8-1642892630373&arrfrr=https%3A%2F%2Fmgoblue.com%2F&pv=92024034436.64215&cookie=&a...
https://s.adroll.com/pixel/HLZE36KS75DE7K4FCCRIGK/KF56POYC6FEVFJF3X6KW55/VVHZAYZ36JEKLOAZEQPQVH.js

4 KB
2 KB

590ms
590ms

Script
text/javascript

2600:9000:206f:7200:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/pixel/HLZE36KS75DE7K4FCCRIGK/KF56POYC6FEVFJF3X6KW55/VVHZAYZ36JEKLOAZEQPQVH.js
Protocol: HTTP/1.1
Server: 2600:9000:206f:7200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 67f763ddc055717d42a772e7c100c43d54e5d7026596b03c06055471669a074c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

X-Amz-Version-Id: .JFx1rEuKg1NC.cvgknOVFoOdjzpquLE
Content-Encoding: gzip
Etag: W/"e6e98cf1e7a62998fede14e4d1ede93d"
X-Amz-Cf-Pop: FRA56-C1
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: RefreshHit from cloudfront
Access-Control-Max-Age: 600
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Wed, 14 Jul 2021 10:47:17 GMT
Server: AmazonS3
Date: Sat, 22 Jan 2022 23:03:51 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Via: 1.1 106758604a7f1ae0fa6678cd3d828d62.cloudfront.net (CloudFront)
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: ayYZUiy5bjn24e6vN2Ak3Cy7asBEXFuros7ze9vYHTn7TBPa_-IXKA==

Redirect headers

pragma: no-cache
x-conversion-value: 0.00
server: nginx/1.20.0
x-rule: *
date: Sat, 22 Jan 2022 23:03:50 GMT
x-segment-eid: VVHZAYZ36JEKLOAZEQPQVH
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://s.adroll.com/pixel/HLZE36KS75DE7K4FCCRIGK/KF56POYC6FEVFJF3X6KW55/VVHZAYZ36JEKLOAZEQPQVH.js
cache-control: no-store, no-cache, must-revalidate
x-segment-display-name: Visitors to Unsegmented Pages
x-pixel-eid: KF56POYC6FEVFJF3X6KW55
x-segment-name: *
x-advertisable-eid: HLZE36KS75DE7K4FCCRIGK
content-length: 0
x-conversion-currency

GET
H2 200 adx Show response
pubads.g.doubleclick.net/gampad/ 0
356 B 42ms
41ms XHR
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/adx?iu=%2F21708449227%2FMICH%2Fout_of_page_default1&ists=1&sz=1x1&cookie=ID%3D60d6010a0e45b621%3AT%3D1642892629%3AS%3DALNI_MbaEP0UhCbnSn5ADc-9CzHKvO0l_Q&t=page_template%3Dhome%26sport_name%3D0%26sport_name_custom%3D0%26site%3Dumichigan%26cbs_site_code%3Dmich%26content_id%3Dnull%26sect%3Dfrontpage&c=1642892630508

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.9.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Referer: https://mgoblue.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 23:03:50 GMT
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://mgoblue.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 441B 42 B
64 B 56ms
40ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstrrN03_Vds3HyySUHynOP9fzCnQlkkbbPSv02rA_wFf_FQVCnNHd4g0X3BPmZY6kH2ILT8KyNQCqyNMUsQGKP9ZYovWtymRJ9nPGYP19oVIROROuWI&sig=Cg0ArKJSzPleiyc3x4-yEAE&id=lidar2&mcvt=1000&p=1122,315,1188,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220119&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=1916067378&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1642892629643&rpt=117&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jan 2022 23:03:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 01CE 42 B
64 B 40ms
39ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsum2mraVPKRPWBQNMgsi2GiaxpPgTVotlTnbjwYEnVUBoAb0XJpvQzW6JLOnbJ5O4XvIJW4GZVyt_qbfSxNzAmR42paSIWhCPTGgYjzDzY80bf1Mcgs&sig=Cg0ArKJSzGf_8P1RpvgcEAE&id=lidar2&mcvt=1000&p=723,104,1323,404&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20220119&bin=7&avms=nio&bs=1600,1200&mc=0.8&app=0&itpl=3&adk=3860285207&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1642892629654&rpt=130&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jan 2022 23:03:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 312481358936152 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 47ms
47ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/312481358936152?v=2.9.49&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

86ddb8270bc11a25af98cfc5e7ff4596224d0145f32127494cc7844f4e51ce1c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: jzNKa1SgasI5yVBvHlwHzDzw+F3Y+9bwz3VKdU2RiBtp3RIDxv0eCztl3gGFfQEVJ9VkswxvhOQTtEjrpXfhog==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 22 Jan 2022 23:03:51 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/
Redirect Chain

https://d.adroll.com/cm/index/out?adroll_fpc=f647c5ccbb4218e843664397792ee7d8-1642892630373&arrfrr=https%3A%2F%2Fmgoblue.com%2F&advertisable=HLZE36KS75DE7K4FCCRIGK
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MjAxNWExNjU3YTdlZDg2OTBhYzAzMzg3ZWE1N2EwYzc&expiration=1674428631
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MjAxNWExNjU3YTdlZDg2OTBhYzAzMzg3ZWE1N2EwYzc&expiration=1674428631&C=1

43 B
1 KB

18ms
17ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MjAxNWExNjU3YTdlZDg2OTBhYzAzMzg3ZWE1N2EwYzc&expiration=1674428631&C=1
Protocol: HTTP/1.1
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 22 Jan 2022 23:03:51 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 22 Jan 2022 23:03:51 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 22 Jan 2022 23:03:51 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MjAxNWExNjU3YTdlZDg2OTBhYzAzMzg3ZWE1N2EwYzc&expiration=1674428631&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 333
Expires: Sat, 22 Jan 2022 23:03:51 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://d.adroll.com/cm/n/out?adroll_fpc=f647c5ccbb4218e843664397792ee7d8-1642892630373&arrfrr=https%3A%2F%2Fmgoblue.com%2F&advertisable=HLZE36KS75DE7K4FCCRIGK
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=MjAxNWExNjU3YTdlZDg2OTBhYzAzMzg3ZWE1N2EwYzc&expires=365

0
239 B

100ms
7ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=MjAxNWExNjU3YTdlZDg2OTBhYzAzMzg3ZWE1N2EwYzc&expires=365
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 611afce88997db6fdd35eb213e662871
Content-Type: image/gif

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=MjAxNWExNjU3YTdlZDg2OTBhYzAzMzg3ZWE1N2EwYzc&expires=365
pragma: no-cache
date: Sat, 22 Jan 2022 23:03:51 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 124
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

204

sync
pixel.advertising.com/ups/55980/
Redirect Chain

https://d.adroll.com/cm/onevideo/out?adroll_fpc=f647c5ccbb4218e843664397792ee7d8-1642892630373&arrfrr=https%3A%2F%2Fmgoblue.com%2F&advertisable=HLZE36KS75DE7K4FCCRIGK
https://pixel.advertising.com/ups/55980/sync?uid=MjAxNWExNjU3YTdlZDg2OTBhYzAzMzg3ZWE1N2EwYzc&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
https://pixel.advertising.com/ups/55980/sync?uid=MjAxNWExNjU3YTdlZDg2OTBhYzAzMzg3ZWE1N2EwYzc&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true

0
124 B

10ms
10ms

Image
text/plain

35.156.69.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/55980/sync?uid=MjAxNWExNjU3YTdlZDg2OTBhYzAzMzg3ZWE1N2EwYzc&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true

Protocol

Server

35.156.69.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-69-231.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 23:03:51 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://pixel.advertising.com/ups/55980/sync?uid=MjAxNWExNjU3YTdlZDg2OTBhYzAzMzg3ZWE1N2EwYzc&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
date: Sat, 22 Jan 2022 23:03:51 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/
Redirect Chain

https://d.adroll.com/cm/outbrain/out?adroll_fpc=f647c5ccbb4218e843664397792ee7d8-1642892630373&arrfrr=https%3A%2F%2Fmgoblue.com%2F&advertisable=HLZE36KS75DE7K4FCCRIGK
https://sync.outbrain.com/cookie-sync?p=adroll&uid=MjAxNWExNjU3YTdlZDg2OTBhYzAzMzg3ZWE1N2EwYzc

0
477 B

458ms
95ms

Image
text/plain

70.42.32.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=adroll&uid=MjAxNWExNjU3YTdlZDg2OTBhYzAzMzg3ZWE1N2EwYzc
Protocol: HTTP/1.1
Server: 70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 22 Jan 2022 23:03:51 GMT
Cache-Control: no-cache
X-TraceId: 6e411a986c98565321914a31d9031a0e
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/cookie-sync?p=adroll&uid=MjAxNWExNjU3YTdlZDg2OTBhYzAzMzg3ZWE1N2EwYzc
pragma: no-cache
date: Sat, 22 Jan 2022 23:03:51 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 100
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

Pug
image2.pubmatic.com/AdServer/
Redirect Chain

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=f647c5ccbb4218e843664397792ee7d8-1642892630373&arrfrr=https%3A%2F%2Fmgoblue.com%2F&advertisable=HLZE36KS75DE7K4FCCRIGK
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=MjAxNWExNjU3YTdlZDg2OTBhYzAzMzg3ZWE1N2EwYzc&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAk...

1 B
548 B

85ms
13ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=MjAxNWExNjU3YTdlZDg2OTBhYzAzMzg3ZWE1N2EwYzc&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 19:14:59 GMT
cache-control: no-store, no-cache, private
x-lat: amspug0022:0:400
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=MjAxNWExNjU3YTdlZDg2OTBhYzAzMzg3ZWE1N2EwYzc&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
pragma: no-cache
date: Sat, 22 Jan 2022 23:03:51 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 219
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

204

rtb-h
sync.taboola.com/sg/adroll-network/1/
Redirect Chain

https://d.adroll.com/cm/taboola/out?adroll_fpc=f647c5ccbb4218e843664397792ee7d8-1642892630373&arrfrr=https%3A%2F%2Fmgoblue.com%2F&advertisable=HLZE36KS75DE7K4FCCRIGK
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=MjAxNWExNjU3YTdlZDg2OTBhYzAzMzg3ZWE1N2EwYzc

0
222 B

94ms
14ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=MjAxNWExNjU3YTdlZDg2OTBhYzAzMzg3ZWE1N2EwYzc
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 23:03:51 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 14224

Redirect headers

location: https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=MjAxNWExNjU3YTdlZDg2OTBhYzAzMzg3ZWE1N2EwYzc
pragma: no-cache
date: Sat, 22 Jan 2022 23:03:51 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 111
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://d.adroll.com/cm/triplelift/out?adroll_fpc=f647c5ccbb4218e843664397792ee7d8-1642892630373&arrfrr=https%3A%2F%2Fmgoblue.com%2F&advertisable=HLZE36KS75DE7K4FCCRIGK
https://eb2.3lift.com/xuid?mid=4714&xuid=MjAxNWExNjU3YTdlZDg2OTBhYzAzMzg3ZWE1N2EwYzc&dongle=c85e
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=MjAxNWExNjU3YTdlZDg2OTBhYzAzMzg3ZWE1N2EwYzc&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=

37 B
352 B

10ms
10ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=MjAxNWExNjU3YTdlZDg2OTBhYzAzMzg3ZWE1N2EwYzc&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 23:03:51 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=4714&xuid=MjAxNWExNjU3YTdlZDg2OTBhYzAzMzg3ZWE1N2EwYzc&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
date: Sat, 22 Jan 2022 23:03:51 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

204

v1
ads.yahoo.com/cms/
Redirect Chain

https://d.adroll.com/cm/r/out?adroll_fpc=f647c5ccbb4218e843664397792ee7d8-1642892630373&arrfrr=https%3A%2F%2Fmgoblue.com%2F&advertisable=HLZE36KS75DE7K4FCCRIGK
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

0
446 B

93ms
24ms

Image
text/plain

2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Protocol

Server

2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 23:03:51 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

location: https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
pragma: no-cache
date: Sat, 22 Jan 2022 23:03:51 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 165
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/
Redirect Chain

https://d.adroll.com/cm/b/out?adroll_fpc=f647c5ccbb4218e843664397792ee7d8-1642892630373&arrfrr=https%3A%2F%2Fmgoblue.com%2F&advertisable=HLZE36KS75DE7K4FCCRIGK
https://x.bidswitch.net/sync?dsp_id=44&user_id=MjAxNWExNjU3YTdlZDg2OTBhYzAzMzg3ZWE1N2EwYzc
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=MjAxNWExNjU3YTdlZDg2OTBhYzAzMzg3ZWE1N2EwYzc

43 B
495 B

9ms
9ms

Image
image/gif

18.184.217.227
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=MjAxNWExNjU3YTdlZDg2OTBhYzAzMzg3ZWE1N2EwYzc
Protocol: HTTP/1.1
Server: 18.184.217.227 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-217-227.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 22 Jan 2022 23:03:51 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=MjAxNWExNjU3YTdlZDg2OTBhYzAzMzg3ZWE1N2EwYzc
Date: Sat, 22 Jan 2022 23:03:51 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

bounce
ib.adnxs.com/
Redirect Chain

https://d.adroll.com/cm/x/out?adroll_fpc=f647c5ccbb4218e843664397792ee7d8-1642892630373&arrfrr=https%3A%2F%2Fmgoblue.com%2F&advertisable=HLZE36KS75DE7K4FCCRIGK
https://ib.adnxs.com/setuid?entity=172&code=MjAxNWExNjU3YTdlZDg2OTBhYzAzMzg3ZWE1N2EwYzc
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DMjAxNWExNjU3YTdlZDg2OTBhYzAzMzg3ZWE1N2EwYzc

43 B
1 KB

7ms
6ms

Image
image/gif

37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DMjAxNWExNjU3YTdlZDg2OTBhYzAzMzg3ZWE1N2EwYzc

Protocol

HTTP/1.1

Server

37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 22 Jan 2022 23:03:51 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 8c3d08eb-b6c3-4ec1-8307-25fea25c0787
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 22 Jan 2022 23:03:51 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 365e4a90-ce70-45b4-9d6e-2a1379c7921c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DMjAxNWExNjU3YTdlZDg2OTBhYzAzMzg3ZWE1N2EwYzc
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 out
d.adroll.com/cm/l/ 42 B
180 B 63ms
62ms Image
image/gif 54.228.17.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/l/out?adroll_fpc=f647c5ccbb4218e843664397792ee7d8-1642892630373&arrfrr=https%3A%2F%2Fmgoblue.com%2F&advertisable=HLZE36KS75DE7K4FCCRIGK
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.228.17.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-228-17-128.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 23:03:51 GMT
cache-control: no-transform,public,max-age=300,s-maxage=900
server: nginx/1.20.0
content-length: 42
vary: Cookie
content-type: image/gif

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://d.adroll.com/cm/o/out?adroll_fpc=f647c5ccbb4218e843664397792ee7d8-1642892630373&arrfrr=https%3A%2F%2Fmgoblue.com%2F&advertisable=HLZE36KS75DE7K4FCCRIGK
https://us-u.openx.net/w/1.0/sd?id=537103138&val=2015a1657a7ed8690ac03387ea57a0c7

43 B
274 B

69ms
22ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537103138&val=2015a1657a7ed8690ac03387ea57a0c7
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jan 2022 23:03:51 GMT
via: 1.1 google
server: OXGW/17.1.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537103138&val=2015a1657a7ed8690ac03387ea57a0c7
pragma: no-cache
date: Sat, 22 Jan 2022 23:03:51 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 87
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

in
d.adroll.com/cm/g/
Redirect Chain

https://d.adroll.com/cm/g/out?adroll_fpc=f647c5ccbb4218e843664397792ee7d8-1642892630373&arrfrr=https%3A%2F%2Fmgoblue.com%2F&advertisable=HLZE36KS75DE7K4FCCRIGK&google_nid=adroll2
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=IBWhZXp-2GkKwDOH6legxw
https://d.adroll.com/cm/g/in

42 B
535 B

33ms
31ms

Image
image/gif

54.228.17.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/g/in
Protocol: H2
Server: 54.228.17.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-228-17-128.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jan 2022 23:03:51 GMT
server: nginx/1.20.0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-store, no-cache, must-revalidate
content-type: image/gif
content-length: 42
x-result: g.-1.-1.-1

Redirect headers

pragma: no-cache
date: Sat, 22 Jan 2022 23:03:51 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://d.adroll.com/cm/g/in
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 225
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=312481358936152&ev=PageView&dl=https%3A%2F%2Fmgoblue.com%2F&rl=&if=false&ts=1642892631080&cd[segment_eid]=VVHZAYZ36JEKLOAZEQPQVH&sw=1600&sh=1200&v=2.9.49&r=stable&ec=0&o=29&fbp=fb.1.1642892628636.32569364&it=1642892628512&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mgoblue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 23:03:51 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Sat, 22 Jan 2022 23:03:51 GMT

POST
H2 204 collect Show response
d.clarity.ms/ 0
48 B 92ms
92ms XHR
text/plain 40.76.174.66
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.clarity.ms/collect
Requested by: Host: d.clarity.ms
URL: https://d.clarity.ms/s/0.6.31/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://mgoblue.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: https://mgoblue.com
date: Sat, 22 Jan 2022 23:03:51 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: kr.ixiaa.com
URL: https://kr.ixiaa.com/C726AB29-0470-440B-B8D2-D552CED3A3DC/a.gif

Verdicts & Comments Add Verdict or Comment

159 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

61 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
mgoblue.com/common/templates/dfp	1969-12-31 23:59:59	Name: f5_cspm Value: 1234
.scorecardresearch.com/	1970-01-20 17:38:20	Name: UID Value: 1CAMXH2U4IGHTFFONJPRFSg1642892628
.mgoblue.com/	1970-01-20 00:22:59	Name: _gid Value: GA1.2.958779505.1642892628
.mgoblue.com/	1970-01-20 00:21:32	Name: _gat_tracker0 Value: 1
.mgoblue.com/	1970-01-20 00:21:32	Name: _gat_UA-180696617-1 Value: 1
.mgoblue.com/	1970-01-20 00:21:32	Name: _gat_UA-180624321-2 Value: 1
.mgoblue.com/	1970-01-20 02:31:08	Name: _gcl_au Value: 1.1.396860451.1642892628
.mgoblue.com/	1970-01-20 00:21:32	Name: _dc_gtm_UA-19201985-1 Value: 1
.doubleclick.net/	1970-01-20 09:43:08	Name: IDE Value: AHWqTUmTKJV6ipJkrmIzA3BBhdrxm8Gsk7MvJnqMJ19QCozFkqB5gsMait4xr8Fh
.mgoblue.com/	1970-01-20 17:52:44	Name: _ga_LLXBLNKGX6 Value: GS1.1.1642892628.1.0.1642892628.60
.mgoblue.com/	1970-01-20 17:52:44	Name: _ga Value: GA1.1.1263369283.1642892628
.mgoblue.com/	1970-01-20 02:31:08	Name: _fbp Value: fb.1.1642892628636.32569364
.facebook.com/	1970-01-20 02:31:08	Name: fr Value: 06talWwYKoC49wHKR..Bh7I1U...1.0.Bh7I1U.
www.clarity.ms/	1970-01-20 09:07:08	Name: CLID Value: 8ff821c3f3894a41b8a23eb864d532d7.20220122.20230122
.krxd.net/	1970-01-20 04:40:44	Name: _kuid_ Value: OniCrSMK
.adsrvr.org/	1970-01-20 09:07:08	Name: TDID Value: a549e39d-c979-408d-a772-dbadf3aab451
.rlcdn.com/	1970-01-20 09:07:08	Name: rlas3 Value: vry7lct2Ckh1Y4E9idulqyWbWY6GFvNPym0e2HWHHNk=
.rlcdn.com/	1970-01-20 01:47:56	Name: pxrc Value: CAA=
.adsrvr.org/	1970-01-20 09:07:08	Name: TDCPM Value: CAESEwoEa3J1eBILCJC3x7evga86EAUYBSABKAIyCwjqy4nkxYGvOhAFOAE.
.c.bing.com/	1970-01-20 09:43:08	Name: SRM_B Value: 3F98EED6D980657E3452FFE2D8EB6420
.bluekai.com/	1970-01-20 04:40:44	Name: bkdc Value: phx
.bluekai.com/	1970-01-20 04:40:44	Name: bkpa Value: KJpEnXTLu5Dl+gxyBn/FuithpuMJpPcn0zpBnnWNBa9g01M1vfW+uYboDePt0zN1pGMw012BOxevRO/W
.bluekai.com/	1970-01-20 04:40:44	Name: bku Value: CJL99auBfsaTqDTZ
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 09:43:08	Name: MUID Value: 3F98EED6D980657E3452FFE2D8EB6420
.c.clarity.ms/	1970-01-20 00:21:33	Name: ANONCHK Value: 0
.mgoblue.com/	1970-01-20 09:07:08	Name: _clck Value: 1lrxuf5\|1\|eyc\|0
.yieldoptimizer.com/	1970-01-20 09:43:08	Name: fbh0 Value: %7B%7D
.yieldoptimizer.com/	1970-01-20 09:43:08	Name: gcma Value: %7B%22t%22%3A0%2C%22o%22%3Afalse%7D
.yieldoptimizer.com/	1970-01-20 09:43:08	Name: rmxc Value: %7B%22t%22%3A0%2C%22e%22%3A%22%22%2C%22i%22%3Afalse%7D
.yieldoptimizer.com/	1970-01-20 09:43:08	Name: cktst Value: 787720556
.agkn.com/	1970-01-20 09:07:08	Name: ab Value: 0001%3AN2HfNdzhO0aAtHkUbRDW9%2BcBa0PaODUK
.yieldoptimizer.com/	1970-01-20 09:43:08	Name: ckid Value: 3015489640108
.yieldoptimizer.com/	1970-01-20 09:43:08	Name: dph Value: %7B%22t%22%3A%5B114479%5D%2C%22dp%22%3A%5B2818%5D%7D
.yieldoptimizer.com/	1970-01-20 09:43:08	Name: ph Value: %7B%22p%22%3A%5B1034%5D%2C%22t%22%3A%5B114479%5D%7D
.mgoblue.com/	1970-01-20 00:22:59	Name: _clsk Value: 1favo5i\|1642892629488\|1\|1\|d.clarity.ms/collect
.mgoblue.com/	1970-01-20 09:43:08	Name: __gads Value: ID=60d6010a0e45b621:T=1642892629:S=ALNI_MbaEP0UhCbnSn5ADc-9CzHKvO0l_Q
.mgoblue.com/	1970-01-20 17:52:44	Name: _ga_Y29PC3P5S9 Value: GS1.1.1642892629.1.0.1642892629.60
.mgoblue.com/	1970-01-20 09:07:30	Name: __adroll_fpc Value: f647c5ccbb4218e843664397792ee7d8-1642892630373
.mgoblue.com/	1970-01-20 09:07:08	Name: __ar_v4 Value: %7CHLZE36KS75DE7K4FCCRIGK%3A20220121%3A1%7CKF56POYC6FEVFJF3X6KW55%3A20220121%3A1%7CVVHZAYZ36JEKLOAZEQPQVH%3A20220121%3A1
.casalemedia.com/	1970-01-20 09:07:08	Name: CMID Value: YeyNV3Oo0EeBaYSalG-KuAAA
.casalemedia.com/	1970-01-20 02:31:08	Name: CMPS Value: 3219
.advertising.com/	1970-01-20 09:08:35	Name: APID Value: UP90522401-7bd7-11ec-9274-0249f20018a0
.adnxs.com/	1970-01-20 02:31:08	Name: uuid2 Value: 4664749412005929580
.3lift.com/	1970-01-20 02:31:08	Name: tluid Value: 7252279719480695608
.pubmatic.com/	1970-01-20 02:31:08	Name: KRTBCOOKIE_10 Value: 22808-MjAxNWExNjU3YTdlZDg2OTBhYzAzMzg3ZWE1N2EwYzc&KRTB&22883-MjAxNWExNjU3YTdlZDg2OTBhYzAzMzg3ZWE1N2EwYzc
.pubmatic.com/	1970-01-20 01:04:44	Name: PugT Value: 1642878899
.pubmatic.com/	1970-01-20 02:31:08	Name: PUBMDCID Value: 3
.adnxs.com/	1970-01-20 02:31:08	Name: anj Value: dTM7k!M4/rD>6NRF']wIg2GU(qb_XZ!]tbPl@/@8$-^=$UfYlzDyj>#GTC.w[/_CA<pyYHawmNz?fy?dE!Py7atGb_]1h2NGS)Ko_KC0=W/4jebpRzqF1`*b]Z5-%^Je
.casalemedia.com/	1970-01-20 02:31:08	Name: CMPRO Value: 1170
.casalemedia.com/	1970-01-20 09:07:08	Name: CMRUM3 Value: 6961ec8d572760MjAxNWExNjU3YTdlZDg2OTBhYzAzMzg3ZWE1N2EwYzc
.casalemedia.com/	1970-01-20 00:22:59	Name: CMST Value: YeyNV2HsjVcA
d.adroll.com/	1970-01-20 09:50:20	Name: __adroll Value: 2015a1657a7ed8690ac03387ea57a0c7-g_1642892631-a_1642892630
.adroll.com/	1970-01-20 09:50:20	Name: __adroll_shared Value: 2015a1657a7ed8690ac03387ea57a0c7-g_1642892631-a_1642892630
.yahoo.com/	1970-01-20 09:07:30	Name: A3 Value: d=AQABBFeN7GECEEDxByfxTpjDC9NmxkfRpFgFEgEBAQHe7WH2YQAAAAAA_eMAAA&S=AQAAArAuI-iwVEif-6h1FmOL9ZM
.taboola.com/	1970-01-20 09:07:08	Name: t_gid Value: 40fb5582-24d7-4a14-b063-9aba743378ad-tuct8e612d7
.bidswitch.net/	1970-01-20 09:07:08	Name: tuuid Value: 4ab89892-918f-4334-801f-9da843357f89
.bidswitch.net/	1970-01-20 09:07:08	Name: c Value: 1642892631
.bidswitch.net/	1970-01-20 09:07:08	Name: tuuid_lu Value: 1642892631
.outbrain.com/	1970-01-20 02:31:08	Name: obuid Value: 89148bde-e97c-4b6c-ad1c-3db655a0a3f4
.outbrain.com/	1970-01-20 01:04:44	Name: adrl Value: MjAxNWExNjU3YTdlZDg2OTBhYzAzMzg3ZWE1N2EwYzc

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://script.crazyegg.com/pages/scripts/0072/5118.js Message: Failed to load resource: the server responded with a status of 410 ()
network	error	URL: https://script.crazyegg.com/pages/scripts/0072/5118.js Message: Failed to load resource: the server responded with a status of 410 ()
network	error	URL: https://kr.ixiaa.com/C726AB29-0470-440B-B8D2-D552CED3A3DC/a.gif Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security	warning	URL: https://mgoblue.com/ Message: Mixed Content: The page at 'https://mgoblue.com/' was loaded over HTTPS, but requested an insecure element 'http://pbs.twimg.com/profile_images/1310974620116287488/z0goiLWI_normal.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://mgoblue.com/ Message: Mixed Content: The page at 'https://mgoblue.com/' was loaded over HTTPS, but requested an insecure element 'http://pbs.twimg.com/profile_images/1310974620116287488/z0goiLWI_normal.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://mgoblue.com/ Message: Mixed Content: The page at 'https://mgoblue.com/' was loaded over HTTPS, but requested an insecure element 'http://pbs.twimg.com/profile_images/1310974620116287488/z0goiLWI_normal.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://mgoblue.com/ Message: Mixed Content: The page at 'https://mgoblue.com/' was loaded over HTTPS, but requested an insecure element 'http://pbs.twimg.com/profile_images/1310974620116287488/z0goiLWI_normal.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://idsync.rlcdn.com/398696.gif?partner_uid=2156166975331058319 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://mgoblue.com/sorry.ashx Message: Failed to load resource: the server responded with a status of 500 (Internal Server Error)
network	error	URL: https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=OniCrSMK Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2094213804051206dbc0ba34d0c35d4c.safeframe.googlesyndication.com
5189721.fls.doubleclick.net
8277843.fls.doubleclick.net
aa.agkn.com
ads.yahoo.com
adservice.google.com
adservice.google.de
analytics.google.com
beacon.krxd.net
c.bing.com
c.clarity.ms
cdn.krxd.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
consumer.krxd.net
d.adroll.com
d.clarity.ms
d4njeax0ev936.cloudfront.net
dbukjj6eu5tsf.cloudfront.net
dsum-sec.casalemedia.com
eb2.3lift.com
fan-gtm-dev.s3-us-west-2.amazonaws.com
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
fonts.sidearmsports.com
global.ib-ibi.com
googleads.g.doubleclick.net
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
images.sidearmsports.com
insight.adsrvr.org
kr.ixiaa.com
match.adsrvr.org
mgoblue.com
pagead2.googlesyndication.com
pbs.twimg.com
pixel.advertising.com
pixel.rubiconproject.com
pubads.g.doubleclick.net
s.adroll.com
s3.amazonaws.com
sb.scorecardresearch.com
scontent-dfw5-1.cdninstagram.com
script.crazyegg.com
securepubads.g.doubleclick.net
sidearm-syndication.s3.amazonaws.com
stags.bluekai.com
statcollector.sidearmsports.com
static.mgoblue.com
stats.g.doubleclick.net
sync.outbrain.com
sync.taboola.com
tag.yieldoptimizer.com
tpc.googlesyndication.com
us-u.openx.net
usermatch.krxd.net
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
kr.ixiaa.com
104.92.72.137
108.157.4.38
141.226.228.48
142.250.185.226
142.250.185.70
142.250.185.98
142.250.186.130
151.101.130.133
151.101.66.133
174.143.40.29
18.184.217.227
18.66.242.5
18.66.248.121
185.64.189.110
2.21.141.232
206.225.86.85
2600:1901:0:8eee::
2600:9000:2057:e800:4:cc99:4000:93a1
2600:9000:206f:7200:6:9280:1080:93a1
2606:2800:134:fa2:1627:1fe:edb:1665
2606:4700::6810:125e
2606:4700::6813:9308
2620:1ec:27::cafe:1994
2620:1ec:c11::200
2a00:1288:80:800::7001
2a00:1450:4001:802::2002
2a00:1450:4001:808::2001
2a00:1450:4001:808::200e
2a00:1450:4001:809::2002
2a00:1450:4001:810::2002
2a00:1450:4001:810::2004
2a00:1450:4001:813::200e
2a00:1450:4001:827::2003
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2002
2a00:1450:4001:830::200a
2a00:1450:400c:c00::9d
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a03:2880:f234:c5:face:b00c:0:43fe
3.5.0.189
35.156.69.231
35.177.23.252
35.186.212.60
35.244.159.8
35.244.174.68
37.252.173.62
40.76.174.66
52.142.114.2
52.217.45.52
52.218.208.177
52.223.40.198
52.50.214.249
54.205.207.71
54.228.17.128
69.169.86.38
69.173.144.165
70.42.32.191
74.205.81.134
76.223.111.18
004e7c9081a21dd28b1c7897373a5f3a934a3bb231152b1a4b5edee1e6ec18fd
0096abe5b817d6ea9eac518f16604bdee4632105b66d385c221966a121a5730c
02055da12953582666aec83c667c693f874a6bd5068e41b6f9c574b18615734c
0282863567499b13755bd021a18a41c54349a86bda28263fab857752f6d4ac1b
02966e3dc6fb36cec1a788790dacaec2f78643e8ea12dd5189550a33159b9cba
0530384d8115b9411cd4fac3bad2e6565ab2ddf9c866c86b1422a65dfccb3980
0814b863bf377a49d8ba9b2a3fa51d07aab47ee376e6de83b5a0655229ae9703
0a12f82693d094e1e8192ee9466dec6d9aef2342638e02366108a066fbd4f546
0b6f23c3914828ea724fb1ac5397d2040260e2605ae67f95186bb5981b2a8713
0ce5d039d3e58fc10808f0695156d2bd99daae7791d26cc5dfc569154b5e0b22
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
10996a7c28302ece0e18c26dcaf4faad2461de27904c94b3c09514e3363ac11d
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11127ee1f4f2f4d62823ba8e673d096b60113fa2b975a1d9921fbb0bc79616b0
115b5c88a50cfa5e4c737bc10163345683aed9fcdbf6d1d5142e72ed6328c8a4
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
16034c7daf9472652803c7e1a48e71cdccfc01078caccb16dde5ca960bc70345
1648b37e1d500eace252c04de0d66bd8199220d6a3a74c5ea07705282bc70635
16c13044cedc5c7482ad7db51913c164ffabc787ec5b6b0246acfec84cd6d01b
178d3f3bf087dec9441ffad02afcd36737ddca2653a981d8d64e66db70d10119
1db8e16dee3454362799155b1ad1191b7a3786fbfae03e143328368cb67d0f29
1e706ac5e0cfdd3695b21c85ec1dcef44c23cb09b210d7c64ca8ad038165a931
22aa5adb7ec9ec635bf5ea794b146c0ef2fc74e4849d6c36e2db99b1144cc700
23a3cafd9b4f68274b63b50b35dbe4feca86e77a41423b0c045b5bc46643d26a
240d8b4f3639e407002a3872648de122cb4d32c5538bba0085c9111b65f563a8
28316d8e97a31a4edc82d6b989531702093019b5fad1b4472958bfd0fe8318c5
28cf9b1f57a7f960354d637e62b45c9da1e0efc6d0e72e4bc0dd6a318f61b490
29141f19d64c6b9c968de137a7ecc20877ad0ca3952850e8d405250135a56f74
2a8527ed1ffc88202b0e2869583c0f46662a781fa28dd8cbc2223ffe99604053
2c2dd34c8a8d2ed4b4e91eed55c2404518bb4a5ff02ae68e7a08f4e14ddb3e46
2cbd58ecb14bd568100ac218a2d7a51d0332dc1d554b975e0bc81e723bb8c09e
2de75ead58e22826a392980d479a732dbc4775079e84b27d1a863628b80f2959
2f502ffb82e0c70eaef3a8d5e03b6a7e44604264ef37e4c23dba61b08c231b9d
2fb7bf89fa597157b822a0ddfca9e97eff45f64e20fc6434547df434df7c91ea
3005391ffa513d59365354ca8d9c61cd367c13ce1384a9ee9e34570c8446e8da
31d72edd138f6d74c65957bbdb1b807a6c246e59c8b6c42b1c9598bb75263d34
37dbf4b6012d4e23cbc1cba50baa3572c93a5c371b9873fb5440cb84dfbf9902
383a2faf58bbdd421088ba0f94111b4a7d10145bd6234656f7f100fee5ca8e3b
3973c02a4caf4fa1397ade84afcd6d65e12a2ddf89898788125bc6937d4097bb
3abe65aca4e7fab8ce4384cf9015828471b6dae7f7dd64da2915058d10d98d48
3afdd367b45f02a8d2b88343e8d622c44332965cf6004d63831b22eb6219fcd7
3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9
3c84d25e67a3f74fc28368523c4cfd2d8ae074707a2f8fb0f2a0477bebcf2b84
3cd7697e10174bd0398570f661196f97462595b780ea83614b43e8110fb462f1
3e3dfe7ddf926d5e0d8c898c2af58d92bc51c105bd666b69d463adb1f7bb92e6
41006c8020842b8fe329ec7dda56d69fb6bb87eec1b391f0f822bb4d2edb8726
412fe890925c0966aa6ed312e5846cac1572c856e551717cd07d0e5f805ac3c8
425f48a06ab0e9a4a4d792a6677189720f377ec09a073ecdae6232a89cc221f2
444963e1e31f8fc85c130de4b47ac44c1fbbb895af2ce037d60e0fa33536f5f6
463ea082db429a843ae208a2e0d543cbd42a0a57a9ba0ce1edd062a06581aa32
499e5313fd25c59b0153446b0c00700c61afb9429aaa3ee69a9aea44e8dde93e
4acb5a0fd1ae2acdedd2fe597fe108270b2e89adf70db5602c85931189086ddc
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d1a3e107eeb4a2a7d18b52d992064b23953153727b6ddb96f1d1ccb08e42316
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5325654d5b7a093152c503807aaf63438ea2b21693e2191b179e11f70b3259c5
53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3
53516d40a458c72846fc1c1cd2bb73bac2977bdb5b46b78cffcce3585fa10005
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5584809aa902aaa236a75bc6ecdd04661304da64818f8ec3b3c23a9c884398fe
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
567c6e2e74e980e2df06b761ea02bb137d3144fcef99e2e4dffbf5b6ae869143
57626bad7bcd4d15f9c011820e49cce9be9bd1c2e37282e7202dea7412d87818
58056b761da2c1aba5886ffe75f4148453ae2587929ec131d33dbbd3ee41d257
58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4
5976854ac6b658e0f25c447470e8dc0c542b9bd3681c3ffd83095025f1202ea2
5f80d49e52e4dba3370aa6ee0486f63b9a559d1f205ce5d3416ef7155140ffc7
615c6e81c3af813a5529172745f18e54ba1c770f2ff9905539791e935342ba49
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63cd626197ef47ca000709818f5cb43050d2f84bcfe65741a8eb6fd6b9468d4a
6466866c6fb0971b7d55964fa8113b1e382b3ba6ed6194fe294e8f130cfc69d2
648684dbfceac7d9de40a693935dcc9a18c4aa3192818db3b15691e7d51f7b34
66483d3df13722c6eaed672d5414278e3c38167a7e652e209a5d094fe4ae28d4
6734b3138d8c5a68a442a92236db8a7f9486c695ffc83c8e89ed4dd9961d2a79
67f763ddc055717d42a772e7c100c43d54e5d7026596b03c06055471669a074c
69f626b01329882fe9c258c3e46c59cb180d5e547343defdd3f4731364e8e9c2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c50f2e1a8fd249e8aac7c38d8e515d6d92ff8909cfd73185124dd5e397f341f
6caae779093bfb5c06719ccff287d74525c29ca37b65db084a951741c3145e10
6ce74ce52de36753dcc3c5a4fb03ad763f5d599580f705e35573fb4c97816694
7159b1e57dc6cfa8abd3a69a3ae0c6de500aad6566d820b9c2588ee653333cdc
7190d00515b299c84c0f57a24888fe57827f621f31f47f1aeb991c53999de068
7674a0e94edc4d1d1b6c737707dc10f138b1abab50c4e738078c37c4a08bcd3f
7732b46065b08e159e891d25a65b084f99d189e57e28dca5ace7d7effcd144c7
77b721ad8bae520e7eb6ded24e95a9a6e0b9633ae8c1d72590608b50b156eefd
7904b4c684b31d393b96a92275154b596b5263784fc3da9a2748757318c6a6fe
7b06061dc0fec7216425ccdda6a0b9e57faa07a2493e98d349e80e3d035df841
7be31bb64ef867a8cf9efb787c7b4611c8dcfef6c95107185a2d88eccf50ae0a
7d08c25981ebdc10e73bfec0322ca7b715b7a2f4a297aeb98017ece8d7269950
800daa44ad61ff27786321d0ae2fac9087167a24df564c27a80641ade7d1e9e3
8020398b1dc9cc0167fb51f66970d7c03a3daa3018f250cfff6125545104e2a1
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8456ccaf1046ea415ef69f94a85e26750ceb8501f1c7fbccaf374f044d50f6fd
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86ddb8270bc11a25af98cfc5e7ff4596224d0145f32127494cc7844f4e51ce1c
87289d0d29e68e66443fed5dfd1d30e4c5ee8f57a85de8bc7cefec10d6637580
878434bb9b99d89d1a1766aabc20f003af2846d9cc9b7c5595cac80615964b6d
8ad1ab37490d1ec81984c695d4f8502c89214e9afcc934984917ff637f7e1f85
8af58297d91b1275b4a0530b55d8614897e8c400b0db7c08916f36cdc2548ec0
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f78ef0010e91e8c8ce5b110bf224e3dc00efef79eef68008de26d225c34fc2e
8fd74b4608509df5f6986726803b420bbf637496b49452a35ce8309d3eac70b0
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93d494cba44f479fc9fdbb030d16d1515c285e2a24e0cc4d633ab623c83ad4f2
947771138c2b29a1bbccb3361d4fcfec1a607bd4f900b852e0d6d28e2962cc05
9884a08de84597787a29c331c22cf5db84cc10d5a1efc5a838d06f4321b54eb3
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a5b5e4cc321d85d04fd9c8b410a8e911a2518c92e4a43ffad3c668b4d02d473
9b3c1c4cbf0cb5d36327d2db12736ba8eb4273804b999b60a71bbbcac2cfcbc6
9b4169ff73f9018c3a92743f72a209b998deb1809e9a07984a7e1e7603522aa9
a136401e472d4ba03d4319a8f96f2086b7450a7a20f2581941adfb3491a746c2
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1b6400a21ddee090e93d8882ffa629963132785bfa41b0abbea199d278121e9
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a277eabe51d909ef812c7e7d07db58668bdda2cd027e21334f1c7727ff9f9893
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9ff02627771b86d11eea4420042546a4a4d466f3cd498c064edf25f5fc1eafb
aa83582e31ed490037d6f3a6bd274e110f78cb48c85dbd2013fe50d23636a69d
ad79ce7e34d1a788809bb853031133de2ae45f3c19ac4955dae46c7490188c2e
adc9882785260ee36ac0fe93d5383b90facad41ca412192b1f583d18d7291fae
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af8df8bae976ced1a94f51bbe75770e3b7a377f942987cbfeea477d89d906f34
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1a82062391e01e56dbc4ea0c8cc38048602d75ca0e0ca1e7cd68c225e3d681b
b1fcf0d6fc40b829bec1163f6412bf66cb68c4d0271bf565b4d6f062e0e24b3b
b2d2f11eb78159e31bce4355ffd5e696717de4270a77ba1d2038e066462008ad
b3cdf87f0c17b7d7432c622f2ce5aae47e4da5cb0de501e0f623cd60f9c4a6ef
b448f609fca74b4602082c54ef2adcaeae6d944251c9f080687f1fdf392b26b0
b666b7df48fa32ce75fabe512746646a0c090ab72deb3d18ef06ff032da62459
b8a56b25112538a30ee01ef002eb22535e58c4cf5d5ce39b393a8e4d02602a5c
b9811f9f571e747d90c59b3dafcc49ef225807b15f2b06e1c92f14d02739653b
b9c404134899360da61bc9edc6312a9062f6fc47bbf15d14b8209d76e140c5bc
ba1d5f2c251a2842e6d25b5638886038fe1bee4071f4fec4329bfc4c3e2559b3
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bd702a57ee5de4ad1ae8b7e68e704136e62f39a4767be29600f45ba5288a102e
bfe05f6178a5a4184e4855bf0f549f92fd8cb468332612e9356770b4afb2e25e
c0f24be81bbaf7e84022bff2d4dd70f9f23a59f83b2fdd0ebe30bced761dcb52
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c21c3c17fb3be2449fb42012b3090615bb598df9b8c087bbc49d0c9b6dbb38a8
c23635b51bd2c2e128204ad92fa444b2268c44df2c466576397025a0cfd1a272
c23e1ac09981f482a8e986029bb865a4ad954540e785f04c3367bfc30f62601b
c4e0f02ed30c5d143324998bef099e91ab6b2ea83615dbe967d1b375f8d19b32
c602b6dc9a9a0796f3301b161df700920336416bef6c5f01e6f3fbfa02f2b8e6
c69920b8106dbb53cb781c040b567b4649dbfa2c5428858e633c31580e1d6109
c749ab7e403ba88fa9ff8bf88caef49470791f06d32848532c45a7c526a65599
c907bd7064f1d38a655634ba22d80fa1d1995ad33eb3296d3f14849be4566dec
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ce773c49893415c0005e1ee5a47b54d333f897c7fbbc9761f79f089fa1c947b6
d03e8020c256a83acc9a4c583edda6499a9c1f2289791440b619f5d9bbb31cd6
d228a34e4f2e24477626624c350fc1999792ac4c1c37ebe80ac0e0eeb7670a14
d3f3a5af88b9bcf4dca1f1e33022f7b6877ba818596a19abf9eb39398850dab7
d4a05b20cb48e3220c17a618c5532f73d1d2ea38e764698c4ca83d26878ff29d
d4d3116afa98f99999e54721f7b4f8f10f23339b56e7ca777759cf48740783f7
d62a3b924d49cc3909d8c7e7d66c6fda8780c357fae0f927993f424928401b20
d6c602583eafa010722cfd465fc04289e2aa559442e7ad82c57f08f99493ff4e
d713dd84892c763b25143502308aa8cf82f0d60aad22ea5b6c2968cf9b6bb135
d7f148e3819c863e2d22f35e8bf4cb9adcc6ed1e63c38845068b267c606e0565
d99d7520ae7e2fd8b3dc282353fbb8bf15d3c5b03b48c9990631d171fc944df6
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df9dc60b9eb6c3b12435878476d534072616a4e0677c57c25b9ad3a7d6a8d08f
e1846359941d53ccd089024b15b6b4872318fdf1d3c61bd8cd6ed2b52b27062c
e2835d80b6411495935bae8411e0b879708edfdd4fc8534e3dc73a6ded9243ca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7bf9d3390b3fd4855c4e32af5fb48cda80ee1139c8ccb84f867940c491a460b
e7e45fddaf2caddeb91ebbfd1159ea293d87f2671f56912dab7235aa18d0851a
e9dcc2645a16e5d73a567d092634a84efd25429916a7e8e0725364afe3a9fe68
eec10fa1e2c159ef712bb5add157fce337037e1fb9177cfdeb659536a4bc38c0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1673bf0bf96beadb44a6e33fb1b5b80e7bb846809b437121b28cac04e9b77f4
f19d68699f455d1086778fe814e6e4baaa2f245a0948f891b2207a33db964668
f49be56afd4d83f03bcdeb4f0075c7a56c58ec084993ddc9363ed8fca5be339d
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f5ba66c1bcc27061a8e4914e220af1a4e2cf05cb3b5c0f33f08d2233905370ef
f71b824b2acfb708ccf0538f08db9cc43dbf6dac768e09cfd1063b884832a488
fddd26abae0ec9aa87dba3abfbd50fa9b776864df87d015c938cf629b65419b6

mgoblue.com Open in urlscan Pro 74.205.81.134 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

257 Requests

90 %HTTPS

43 %IPv6

45 Domains

69 Subdomains

60 IPs

6 Countries

7124 kBTransfer

12442 kBSize

61 Cookies

91 Outgoing links

Page URL History

Redirected requests

257 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

mgoblue.com Open in urlscan Pro
74.205.81.134 Public Scan

Screenshot
Live screenshot

Full Image

257
Requests

90 %
HTTPS

43 %
IPv6

45
Domains

69
Subdomains

60
IPs

6
Countries

7124 kB
Transfer

12442 kB
Size

61
Cookies

257 HTTP transactions
3 data transactions